←back to thread

Android's sideloading limits are its most anti-consumer move

(www.makeuseof.com)
424 points josephcsible | 2 comments | 13 Oct 25 15:24 UTC | HN request time: 0.42s | source
Show context
mixologic ◴[13 Oct 25 16:43 UTC] No.45570464[source]
If you want to install software on your Microsoft Windows computer, it has to be signed by a verified developer, otherwise you get an overridable warning that the developer cannot be verified, the software may contain malware etc.

If you want to install software on you MacOS machine, the same thing applies. It must come from a verified developer with an apple account, otherwise you get a warning and must jump through hoops to override. As of macos15.1 this is considerably more difficult to override.

If you want to install iOS apps, the apps have to be signed by a verified developer. Theres no exceptions.

I just dont see a future where being able to create and publish an app anonymously is going to be supported.

Becoming a verified developer is a PITA, and can take a while or be impossible (i.e. getting a DUNS number if you're in a sanctioned country might be not at all possible) but at the same time, eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win.

replies(6): >>45570536 #>>45570538 #>>45570695 #>>45570709 #>>45570822 #>>45570944 #
1. throw10920 ◴[13 Oct 25 17:22 UTC] No.45570944[source]
> eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win

No, this is just false. There's numerous, well-documented instances of malware making it past gatekeepers security checks. This move is exclusively about Google asserting control over users and developers and has nothing to do with security or safety.

The only "huge safety win" comes from designing more secure execution models (capabilities, sandboxing, virtual machines) that are a property of the operating system, not manual inspection by some megacorp (or other human organization).

replies(1): >>45572262 #
2. mixologic ◴[13 Oct 25 19:19 UTC] No.45572262[source]
Thats a false equivalency. I didnt say that software was safe because its been checked. Just that at the least, one can somewhat figure out where the software came from.

Getting a DUNS number obviously doesn't make it so that you cant publish malware. It just provides a level of traceability/obstacle that slows down the process of distributing malware.