this post was submitted on 07 Oct 2024
512 points (98.5% liked)
Technology
59569 readers
3825 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Tldr for those who are confused, since Android already does support side loading and even seamless updates for third-party app stores (like Droid-ify, etc), these are mostly legal changes.
Basically Google can't force Google IAP as the only method of payment in apps anymore, can't block companies from advertising how to find them on non-Play Store android app stores. So good changes overall.
Also when you download third party apks, on Android, while it's still relatively easy to do, it does give bit of a scary warning saying security issues are on the user for doing so. This creates the assumption that Play Store is the only secure way to get apps on Android, and the OS gives all sorts of special security exceptions to the Play Store for that. Obviously other secure app stores can exist, so this can be seen as an anti-competitive method since Google is exempt from their own scary apk install message.
Mostly fair, but I'll push back on the security issue.
Side loading an apk is extremely dangerous, and an easy attack vector.
While there are plenty of malicious apps that make it on the Google store, they do attempt to do some automated and even manual curation. This is fact.
I think it's wholly appropriate to warn the user that they're bypassing that standard, if imperfect, Google security coverage. And granting extensive app permissions is done at your own risk.
3rd party app stores may do their own security curation as well, and it's up to them to communicate that and educate their users on why they still get the Google warning.
You could make exactly the same argument for installing software onto your computer, it is an attack vector and going through microsoft's store or your distro's repos gives a level of curation. So should desktop users be prevented/scared off from installing what software they want because it's a security issue?
You mean that warning that they all give when you're installing a 3rd party app? And the warning is more aggressive when it's an unregistered (licensed?) App.
They all do it. Windows, MacOS for sure. I don't remember seeing it on Linux, but I'm usually not installing sketchy binaries on Linux.