Trusting clients is probably a security flaw

Original Article ↗ Hacker News Discussion ↗

McDonald’s app & trusting the client

  • Multiple commenters are surprised this is yet another case of McDonald’s apps lacking proper server-side validation, despite wide publicity.
  • Core critique: heavy anti-reverse-engineering and root checks give a false sense of security and encourage developers to “trust the client,” which is fundamentally flawed.
  • Some see the impact as mostly McDonald’s losing money and reputation; others worry about precedent and what else the same teams might build.

Root detection, DRM, and device control

  • Many criticize Play Integrity / SafetyNet–style checks and root detection: they don’t stop serious attackers but punish power users and reduce device ownership.
  • Several banking and corporate apps are cited as refusing to run on rooted phones or even phones with sideloaded apps; other commenters say those same apps run fine for them, suggesting OS/version differences or inconsistent checks.
  • Some defend these checks as risk management and tech-support reduction, but others see them mainly as liability-shifting and control.

Android/iOS sandboxing, filesystem, and backup

  • Discussion on Android’s changing storage model: older versions allowed broad filesystem access; newer ones sandbox more tightly, improving security but complicating backups.
  • Users lament the lack of a robust, system-level, app-data backup interface and see Google nudging people toward its cloud sync.
  • iOS is viewed as more locked down but also less leaky in terms of apps inspecting the device.

Developer incentives, outsourcing, and security culture

  • Several argue that outsourced/mobile “app mill” work optimizes for shipping quickly and passing checklists, not real security.
  • One contractor openly describes doing the bare minimum and waiting to bill fixes later, prompting pushback around ethics and client risk.
  • Some note that security “best practices” often function more as liability cover than true protection.

Unions, professionalization, and labor market

  • A thread explores unions or professional bodies for developers to refuse insecure or unethical work.
  • Others doubt this is realistic: accreditation brings questions about who is blamed in a team and whether members would actually be protected.
  • Mixed views on the job market: easy in some EU countries for mid+ roles; difficult for seniors and in the US since recent layoffs.

Other examples & user experiences

  • Examples include insecure ticketing/public transport apps, heavily obfuscated IoT apps (e.g., Tuya ecosystem) that fight local control, and anti-cheat in games installing kernel-level components.
  • Polish McDonald’s users complain about declining coupon value, clunky kiosks, and being forced into the app for decent prices.
  • Some refuse to install such apps at all or leave 1-star reviews when root checks block them.