This is the worst of both worlds, you can spread your malware as a sideloaded apk just fine, but when it's so big that you're probably burned anyways, then you need to verify your account.
I think a better compromise would have been for google to require developer verification, but also allow third party appstores like f-droid that don't require verification but still are required to "sign" the apks, instead of users enabling wide-open apk sideloading. that way, hobbyists can still publish apps in third party stores, and it is a couple of more steps harder for users to fall for social engineering,because they now have to install/enable f-droid, and then find the right malicious app and download it. The apk downloaded straight from the malicious site won't be loaded no matter what.
Google can then require highlighting things like number of downloads and developer reputation by 3rd party appstores, and maybe even require an inconsistent set of steps to search and find apps to make it harder to social engineer people (like names of buttons, ux arrangements, number of clicks,etc.. randomize it all).
What frustrated me on this topic from the beginning is that solutions like what I'm proposing (and better ones) are possible. But the HN prevailing sentiment (and elsewhere) is pitchforks and torches. Ok, disagree with google, but let's discuss about how to solve the android malware problem that is hurting real people, it is irresponsible to do otherwise.
It's not super clear from the post, but if I read it correctly there are two modifications suggested.
- 1: Separate verification type for "student and hobbyist"
- 2: "advanced flow" for "power users" that allows sideloading of unverified apps - I imagine this is some kind of scare-screen, but we'll see.
What you describe as "worst of both worlds" is about point 1.
I'm not sure point 2 is powerful enough to suppor things like f-droid, but again, we'll see.
If you don't look both ways when you cross the road, then you may get hit by a car. The solution is to pay attention.
It's acceptable to build a system where human error can lead to catastrophic consequences, even death. Every time you go outside you encounter many of these systems.
Not everything in life can be made 100% safe, but that's no reason to stop living.
Swindlers work by that is a story as old as time. Even snakeoil salesmen were good at distracting people from obvious signs of false promises and warnings. People often overestimate their own capabilities greatly, same as there are no bad drivers on the road when you ask people about themselves.
There are definitely things you could do to improve it though. E.g. you can't activate "I know what I'm doing" mode while on the phone or for 1 hour after a phone call. Someone else suggested a one-day cooldown.
Also for the specific scam they mentioned, why do apps even have permission to intercept all notifications?? Just fix that!
> why do apps even have permission to intercept all notifications?? Just fix that!
I fear "fixing" it would mean removing the feature entirely, which breaks many workflows. Primarily this is used for accessibility (and is controlled in the accessibility settings), but applications such as KDE Connect also make good use of it.
Then i guess you can't publish apps? One of those issues where i should be "writing to my congressman" or whatever I guess. the problem is real and people like you are being obtuse, unwilling to find a solution or a compromise. Something as simple as number of installs is an invasion of privacy? how? it's a number, you increment a counter when someone hits download, that's it.
Yeah, if google gets to have rules over what happens by apps that have their seal of approval. that's how seals of approvals work. you're not entitled to these things. you don't have the right to publish to the android platform, if Google, wary of anti-trust suits allows a 3rd party app store, it can institute reasonable requirements.
If an appstore is willingly hosting malware, should Google still provide their seal of approval? That was supposed to be rhetoric, but I wouldn't be surprised if you told me that they should.
This is willful ignorance, I only hope you educate yourself on the harms caused by malware and malicious actors and consider taking a practical approach to finding solutions instead of dying on every single hill.
> life is full of people doing harms and malicious actors, but we don't let Google or any other company gatekeep our lives
Yeah, you're certainly not speaking for malware victims here. android is not your life, so google gatekeeping android (actually only google approved builds) is not gatekeeping your life.
You certainly should be able to load an alternative OS. isn't that what lineage and other android distributions do already?
Not when google lobbies your government and banks to require "play integrity" in order to use government apps and bank apps
Not device integrity (locked bootloader, signed image, which can be done with alternative OS) but "play integrity" so approved by google. In other words, you can't run android without Google's services, google's builtin ads.
How about the harms of fascist authoritarian governments that will use this functionality to ban any apps they don't like? Why do you people only care about malware and not essential fundamental freedoms that affect us every fucking day?
talk about a straw man. "fascist authoritarian" is rich, governments don't need that to ban apps. Google can ban apk's on all android phones with a play store any time they want. Microsoft can do this on any windows machine with windows update turned (they have in the past), apple can do that with their OS's too.
Your freedoms are not the subject of this topic, not even remotely. Google isn't even banning you from doing anything on android phone, this is strictly about approving android builds by phone vendors, you're not even the subject here. Google doesn't want to approve android builds that allow sideloading. You can still install lineage.
Your argument here is actually "fascist authoritarian", you want to impose your views on the general public, that sideloading should be enabled. Having an option for yourself and other willing people to just not just vendor built android is not enough, you want the public to also leave the gates open so you can sideload your random apk's.
Oh, and for the record, my post was about finding a compromise, not a false dichotomy as you presented. If you made a car without a seatbelt it won't be allowed on the roads, if a phone vendor also builds an unsafe android where random devs an sideload apks, that shouldn't be allowed. Forget Google, governments should be enforcing the sideload ban lol.
You don't appreciate your freedoms and insist on abusing them, so actual freedoms end up being taken away!
> people like you are being obtuse, unwilling to find a solution or a compromise.
How are people being obtuse for refusing to compromise for solutions on a problem which doesn’t exist?
You can’t misrepresent the situation, establish that one American company having absolute control on what people do with their devices is somehow the norm and then complain that people won’t meet you halfway.
> How are people being obtuse for refusing to compromise for solutions on a problem which doesn’t exist?
I'll give you the benefit of doubt and assume you're just not well informed.
Millions of people are losing billions of dollars. Women are having their private media published to the masses. People are getting divorces, fired from jobs,etc.. because of android malware. The problem is nearly non-existent on iPhones to the most part, because they lock that down (but now thanks to "my freedom" type of freedom abusers are changing that too).
Apple already does this. You can't publish a driver for Windows without verifying your identity and buying an expensive code signing cert. Google isn't doing anything new, matter of fact, they're not doing enough! this still permits things like lineageos and other android builds to be installed -- that's your freedom. But since the prevailing sentiment is to resist a more secure way of doing things, the outcome will be that all smartphones will only load signed kernels/firmware in the future, and all signers will be required to id themselves, this will kill a lot of android builds.
This is why compromise is important. Your liberties are important to you, but you can't just dismiss the harm to the masses like that and refuse to find a compromise or a solution, that's how you lose what little freedom you have.
This is why things like "chat control" keep creeping up, and they will succeed down the road.
I think a better compromise would have been for google to require developer verification, but also allow third party appstores like f-droid that don't require verification but still are required to "sign" the apks, instead of users enabling wide-open apk sideloading. that way, hobbyists can still publish apps in third party stores, and it is a couple of more steps harder for users to fall for social engineering,because they now have to install/enable f-droid, and then find the right malicious app and download it. The apk downloaded straight from the malicious site won't be loaded no matter what.
Google can then require highlighting things like number of downloads and developer reputation by 3rd party appstores, and maybe even require an inconsistent set of steps to search and find apps to make it harder to social engineer people (like names of buttons, ux arrangements, number of clicks,etc.. randomize it all).
What frustrated me on this topic from the beginning is that solutions like what I'm proposing (and better ones) are possible. But the HN prevailing sentiment (and elsewhere) is pitchforks and torches. Ok, disagree with google, but let's discuss about how to solve the android malware problem that is hurting real people, it is irresponsible to do otherwise.