The company says it is now developing an “advanced flow that allows experienced users to accept the risks of installing software that isn’t verified.” This installation flow will include safeguards to protect people who are being coerced into installing a dangerous app, or tricked by a scammer, along with “clear warnings to ensure users fully understand the risks involved.”
IIRC we already had to enable a setting and confirm a warning popup. What are they gonna do? Add more popups? A captcha-“puzzle”? Less easy to accept dialogs?
Honestly a less easy to accept dialog would go a long way.
Just make it require ADB. Iv had my grandfather fall victim to a crypto scam that got him to install a app on his phone.
As much as we hate it, google is the only one who has any power to prevent abuse of the stupid, elderly and gullible. Someone has too.
There is a line of going to far to protect people that just makes things worse for everyone. But the reality is, our freedom comes at the expense of others freedom.
Nah screw needing adb, that absolutely kills free and open source software stores like fdroid, and fdroid have said as much that Google’s then planned signing requirements would lead fdroid to stop.
The only way I’d even be remotely OK with another adb requirement is if
it’s a requirement to unlock the ability to install unsigned apps, ie it’s not to an install an app but set a flag
#1 becomes a requirement for Google certification so all manufacturers have to allow it
It doesn’t cause other types of attestation to fail that we see with unlocked, rooted and third party roms failing certain checks preventing some apps, most commonly banking ones from working
At least with something like shizuku one can effectively adb to your own phone, so even if adb became required to install non-google-approved apps on one’s own phone… It will not block FOSS for long.
Then you’d need to run adb once for the first install of fdroid/shizuku. Admittedly not great, but doing that once will not stop many OSS enthousiasts. It would widen the gap between power user and normal user considerably which also isn’t great.
As much as we hate it, google is the only one who has any power to prevent abuse of the stupid, elderly and gullible. Someone has too.
Not far enough. We should require a government agent to be with people to verify there isn’t any fraud before allowing any money transactions to happen.
Wanna buy food at the grocery store? Please wait for your assigned NSA agent to verify that you’re not being scammed.
IIRC we already had to enable a setting and confirm a warning popup. What are they gonna do? Add more popups? A captcha-“puzzle”? Less easy to accept dialogs?
Honestly a less easy to accept dialog would go a long way.
Just make it require ADB. Iv had my grandfather fall victim to a crypto scam that got him to install a app on his phone.
As much as we hate it, google is the only one who has any power to prevent abuse of the stupid, elderly and gullible. Someone has too.
There is a line of going to far to protect people that just makes things worse for everyone. But the reality is, our freedom comes at the expense of others freedom.
Finding the balance is hard.
Nah screw needing adb, that absolutely kills free and open source software stores like fdroid, and fdroid have said as much that Google’s then planned signing requirements would lead fdroid to stop.
The only way I’d even be remotely OK with another adb requirement is if
I think whatever is required for third party apps and stores should also be required for play store. No special treatment for their own files.
Eg: “Warning: Are you sure you trust GooglePlayStore.apk? This software might be harmful.”
I reckon that Google would magically get the messaging exactly right with that requirement.
At least with something like shizuku one can effectively adb to your own phone, so even if adb became required to install non-google-approved apps on one’s own phone… It will not block FOSS for long.
and how do you enable shizuku? you need a PC for that too
You do not, it can connect with your own wireless debugging session. https://shizuku.rikka.app/guide/setup/#start-via-wireless-debugging Works since android 11
Couldn’t they just refuse to sign shizuku and you’d be stuck in a recursive loop of needing a pc anyways?
Then you’d need to run adb once for the first install of fdroid/shizuku. Admittedly not great, but doing that once will not stop many OSS enthousiasts. It would widen the gap between power user and normal user considerably which also isn’t great.
Not far enough. We should require a government agent to be with people to verify there isn’t any fraud before allowing any money transactions to happen.
Wanna buy food at the grocery store? Please wait for your assigned NSA agent to verify that you’re not being scammed.
(Is /s even needed?)
I think the dialog can be changed to give a more stern and obvious warning before escalating to no alternative installs without developer tooling.