What % of Android users actually want this? Do they know or care?
I've been using Android since 2010 because it was open in ways that the Apple ecosystem wasn't. I do not want this and imagine hardly any other power users (for lack of a better term) do. I'm already using a mostly deGoogled device but this really seals the deal. I have been longing for a true Linux phone for years and now seems like a good time to get serious about the search and migration plan.
Tbh I do not think the idea is to "police" you, I do believe he means to show that "side load apps" is a corporate speech to say "don't do this, but we allow it". However it's literally just installing software.
Let's apply the "side load" apps logic to Desktop applications, imagine you have to pass for an entire process just to install an app you downloaded?
When you jay walk you take the risk of being hit by a car, causing injuries to you, to the driver, and to other nearby people.
So I don't understand your analogy? Are you suggesting that pedestrians own the streets and should do what they please, as users own their phone and should have the right to do as they please? Or something else?
The term jaywalking was invented (or possibly hijacked) by automotive lobbyists as part of a campaign in 1910s and 1920s to convince the public and the lawmakers that crossing streets outside designated points is bad and should be made illegal. Before then, it was generally considered basic human right to walk anywhere on a street. Whether you agree that jaywalking is bad or not, that's the history of the term.
Grandparent is saying that the term sideloading was invented in a similar fashion to delegitimize a previously completely normal way to use an electronic device.
"Jaywalking" is one of those things that's uniquely American. Most other countries have realized that the risk of being hit by a car is its own deterrent. Or restrict the legal ban on crossing to highways, not all streets.
The UK Highway Code has a RFC-like use of MUST/SHOULD; MUST parts are legally binding, the parts relating to pedestrians are SHOULD.
Jaywalking is only illegal if there's a crossing less than 50m away. (And even then it's only a misdemeanor, not a crime).
That also means that city planners have to balance between people jaywalking, putting crossings everywhere, and how crossings slow down traffic.
And every time a car makes a turn, pedestrians automatically have priority. Which creates an implicit zebra crossing.
The only roads exempt from this are autobahn/motorways. These are by law prohibited from having direct access to anything.
That's IMO also a way for the US to get out of its current situation. Set up a rule like that, with a large distance at the beginning, and slowly reduce it over the next few years, forcing local planners to introduce additional crossings, which also reduces through traffic. The separation of streets vs autobahn also mostly prevents stroads.
> And every time a car makes a turn, pedestrians automatically have priority. Which creates an implicit zebra crossing.
Only for turning traffic, though, i.e. as a pedestrian you still need to yield to traffic coming from the side street. There was some talk of having pedestrians participate more fully in right-of-way-rules, too, i.e. if the side street has a yield/stop sign, traffic would have to yield to crossing pedestrians, too, but so far that idea didn't get anywhere.
I believe most jurisdictions in the US have largely the same framework. At least everywhere I've lived all street corners were implicit pedestrian crossings with a legal requirement (often blatantly ignored) that vehicles yield. Similarly jaywalking is a misdemeanor and only applies within a certain distance of a crossing.
The only situations where it's enforced (from what I've seen so obviously biased) is major highways, city streets with dense traffic and a marked crossing within half a block, and when they want to search someone for contraband. In the latter case it's just an excuse to stop and harass you in the hopes they will manage to generate sufficient articulable suspicion to justify a search.
Yeah, I'm willing to use my brain and look at incoming cars and just walk when it's empty and safe to do so? Where's the problem in that? I have eyes and can judge distance and speed?
Yeah. Computing freedom to have a root shell and do as I please is the entire reason I put up with Android. Google is positioning Android to just be nothing more than a worse iOS. There's pretty much no point to it anymore.
Same. If Google does this, my next phone will be an iPhone. Freedom is the only reason to put up with Android's shittiness. If they turn it into a walled garden, then we'll choose the better kept garden and it sure as hell isn't Google's.
GrapheneOS is Android's last hope. They're making great progress with deals with smartphone manufacturers. However, the threat of remote attestation looms eternal. I have essential apps that I cannot afford to lose and if they refuse to work on a non-Google phone the usefulness of GrapheneOS is severely degraded.
If attestation ever became ubiquitous the difference between iOS and Android would cease to exist for me. I'd need a black box that lived in a desk drawer for interfacing with specific services and otherwise I'd cart around a camera in my pocket that happened to double as a linux tablet.
No, the solution is having a linux micro-computer. You buy an iPhone shitphone to do banking and whatnot, and never touch it, then just do everything you need off a retroconsole since it runs literally 120% of the other apps a phone would.
Yeah, some bits (parts of the GUI & some of the default apps) are still closed.
But I think there is a good chance they will finally open those now - never really made any sense to keep them closed and preventing the community from contributing. Rumors had it it was due to non-cooperative investors.
Not Jolla is finally independent again, so at least in theory they can finally do the right thing. :)
I switched from iOS to Android about three years ago. I saved all the APKs for everything I installed (or updated) on that first phone. When I got a new phone last fall it was pleasantly like getting a new PC. I imported my SMS and contacts from my last backup (taken with an open source took I'd installed from an APK), then installed all the apps I use and imported or manually set any settings I wanted to customize.
Every non-stock app on my phone was installed from an APK directly downloaded from the manufacturer or open source developer's site / Github releases. I've never had a Google Play account and have never used any Android "app store".
The biggest pain was having to manually logon the couple of sites I allow to keep persistent cookies since device owners aren't allowed to just import/export cookies from mobile Chrome.
It has been a very nice experience. I appreciate the feeling of sovereignty and ownership of my device (even though it does have a locked bootloader and I don't actually have root).
I did something similar. Wanted a Pixel with Graphene OS but the screen hurt my eyes. Went with a Motorola with an IPS screen. Uninstalled or disabled all the crap. Never logged into Google. Went with Obtanium and F-Droid for most software. Aurora for a couple of apps that were only on the Play Store. Used NetGuard with a whitelist to lock it all down.
After all that was done, the phone felt like mine in a way that my iPhone doesn't. Was a good feeling. With luck, the Motorola + Graphene partnership will produce phones with screens better than the Pixel and I can keep doing this.
I ended up with a Motorola phone, too (albeit with an AMOLED screen so not the model you have). I got hooked on Motorola phones because of the "chop/chop" flashlight gesture. I don't think I can use a phone without that gesture ever again! >smile<
I'm hopeful, too, re: Motorola + Graphene. I wanted to use Graphene last fall wehn I got the new phone but I was committed to not giving Google any money.
It may be worth checking Motorola's OLED models in person (for example the Razr Fold, Razr Ultra and Signature) so see if their Flicker Prevention mode helps. I don't think any IPS models are likely to be supported in the first wave/generation of supported devices in 2027.
I have a Razr 2024 with the pOLED screen. It's bearable with Flicker Protection on, though not nearly as comfortable as an IPS. Heard good things about their AMOLED so will give it a chance if they don't support Graphene on an IPS model.
That is true but they are also some of the most vocal advocates of certain systems. It is a king of trust errotion that doesnt show up for a very long time but by the time it does it is too late to reverse.
Tge flipside of that is that Google and Apple have no viable alternatives. It would take years to build what they have.
It took Huawei about 5 years with Harmony OS to do it but odds if that making it far out side of China is limited.
A large portion of which are using it in a feature phone capacity. Many only use smartphones because it’s what their carrier gave them after their old candybar dumbphone either broke or became unable to connect to cell towers.
The other groups are those who use it identically to how they would iOS (and don’t root or sideload), those that use it as computer replacement, and those who just like to tinker. Those last two groups are a tiny, tiny sliver relative to the others.
Especially once you start counting car entertainment systems, POTS terminals, digital signage, and hundreds of other classes of devices that are not genera-purpose toys.
The share of power users on iOS might be larger than expected because a lot of people working in tech fight computers for a living and prefer their phones to be simple appliances assigned to a relatively focused set of tasks.
You are talking not about Apple's walled garden. Don't confuse a skilled power user with a pesky celebrity who always prefers one button over two buttons because of complexity issue.
I am, though. Someone who uses their phone for mail, chat, music, and calls with everything else being done on a proper computer has little to gain from sideloading, and plenty of computer power users use their phones that way.
I know because I’m one of them and something like 70% of my SWE colleagues I’ve known — including Android users — fit that description too. Most have never sideloaded anything and maybe 20% have flashed their phone with an alternative ROM or rooted at some point.
An individual being good with computers or even being capable of programming has little bearing on if they’re also a phone power user.
Why installing software for power users should be in a sideloading form?
Maybe the sideloader is a power user in comparison to the celebrities, but who is a real power user is those who can to sideload without the sideloading. Power users of your smartphone are: top-management of the vendor, the Government and 0-day scene. Sideloading actor IMO is just a poser to the idea of a power user.
> What % of Android users actually want this? Do they know or care?
If Apple announced that they were going to allow installing apps like how you can install APKs you will have a whole group of people on here arguing against it because they want Apple to have control over everything. You could have seen those people in action on the Epic v. Apple and Digital Markets Act discussions.
Not sure why your observation was received poorly. It's true. If they actually wanted to fight bad actors they could (for example) introduce a voluntary verification program where an app cost $$$ per year to list, is permitted only a fixed number of updates per year, and the uploads are manually audited by an actual person. This would add a second tier to the app store.
Just to drive the point home. Not that you would do this but you _could_ even implement such a system fully anonymously - with uploads via tor and payments via XMR - and it should still work just as well.
Add in a third even more expensive tier for those providing source code to the auditor where google verifies a signed deterministic build the same way fdroid does. Now clearly mark the three different tiers in the app store.
And if they went this route the next logical step for highly sensitive stuff like banking and password management would be a fourth licensed and bonded tier where a verified individual located in a friendly country took on liability for any fraud or other malpractice. That tier would be the equivalent to the situation for civil engineers.
Instead we're stuck in a reality where I don't trust sourcing password managers (among other things) from the play store. Those only ever come from fdroid for me - you know, an actually secure model for how to do app distribution and verify builds.
Financial incentives aside, a higher assurance tier on the app store would enable me to tell my relatives "all apps that handle money or government details will always have this mark next to them" among other things. Whereas the current situation has me actively investigating moving them over to graphene.
Significantly larger than the number of users wanting to sideload.
There are millions of people affected by targeted scams every year, significantly outnumbering the non-developer sideload community. Especially when you take into account that the sideload community doesn't all use Google Android and isn't affected by this.
Do we think that maybe the 3,732 people who responded to a poll on Mastodon by an account centered around one side of this disagreement might potentially not be a representative sample of all Android users?
It's a bit hard to poll 4 billion devices, but out of all 4 billion devices I think it's safe to assume that the percentage of users who do care can be rounded up to maybe 1% at most.
Developers and enthusiasts are an extreme minority that's incredibly vocal. I think most people here disagree with Google's approach but too many people are pretending like their interests and use cases are significant on a "half the planet" scale.
Perhaps. And yet … 98% opposition from 4K respondents? I'd be very surprised to see any other poll that tilts the other way, regardless of sampling bias.
Google/Android don't want AI bots spamming marketplaces with dodgy apps.
Tie in the app to a verified identity/individual and it makes the audit process easier as well as engagement with authorities from the user's country if required (e.g. app facilitating child abuse).
I'm going to go on a limb and say that the amount of apps dedicated to facilitating child abuse is close to 0, and the popular apps from verified developers being used for child abuse is close to 100%.
I suspect that this is less driven by users and more driven by institutions. Banking trojans distributed via sideloading are a big problem. Banks are unhappy that their users are getting their shit stolen because some other app is squatting on 2fa codes or whatever. They'd rather that their apps are not installed alongside apps that are more likely to be malware given that there isn't a private channel for auth codes for the vast majority of users.
This change on its own doesn't make Google Android builds less open. It does the opposite. Now people can download apps directly from the websites of the publishers without getting a scary warning on Google Android builds. That's all this does.
Separately, they're going to increase friction the first time you allow installing apps outside of the Play Store or via this mechanism and also decrease friction on subsequent times, also on Google Android builds.
Android is becoming more Apple-ized everyday; it's horrible and more and more APIs get neutered or disappear, further limiting functionality available to developers.
Even if Android is as closed as iOS, it will never be the same. Cos business models are different. Google's business is behavioural ads. Apple's is hardware. And even their software services depend on that hardware.
But but but it is for your security! You need to be protected!
Android isn't open source for a while. They started by pushing device certification which crippled any abilities of OEMs to make a better framework. Then they took many of the opensource packages out of android and redistributed as applications that they controlled via play services.
Then they made it harder to publish packages and created tons of rules that they can arbitrarily decide to cut ties with you or remove your remuneration.
What they are effectively doing now is to remove any ability of individual developers to push applications. Some will say the costs ain't that high, but (1) maybe not in USD dollars for Americans and (2) both Google and Apple will push those numbers way up high soon.
Even if that is not the case, if you don't agree with anything and you decide to have your own version of your family wiki, messenger or anything, they will be able to tell the authorities about it.
> What % of Android users actually want this? Do they know or care?
Bold of you assuming they're doing for users. It's fear-mongering at its finest - using the threat of security to install more control that has little to no protection against the said threats.
Now you might say it's going to raise the bar for the scammers, but nobody is going to be spending time on writing scam or malware for a few bucks. When the reward is high, they can just pay out already verified developers to distribute their builds under their accounts, or just find a workaround (fake ids?) which could be still way cheaper than the potential revenue potential of a successful attack. It's just an inconvenience that didn't existed before.
This is just a policy directly targeting the legit developers distributing apps to work around some of the platform's limitations (ie. uncrappifying youtube). They were previously free to share the workarounds they've developed for themselves since it was just as easy as sharing your APK. Now with added threat of losing your developer account and probably being perma-banned from google, those devs are less likely to continue distributing their workarounds.
It's not about users, it's about a single judges idiotic ruling that Google play store is a monopoly, and the Apple app store is not.
Different judge you say? You're right. But when Google in their appeal asked the judge why the app store isn't a monopoly, the judge told Google with a straight face
"You can't be anti-competitive if you have no competitors."
Pretty much everyone would hate it if a relative lost their life savings to a scammer, though they may not know it yet.
The idea isn't to protect the power users or average users. It's to protect the most vulnerable. Android is for everyone. Us power users will have a minor speed bump, but we can deal.
Android is for everyone, provided they submit to Google exclusively. It's not about power users, and that isn't a speed bump. You can protect vulnerable users without centralizing power like they did, but that's not their motivation so here we are.
People will erroneously complain about all sorts of things. Doesn't mean you should act.
Anyway in this case it's nothing more than a thinly veiled excuse to justify making ecosystem changes that are in their favor. They aren't acting in good faith.
Do people complain about being scammed with Windows or macOS? Apparently not. So they probably also don't complain about Android. The security seems more an excuse to become more closed. Like iOS.
Saying that computer/OS manufacturers should prevent malware is effectively equivalent to saying that they should not sell general purpose computers to the public. A general purpose computer is one that can run any program the users tells it to, which necessarily includes one that's malicious.
That doesn't necessarily preclude helping the user to notice when they're doing something dangerous, but a waiting period before the computer becomes general-purpose seems pretty extreme.
The general consumer does not care about the distinction of if a product is technically a "general purpose computer" or not. They care about if the device is able to do what they want from it, providing them value.
> Saying that computer/OS manufacturers should prevent malware is effectively equivalent to saying that they should not sell general purpose computers to the public.
(in Gilbert Huph (Wallace Shawn) voice) Yes, precisely!
>Companies shouldn't wait to solve issues like this
Unless you built your house yourself, you should expect the construction company to be responsible for verifying the identities of anyone entering your house. Asking for a passport and a one time payment, just in case the person who rings the bell may not be a friend.
That should be proactively helping you in case you're a vulnerable homeowner. Not checking in on every visitor would be evil, no?
I lived in an apartment building, and one of the upsides was that the building had a security system and a front desk that helped control who could be wandering down my hall.
But we, owners, collectively choose that. We choose the security company, we pay then, we can vote them out. Most importantly: the construction company has zero say in this.
Also, no one actually check the IDs of my friends, and they don't have to pay the construction company when they first come.
I give the codes, they ring, I open. I hire a company to monitor the building but I can kick then out any day.
> Companies shouldn't wait to solve issues like this - they should be proactively helping their most vulnerable users.
I think they should help their median users and empower their power users, and they should absolutely throw a few "most vulnerable" users under the bus if that's necessary. Otherwise you think about banning kitchen knives to protect the "most vulnerable users" who are too stupid to handle a knife. No, we shouldn't do that. Their stupidity should be their problem, not our problem.
Some degree of collateral damage must be accepted to maximize the expected value of a product or service. Minimizing risks can't be the top priority. Don't ban kitchen knives. What you are effectively arguing for is transforming both Windows and macOS into a closed iOS. Don't do that.
> Do people complain about being scammed with Windows
They do. They absolutely do. Where have you been in the last 20 years? Windows has had a reputation as an unsafe ecosystem for decades. Even amongst non-tech people. And even with the various exploits the biggest source of viruses on windows was always that, lacking a proper channel to distribute applications, they had trained their users to double click any .exe on the internet and the next>next>next in whatever installer. I don't agree with the tightening of developer account requirements, but this argument doesn't hold at all.
> They do. They absolutely do. Where have you been in the last 20 years?
The last time I heard these complaints were before Windows XP Service Pack 2, which added automatic Windows updates and ended the flood of viruses like Sasser or MyDoom.A. That was more than 20 years ago. On top of that, Windows Vista later added an integrated virus scanner and UAC dialogues, which gave you a big warning whenever you wanted to open an executable file. I haven't heard of any widespread viruses since. Nowadays most people don't even need to install software because most things are SAAS/cloud and run via the browser now.
Now the biggest "security issue" seems to stem from not-so-bright users being convinced by phone scammers to transfer them money or something like that. I don't think this is a problem with Windows.
I've been using Android since 2010 because it was open in ways that the Apple ecosystem wasn't. I do not want this and imagine hardly any other power users (for lack of a better term) do. I'm already using a mostly deGoogled device but this really seals the deal. I have been longing for a true Linux phone for years and now seems like a good time to get serious about the search and migration plan.