Is it possible to allow sideloading and keep users safe?

Yes and called viruses, dozens of toolbars on your computer, key loggers, malware, ransomware, etc.

If you want an open phone, buy one. But I instruct all of the older members of my family to buy iPhones and iPads.

I’ve been programming computers since 1986 and even I have never said it would be cool to side load on my phone.

> If you want an open phone, buy one.

Is this a joke? The reason for TFA is precisely that this is quickly becoming impossible as Google closes down Android. It's already viciously impractical to install a privacy respecting OS like Lineage or Graphene, and now they're coming for the very possibility of installing software.

> If you want an open phone, buy one.

There are none that are usable.

> I’ve been programming computers since 1986 and even I have never said it would be cool to side load on my phone.

Because you know about the options, and probably have at least one computer where you can install what you want. Imaging if 1986 you only had access to an iPhone, like most young people today, would you still be programming computers 40 years from now then? There are new computer science students in university that doesn't know how file paths work.

People on HN that run non Google Android phones seem to argue otherwise.

In 1986, it would have been like having my only “computer” my Atari 5200. Are you really arguing that kids today don’t know that computers exist? I can’t see myself enjoying programming if the only thing I had was an iPhone with a keyboard and mouse - but it being “open”.

And stallman since even longer but he's considered "not quite there" by quite a few. Age isn't everything

This is becoming more difficult with every android release. Unfortunately, Google are on track to be as opaque as Apple within a couple of versions.

I have bought one. The problem is that all the good hardware is locked down because of people like you.

All of the services I need to operate my buisness (such as my banking app) are also locked down to locked down OSes thanks to the silent majority and viewers like you.

What bank doesn’t allow you to access them from a website? If your bank doesn’t allow access from a website on your computer then you made a choice to use a hostile bank.

What does a Google Android release have to do with nom Google Android releases?

Is viciously impractical yet people on HN brag about doing it all the time?

5 years ago you could install custom rom and still use 99% of apps with it. Now with Google "safety" and "certification" features you won't be able to use most of financial apps and a lot of non financial apps too.

Obviously there no way on earth Google will allow you to decide whatever device you own is "safe". There is still ways to bypass it using kernel hacks, but it's both cat and mouse game and often not very trustworthy since a lot of software used to bypass safetynet is proprietary.

So yep, using custom OS on your phone is impractical because Google made it so.

And people keep saying this - what financial services companies are inaccessible via a web browser? And if they do exist, why do you choose such a bank?

I’ve heard people say Monzo in the UK. But there are plenty of banks in the UK you can choose from in the UK that have websites

> And people keep saying this - what financial services companies are inaccessible via a web browser?

You've already quoted one example so you know which was the trend is going, but since you asked here is another. New bank accounts handed our by https://boq.com.au/ can only be accessed from a phone, or via the web.

I started banking with them a long time ago. All accounts open back then have net banking, but no app. They've recently changed. New bank accounts can be accessed via an app, but web interface. I think this is a good thing in general. Insisting you do transactions using your phone or in a branch is far more secure that allowing payments via the web, or card.

As fraud continues to increase I suspect most payment systems will go that way. I would not be surprised if the bulk of non-cash payments on the planet are already done by phone: https://theconversation.com/no-more-card-charges-how-austral...

Then choose another bank f not using apps is imprtant to you. I mean you have agency. Are you saying there are no banks in Australia that you can do without an app?

N26 doesn't.

N26 bank for example.

It's actually an EU law that financial apps must use something like Play Integrity and online banking must be authenticated by a smartphone.

More core functionality with every release. The open source parts of Android are shrinking and it's becoming more and more difficult to fill the gaps in a functional way. Right now it's ok, but it gets harder with every release.

Most of the ones in the UK, if you access them via the website, require a security code from their app. They often have a backup via the terribly-insecure method of phoning or texting you a code.

You keep calling this 'hostile' and we should choose something else, but the whole reason we're complaining is because the choices are going away! Should we wait until we have literally zero choice (as opposed to limited choices with bad tradeoffs) before complaining?

Your problem is with the banks - you should be getting laws passed or direct your energy there. None of the major banks in US are app only and they all have fully functioning websites.

Then you should be directing your ire at your legislators. For forcing dependence on Google and Apple.

I was answering this question from you, not asking for advice:

> what financial services companies are inaccessible via a web browser?

Yes the fix is obvious if it was a problem. I thought I made it clear I think it is a net increase in security, and so isn't a problem, for me anyway. Even if it was a problem, your throw away suggestion of "just move to another bank" is not so easy if you've borrowed money from the bank.

None of this has anything to do with topic being discussed - which is should Google allow side loading of unsigned apps. You seem to be positively enthusiastic about handing the keys to your life and assets to Google and / or Apple. The comments you see here are from people who aren't so sanguine about it. You look to be dismissive of their concerns. I would be too, if I thought if what they are doing yielded a big increase in security.

The OS should be so secure loading any app, signed or not, malicious or not, is mostly harmless. That is true for iOS and Android. You can always uninstall an app, and you have to give it additional permissions to access your data. I don't know if an app can attest it was downloaded from the web store so organisations like banks can be sure they are talking so software they issued. If it isn't, that's a security hole that should be closed.

Unlike adding attestation, sideloading apps doesn't look to be a security hole that needs fixing to me. I'm doubt it provides much additional security. I've personally had to fix phones whose apps went rogue after a spammers bought the developer licence from an abandoned app. Worse, the app still had the permissions granted to the original.

This new requirement does create barriers. I use apps from F-Droid. They typically have no ads, and they do what they say on the box. Security in the long term is higher than a Google store app because the source is available, and F-Droid uses reproducible builds. But I would not be surprised to find some open source app developers that aren't as keen as you are to hand over their private data to Google in order to get their keys signed, so there will be less F-Droid apps. If that happens, this new requirement would lead to a net reduction in security for me.