Most active commenters
  • raw_anon_1111(10)
  • ptrl600(3)

←back to thread

Android's sideloading limits are its most anti-consumer move

(www.makeuseof.com)
522 points josephcsible | 21 comments | 13 Oct 25 15:24 UTC | HN request time: 2.603s | source | bottom
Show context
itg ◴[13 Oct 25 16:13 UTC] No.45570037[source]
Installing any app I want outside the Play Store was the primary reason I decided to go with Android, despite most of the people I know using iPhones. If I can't do this anymore, I may as well switch and be able to use iMessage and FaceTime with them.
replies(15): >>45570221 #>>45570261 #>>45570265 #>>45570587 #>>45570668 #>>45572259 #>>45572346 #>>45573245 #>>45573688 #>>45573719 #>>45573848 #>>45573983 #>>45574065 #>>45574119 #>>45574318 #
jadbox ◴[13 Oct 25 16:29 UTC] No.45570261[source]
You can still install apps outside the play store, but the developer does need to verify their signing information. Effectively this means that any app you install must have a paper trail to the originating developer, even if its not on the app store. On one hand, I can see the need for this to track down virus creators, but on the other, it provides Google transparency and control over side loaded app. It IS a concerning move, but currently this is far from 'killing' non-appstore apps for most of the market.
replies(10): >>45570571 #>>45570633 #>>45570634 #>>45570683 #>>45571257 #>>45571700 #>>45572133 #>>45572345 #>>45573858 #>>45574064 #
omnimus ◴[13 Oct 25 16:57 UTC] No.45570633[source]
Yeah... no. This is normal with desktop computers. Let's stop handholding people. If I trust the source, I trust the domain... I want to be able to install app from its source.

Googles/Apples argument would have been much stronger if their stores managed to not allow scams/malware/bad apps to their store but this is not the case. They want to have the full control without having the full responsibility. It's just powergrab.

replies(2): >>45571729 #>>45572271 #
1. raw_anon_1111 ◴[13 Oct 25 18:27 UTC] No.45571729[source]
And you are completely ignoring viruses, ransomware, keyloggers, the 50 toolbars etc that has been the staple of Windows and before that DOS for over 40 years.

Scam apps are rife in the iOS App Store. But what they can’t do easily install viruses that affect anything out of its sandbox, keyloggers, etc

replies(3): >>45571935 #>>45572108 #>>45572592 #
2. omnimus ◴[13 Oct 25 18:46 UTC] No.45571935[source]
Sandboxing isn't feature dependent on Apple being a big curator is it? These are orthogonal but not the same issues. I've never said that PCs don't have viruses or that it isn't a problem, only that I should be able to install software from developer I trust if I want to.

I agree let's have sandboxed app instalations on platforms. Flatpak is already going this way. But it looks like big players Microsoft,Apple and Google are gatekeeping app sandboxing behind their stores instead of allowing people/devs to use sandboxing directly.

replies(1): >>45572014 #
3. raw_anon_1111 ◴[13 Oct 25 18:55 UTC] No.45572014[source]
And then there will still be complaints about Google limiting what apps can do and take away “your freedom”. What happens when a third party app wants to be able to read in other apps internal storage to create a back up solution like iCloud? Should that be allowed? What about if they want to create an app that autocompletes what you type when working in another app requiring key logger like capabilities?
replies(1): >>45572149 #
4. xigoi ◴[13 Oct 25 19:05 UTC] No.45572108[source]
The toolbars don’t just magically appear there. They are the product of a technically illiterate user.
replies(1): >>45572421 #
5. heavyset_go ◴[13 Oct 25 19:09 UTC] No.45572149{3}[source]
What part of "I should be able to install software from developer I trust if I want to" was hard to understand?
replies(1): >>45572367 #
6. raw_anon_1111 ◴[13 Oct 25 19:29 UTC] No.45572367{4}[source]
Then you don’t want sandboxing if you want all of those permissions.
replies(2): >>45572554 #>>45572854 #
7. raw_anon_1111 ◴[13 Oct 25 19:34 UTC] No.45572421[source]
Yes because technically literate users shouldn’t have trusted mainstream companies to not install bundle ware back in the Day? They shouldn’t have trusted Zoom not to install a web server on Macs surreptitiously that caused a vulnerability? They shouldn’t have searched Google for printer drivers not knowing that it was a fake printer driver? They shouldn’t have trusted Facebook when they installed VPN software that tracked all of their traffic from any app?

Is that really your answer? To make the phone ecosystem as fraught as Windows PCs for the average user? How is they worked out for PC users since the 80s?

replies(2): >>45573852 #>>45573959 #
8. heavyset_go ◴[13 Oct 25 19:46 UTC] No.45572554{5}[source]
You can have sandboxing and run whatever you want. I do it every day on PCs where I, the user, can define the terms of sandboxing any appliclation I want, and not a trillion dollar corporation using sandboxes to enforce their chosen revenue streams upon users.
replies(1): >>45573121 #
9. getpokedagain ◴[13 Oct 25 19:50 UTC] No.45572592[source]
You are missing the part where the OS provider is the virus and keylogger. Unless of course you feel it reasonable that google and apple datamine everything you type via their software keyboard[0] or reading the contents of your notifications via play services[1].

0 - https://discuss.grapheneos.org/d/16046-google-keyboard-w-net... 1 - https://discuss.privacyguides.net/t/sandboxed-google-play-pr...

replies(1): >>45573093 #
10. ptrl600 ◴[13 Oct 25 20:14 UTC] No.45572854{5}[source]
Sure I do. I sandbox what I want when I want.
replies(1): >>45573039 #
11. raw_anon_1111 ◴[13 Oct 25 20:33 UTC] No.45573039{6}[source]
So now you are expecting users to navigate hundreds of permissions and know the consequences of each one? How did that work out for Vista?
replies(1): >>45573412 #
12. raw_anon_1111 ◴[13 Oct 25 20:39 UTC] No.45573093[source]
You mean if you run an OS made by a company whose whole profit model is based on tracking users so they can advertise to you is invading your privacy?
13. raw_anon_1111 ◴[13 Oct 25 20:41 UTC] No.45573121{6}[source]
Yes and for you to think that is a valid argument for a consumer product is why most open source products suck for consumers and end up being about as bad as the “homermobile”.
14. ptrl600 ◴[13 Oct 25 21:16 UTC] No.45573412{7}[source]
Yes, if you bother with the rigmarole of escaping walled garden then you should be expected to navigate 20-30 permissions, which is in practice all that's necessary.

If users without that level of technical skill are pressured into making those decisions, that's because they're being mistreated.

replies(1): >>45573529 #
15. raw_anon_1111 ◴[13 Oct 25 21:27 UTC] No.45573529{8}[source]
“Besides that, how was the play Mrs. Lincoln?”
replies(1): >>45573605 #
16. ptrl600 ◴[13 Oct 25 21:36 UTC] No.45573605{9}[source]
Nah it's really not that bad.
17. orangecat ◴[13 Oct 25 22:08 UTC] No.45573852{3}[source]
How is they worked out for PC users since the 80s?

Just to be clear, are you claiming that we would be better off if PC hardware and OS vendors had the level of control that smartphone vendors do today?

replies(1): >>45573966 #
18. Wowfunhappy ◴[13 Oct 25 22:21 UTC] No.45573959{3}[source]
Technically illiterate users should leave the default security settings enabled.

In the modern day, I actually think this mostly works? Are you aware of instances where normies installed Windows malware because they purposefully disabled Windows Defender?

Everyone always talks about the "Dancing Bunnies Problem" but I'm not convinced it's actually a thing.

replies(1): >>45574098 #
19. raw_anon_1111 ◴[13 Oct 25 22:21 UTC] No.45573966{4}[source]
For almost every user - yes. If apps had to run in a strict sandbox it would be better for most users. Where it would make you jump through an incredible number of hoops or even install “developer editions” of operating systems.

You really can’t trust developers to do the right thing - even major developers like Zoom (the secret web server) , Facebook (the VPN that trashed usage actoss apps on iOS) and Google (convincing consumers to install corporate certificates to track usages on iOS).

Even more to the point, you read about some app installed outside of the Google Play store that’s malware - including the official side loaded version of FortNite…

https://blog.checkpoint.com/research/fortnite-vulnerability-...

20. raw_anon_1111 ◴[13 Oct 25 22:40 UTC] No.45574098{4}[source]
You mean like all of the ransomware that is being reported on a monthly basis? My mom looked for a printer driver by searching on Google and installed some type of crap that wasn’t the official driver. She is 80. But she has actively been using computers since we had an Apple //e in the house in 1986.

On the Mac, people installed Zoom and it installed a backdoor web server.

replies(1): >>45574146 #
21. Wowfunhappy ◴[13 Oct 25 22:47 UTC] No.45574146{5}[source]
I'm explicitly only talking about ransomware that requires disabling Windows Defender.