I mean, it always starts with an inch but what people dont get is that compared to the 2000’s we are a mile deep and compared to rhe 80’s we are already in a dystopia.
In the '80s we’d need a building to do a fraction what our phones do now. Even in the 2000s they would qualify as a supercomputer. I guarantee you wouldn’t be able to install whatever you wanted on any of those computers and even if you could, a days wait would be lightning fast in comparison.
Well if you’re in the US you can head down to your LGS, buy a Glock 19 and do some plinking while you wait for the software to install on your phone :/
It appears that the “security wait” will be a one time thing when you first allow installing from unverified sources. After enabling it it will remain on indefiniately.
Not quite as bad as I was fearing, but will kinda annoying.
“Not quire as bad”? My dude, you have to ask for permission from a corporation to install an app on your phone that you supposedly own and paid for. On what planet is this not awful?
I have no doubt that they’re pushing this because it hands then market share stolen from superior devs who distribute via multiple channels and dont ascribe to their top-down philosophy.
Goodby Ubuntu (community), you are now Ukuhaha (greed), freeBSD is now non-free BSD, openSuse/closedSuse, Fedora becomes Baseball Cap, Enlightenment WM becomes Samsara WM, etc.
For real! I used to redo my phone all the time, especially before big trips. I can imagine myself getting ready to go to (insert remote designation here) and I’m sitting in my home office the day before prepping my phone with a fresh slate of travel apps after clearing out all the stale user data. Now if I start too late, I would theoretically have to finish 24h later, perhaps when I’m in Nigeria (frequent power outages) or Germany (different play store rules and feature availability). Just leave me alone already. If someone is really very very scam-prone, you buy them one of those fisher price phones with big huge numbers and no screen, or you put parental controls on the phone.
Yep, it’s pretty bad, it sets a bad precedent, and has me looking for alternatives.
When it was originally announced I got the impression that Google would soon be removing the ability to sideload apps altogether and as I almost entirely use apps installed from “untrusted” sources this would have been a nightmare for me.
So while I think this whole situation is shit, and will almost certainly lead to Google removing the ability to sideload apps in the future, for me the immediate anxiety has been lifted.
You do realize that what you’re saying might’ve been the goal all along? It’s literally an “I’m altering the deal, pray I don’t alter it further” vader moment and you’re saying you’re relieved. Make no mistake, you, me and every single Android user was just fucked over and it’ll only get worse.
I don’t think I made myself clear; I am relievd because I thought I was going to lose access to my apps in the next update cycle. The thought of that filled me with anxiety, but now I have more time to prepare.
I’m hoping that something like lineageOS will be unaffected and will be available for my device before Google remove sideloading altogether
to be fair, this is not “asking for permission”. that’s what xiaomi is doing, but not this. on xiaomi phones, to be able to unlock the bootloader or grant higher permissions to adb, you have to insert a live sim card, log in with an “mi account”, and have the server decide whether you are allowed doing that. for unlocking you additionally have to wait for several days, if you can get the approval process started that is, and hopefully you will be allowed.
unless it turns out this requires internet connection, a sim card, or a google account, this is just a safety procedure. and it’s hard to say but this world is so full of incredibly dumb people that all both need and want to use shiny smartphones for all that convenience and social media addiction, that a safeguard like this is needed.
to be fair, this is not “asking for permission”. that’s what xiaomi is doing, but not this. on xiaomi phones, to be able to unlock the bootloader or grant higher permissions to adb, you have to insert a live sim card, log in with an “mi account”, and have the server decide whether you are allowed doing that. for unlocking you additionally have to wait for several days, if you can get the approval process started that is, and hopefully you will be allowed.
unless it turns out this requires internet connection, a sim card, or a google account, this is just a safety procedure. and it’s hard to say but this world is so full of incredibly dumb people that all both need and want to use shiny smartphones for all that convenience and social media addiction, that a safeguard like this is needed.
It looks like a glorified ‘developer mode’ switch that has the 1 day wait to prevent someone from grabbing your phone, turning on sideloading, installing some hazardous app, and then having their way with your info.
This appears to be the best of both worlds.
Like when unlocking your bootloader wiped your info. Just do it first. not a year in to using your device, if thats your plan.
Sure. Because as we know people grabbing your unlocked phone to sideload apps onto it is an almost daily occurrence. Which of us hasn’t had a stranger install a cryto miner while we looked away for a second.
Get real. This is an imaginary problem affecting the 0.01% they are using to tell you this action is justifiable. Getting more control is the aim of their game
Lmfao. I’ll invent a better way and it will only take me negative 50 years to do it.
Passcode.
There is absolutely nothing positive about this. It is only nefarious, full stop. I could open a million dollar restaurant that served microwaved cat shit, but on the menu it’s called “Tbone Steak” and with your logic, people wouldn’t notice the difference.
When has your imaginary scenario ever been a problem? Can you name a single example where that has happenned? Stop making excuses for corporations fucking over their users.
Until you have to help someone install an app not available to them.
Xfinity stream for example is not on the Chromecast play store, even though an Android build exists on the Fire TV store. I had to guide my dad through this. In this case it wouldn’t be possible for 24 hours.
Had a similar issue with an app not available in a friend’s region.
I could live with the whole flow minus the delay. This is shit, just pure shit.
I think it is a reasonable compromise. They could have made it a day wait for any and every time you wanted to side load like this. It prevents accidental or malicious activation, while also giving you the feature you want with the smallest of roadblocks as confirmation you want it. And you only have to do it one time. I don’t think it’s the burden you do.
People this willing to let a self-enriching corporate nanny state erode their ability to use the products they paid for terrify me.
People this willing to fall for the blatant corporate strategy of “We’ll announce something unthinkable but then backpedal to something “only” terrible (and then probably do the unthinkable thing later now that we’ve encroached further and softened the blow)” for the millionth time confound me.
Show some dignity; jesus christ. This isn’t a “compromise”. Me breaking into your house, threatening to kill you, but then “only” hitting you with a bat and leaving isn’t a “compromise”.
In the sales world, this effect is called “price anchoring” and is used by tons of companies. All those sales you see where something is “marked down 50%!” are using a manufacturers price that does exist in real life to get that 50% markdown. In reality, the sale price is just the actual price of the item but people see the “huge discount” and think they’re getting a deal.
Yup. I’ve heard this first about Home Assistant, but software like this often inadvertently acts like a pacifier for tech enthusiasts. We may have our neat solution for the moment and be content with that, but that doesn’t help anyone else, or us in the long term. Things will get worse with no push-back.
Disclaimer: That’s not to say that we shouldn’t advocate for those tools in the meantime as well. We just shouldn’t lose track of the actual problem.
The US constitution basically guarantees us root access to our own lives (life, liberty, and the pursuit of property/happiness). I’d like the same or better for my devices.
This is a basic balance between the needs of the few, and the security of the many. The benefits of a one day speed bump are far more beneficial for the billions of Android users in the world, and offer no meaningful negatives to those that wish to enable this feature beyond that delay.
I realize that many people here are in or adjacent to IT work, and so are more passionate about these sorts of topics and are well versed in the risks, but in my opinion, allowing a simple, immediate way to bypass all security checks and install whatever you want immediately is a pretty big security hole, even if it is self-created. It makes sense to put those roadblocks up to protect the 99.9% that will never use this feature, as well as those that may activate it not understanding the risk. You may be comfortable with it, and that’s great, but that doesn’t mean every Android should. This is why prompts asking about coercion and not your IT prowess.
Finally. your example is poor. Google is not breaking into your phone and hurting you in way. If anything, it’s like a real estate agent that’s not giving you the keys until the bank opens so your check can clear. It’s a process issue, nothing more.
Your ability to use your device, as you see fit, installing anything you want, is entirely possible with a single one-day delay. As I said, I don’t think it is an unreasonable ask, nor the enormous inconvenience you make it out to be.
It will likely have that effect on some, yes. It will also prevent it from being enabled without knowing the full scope of your ask. But that’s kind of the point— it’s a big deal, and the user should be informed. Not everyone is capable of understanding these decisions immediately and accurately assessing risk.
At some point, there is always, always a compromise between user experience and security, and not everyone is going to like it. But in this instance, I think the benefits of having this process and cool-down period to make the risks known far outweigh the need for immediate gratification by the minority of users that will enable and use this feature.
I don’t believe that this is for the better, nor that this is done in good faith to protect users. They already tried to make it mandatory to go through Google, which is a pretty clear hint of their actual goal.
Google pushes the safety narrative, but this also conveniently entrenches Google as the authority over alternatives and hurts not only FOSS, but also competing app stores from other companies like Amazon, Samsung, or whatever Chinese manufacturers.
Obviously we need to find a middle ground between owning the things we purchase, and not owning them. Having access, but making it annoying is a very reasonable option.
Why? We are paying full price for these devices and nothing in any agreement made at the time of purchase suggests that you don’t own them. Why is it necessary to meet a middle ground between “you got what you paid for” and “you didn’t”?
A reasonable compromise would be not telling people what they can and can’t do on devices they paid for. If Google wants that level of control, they can buy my phone for me.
While I understand your sentiment, with all due respect, they are giving you the control with this process. You’re only mad you have to wait one day one time before you can do it.
I don’t have to do shit, because I Graphene for the same reason I use Linux. I’m not interested in asking a corporation for permission to do what I want.
A one day wait period to install an app on your mobile pocket computer. Fucken bullshit.
Edit: to all the “its one time” defenders, its one time for now. Stop falling for it. It always starts with an inch.
It used to be no time at all. You could just do it. From that perspective they’ve already taken a mile.
From zero to any nonzero value is infinite miles
I mean, it always starts with an inch but what people dont get is that compared to the 2000’s we are a mile deep and compared to rhe 80’s we are already in a dystopia.
In the '80s we’d need a building to do a fraction what our phones do now. Even in the 2000s they would qualify as a supercomputer. I guarantee you wouldn’t be able to install whatever you wanted on any of those computers and even if you could, a days wait would be lightning fast in comparison.
Well if you’re in the US you can head down to your LGS, buy a Glock 19 and do some plinking while you wait for the software to install on your phone :/
sushhh… the shareholders’ imaginary line has to go up.
It appears that the “security wait” will be a one time thing when you first allow installing from unverified sources. After enabling it it will remain on indefiniately.
Not quite as bad as I was fearing, but will kinda annoying.
“Not quire as bad”? My dude, you have to ask for permission from a corporation to install an app on your phone that you supposedly own and paid for. On what planet is this not awful?
This is happening to PCs now too, eg. with the OS ‘age-gating’ laws that IMO only exist to quell competition for MS, Google, and Apple.
I have no doubt that they’re pushing this because it hands then market share stolen from superior devs who distribute via multiple channels and dont ascribe to their top-down philosophy.
I sincerely doubt that will actually come into fruition. There’s no way to force all linux distros to have that. At least I hope there isn’t.
Systemd is pushing age-gating at the init level, which means the majority of Linux will be age-gated, whether they want to be or not.
Also, Amutable wants to add Android-style attestation to systemd, which means if they get their way, the majority of Linux will be as locked down as Android as far as telling you what and what not to install for apps.
Here’s the Lemmy post discussing Amutable.
Goodby Ubuntu (community), you are now Ukuhaha (greed), freeBSD is now non-free BSD, openSuse/closedSuse, Fedora becomes Baseball Cap, Enlightenment WM becomes Samsara WM, etc.
For real! I used to redo my phone all the time, especially before big trips. I can imagine myself getting ready to go to (insert remote designation here) and I’m sitting in my home office the day before prepping my phone with a fresh slate of travel apps after clearing out all the stale user data. Now if I start too late, I would theoretically have to finish 24h later, perhaps when I’m in Nigeria (frequent power outages) or Germany (different play store rules and feature availability). Just leave me alone already. If someone is really very very scam-prone, you buy them one of those fisher price phones with big huge numbers and no screen, or you put parental controls on the phone.
Yep, it’s pretty bad, it sets a bad precedent, and has me looking for alternatives.
When it was originally announced I got the impression that Google would soon be removing the ability to sideload apps altogether and as I almost entirely use apps installed from “untrusted” sources this would have been a nightmare for me.
So while I think this whole situation is shit, and will almost certainly lead to Google removing the ability to sideload apps in the future, for me the immediate anxiety has been lifted.
You do realize that what you’re saying might’ve been the goal all along? It’s literally an “I’m altering the deal, pray I don’t alter it further” vader moment and you’re saying you’re relieved. Make no mistake, you, me and every single Android user was just fucked over and it’ll only get worse.
I don’t think I made myself clear; I am relievd because I thought I was going to lose access to my apps in the next update cycle. The thought of that filled me with anxiety, but now I have more time to prepare.
I’m hoping that something like lineageOS will be unaffected and will be available for my device before Google remove sideloading altogether
Custom ROMs are unaffected, for now, but Google’s gonna find other ways to kill those.
And that is the tactic commonly used to slowly boil the frog.
to be fair, this is not “asking for permission”. that’s what xiaomi is doing, but not this. on xiaomi phones, to be able to unlock the bootloader or grant higher permissions to adb, you have to insert a live sim card, log in with an “mi account”, and have the server decide whether you are allowed doing that. for unlocking you additionally have to wait for several days, if you can get the approval process started that is, and hopefully you will be allowed.
unless it turns out this requires internet connection, a sim card, or a google account, this is just a safety procedure. and it’s hard to say but this world is so full of incredibly dumb people that all both need and want to use shiny smartphones for all that convenience and social media addiction, that a safeguard like this is needed.
to be fair, this is not “asking for permission”. that’s what xiaomi is doing, but not this. on xiaomi phones, to be able to unlock the bootloader or grant higher permissions to adb, you have to insert a live sim card, log in with an “mi account”, and have the server decide whether you are allowed doing that. for unlocking you additionally have to wait for several days, if you can get the approval process started that is, and hopefully you will be allowed.
unless it turns out this requires internet connection, a sim card, or a google account, this is just a safety procedure. and it’s hard to say but this world is so full of incredibly dumb people that all both need and want to use shiny smartphones for all that convenience and social media addiction, that a safeguard like this is needed.
It looks like a glorified ‘developer mode’ switch that has the 1 day wait to prevent someone from grabbing your phone, turning on sideloading, installing some hazardous app, and then having their way with your info. This appears to be the best of both worlds.
Like when unlocking your bootloader wiped your info. Just do it first. not a year in to using your device, if thats your plan.
Sure. Because as we know people grabbing your unlocked phone to sideload apps onto it is an almost daily occurrence. Which of us hasn’t had a stranger install a cryto miner while we looked away for a second.
Get real. This is an imaginary problem affecting the 0.01% they are using to tell you this action is justifiable. Getting more control is the aim of their game
Lmfao. I’ll invent a better way and it will only take me negative 50 years to do it.
Passcode.
There is absolutely nothing positive about this. It is only nefarious, full stop. I could open a million dollar restaurant that served microwaved cat shit, but on the menu it’s called “Tbone Steak” and with your logic, people wouldn’t notice the difference.
Oh yeah, because those guys seriously can’t wait a day
This has nothing to do with security
When has your imaginary scenario ever been a problem? Can you name a single example where that has happenned? Stop making excuses for corporations fucking over their users.
So this feature is disabled if you have a pin?
Until you have to help someone install an app not available to them.
Xfinity stream for example is not on the Chromecast play store, even though an Android build exists on the Fire TV store. I had to guide my dad through this. In this case it wouldn’t be possible for 24 hours.
Had a similar issue with an app not available in a friend’s region.
I could live with the whole flow minus the delay. This is shit, just pure shit.
One day wait period to enable installing third party apps. Afterwards no extra wait time or verification.
For now. Don’t fight to give them an inch
There shouldnt be any wait. Its stupid and completely arbitrary
I think it is a reasonable compromise. They could have made it a day wait for any and every time you wanted to side load like this. It prevents accidental or malicious activation, while also giving you the feature you want with the smallest of roadblocks as confirmation you want it. And you only have to do it one time. I don’t think it’s the burden you do.
People this willing to let a self-enriching corporate nanny state erode their ability to use the products they paid for terrify me.
People this willing to fall for the blatant corporate strategy of “We’ll announce something unthinkable but then backpedal to something “only” terrible (and then probably do the unthinkable thing later now that we’ve encroached further and softened the blow)” for the millionth time confound me.
Show some dignity; jesus christ. This isn’t a “compromise”. Me breaking into your house, threatening to kill you, but then “only” hitting you with a bat and leaving isn’t a “compromise”.
In the sales world, this effect is called “price anchoring” and is used by tons of companies. All those sales you see where something is “marked down 50%!” are using a manufacturers price that does exist in real life to get that 50% markdown. In reality, the sale price is just the actual price of the item but people see the “huge discount” and think they’re getting a deal.
Long live lineagos
Things like LineageOS are a workaround, not a solution.
The solution has to be legal, not technical. Companies have to be stopped from trying to fuck with users’ property rights in the first place!
Yup. I’ve heard this first about Home Assistant, but software like this often inadvertently acts like a pacifier for tech enthusiasts. We may have our neat solution for the moment and be content with that, but that doesn’t help anyone else, or us in the long term. Things will get worse with no push-back.
Disclaimer: That’s not to say that we shouldn’t advocate for those tools in the meantime as well. We just shouldn’t lose track of the actual problem.
The US constitution basically guarantees us root access to our own lives (life, liberty, and the pursuit of property/happiness). I’d like the same or better for my devices.
People get what they pay for.
Hyperbole much?
This is a basic balance between the needs of the few, and the security of the many. The benefits of a one day speed bump are far more beneficial for the billions of Android users in the world, and offer no meaningful negatives to those that wish to enable this feature beyond that delay.
I realize that many people here are in or adjacent to IT work, and so are more passionate about these sorts of topics and are well versed in the risks, but in my opinion, allowing a simple, immediate way to bypass all security checks and install whatever you want immediately is a pretty big security hole, even if it is self-created. It makes sense to put those roadblocks up to protect the 99.9% that will never use this feature, as well as those that may activate it not understanding the risk. You may be comfortable with it, and that’s great, but that doesn’t mean every Android should. This is why prompts asking about coercion and not your IT prowess.
Finally. your example is poor. Google is not breaking into your phone and hurting you in way. If anything, it’s like a real estate agent that’s not giving you the keys until the bank opens so your check can clear. It’s a process issue, nothing more.
Your ability to use your device, as you see fit, installing anything you want, is entirely possible with a single one-day delay. As I said, I don’t think it is an unreasonable ask, nor the enormous inconvenience you make it out to be.
It’s my device. If I want to brick it I should be able to.
I don’t need google telling me what I can put on this fucking phone I bought and paid for.
And they’re not. Load all the unsigned stuff you want after you wait one day. Again, I don’t see how this is a huge burden to ask.
It sure is a completely unnecessary burden designed as a deterrant.
It will likely have that effect on some, yes. It will also prevent it from being enabled without knowing the full scope of your ask. But that’s kind of the point— it’s a big deal, and the user should be informed. Not everyone is capable of understanding these decisions immediately and accurately assessing risk.
At some point, there is always, always a compromise between user experience and security, and not everyone is going to like it. But in this instance, I think the benefits of having this process and cool-down period to make the risks known far outweigh the need for immediate gratification by the minority of users that will enable and use this feature.
I don’t believe that this is for the better, nor that this is done in good faith to protect users. They already tried to make it mandatory to go through Google, which is a pretty clear hint of their actual goal.
Google pushes the safety narrative, but this also conveniently entrenches Google as the authority over alternatives and hurts not only FOSS, but also competing app stores from other companies like Amazon, Samsung, or whatever Chinese manufacturers.
What is it a compromise between? People who think they own the thing they paid for and people who don’t?
Obviously we need to find a middle ground between owning the things we purchase, and not owning them. Having access, but making it annoying is a very reasonable option.
Why? We are paying full price for these devices and nothing in any agreement made at the time of purchase suggests that you don’t own them. Why is it necessary to meet a middle ground between “you got what you paid for” and “you didn’t”?
that was a very obvious joke
Poe’s law. You should have used tone indicators…
Because everything must get worse.
I realize you are making a joke, and I agree that purchase is always better than subscription. Everyone in this situation owns their device.
But that doesn’t mean an easy to activate security bypass should be made available to everyone with no guardrails, either, should it?
A reasonable compromise would be not telling people what they can and can’t do on devices they paid for. If Google wants that level of control, they can buy my phone for me.
While I understand your sentiment, with all due respect, they are giving you the control with this process. You’re only mad you have to wait one day one time before you can do it.
I don’t have to do shit, because I Graphene for the same reason I use Linux. I’m not interested in asking a corporation for permission to do what I want.