This article more eloquently phrases how I feel about the new #android #sideloading rules: https://www.androidauthority.com/i-dont-recognize-android-i-fell-in-love-with-3650462/ I pretty much agree with everything that this journalist is saying.
The new rules might cause some friction -- but they generally make Android safer for everyone.
And that's always a good thing.
@r3spawndbae Sorry, but how do they make it safer?
F-droid vets all the apps they serve to make sure they do what they say. Meanwhile the Google Play store is full of apps that spy on you and track you, and there's no way an actual human is checking each and every app in there.
Not to mention that having to give your personal information to Google makes *no one* safe.
Anyone can make apps for Linux or Windows -- is it "unsafe" to use them? Or do we trust users to do their due diligence?
@november by making it harder to do, every extra step gives the person installing a chance to pause and think about what they’re doing.
I don’t know Google’s thinking, obviously, but to me it feels like they just wanted to add some friction so it’s not just a mindless “click… click… done” installation of potentially dangerous or suspicious apps, while still respecting people’s choices.
The new policy doesn’t stop you; it just makes it harder, so you CHOOSE do it for apps your're sure about.
Have there actually been any documented cases of malicious downloads from third party app stores? If so, how do they compare to those risks and incidents from shitty, readily-available apps via Gplay? That's not a trick question, I have genuinely never heard of this happening and I doubt my grandma knows how to use Droidify etc.
It seems more like Google has invented a boogeyman, and instead of everyone pointing out that it's horseshit, all the tech people are going 'well at least we're slowing down the bogeyman!'
@wolfwalks @r3spawndbae I have never once heard of anything like that, unless it's from some app that's in both the Play Store *and*, like, UpToDown or APKPure or whatever.
I mean, I'm sure there's malicious APKs floating around on the internet, but most people aren't going to encounter them, and even if they do, the default settings on Android *already* mean you have to allow installations from third-part sources, which should presumably be enough to protect people. If someone is really determined to install some random ransomware on their phone, making them wait 24 hours isn't going to stop them, it's just going to inconvenience everyone else.
It also ignores the intense social engineering aspect of scammers. Like a scammer that, for some reason, wants someone to download one of these apps, will contact targets multiple times over a protracted period of time. They will say, 'in 24 hours please confirm this' and then they will call the target again to make sure they do it. Like you said - this changes nothing for malicious actors but changes everything for developers and FOSS advocates. This is going to make it way harder to introduce my non-techy loved ones to things like FOSSify calendar.
@november this is a very good point you make actually, and one that I honestly wasn't considering.
Fair made.
As we have seen apps from the Play Store be used maliciously. I think I was assuming that Play Protect would now offer protection against those kinds of apps.
Maybe I was wrong though.
Jay
november 🀄 in my mahjong era
wolfwalks