the first thing I’d do would be login (cause it’s necessary), enable adb, disconnect the internet, block firmware updates, and restrict dns then reconnect to the internet.
You have to realize maybe a small handful of people that own these devices will do any of that. They’ll just plug in and go. Sure they may know how to side load, but they aren’t taking any other preventative measures as you suggest, nor do they have the know-how to do so.
I’d imagine Amazon initiated these via firmware updates that just about anyone would blindly install. The updates probably included scripts to uninstall any “unauthorized” APKs, disable developer options, restore factory system settings, lock the user profile from modifying the system, etc.
You have to realize maybe a small handful of people that own these devices will do any of that. They’ll just plug in and go. Sure they may know how to side load, but they aren’t taking any other preventative measures as you suggest, nor do they have the know-how to do so.
I’d imagine Amazon initiated these via firmware updates that just about anyone would blindly install. The updates probably included scripts to uninstall any “unauthorized” APKs, disable developer options, restore factory system settings, lock the user profile from modifying the system, etc.