(enaix.github.io)

194 points sleirsgoevy | 2 comments | 31 Oct 25 20:20 UTC | HN request time: 0s | source

1. t_mann ◴[31 Oct 25 21:41 UTC] No.45777014[source]▶

> verified loader apk, which in turn dynamically loads any apk the user wants

Wasn't this kind of solution considered and sort of dismissed (because of too much centralization iirc) by F-Droid (can't find the reference now)? It seems like something that's worth trying, but in the end it's just a band-aid. If it gets any traction Google will shut it down. The real disease is dependence on a duopoly of (quasi)-proprietary OS for the dominant computing platform of our time.

replies(1): >>45777077 #

2. kevincox ◴[31 Oct 25 21:48 UTC] No.45777077[source]▶

>>45777014 (TP) #

I see a handful of problems.

1. The loader will just get banned.

2. The application ID and permissions are that of the loader. To have different applications with separate data and permissions you would need multiple copies of the loader.

3. You miss out on other android security features such as application signing validation for updates.

↑

A theoretical way to circumvent Android developer verification