So it’s on the same scale as buying a gun in the states.
I didn’t realise it was so dangerous.
Not quite. The majority of states have no waiting period to buy a gun and there’s no federal law, either.
Political power grows from the barrel of f-droid
It’s so weird that they don’t take comments on the android developer blog post… Almost like they think it’ll be hugely unpopular.
While I understand that Google probably hasn’t provided the answers yet, I have two questions about this. First, will I need to setup a pin for my devices? I don’t normally use any form of a lock screen on my devices and I’d prefer to continue not having them but I know from personal experience that some android devices don’t allow you to remove the lock screens after you set them up.
Second, during the 24 hour waiting period, is the device still usable? I know this might sound like a stupid question but Google’s vague wording has me wondering.
Stop fucking calling it sideloading. It is called installing an app
Google is the epitome of living long enough to become the villain.
How about a 24 hour waiting period for me to harden my OS before Google slurps up all my data.
In these scenarios, scammers exploit fear – using threats of financial ruin, legal trouble, or harm to a loved one – to create a sense of extreme urgency. They stay on the phone with victims, coaching them to bypass security warnings and disable security settings before the victim has a chance to think or seek help.
Does this actually happen? Or they just trying to manufacture consent to all this bullshit?
Do calls like that happen? Unfortunately, yes.
Is it a reason to lock down and enshittify every computing platform, every OS, every Internet-connected device until we own nothing, control nothing and can’t install what we please?
It’s an age old tactic of manipulation to start with something true, exaggerate the threat, and apply it everywhere possible.
they do happen yes
This is not a solution at all. They want to make sick of users who have to wait a whole day ust to install a fucking app. Fuck them.
fuck google. We immediately need linux like alternative to android
Is GrapheneOS a good enough alternative?
I am very interested in switching to that when their phone comes out… But I wish pure Linux were viable.
It just works. Some banking apps won’t.
One of my banking apps (Citi) didn’t even work in stock Android on a Pixel. It thinks I’m rooted lol.
Everything works well enough in the browser though. Nowadays I just do all that stuff on a desktop PC. Not everything needs to be an app or even done on a phone.
The desktop versions of bank websites have everything I need, whereas mobile versions can skip out on certain features. Plus, these apps tend to hoard perms for “security” reasons, or so they say.
If you have a strong password and legit MFA (like TOTP or a physical key), use a trusted device/browser that’s good enough. There shouldn’t be a need to grab my location or nearby devices.
Bonus points if the bank lets you review login sessions and deauth devices, flags things like impossible travel, etc.
Credit unions tend to do better. DCU is one example. They excel at security, don’t do any silliness with perms in their app, let you review logins and devices, and have a strong MFA implementation. The big private national players just want to sell you to data brokers to pad their margins while you pay ridiculous interest rates on their crappy products and get nothing in return.
I use the browser with a hardware TAN generator, though my bank’s app works fine on GOS.
Graphene has some quirks, but overall experience is solid. Not perfect, but it does the job.
It just works. Some banking apps won’t.
Meanwhile the scam apps and viruses in the damn play store: …
I teach digital literacy and 99% of unsavory software I encounter on people’s phones come from the play store or app store
I will believe that they’re serious about protecting users when I see them do something about the crap ton of borderline scam solitaire and weather apps infesting their stores
Your wish is fulfilled. Google now requires the government id, full biometrics and shared gps location to publish apps in the store.
“Sideloading”
Aka avoiding the monopoly app store with your own device
I already migrated to Graphene. Knowing my luck if I wouldn’t then Google would go through with this shit.
A one day wait period to install an app on your mobile pocket computer. Fucken bullshit.
Edit: to all the “its one time” defenders, its one time for now. Stop falling for it. It always starts with an inch.
It used to be no time at all. You could just do it. From that perspective they’ve already taken a mile.
From zero to any nonzero value is infinite miles
From zero to any nonzero value is infinite miles
I mean, it always starts with an inch but what people dont get is that compared to the 2000’s we are a mile deep and compared to rhe 80’s we are already in a dystopia.
Well if you’re in the US you can head down to your LGS, buy a Glock 19 and do some plinking while you wait for the software to install on your phone :/
sushhh… the shareholders’ imaginary line has to go up.
I mean, it always starts with an inch but what people dont get is that compared to the 2000’s we are a mile deep and compared to rhe 80’s we are already in a dystopia.
One day wait period to enable installing third party apps. Afterwards no extra wait time or verification.
I think it is a reasonable compromise. They could have made it a day wait for any and every time you wanted to side load like this. It prevents accidental or malicious activation, while also giving you the feature you want with the smallest of roadblocks as confirmation you want it. And you only have to do it one time. I don’t think it’s the burden you do.
People this willing to let a self-enriching corporate nanny state erode their ability to use the products they paid for terrify me.
People this willing to fall for the blatant corporate strategy of “We’ll announce something unthinkable but then backpedal to something “only” terrible (and then probably do the unthinkable thing later now that we’ve encroached further and softened the blow)” for the millionth time confound me.
Show some dignity; jesus christ. This isn’t a “compromise”. Me breaking into your house, threatening to kill you, but then “only” hitting you with a bat and leaving isn’t a “compromise”.
In the sales world, this effect is called “price anchoring” and is used by tons of companies. All those sales you see where something is “marked down 50%!” are using a manufacturers price that does exist in real life to get that 50% markdown. In reality, the sale price is just the actual price of the item but people see the “huge discount” and think they’re getting a deal.
Long live lineagos
Things like LineageOS are a workaround, not a solution.
The solution has to be legal, not technical. Companies have to be stopped from trying to fuck with users’ property rights in the first place!
The US constitution basically guarantees us root access to our own lives (life, liberty, and the pursuit of property/happiness). I’d like the same or better for my devices.
Yup. I’ve heard this first about Home Assistant, but software like this often inadvertently acts like a pacifier for tech enthusiasts. We may have our neat solution for the moment and be content with that, but that doesn’t help anyone else, or us in the long term. Things will get worse with no push-back.
Disclaimer: That’s not to say that we shouldn’t advocate for those tools in the meantime as well. We just shouldn’t lose track of the actual problem.
People get what they pay for.
Hyperbole much?
This is a basic balance between the needs of the few, and the security of the many. The benefits of a one day speed bump are far more beneficial for the billions of Android users in the world, and offer no meaningful negatives to those that wish to enable this feature beyond that delay.
I realize that many people here are in or adjacent to IT work, and so are more passionate about these sorts of topics and are well versed in the risks, but in my opinion, allowing a simple, immediate way to bypass all security checks and install whatever you want immediately is a pretty big security hole, even if it is self-created. It makes sense to put those roadblocks up to protect the 99.9% that will never use this feature, as well as those that may activate it not understanding the risk. You may be comfortable with it, and that’s great, but that doesn’t mean every Android should. This is why prompts asking about coercion and not your IT prowess.
Finally. your example is poor. Google is not breaking into your phone and hurting you in way. If anything, it’s like a real estate agent that’s not giving you the keys until the bank opens so your check can clear. It’s a process issue, nothing more.
Your ability to use your device, as you see fit, installing anything you want, is entirely possible with a single one-day delay. As I said, I don’t think it is an unreasonable ask, nor the enormous inconvenience you make it out to be.
What is it a compromise between? People who think they own the thing they paid for and people who don’t?
Obviously we need to find a middle ground between owning the things we purchase, and not owning them. Having access, but making it annoying is a very reasonable option.
Why? We are paying full price for these devices and nothing in any agreement made at the time of purchase suggests that you don’t own them. Why is it necessary to meet a middle ground between “you got what you paid for” and “you didn’t”?
Because everything must get worse.
I realize you are making a joke, and I agree that purchase is always better than subscription. Everyone in this situation owns their device.
But that doesn’t mean an easy to activate security bypass should be made available to everyone with no guardrails, either, should it?
No. Fuck all of that. I will not have some fucking Corp tell me what I can install and when on my own goddamn hardware.
If they want to implement something like this, make it an opt-in toggle during device setup to put the phone into nanny mode
A reasonable compromise would be not telling people what they can and can’t do on devices they paid for. If Google wants that level of control, they can buy my phone for me.
While I understand your sentiment, with all due respect, they are giving you the control with this process. You’re only mad you have to wait one day one time before you can do it.
I don’t have to do shit, because I Graphene for the same reason I use Linux. I’m not interested in asking a corporation for permission to do what I want.
Important to note ADB is still unaffected
