• JohnEdwa@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      88
      arrow-down
      1
      ·
      edit-2
      2 months ago

      It is, because it’s actually the term that defines the process of transferring files not from an external networked device - downloading - or to an external networked device - uploading - but between two local devices - sideloading.

      It’s over two decades old, you downloaded an mp3 from kazaa, and then sideloaded it to your player.

      For android apps, I believe the term originates from the method of using ADB to directly write the app to the phone memory, the command of which is “adb sideload filename”

      • ideonek@piefed.social
        link
        fedilink
        English
        arrow-up
        43
        arrow-down
        3
        ·
        2 months ago

        And companies ofted do it. Thay recoined jaywalking to put the blaim of the accidents to pedestrians and take away the road from them. They change what littering means in attrmpt to delute the responsibility for polution… We are better than that this time, right?

        • Ulrich@feddit.org
          link
          fedilink
          English
          arrow-up
          4
          arrow-down
          29
          ·
          2 months ago

          Thay recoined jaywalking to put the blaim of the accidents to pedestrians and take away the road from them.

          How do you suppose that works, exactly?

          • ozymandias117@lemmy.world
            link
            fedilink
            English
            arrow-up
            45
            arrow-down
            3
            ·
            2 months ago

            I assume you’re unaware of the concerted advertising campaigns by auto manufacturers to take public streets away from pedestrians, including things like

            The industry hired actors dressed in old-fashioned clothing to illegally cross streets, making the behavior seem outdated

            https://missedhistory.com/1800/lobbying-trick-blamed-pedestrians-inventing-jaywalking/

            “Jay” had started as a word for drivers driving on the wrong side of the road

            jaywalker was pre-dated by jay-driver – a driver of a horse-drawn carriage or automobile that refused to abide by the traffic laws by driving on the wrong side of the road

            https://debrabernier.com/the-history-of-jaywalking-in-the-u-s/

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              46
              ·
              2 months ago

              I assume you’re unaware of the concerted advertising campaigns

              Maybe try to stay on topic?

              jay-driver – a driver of a horse-drawn carriage or automobile that refused to abide by the traffic laws

              So jay-walker seems appropriate, does it not?

              • ozymandias117@lemmy.world
                link
                fedilink
                English
                arrow-up
                37
                arrow-down
                2
                ·
                2 months ago

                It’s extremely on topic for the thread you responded to.

                Google has a concerted effort to make “sideloading” bad, so they can remove it without public backlash

                The next comment in the chain mentioned how auto manufacturers did the same thing, villainizing people using public spaces by calling it “jaywalking” until it became illegal to walk on public roads

                That was done to take public spaces away from pedestrians and give it to cars

                This is being done to take software outside of Google Play away and give the only profit to google

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  30
                  ·
                  edit-2
                  2 months ago

                  The topic was how the existence of the term “jaywalking” “blames pedestrians” when they’re not actually to blame.

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  11
                  ·
                  2 months ago

                  How is it not off-topic? It has nothing to do with the suggestion that the word is used to blame pedestrians as a whole.

    • G3NI5Y5@piefed.social
      link
      fedilink
      English
      arrow-up
      62
      ·
      2 months ago

      Like “Jaywalking”, suddenly, walking is no longer the norm, but the car is preferred. The victims are seen as perpetrators.

      • ideonek@piefed.social
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        2 months ago

        And “littering” is the “real” culprit why we all drawn in uneccesey plastic. We should blame consumers not the polluters.

        Corporations do it all the time.

        • turmacar@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          2 months ago

          Yes, but littering used to be a legitimately big problem to. Like the hole in the ozone, now that it’s “solved”/ the norm for it to be getting better the focus should shift to other things.

          • ideonek@piefed.social
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            For sure. That’s why it worked so well. You take a valid problem and abuse it for your corporate gains.

    • yardratianSoma@lemmy.ca
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      24
      ·
      2 months ago

      Don’t forget “side effects”, when really, medications only have “effects”. Whether the effects are intended or not doesn’t change the fact that they happen.

      • knitwitt@lemmy.world
        link
        fedilink
        English
        arrow-up
        32
        ·
        2 months ago

        Cough medicine can induce drowsiness, but you probably shouldn’t be taking it as a sleep aid. The distinction between intended vs unintended effects is an important distinction to make, in my opinion, to prevent drugs from being unintentionally misused.

        • badgermurphy@lemmy.world
          link
          fedilink
          English
          arrow-up
          6
          ·
          2 months ago

          While that is true, it does not invalidate the poster’s point. All of the effects of drugs are just “effects”. They could just as easily market cough syrup as a sleep aid with the “side effect” that it suppresses coughing.

          The difference in definition in this context is simply that “drug uses” is the list of its effects that they were going for, and “side effects” are a list of effects that they were not. Its entirely a man made distinction. Extend that reasoning to the “installing” vs. “side loading” discussion to see the poster’s point.

          I believe him to be suggesting that “side loading” is a very different word for “installing” that can be loaded by PR people to shift public opinion against the practice. Whether or not they are doing that I can’t say myself, but that appears to be the point being made.

          They could just as easily have coined it “direct installing” or “USB installing”, but they didn’t even though those terms are more descriptive. Draw from that whatever you will.

        • yardratianSoma@lemmy.ca
          link
          fedilink
          English
          arrow-up
          3
          ·
          2 months ago

          Talking to the wrong guy here, I’ve taken many a medications against their intended purpose: I am a curious guy.

          But that sounds like saying, in the context of Google’s intention of disabling app sideloading, that warning users that it poses a security risk because it’s their intended purpose for android, is fine because the authority on android is Google.

          Don’t just take the word of authority at face value, when they prioritize profit and mindshare over personal freedom.

      • youmaynotknow@lemmy.zip
        link
        fedilink
        English
        arrow-up
        4
        ·
        edit-2
        2 months ago

        Wait, so now I have to talk to a doctor before installing from F-Droid? Well, shit.

        For all intents and purposes, your comment actually invalidates the premise of using ‘sideloading’ as a term for installing from outside the ‘official’ method.

        You buy cough syrup because you’re coughing, not because you want to be drowsy (I would hope that’s the case). In the same way, you install Spotify to listen to music, not to get all your data extracted and sold. Getting drowsy is an inconvenient side effect of the medication, the same way that data grab and ads are an inconvenient side effect of the app.

        You’re not ‘side-medicating’.

        • sem@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 months ago

          It’s a bad comparison because some people do take the medicine to get the side effects. For example taking benadryl to fall asleep.

        • yardratianSoma@lemmy.ca
          link
          fedilink
          English
          arrow-up
          2
          ·
          2 months ago

          You are the master of your body, the person who decides ultimately what goes in and out of your body, No doctor can force you to take anything. That’s what I mean, The play store aka the doctor wants to become the master that decides what apps go in or out of your phone, instead of the user. My comment doesn’t invalidate the premise of the use of the term sideloading, because I don’t agree with the term to begin with.

          Whether the effect is ideal or not does not change what is chemically happening in the body. The body can’t tell apart side effects from the main ones, so this distinction exists because humans deemed it so, just like the distinction between play store sanctioned apps, and everything else. It’s a distinction that Google is now abusing for it’s own monetary benefit.

        • Ulrich@feddit.org
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          37
          ·
          2 months ago

          Okay but it’s specifically software from outside the Play Store?

          • grue@lemmy.world
            link
            fedilink
            English
            arrow-up
            36
            arrow-down
            1
            ·
            2 months ago

            The point is, there shouldn’t be a distinction. To make one is to support prejudice against installing software from elsewhere.

            If you use “installing” for stuff from the Google store but any other word for stuff from other sources, you are aiding and abetting Google’s anti-property-rights propaganda.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              34
              ·
              2 months ago

              there shouldn’t be a distinction.

              There has to be. When 99% of installs come from one location, there needs to be a way to describe that other than “Installing apps from outside the default app store”.

              To make one is to support prejudice against installing software from elsewhere.

              No? It isn’t.

              • Vespair@lemmy.zip
                link
                fedilink
                English
                arrow-up
                15
                arrow-down
                2
                ·
                2 months ago

                The majority of PC game sales happen via steam but we don’t call games purchased from GOG “sideloaded.”

                There is no necessary reason to make the distinction

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  7
                  ·
                  2 months ago

                  There is no necessary reason to make the distinction

                  There is and I’ve already given it. MS app store doesn’t make up 99% of installations.

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  7
                  ·
                  2 months ago

                  It’s simply not the same thing and if you can’t understand how that makes it different, I don’t know how to help you.

              • yardratianSoma@lemmy.ca
                link
                fedilink
                English
                arrow-up
                2
                ·
                2 months ago

                The words for distinguishing between apps that come from one trusted location vs others is usually untrusted or unverified apps versus trusted or verified ones. “Installing apps from outside the default app store” converts to, “Installing an untrusted app”.

                It’s not that complicated.

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  2
                  ·
                  2 months ago

                  “Installing apps from outside the default app store” converts to, “Installing an untrusted app”.

                  It doesn’t. It’s not that complicated.

          • BootLoop@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            24
            arrow-down
            1
            ·
            2 months ago

            The same word that I use to when I get software that’s not on the Microsoft Store, the Mac App Store, or whatever distro’s Software GUI when I am using my desktop…

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              17
              ·
              2 months ago

              If the MS Store and Mac App store made up 99% of installs, that might make sense.

              • ideonek@piefed.social
                link
                fedilink
                English
                arrow-up
                13
                arrow-down
                1
                ·
                2 months ago

                Why? That’s a perfect example. There is no qualitative difrence between Microsoft Store and Play Store. Why quantitative difference in the market share would make any distinction in the terminology we use around the process?

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  5
                  ·
                  2 months ago

                  I’ve already explained why. I don’t know what more there is to say. If you don’t get it, that’s okay.

              • BootLoop@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                1
                ·
                2 months ago

                So when I install an app from Fdroid, it’s only “installing” if lots of other people do it? But if other people don’t use it as much it’s “sideloading”?

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  arrow-down
                  5
                  ·
                  edit-2
                  2 months ago

                  “lots of other people” was not the words I used.

                  It can be both “installing” and “sideloading”. One is just more specific.

          • Cethin@lemmy.zip
            link
            fedilink
            English
            arrow-up
            16
            arrow-down
            1
            ·
            2 months ago

            When I install software from the Arch User Repository I still just call it installing, even though it isn’t through the standard path. Everywhere else, you don’t make the distinction. For some reason on phones we’ve come to call it sideloading, even though the software is just software —it doesn’t care where it came from.

              • yardratianSoma@lemmy.ca
                link
                fedilink
                English
                arrow-up
                12
                arrow-down
                1
                ·
                2 months ago

                even within android, if you attempt to install an apk directly, it doesn’t say “would you like to sideload this application?”, but instead says, “Do you want to install this app?”.

                Even Google’s own OS doesn’t use made up language.

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  8
                  ·
                  2 months ago

                  I don’t know what that’s supposed to prove. Use of the word is not mandatory.

              • Cethin@lemmy.zip
                link
                fedilink
                English
                arrow-up
                6
                arrow-down
                2
                ·
                edit-2
                2 months ago

                Again, when I install something from the AUR (which is not where most software comes from —99+% are from official repositories) it isn’t given a special term. It’s the exact same situation as “sideloading” but we just call it installing. Can you explain what the difference is between them?

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  7
                  ·
                  2 months ago

                  —99+% are from official repositories

                  LOL you just lumped every other repository into one and then excepted the AUR for…reasons?

          • youmaynotknow@lemmy.zip
            link
            fedilink
            English
            arrow-up
            14
            ·
            2 months ago

            When you install a ‘.exe’ file in Windows, you don’t call it ‘sideloading’, you call it ‘downloading and installing’.

            This is the exact same thing. I download from sites, F-Droid, Obtainium, etc., and install the software that is the file I downloaded. I’m effectively NOT side-anything.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              3
              arrow-down
              9
              ·
              2 months ago

              You might call it that if 99% of software was installed from MS store.

              • DrDystopia@lemy.lol
                link
                fedilink
                English
                arrow-up
                9
                arrow-down
                2
                ·
                2 months ago

                0% of my android software is installed through Google Play. Then what?

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  8
                  ·
                  2 months ago

                  I don’t even know what that’s supposed to mean. We’re not talking about you.

          • EldritchFemininity@lemmy.blahaj.zone
            link
            fedilink
            English
            arrow-up
            10
            arrow-down
            1
            ·
            2 months ago

            The issue people have with making the distinction is that Google is trying to spin the narrative and make side loading seem like a dangerous and bad thing to the average user base who don’t know any better.

            They’re taking umbrage with you agreeing that quantitative usage of a storefront makes something simply installing vs side loading a program. Because it helps Google’s narrative in a way.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              4
              ·
              edit-2
              2 months ago

              I understand exactly what people think the issue is. I don’t understand or agree with any of the logic. Google did not invent the term. Apple did not invent the term. There’s nothing in the term itself to imply anything nefarious. It’s nothing but a word used to describe apps installed from outside the default store. When 99-100% of users are all installing exclusively from the default store, it makes sense to have a term that describes that instead of saying “installing apps from outside the default app store” every time.

              • sem@lemmy.blahaj.zone
                link
                fedilink
                English
                arrow-up
                6
                ·
                2 months ago

                Installing software without a store was just called installing software.

                Sideloading is when you download from the side, e.g. downloading software from a separate device instead of from the internet or physical media.

              • EldritchFemininity@lemmy.blahaj.zone
                link
                fedilink
                English
                arrow-up
                4
                arrow-down
                2
                ·
                2 months ago

                Google is twisting the word to justify their purpose of preventing people from installing anything that isn’t from their walled garden. So anything that sounds even close to support for that motive is going to be met with pushback, even if it is a word that existed before Google’s use of it. Google’s implicitly saying that installing something from anywhere other than their store is something nefarious or otherwise bad/risky. Google is trying to perform the same kind of security theatre as the US with the NSA at airports.

                Honestly, it doesn’t matter to me where you install an app from because you’re simply installing it. Whether that’s from Google’s storefront, Apple’s, or somewhere else, you’re installing an app. The circumstances where I’d need a term to specifically say that I’m installing an app from outside the default app store would also be covered by simply saying “I got it from GitHub (or wherever).” It takes the same energy to answer the question of where you got it from regardless of whether you say that you installed it or you side loaded it.

                • Ulrich@feddit.org
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  arrow-down
                  3
                  ·
                  2 months ago

                  Google is twisting the word

                  How is it being twisted? They’re using it in exactly the way it is intended to be used?

          • track_stick_baboon@lemmy.world
            link
            fedilink
            English
            arrow-up
            5
            ·
            2 months ago

            Installing software from outside the play store should be called installing software. It’s installing software from the play store what should have a special name, like “gatedloading” for example.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              3
              ·
              2 months ago

              Installing software from outside the play store should be called installing software

              Good news. It is!

              It’s installing software from the play store what should have a special name, like “gatedloading” for example.

              Make it hap’n Cap’n. You’re still not invalidating the term of “sideloading”.

          • Grazed@lemmy.world
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            In what way is installing from the play store fundamentally different? Just because it was preloaded on your phone? What if F droid was preloaded on your phone instead? Is it still sideloading? Google’s logic breaks down pretty quickly when you think about it

          • Wrrzag@lemmy.ml
            link
            fedilink
            English
            arrow-up
            2
            ·
            2 months ago

            If you need to be that specific, “installing” as in “installing software from outside the play store”

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              8
              ·
              edit-2
              2 months ago

              We have words for things for a reason. We don’t call doctors “guys who heal people”.

              • Wrrzag@lemmy.ml
                link
                fedilink
                English
                arrow-up
                1
                ·
                2 months ago

                Yet we call people who hold a doctorate “doctors”, and if we need to specify we use terms like “medical doctors” or “doctors in philosophy”.

            • Ulrich@feddit.org
              link
              fedilink
              English
              arrow-up
              2
              arrow-down
              12
              ·
              2 months ago

              Yes, so what do you call it when referring specifically to those apps?

        • scarabic@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          5
          ·
          edit-2
          2 months ago

          It’s not. They already allow multiple app stores so they are not profiting off of every app.

          EDIT: people keep downvoting me like I’m bootlicking or disagreeing. I’m actually trying to understand what the suspicion actually is over ending sideloading. There’s definitely a security case to be made, but people don’t seem to buy that. What actually ARE you thinking?

        • Vespair@lemmy.zip
          link
          fedilink
          English
          arrow-up
          25
          ·
          2 months ago

          Target can track your purchases when you shop at Target, but can’t really do that when you’re shopping at a local store. Same applies here.

          • llama@lemmy.zip
            link
            fedilink
            English
            arrow-up
            4
            arrow-down
            2
            ·
            2 months ago

            But you can’t shop at Target with some random app, only the Target app. Even a small business has an accessible pathway to publish their app. Besides Fortnite and my gimbal nobody out here trying to educate customers on how to install their apk file.

            • EldritchFemininity@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              4
              ·
              2 months ago

              They mean a physical Target store, not a phone app. Target can track customers walking in and out the door and what they buy, how long they stay, etc. but they can’t track anything about you if you just go to a different store, especially something like a small business which isn’t hooked into the ad data sponge.

              • Buddahriffic@lemmy.world
                link
                fedilink
                English
                arrow-up
                4
                ·
                2 months ago

                Also if the CEO of target decides he really doesn’t like a popular shirt and is able to force everyone to only shop at target, then he can come a lot closer to snuffing out the existence of that shirt.

  • Ulrich@feddit.org
    link
    fedilink
    English
    arrow-up
    146
    arrow-down
    2
    ·
    2 months ago

    tl;dr you can still “sideload” via adb.

    This is so incredibly inconvenient as to be meaningless.

    • gaylord_fartmaster@lemmy.world
      link
      fedilink
      English
      arrow-up
      61
      arrow-down
      1
      ·
      2 months ago

      It’s not completely meaningless because if it’s truly the only option I’m going to be using it until I eventually replace my current phone with one with an unlocked bootloader.

      • Ulrich@feddit.org
        link
        fedilink
        English
        arrow-up
        33
        ·
        2 months ago

        I’m afraid that won’t help. There will be even fewer people developing apps specifically for the 0.01% of us using custom ROMs.

        • gaylord_fartmaster@lemmy.world
          link
          fedilink
          English
          arrow-up
          23
          arrow-down
          2
          ·
          2 months ago

          They’re already developing the apps for the 1% of us not just using proprietary apps from the play store. I don’t think this just kills open source app development.

          • Ulrich@feddit.org
            link
            fedilink
            English
            arrow-up
            15
            arrow-down
            1
            ·
            edit-2
            2 months ago

            That’s not who we’re talking about. We’re talking about the 0.1% who have custom ROMs.

            It won’t kill it completely but it will severely hurt it. The more complicated it becomes, the smaller the userbase becomes.

            Apps like Syncthing have already discontinued development due to Google shenanigans + lack of users. That’ll only get worse as the userbase shrinks.

        • JohnEdwa@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          2 months ago

          There are plenty of people developing apps that require root, and users who run those are already jumping through a million hoops of cat and mouse to keep their fucking mcdonalds app detecting it so they can get cheaper coffees and free fries.

          Like seriously, wtf McDonalds, your app is like the ultimate root/safetynet/device id detection tool, I don’t think there exists even a banking app that is as hard to fool.

    • blargh513@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      16
      ·
      2 months ago

      It will be stupid, but I presume there will be a rise in desktop apps or webapps that require you to only plug the phone in and it will handle the rest.

      • gaylord_fartmaster@lemmy.world
        link
        fedilink
        English
        arrow-up
        8
        ·
        2 months ago

        Yeah, if something like Obtanium needs to run on my desktop instead of my phone and I have to plug it in every once in a while, that’s not the end of the world.

        • Sckharshantallas@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          2 months ago

          I think adb can also work over Wi-Fi, just like Android Studio can connect to the phone and build and install without plugging it.

      • KSP Atlas@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        There are already android apps that allow you to ADB into your own phone without root, so you could VERY EASILY just make an app store that utilises that, you only need to install the app from desktop once

    • cmnybo@discuss.tchncs.de
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 months ago

      We already have to do that to install older apps. It’s inconvenient, but not as bad as having to boot up an ancient phone every time you need to use the app.

    • Arghblarg@lemmy.ca
      link
      fedilink
      English
      arrow-up
      3
      ·
      2 months ago

      Perhaps someone could write an ‘adb loopback’ app – get that into the official app store, and said app would then squirt other .apk files through adb on the phone to itself, thus sideloading it.

      • Ulrich@feddit.org
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        2 months ago

        As far as I know, ADB needs to be run on another device which is plugged into the phone.

        I suppose one could write a script/app that detects the device is plugged in, and automatically looks for and installs updates using adb. That would be the least amount of friction.

        • fmstrat@lemmy.nowsci.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          I think you can run ADB on another Android device, so maybe an Obtainium+ADB device that stays at home.

    • hansolo@lemmy.today
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      18
      ·
      edit-2
      2 months ago

      Not at all, just get comfortable with ADB and use Claude to walk you through the steps.

      I see this as an absolute win. /s

      Edit: Y’all, ADB isn’t hard to use. At all.

      • Ulrich@feddit.org
        link
        fedilink
        English
        arrow-up
        9
        ·
        2 months ago

        No one thinks it’s hard. It is, however, as I said, extremely inconvenient and time-consuming to do this every day, and no one wants to do that.

        • hansolo@lemmy.today
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          1
          ·
          2 months ago

          Every day? Who needs to install an app every day?

          Not saying this isn’t annoying AF, it is, but it’s not the absolute lockdown that we all feared.

          • Ulrich@feddit.org
            link
            fedilink
            English
            arrow-up
            3
            ·
            2 months ago

            My guy, have you ever heard of “updates”? How do you suppose they get installed?

            • hansolo@lemmy.today
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              2 months ago

              So just take one day a month and do your maintance. Anything that isn’t from the Play store isn’t exactly getting Dev work every day to patch whatever.

              Whatever, I don’t love this either, but it’s not some absolute deal breaker IMO. Maybe 6/10 dealbreaker. We disagree and thats fine. Now please downvote like you were going to do anyway.

              • Ulrich@feddit.org
                link
                fedilink
                English
                arrow-up
                3
                ·
                2 months ago

                I get several updates/day from FDroid, Obtainium and Accrescent. Some of them are security updates.

  • gnuplusmatt@reddthat.com
    link
    fedilink
    English
    arrow-up
    115
    arrow-down
    1
    ·
    2 months ago

    I’m not sure why google is over engineering this, proper mainline distros have this solved since forever. Let the community setup trusted repos with gpg keys, then let me trust the repos. If Fdroid trusts the package and I trust Fdroid, who should care?

    • Lemminary@lemmy.world
      link
      fedilink
      English
      arrow-up
      123
      ·
      2 months ago

      Probably because they want to target software that cracks theirs to avoid ads, like ReVanced.

      • SaharaMaleikuhm@feddit.org
        link
        fedilink
        English
        arrow-up
        51
        arrow-down
        1
        ·
        2 months ago

        Ding ding ding ding ding. It’s so obvious, it’s because Google wants to be in control and block apps it would rather not exist. Newpipe, FreeTube, Revanced and the like.

      • Xatolos@reddthat.com
        link
        fedilink
        English
        arrow-up
        7
        ·
        2 months ago

        Then why aren’t they already doing that by blocking DuckDuckGo?

        The DuckDuckGo app blocks all apps from sending to Google (and other advertisers) tracking/ad data on a system level. And it’s freely available on the Play Store (has been for years.

        https://play.google.com/store/apps/details?id=com.duckduckgo.mobile.android

        If they wanted to prevent apps from blocking their ad abilities, this app would never have been allowed on the Play Store.

        • littleguy@lemmy.cif.su
          link
          fedilink
          English
          arrow-up
          8
          ·
          edit-2
          2 months ago

          Does it actually block ads in apps?

          Blokada 5 blocks ads in apps and it was removed from the google store years ago. You have to sideload it in order to use it.

          There’s a neutered version on the google store, but it doesn’t block ads effectively.

          Google also removed an addon called Adnauseam, which clicked ads in additional to blocking them. That way, advertisers still have to pay site owners for your visit. Google removed it without justifiable reason, then kept it removed since there was no sufficient backlash.

          It’s the main reason why I switched to Firefox. That kind of abuse is for useful idiots.

        • PeanutBrain@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          2 months ago

          Thank you random lemming, didn’t know about duckduckgo-s tracker blocking capabilities, have it installed now.

    • olsonexi@lemmy.world
      link
      fedilink
      English
      arrow-up
      76
      ·
      2 months ago

      Because it was never actually about security to begin with. That’s obviously BS. Google just wants control.

  • Zak@lemmy.world
    link
    fedilink
    English
    arrow-up
    63
    ·
    2 months ago

    If Google wanted to add developer verification without being evil, it could use SSL certificates connected to domain names. I think the whole concept is ill-conceived, though I’ll admit to a modest bias against protecting people from themselves.

    • tauonite@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      5
      ·
      2 months ago

      They couldn’t. Domains and SSL certificates can be obtained very easily anonymously and thus wouldn’t let Google identify the developers of malicious apps, which is the goal of this

      • coolmojo@lemmy.world
        link
        fedilink
        English
        arrow-up
        28
        ·
        2 months ago

        The trouble is Google’s definition of malicious apps. Are adblockers malicious? How about alternative apps for YouTube? Based on the recent history, I don’t think you will be able to install those apps on the phone you purchased.

      • Zak@lemmy.world
        link
        fedilink
        English
        arrow-up
        12
        ·
        2 months ago

        It provides a way to open an investigation into a malicious developer without giving Google the ability to ban anyone it doesn’t like.

      • Squiddork@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        2 months ago

        Yeah I mean some form of asymmetric encryption/validation would work but it stops the real reason why Google wants to implement this.

    • Kairos@lemmy.today
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      4
      ·
      2 months ago

      The problem with that is that certificates expire before someone would want to keep using the app.

      • xthexder@l.sw0.com
        link
        fedilink
        English
        arrow-up
        5
        ·
        2 months ago

        Code signing certificates work a little differently than SSL certificates. A timestamp is included in the signature so the certificate only needs to be valid at the time of signing. The executable will remain valid forever, even if the certificate later expires. (This is how it works on Windows)

        • InnerScientist@lemmy.world
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          Doesn’t work, the reason they can expire is to make certificate rotation possible. If an expired ssl certificate is cracked it doesn’t matter because no browser will accept the expired certificate, with your idea the expired certificate just signs an app with the date of 1984 and it works.

          Certificates in SSL can’t change the date because that date is signed by a certificate higher in the hierarchy.

            • InnerScientist@lemmy.world
              link
              fedilink
              English
              arrow-up
              2
              ·
              2 months ago

              Then you need a Trusted Third Party, right? Still requires some though on how to prevent that third party from blocking applications they don’t like but I can see how a group of trusted authorities could work.

              • xthexder@l.sw0.com
                link
                fedilink
                English
                arrow-up
                2
                ·
                2 months ago

                The trusted 3rd party in this case is actually multiple 3rd parties. There’s several options for trusted timestamping just like there’s multiple trusted root CAs for SSL. Since the timestamping service is free and public, anyone can use it to sign anything, even self-signed certificates. There’s no mechanism to deny access, at least for this portion.

                There’s always a risk the root CAs all collude and refuse to give out certificates to people they don’t like, but at least so far this hasn’t been a problem. I don’t have a better solution unfortunately. If we could have a 100% decentralized signing scheme that would be ideal, but I have no idea how you would build such a thing without identity verification and some inherit trust in the system

        • Kairos@lemmy.today
          link
          fedilink
          English
          arrow-up
          4
          ·
          2 months ago

          Correction: SSL certificates can expire before someone would want to continue being able to install any given app.

          • Zak@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            1
            ·
            2 months ago

            Sure, the developer needs to keep the certificate up to date and re-sign the APK on occasion.

            • Kairos@lemmy.today
              link
              fedilink
              English
              arrow-up
              3
              ·
              2 months ago

              So any APK I download will just expire at some point in time that’s probably really annoying to know, and then I have to dig through the internet again so I can install the app again?

              • Zak@lemmy.world
                link
                fedilink
                English
                arrow-up
                1
                ·
                2 months ago

                Another option is to allow otherwise-valid signatures after expiration. It’s generally still possible to check them.

              • Pycorax@sh.itjust.works
                link
                fedilink
                English
                arrow-up
                1
                ·
                2 months ago

                If it’s anything like how Windows does it, you would still be able to override it. It just gives you a scary warning and hides the option unless you click “more info” or something.

  • Dr. Moose@lemmy.world
    link
    fedilink
    English
    arrow-up
    54
    ·
    2 months ago

    This is actually worse than integration in Play Protect which can be disabled very easily. Now you can only install unsigned apps via ADB which means just developers can do it.

    • arararagi@ani.social
      link
      fedilink
      English
      arrow-up
      30
      ·
      2 months ago

      And very annoying too since some government apps don’t like it when you have developer mode on.

    • SparroHawc@lemmy.zip
      link
      fedilink
      English
      arrow-up
      15
      arrow-down
      1
      ·
      2 months ago

      Or anyone with a computer who installs ADB. You don’t have to be a developer.

      • Dr. Moose@lemmy.world
        link
        fedilink
        English
        arrow-up
        7
        ·
        2 months ago

        Nah you can’t realistically distribute your app with adb requirement. No one will bother to go through such friction.

        • SparroHawc@lemmy.zip
          link
          fedilink
          English
          arrow-up
          1
          arrow-down
          4
          ·
          edit-2
          2 months ago

          Although you are correct, you still don’t have to be a developer to find use in ADB. I’ve used it and I’ve never been interested enough in developing for Android to do more than install the SDK for it once.

          • Miaou@jlai.lu
            link
            fedilink
            English
            arrow-up
            4
            ·
            2 months ago

            Knowing what an SDK is already puts you in the 1% most knowledgeable users

    • COASTER1921@lemmy.ml
      link
      fedilink
      English
      arrow-up
      8
      ·
      2 months ago

      Leaving ADB open to unverified apps is more than I was expecting. ADB is reasonably straightforward to use even without actually being an Android developer.

      There was never any way they’d integrate it to play protect and still allow play protect to be disabled. I prefer this to being required to use play protect personally, though the services do seem somewhat redundant. Presumably the whole point of doing this is to create an Apple style walled garden (which is of course very profitable). Google likely doesn’t want to fully lock it down and risk legal trouble, they just need to make it difficult enough that the masses don’t bother installing unapproved apps that may not act in Google’s interests.

      I still hope the EU takes legal action against this anyway.

      • Dr. Moose@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        2 months ago

        I don’t think this adds anything tbh as peoppe with adb would always be able to bypass this. The issue is that this kills distribution and thats exactly what Google wants - have full competitive control. Once they don’t like your app they’ll block your account and what do you do with your customer base? Give them adb install instructions? That’s basically a death sentence for any app.

  • 6nk06@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    51
    ·
    2 months ago

    We hope that Google keeps its word and preserves ADB installation

    lol, adb is the first loophole that will be closed.

    • Sckharshantallas@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      2 months ago

      I don’t know, even people here are already considering it a loss of the only way is through ADB, because it’s not practical for everyday usage. But it’s better than nothing.

  • katy ✨@piefed.blahaj.zone
    link
    fedilink
    English
    arrow-up
    36
    ·
    edit-2
    2 months ago

    why can google not just code something like this into android:

    allow apps from:
    ( ) All sources (how it is now; allow each app to install apps from external sources)
    ( ) Just Google Play
    ( ) Apps which have been verified by Google Developer Program

    • palordrolap@fedia.io
      link
      fedilink
      arrow-up
      41
      arrow-down
      1
      ·
      2 months ago

      Option 1 is a potential cause of “lost” revenue.

      Late stage capitalism absolutely forbids anything that could cause that, even if the cost of implementation outweighs any potential gain.

    • SanctimoniousApe@lemmings.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      edit-2
      2 months ago

      Taking Google at their word for a moment, it’s far too easy to scam the clueless masses into selecting the first one. Might work okay if it’s strictly an ADB command, tho.

      • Zak@lemmy.world
        link
        fedilink
        English
        arrow-up
        11
        arrow-down
        1
        ·
        2 months ago

        I’m inclined to think that’s not the job of an OS vendor to prevent. Sure, put a warning label on it, but it’s the user’s device; once they say they know what they’re doing, that should be that.

        • dust_accelerator@discuss.tchncs.de
          link
          fedilink
          English
          arrow-up
          4
          ·
          2 months ago

          The implication here is, if they implement this, is that they volunteer to assume liability, should e.g., your bank account be drained despite undergoing their forced strict lockdown on paid and owned devices.

          Fat chance, because laws are meaningless to crime syndicates

          • Zak@lemmy.world
            link
            fedilink
            English
            arrow-up
            6
            ·
            2 months ago

            It might be a reasonable trade for users to make if Google assumed liability. In fact, that would be an interesting way to implement laws to discourage practices like these.

      • Ulrich@feddit.org
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        2
        ·
        2 months ago

        If someone can be socially engineered into disabling security mechanisms, then that should just be their fate. There’s no sense in fucking everyone else in order to protect them.

        • SanctimoniousApe@lemmings.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          2 months ago

          That would just continue to ensure lock-in, and at least the EU would never go for that (& neither would I). Sideloading should still be allowed.

          Google’s Play Store security has never been all that stellar, anyway.

    • littleguy@lemmy.cif.su
      link
      fedilink
      English
      arrow-up
      5
      ·
      2 months ago

      That would give users choice, and corporations want as many people as possible to be incapable of making decisions for themselves.

    • Steve Dice@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      4
      ·
      2 months ago

      I can see it already:

      () Just Google Play (safe)

      () Verified apps (not recommended)

      Advanced settings

      click on Advanced settings

      () All sources (Unsafe. Will probably kill your cat and burn down your house)

      tick the box

      Are you sure?

      click yes

      ARE YOU SURE?

      click yes again

      ONE HUNDRED PERCENT SURE?

      wait for the 30 seconds timer to count down

      click yes

      ( ) I do not love my cat and want him to die.

      tick the box

      ( ) I accept the very real risk of my house burning down

      tick the box

      Please wait 24 hours for the change to apply. You can reverse it at any time from this menu.

      get spammed every hour for the next 24 hours with notifications asking me to fix my security settings

      get a bigass ⚠️ every time I turn on the phone

      every once in a while the change just straight up reverses and I have to do it all over again

      • Sckharshantallas@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 months ago

        I’d love to play around with something like this, as a programmer myself, but unfortunately the cost is prohibitive in my country.

        • SanctimoniousApe@lemmings.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          2 months ago

          Yeah, that’s why it’s still in the “considering” phase for me as well - especially considering Trump’s tariffs crap. It also seems a tad underpowered for the price, and they still don’t have the promised removable battery replacements in their store.

          It’s worth remembering, though, that the cost covers the constant software updates, as well as their user support. As such, it’s much like the Apple model of business, except much more open - so in the end it’s probably worth it.

  • hendrik@palaver.p3x.de
    link
    fedilink
    English
    arrow-up
    3
    ·
    edit-2
    2 months ago

    So a lot of speculation and we don’t know much except 2 paragraphs in the FAQ… I’d like to mention though, they’ve recently stripped the Pixel devices of their status as developer devices and now push for their emulator for development. Once they follow that kind of logic, there isn’t really a reason to keep ADB working as is, at least not on real devices.