stacks-archive / app-mining

For App Mining landing page development and App Mining operations.
https://app.co/mining
MIT License
49 stars 16 forks source link

Require miners to provide a contact section #195

Open friedger opened 5 years ago

friedger commented 5 years ago

What is the problem you are seeing? Please describe. For users, in some apps it is unclear how to contact app publishers.

How is this problem misaligned with goals of app mining? This does not accelerate the adoption because there is little to build trust in the app. Adding a contact section adds to the trust in an app.

Blockstack apps deal with data that are expected be treated in a secure way. In case of questions or security problems users and researchers should have an easy way to contact the app miners.

What is the explicit recommendation you’re looking to propose? App publishers need to provide a contact section in the app stating

App publishers are encouraged to state

Install a whistleblower system to flag apps that do no provide this information or that provide wrong information (e.g. email that bounces, twitter account that is not maintained, phone number that is not answered)

Provide documentation that show examples of acceptable design of a contact section and not acceptable design of a contact section.

Describe your long term considerations in proposing this change. Please include the ways you can predict this recommendation could go wrong and possible ways mitigate. This recommendation could prevent app publishers to create apps because they want to stay anonymous. To encourage these app publishers clearly state in the documentation ways to find partners in the ecosystem that offer to be the consumer facing party. The current way would be the slack channel #dapp-help-wanted.

Additional context

This proposal is similar to the requirement

See

GinaAbrams commented 4 years ago

hey @friedger thanks for the suggestion, appreciate the idea here. Seems like something founders should increasingly do to get feedback, but not seeing it as solving the trust or security of an app in a simple way. Operationally and for app mining, don't think we want to be responsible for this at the moment.