papygatorMar 21
nixCraft 🐧

Google sets new 24-hour process to sideload unverified developers Android apps. That is right. Now you can't load apps without google's permission and flow control. Who knows after sometime they might think 72 hours delay is needed and so on. More info https://android-developers.googleblog.com/2026/03/android-developer-verification.html?m=1

Google says this is to stop malware from stealing passwords, OTPs, and bank/card info. Do you think these steps will actually stop scammers who call and pressure people into installing malicious apps?

Mar 20 at 12:35pmWeb
Show threadpecet 🦒🇪🇺Mar 20
@nixCraft Daddy google can I install fdroid?
Show threadtpaauMar 20
@nixCraft I once laughed at my friend when their phone displayed a big red screaming warning when they tried to "sideload" an app. Little did I know all Google certified Android phones would have something orders of magnitude worse than that...
Show threadDingoMar 20
@nixCraft
So, how about we take a backseat with the whole "year of the Linux desktop" thing, & make 2026 the year of the Linux phone?
Show threadChris1776Mar 20

@nixCraft On a lot of MIUI devices you have to wait for two weeks to unlock the boot loader, after you've registered with some shady half-chinese app. One day is nothing. Still, I'll ungoogle my stuff except one burner phone for banking and the other crap apps.

And MIUI also shows you 20 big red warning boxes to finally install an .apk, every time.

Show threadMicromotMar 20
@Chris1776 @nixCraft Is it two Weeks now, on my device it was 24h still
Show threadChris1776Mar 20

@micromot @nixCraft it was a Redmi phone, maybe it differs from vendor to vendor. Imho aside all the flagship phones the custom ROMs focus on, Motorola is still the best to unlock and flash.

Let's see how their Graphene collaboration goes.

Show threadMicromotMar 20
@Chris1776 @nixCraft I had the redmi note 9 pro
Show threadPaulMar 21
@micromot @Chris1776 @nixCraft For me it would have been one Week but I used mtkclient anyways
Show threadAtiMar 20
@Chris1776 @nixCraft That reminded me when I read some chinese vacuum cleaner test pretending it is better than all the west has to offer. "And it's not true it doesnt work or send your flat map to CCP -> you just need to download this x6849 soft from a shady half-chinese site, no not bdj74939 but x6859 concentrate maaaan, then leave dust box open, give it your WiFi password, bluetooth connection, accept it as a trusted device and from here you're just 6 steps away from success" XD
Show threadGustavoMar 20

@Chris1776 @nixCraft I have MIUI, no, it does not show 20 big red warning boxes every time.

The only times it show warning boxes is to enable developer mode, which I truly hate because the bank my government assigned me to in order to have access to a gov program does not work with developer mode enabled... and I work developing Android apps. I guess I should buy a second phone just for those apps too. It already annoys me having to wait 10 seconds, 24 hours is an eternity.

Show thread宮城巴惠Mar 20
@nixCraft how about instead of worrying about all this extra work to sideload unverified apps… How about they start cleaning their google play store first? There is more malware in it than in something like f-droid.
Show threadChris1776Mar 20
@nixCraft and scammers be like: don't redeem! I'll call in 24hrs!
Show threadGoatsLiveMar 20
@nixCraft It just makes that announcement from Motorola that they will release an open source Linux powered cell phone this year all the more important!
Show threadmanfromhuhMar 20
@nixCraft Which is a good thing because they absolutely never let any malware into Google Play.
This has never happened and the numerous reports you might find online are all lying Apple shills.
Show threadThomas ThybergMar 20
@nixCraft As far as I understood the blog post, it is a one time operation on the phone. When it is enabled one can sideload as much as one wants. Being an android developer I see that as an acceptable compromise.
Show threadTheThunderWolfMar 20
@nixCraft Time for the year of the Linux phone
Show threadAndrocatMar 20
@nixCraft It will deter me from buying an android phone...
Show threadAlessio VanniMar 20
@nixCraft
Scammers will just make people install legitimate apps from the store that can be exploited one way or another. It's already filled with malware, anyway.
Additionally, it's easier to social-engineer people into sharing the phone screen through the built-in/pre-installed tools than it is to install an app.
"Security" is just buzzword for "we don't like it" 9 times out of 10.
Show threadTorbMar 20

@nixCraft While I do *not* think the changes are justified, I do think they *could* help with that.

I've had experiences myself where someone was very close to falling for a scam, and what helped them avoid it was that they got some extra time where they could speak with someone who knew more.

Scammers very often use time pressure as a technique.

That said: I'm just on pure principle against use being able to use the software we want on our devices (I say, while using largely Apple devices 🙈).

Show threadRay McCarthyMar 20

@nixCraft
No, it's about Google taking over control of your device, not about security. It's dressed to look like a security feature.

Scammers don't need you to install a dodgy app, and there will still be plenty of malicious or compromised verified developers putting malware on the Playstore.

Scammers can even exploit the naive by using legitimate apps.

Show threadShae ErissonMar 20
@nixCraft can we get that one app that "sideloads" anything instantly as the first app?
Show threadjerMar 20

@nixCraft

Literally, #0day vulnerabilities are the worst, but 1days are now fine, actually.

Show threadAlbirewMar 20
@nixCraft yup...
glad i'm not doing it on the pocket computer i bough and own, uh... #ohWait
Show threadPffff...Mar 20
@nixCraft I think it's easier and faster to root the phone, or install /e/OS or GapheneOS. 
Show threadDrYakMar 20
@nixCraft Time to wipe Android and install some mobile Linux distro.
(Personally I run #SailfishOS)
Show threadStepanMar 20
@dryak @nixCraft What phone are you running it on?
Show threadDrYakMar 20
@Smarshak currently: a Sony Xperia 10iii and a Pine64 Pinephone Pro.
Show threadStepanMar 20
@dryak Does the android support work on both?
Show threadKeksKopfMar 21
@Smarshak @dryak certainly not on pinephone pro, its only available for officially supported devices
Show threadDrYakMar 21
@KeksKopf @Smarshak on the ppp: there is only a community build and AppSupport isn't available (yet. Jolla is worling on that). I've played a bit with Waydroid on PPP while my 10iii was getting repaired, but back then it was less optimal.
(single window only, troubles accessing network, no support for PPP's weird camera). Have no idea how things have improved since.
Show threadDrYakMar 21
@Smarshak on the 10iii: I am paying for the commercially supported SailfishX, I get Jolla's AppSupport.
It mostly works okay (WhatsApp works; among the apps of my two banks, one is touchy and occasionally requires upgrades of SailfishX' AppSupport the other just works; on rare occasions I use other chat apps (Slack) and apps to show tickets (train, airplane) it works) but I am not a big Android user.
Show threadcedricdesMar 20
@dryak that's courageous. I'm too scared. Staying with custom roms
Show threadNexusSfanMar 20
@nixCraft Wow, if only there was a free version of Android so that you could patch it out.
Show threadHTPC NZMar 20
@nixCraft as if it will stop Spyware made by the Zionists used by various regimes including their own genocidal regime & monarchies of their so called sworn enemies to suppress dissent permanently?. Of course not. Google probably leaves a backdoor... size of small exhaust port, accidentally of course, to allow these to continue.
Show threadHe looks like he's [REDACTED]™Mar 20

@nixCraft i'm confused i thought the problem was they were never going to allow sideloading again. i thought that was the outrage.

this is a backwards step for power users who understand what they're doing (aka - everyone reading this basically)

but for morons out there clicking links to random APKs and going "I INSTALL NOW THEY GONNA SHUT OFF MY HEAT"... i dunno.... seems like an okay idea

i mean i personally will be pissed waiting a goddamn day to install something i am well aware i want to use now. but in the end at least i will get to install it?

make people like us just sign a liability waiver or something

Show threadSakarepmu WehMar 20

I agree with you @quasirealsmiths

There is a need for protecting those who does not know what they are doing. I think it is a balance and fair trade-off. Sometimes people are just over-reacting.

I don't blame @nixCraft , they need to boosts their contents ✌️ ✌️ ✌️ ✌️

Show threadSemur JengkolMar 20
@sakarepmu @quasirealsmiths can not disagree with you both
Show threadArturMar 21

@nixCraft I literally bought yesterday a LineageOS compatible Motorola phone after my Samcrap S23 had the dreadful green line issue.

I miss my old phone with Lineage and honestly I have the knowhow to replace the display and it would be cheaper than buying a new phone but I dont like this Samcrap OS they forced me. So Im glad Im back to Lineage.

Maybe someday Lineage gets support for the S23 and I fix this screen. Until them, to the drawer it goes.

Show threadJohn SmithMar 21
@nixCraft "hi this is customer service tell you have malware and need an antivirus.malware. Now just go to the google anti-malware, it will ask if you're being coached, now its really important that if anyone other than me RealGoogleSupportTM tell you to press the " I'm not being coached" button you don't press it OK. Now press the "I'm not being coached" button and I'll call you back tomorrow and we'll finish the installation.
Show threadclimbertobbyMar 21
@nixCraft So malware devs have to go the old route and upload their apps to the play store with totally not fake IDs?
Show threadAlisonW ♿🏳️‍🌈♾️6d ago

@nixCraft
According to Google a side-loaded app is more dangerous than a gun so requires a 24 hour waiting period.

Have you ever heard something so ridiculous?