Technology

Stop fucking calling it sideloading. It is called installing an app

A one day wait period to install an app on your mobile pocket computer. Fucken bullshit.

Edit: to all the "its one time" defenders, its one time for now. Stop falling for it. It always starts with an inch.

So it's on the same scale as buying a gun in the states.

I didn't realise it was so dangerous.

It's so weird that they don't take comments on the android developer blog post... Almost like they think it'll be hugely unpopular.

Motorola has Graphene OS soon.

To those who think it is a fair compromise: It is not.

Android already had one layer of this shit before. When installid freshly dowloaded apk, android would prompt you to confirm that the source of the apk is trusted. This was not like this before. Before you'd just install apk.

And I agree to a certain amount. But thing is, it was added for no specific reason. People who install apks form outside source, will keep doing it and they 99% of the time know what they are doing or being told to do so by someone who knows what they are doing.

Adding another layer to this wont solve the problem, except make users annoyed for 24h wait time. And this is only adding 1 layer now. Who the fuck knows what is going to be 1 year later. 5 years later?

Google is the epitome of living long enough to become the villain.

I teach digital literacy and 99% of unsavory software I encounter on people's phones come from the play store or app store

I will believe that they're serious about protecting users when I see them do something about the crap ton of borderline scam solitaire and weather apps infesting their stores

google doing their best to make me move to a different platform for my next phone.

anybody know of other options?

This would make sense if google play store wasnt full of malware. Scammers dont need you to sideload malicious apps they just get you to download it from the play store.

In these scenarios, scammers exploit fear – using threats of financial ruin, legal trouble, or harm to a loved one – to create a sense of extreme urgency. They stay on the phone with victims, coaching them to bypass security warnings and disable security settings before the victim has a chance to think or seek help.

Does this actually happen? Or they just trying to manufacture consent to all this bullshit?

How about a 24 hour waiting period for me to harden my OS before Google slurps up all my data.

So, the idea is to make the process as annoying as possible.

fuck google. We immediately need linux like alternative to android

Meanwhile the scam apps and viruses in the damn play store: ...

"This is Android's new 'advanced flow' for INSTALLING apps without verification". Sideloading is such a bullshit term made only to confuse consumers. They can wrap that in sparkling wrapper, but it's still security theater at best and definetly misleading. Apps from F-Droid or any other app 'store' are not any less safe than the ones at googles own offering.

Remember when you used to own shit? Wow. This is beyond fucked. Right now, it’s “one day”. But this is only because they got a shit load of backlash for disallowing ALL installing software without their permission. They WILL enact it. They’ll just wait until people are used to this. Then they will disallow it all.

"Sideloading"

Aka avoiding the monopoly app store with your own device

it's very clear we have to escape Android and Google entirely, there is no other option.

Please donate to PostmarketOS if you have the means, it gives us a true alternative that is completely community owned, it just needs our support to become polished and to add support for more phones.

We have to support software that's still made for us. While we still can.

Is no one realizing that apps still have to register and ID themselves? It says that apps limited to 20 people or less won't need to. At least the phrasing lends itself to that suspicion.

Do usual dev mode shit...

1. You then have to confirm that you aren’t being coached/guided/instructed by a bad actor to turn off the security measures.

2. This is followed by a device restart and re-authentication that “cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.”

3. A required “Security wait” takes one day to “confirm that this is really you who’s making this change with our biometric authentication (fingerprint or face unlock) or device PIN.” This is a one-time wait.

4. Afterwards, you can install apps from unverified developers indefinitely, while there’s also a 7-day “Turn on temporarily” option.

I don't think the wait is necessary. If someone were to continue being scammed after a reboot, they'd continue to be scamme tomorrow. An additional education piece after the reboot would be more effective.

Important to note ADB is still unaffected

While I understand that Google probably hasn't provided the answers yet, I have two questions about this. First, will I need to setup a pin for my devices? I don't normally use any form of a lock screen on my devices and I'd prefer to continue not having them but I know from personal experience that some android devices don't allow you to remove the lock screens after you set them up.

Second, during the 24 hour waiting period, is the device still usable? I know this might sound like a stupid question but Google's vague wording has me wondering.