Ask HN: Is synthetic data generation practical outside academia?
4 points by cpard 9h ago 2 comments
Ask HN: Has anybody built search on top of Anna's Archive?
284 points by neonate 3d ago 146 comments
Google restricts Android sideloading
415 fsflover 320 6/5/2025, 4:29:02 PM puri.sm ↗
AFAIK this only applies within Singapore (not sure if this applies to visiting devices) for apps requesting certain permissions (RECEIVE_SMS, READ_SMS, BIND_NOTIFICATIONS, and accessibility) downloaded outside of app stores (F-Droid is fine) and opened directly on the device (adb install is fine).
You can probably bypass the restriction by just disabling Play Protect if you don't want Google to tell you what you can and cannot install, but I'm not in Singapore so I can't confirm if that will work or not. That said, Google has made it impossible to disable Play Protect while on a call, that's probably a smart move.
Based on this article from the Singapore police, the approach doesn't seem to have helped much: https://www.police.gov.sg/media-room/news/20250417_police_ad...
> In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.
> Pang is just one of tens of thousands of Singaporeans to fall foul of scams last year, who lost a total of S$1.1bn, according to police, a 70 per cent increase on the previous year. The true figure could be even higher, according to the Global Anti-Scam Alliance, which estimates that more than two-thirds of Singaporean victims did not report their experience.
> This is a small part of a global criminal enterprise worth an estimated $1tn, but Singaporeans, affluent, digitally advanced and compliant, are particularly vulnerable to these scams. As one person involved in the recovery of assets put it: “They are rich and naive”.
https://archive.is/fCmW1
This is blaming the victim, and I'm not having it.
The problem has been that BankCorp are all forcing us into online pathways because it's cheaper for BankCorp. Of course, they don't put good security on the pathways because that would dramatically increase the customer support cost for BankCorp. Getting scammed is "just sucks to be you" because that costs LittlePlebian.
The "solution" is that liability for these kinds of scams need to be on BankCorp, period. LittlePlebian simply cannot be expected to protect themselves from every professional scammer in the universe beyond very basic measures. Bitcoin people regularly get scammed and they are supposedly more "sophisticated" than the average bear. Nobody less sophisticated stands a chance against the professionals.
> Powered by PureOS, a Debian-based Linux operating system, the Librem 5 and Liberty Phones
Can their devices run APKs? The only Linux distro I know of that does is Sailfish, whose weird licensing model makes it really hard to take advantage of unless you have an obscure, obsolete phone and flash it with the image they sell.
To their credit, Purism has invested more into touch Linux with Phosh than most others in the space have, but Linux on a touchscreen is still a befuddlingly garbage experience.
Unless their experience is impacted by the features they're writing about (which it doesn't sound like it is), this post is just trying to make its mainstream alternative sound bad in the hopes that someone buys their crap instead.
It's definitely worse than an iPhone, but you're greatly exaggerating. Sent from my Librem 5.
Because this is not going to be super positive for them on that front.
> victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads.
I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers, especially when users have gotten habituated to ignoring incessant safety warnings caused by attempts to protect users.
I also keep wondering how safe the Play store is from this stuff. The very existence of obscenely detailed public GPS datasets about Android users show that even "official store" apps are somewhat malicious.
I don't see a real solution besides giving a smart and friendly 3rd party admin rights over the devices of susceptible users.
Convert to a one-time escape hatch unlock via a random-question quiz hosted by Google that assesses security and computing knowledge?
If the intent is to prevent the dumbest users from doing something, then a good place to start would be an assessment to determine if a user is actually dumb or not.
It's oxymoronic to attempt cover-all methods that encompass both (a) advanced users who do want to sideload & (b) people who will type in anything the internet tells them will make a cracked app work.
Then the staff (or a chatbot) could be trained to intervene and confirm that the caller is not getting scammed.
Phone vendors could also be licensed to use a simple web interface to do this at the shop if the buyer requests, and the vendor license would be logged so if the user gets scammed immediately after unlocking it's not anonymous who helped them get scammed.
Similar to Root, really, but mid-tier since enabling Root involves giving up some other security assertions.
https://techcrunch.com/2024/02/07/google-starts-blocking-use...
There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
I don’t see the full details but this implies that it’s still possible for advanced users to side load whatever they want. They don’t want to make it easy for the average user to start sideloading apps that access SMS permissions or accessibility controls.
If it takes a few extra steps for the advanced user to sideload these apps that’s not really a big infringement on freedom like this purism PR piece is trying to imply. Unfortunately sideloaded apps are a problematic scam avenue for low-tech users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
This explains why it’s only in Singapore for now.
Even if some technically inclined folk can install what they want, the masses will stay in the walled garden so that Google can get their cut and exert ideological control. Even now, both Google and Apple engage in practices across their product that are designed to scare people away from third party applications. From Google's terminology when describing Google in banners as "a more secure browser" etc, to Apple requiring a secret incantation in order to run unsigned apps.
All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Your comment seems to disregard it and instead lay this entirely at Google's feet as if they're seeking anti-competitive behavior - but if this was driven by a government, does Google really deserve all the blame?
(Note that I am explicitly not endorsing the move. I think sideloading should be left mostly untouched.)
Could mean anything from reluctant to opportunistic.
Because it's irrelevant.
> but if this was driven by a government, does Google really deserve all the blame?
Of course. If the government ordered Google to assist in a genocide against some demographic, and Google goes along with it, it doesn't matter if the government is also evil. Google is evil for playing ball.
And we don't have to speak in hypotheticals. Both Google and Amazon are actively engaging in tech-assisted genocide.
https://www.aljazeera.com/news/2024/4/23/what-is-project-nim...
I have boycotted Amazon for a while now and I'd boycott Google too if it wasn't so pervasive in my professional life.
The walls should have open doors, though, versus prison bars. Physical switches on devices (much like older Chromebook devices had) used to opt out of the walled garden should be mandated by consumer protection regulations.
I personally think there should be (I value individual rights/freedom over preventing someone from harming themselves), but I also see why we ended up here. When bad things happen, people demand action and government wants to be seen as doing something.
Have the EU counterbalance this closing with extra fines for anticompetitive behavior.
I don’t want to live in the same society as the person that wrote this asinine comment with this much confidence. We are just ideologically incompatible
For example, it could be regulated that if the flip is switched (or a fuse is blown irreversibly) on a device, responsibility for the device and its software fall entirely onto the owner. So if they get phished on an unprotected device and lose their life savings, it's entirely on them. Manufacturers and service providers have no obligation to support them.
I think efuses being blown by device manufacturers should be illegal.
I think bootloaders that don't allow the device owner to run whatever software they want should be illegal.
I think device owners should be permitted to repair their devices without losing functionality because of DRM embedded in the parts themselves.
I think a physical switch, exercisable only with physical access, should be present on locked-down devices to allow the owner to exercise their ownership over the device. If that means that "attestation" functionality breaks and that causes some third-party software to "break" so-be it.
(I think the problem with banks, etc, requiring "trusted" devices is also in the realm of consumer protection, probably in banking regulation. I haven't thought about it deeply.)
I don't think they cheeref at the arrival of the Microsoft Store on Windows, for example.
That's what's pushed for on the current smartphones, and they accept it; they easily don't see the problems, and it can seem complex for them to avoid it.
I agree with you. However, the impact of scams should not be underestimated either.
Attacking the problem by reducing user freedoms and increasingly monopolistic control is not the answer, even though Google's PR department would tell you otherwise.
So the question on if this effectively reduce scams is the first question to answer.
The correct way to do it would be to whitelist other good stores, and allow developer mode installs with an extra process that says explicitly I am extra sure this may be danger, but no. This would reduce Google's income streams.
The way I see it, it must be attacked the way default Internet Explorer was attacked.
More like fighting teen pregnancy by mandating chastity belts... With the same ultimate problems too: those most determined to overcome the block will make use of bolt cutters or their digital equivalent.
The actual way to stop the scammers would be to sanction their host countries into oblivion: India, Philippines and Myanmar are big in targetting English speaking countries, and Turkey when it comes to German speaking countries. Scammer Payback alone has made so many complaints with very little follow up from local authorities, partially due to open corruption. Either these countries clean up their act or they get dropped from SS7 (phone) and the Internet. But I see no way of this ever happening.
[1] https://stackoverflow.com/questions/21692646/how-does-facebo...
Only certain permissions actually matter. That's one of three.
But "only in singapore so far" is not reassuring.
And "downloaded via certain paths"? Browsers and file managers are the normal ways to put files onto a phone. That doesn't reassure me at all.
I'm sure making it harder to obtain software outside a first-party app store provides some protection to some users from scams, but I really don't want that to be the answer. I don't claim to have a good one myself.
I don't think the restrictions are doing much for victims. I assume Google was pressured into doing this by the authorities, or may be doing this to get in a good spot politically.
Just because something is technically possible does not make it a solution
We had a big client from Singapore who only agreed to buy our SaaS subscription after we integrated SingPass (Singapore's national digital identity system) for user login.
When I read "Singapore" in the OP I immediately remembered about it.
The client is not with us anymore, but we still have this thing somewhere in the codebase :)
I would prefer if Google moved in the direction of giving apps fake permissions. Otherwise the scammers will just move onto another layer.
Those "certain paths" include "file managers"; how exactly would you sideload an app without providing the file?
> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
I, someone extremely new to Linux (hell, new to computers), was bewildered. Then a commenter replied with something that helped me and exactly what I needed. He added a note directed towards others which went something like - the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
You can't have wizards without first having noobs.
Why gatekeep people from enjoying the same thing you enjoy?
Well, I guess all that gave us EndeavourOS and Manjaro. But still, we need more places for people to learn that nitty gritty stuff.
Hell, I'd love to learn more about the hardware hacking the OP is talking about. Love to learn about those GPU hardware modifications people do. I know it's hacker news, but I'd actually love to learn about that hacker stuff. If these companies are going to continue to fight this hard to prevent us from owning the things we buy, it sounds like an important thing to learn. Or else we're soon going to have robot butlers that are just sending lidar maps and high resolution photos of our homes back to these companies. We don't need elitest pricks, we need wizards teaching noobs
I think this had the benefits of:
• allowing people who don’t want to bother with newbies to not have to, if they stay in the subforum
• still having the places for “people who are skilled and willing to work with/help newbies” and “people who are skilled but don’t want to deal with newbies much” be in a sense the same place, while also having the place for the latter be the same as a place for newbies.
• provides an incentive for newbies to become skilled.
_____
Of course, this method doesn’t work if no one is willing to engage with the newbies. But I think it’s probably fine/reasonable to keep outsiders away from a few things provided that there is a reasonable path in.
Though, I’m not advocating that the approach that forum used be implemented everywhere. I just think it is something that a community could reasonably choose, depending on their priorities.
The forum was primarily about the “Penguin Client Library” (or “Penguin Client System”, I think they went back and forth about the name?), which allowed writing PHP scripts to interact with the game servers.
Why PHP? I think maybe it was originally so people could use it to make web forms where people could put in their username and password and it would e.g. give them whatever item, but that kind of cheat was blocked very quickly, and I think it just remained in PHP for historical reasons, so instead you had a bunch of people running PHP on their local machine to run a bot doing normal game actions (but combined in unusual ways). Or maybe it was just the language the devs were most comfortable with, idk.
As example toy projects I'm trying to test out dnf-automatic because I'd prefer not to have the admin work of manually keeping on top of routine updates, but there's little feedback (although so far that's better than pacman on Arch which specifically expects atdmin), or learning why a distro has set up swap/zram/zswap the way they have, what the limits are on that config, how to measure what my system uses and if/how to adjust it. There's little guidance within the system to get you up to that level, and to open another can of worms the terminal-first approach in linux's DNA usually doesn't present anything but the bare essentials for whatever tool you're running, but any extra/wasteful information shown could nudge you where the next step is.
But people often claim no one else will read it or it's obvious. I think we've all dealt with the frustration of dealing with undocumented code. Seen how much time it takes because of the lack of documentation. Why doesn't this encourage writing documentation?
When docs are scarce and you have access, add a little. It can be built over time. Some is better than none.
The other thing I do is write notes. I put a lot of them in my dotfiles actually. This means I keep them just text (or link for images) and these can get carried around with me. I hand them out frequently and am always happy to have others contribute or share theirs but honestly I don't know a single other person that does this. But I find it extremely helpful. I reference them all the time. Granted, they're written for me but I think more people should.
But docs are kinda a necessary "evil". It would be great if we could instantly download information into our brain. Instead, we have to slowly download information into our brain (and it gets faster the more you do it).
People feel too rushed. But does the rushing get us anywhere faster? It's like rushing around in your car. You feel like your going faster, but if you time yourself or watch other cars that aren't rushing, you'll observe they still are ending up at the same stoplights you are. The speed only increases your anxiety and risk of accident. It feels faster, but it really isn't in 90% of cases.
Personally, I'd rather get to my destination more calm and safe. Might cost 1-2% in time, but most of the time I'll be better at my destination if I'm relaxed. Only rush when seconds matter.
With docs are useful and you shouldn't just jump to the parts you need. The surrounding context is a force multiplier. It helps you get into the mind of the writer. It helps you guess how things get put together. It helps you understand the larger picture. All of that is helps. You don't need to read a doc front to back, but just extracting one-liners is not helpful.
It is just rushing... good things take time
But maybe some wizards feel miserable when they are forced to interact 95% of the time with noobs, instead of other wizards? Maybe they want a circle for themselves, as a basic human need?
If you don't want to interact, you don't have to comment or engage.
Fwiw, I'm a big fan of having private spaces and niches. It helps to filter this out. I think it is a mistake we make in our community designs, that everything needs to be public or whole cloth (e.g. Reddit doesn't allow subdivisions within the community). I do like that HN puts a threshold on the downvote, but I'd even like a lower threshold on the upvote. Allows people to wade into the community.But yeah, I think there is a problem now that the majority of communities have no ability to self filter and self form hierarchies. Without this, noob voices tend to drown out experts and frankly, noobs begin to believe they are experts. I'm sure we've all seen the typical CS stereotype of "read first line of wikipedia article, assume I know the rest" type of person...
[0] https://www.youtube.com/watch?v=9fYngTUZeUQ
The TL;DR: Arch gets harder year over year as the number of ways to setup/options for each piece of your system grows. Hell, even picking a bootloader among 10 options is confusing. A guide that just at least says "This is common for X, this for Y, the others are interesting and may be worth trying. If you don't want to investigate now, use X" Is DESPRATELY needed.
I tried to have that on my site, and a pretty high level arch forum admin came buy and told me to delete my website and made a PR just deleting the page. It was honestly one of the most rude and hateful interactions I've ever had online.
This, I feel like ever since the fall of Twitter, a true hackerspace has been missing for awhile.
Is it up or archived anywhere?
In fact, I even got more people to contribute. I used to say the best way to learn Linux is to install arch. To come back to me after your third failure. It's rough, but you learn a ton and accelerate really fast. Telling people to expect failure helps. They know it's not them being dumb and they won't ruin their computer. Plus, they have a safety net and I promise I will help, but the real lesson is the struggle.
I do not remember the "Noob guide" otherwise, but I do remember the old Installation Guide which was great as it had everything on one page!
[0] https://web.archive.org/web/20130116090332/https://wiki.arch...
[1] https://www.reddit.com/r/archlinux/comments/4z7z0i/the_begin...
But given how things are now, I'd highly recommend https://endeavouros.com/ if you're doing standard things (good with Nvidia GPUs)
That's an easy one to answer: they will eventually demand that Foo changes and remove things they do not like. It has happened to all media, it has happened to all software, you can be damn sure it will happen to something as modular as a Linux distribution.
Having bad or no support for your software isn't some good way to keep it 'pure', it's just keeping it less useful/relevant. Linux is OSS: fork it if you don't like something new, but don't hurt the ecosystem.
Deliberately hamstringing software or documentation so that others will stay away and not make changes is literally antithetical to OSS as a philosophy.
Neither of this is true. There are plenty non-technical users that will be suggesting changes, there are plenty of technical users where they don't want things to change.
> Having bad or no support for your software isn't some good way to keep it 'pure', it's just keeping it less useful/relevant.
You are conflating "bad or no support" with "gate-keeping". Gate-keeping is about keeping riff raff out, but allowing those that are interesting to a path to being involved.
With respect to Linux distros. Linux is like a "kit". Different people offer you different "kits" called distros. Some of these kits may be given to you pre-assembled (Ubuntu/Fedora/Debian), other will require partial assembly (Arch) and some will require full assembly (Gentoo/LFS).
Arch/Void/Gentoo flavours of Linux don't advertise itself a user friendly distro like Ubuntu/Mint/Fedora. *It is expected you read the documentation and understand the command line*.
Thus why people were suggesting they should use the CLI tool. If a user doesn't want this, they should use something else.
Having a "noob" version of installation instructions for something like Arch/Gentoo will have the effect of allowing someone to fumble about and maybe achieve getting something functional, but they won't actually understand what they are actually doing and this will cause them problems in the future as they won't understand how to fix issues when they arise.
> Linux is OSS: fork it if you don't like something new, but don't hurt the ecosystem.
It is extremely difficult for even for large companies to run their own fork of large open source projects. Sure you can fork a smaller piece of software and maintain your own version, but anything significant you are unlikely to be able to do that. So you are forced either to use the changes you may not like, or you use something different, or you are are like the anti-systemd crowd essentially running a protest distro.
Also all the big forks in the software ecosystem is when two important factions have disagreed fundamentally on the direction of the project. We are not talking about individual users or developers, we are talking about the top tier developers/maintainers. A part-time/bedroom coder is unlikely to have any significant effect, even if they did it is often lead to burnout of these developers.
> Deliberately hamstringing software or documentation so that others will stay away and not make changes is literally antithetical to OSS as a philosophy.
Ignoring the fact that you are misstating the issue. It isn't antithetical to the philosophy at all. People decide their own level of involvement in any group activity. If you aren't willing to "pay your dues", then it maybe better for you to not be involved.
You will BTW see this to varying extents in Churches, Cricket Clubs and even your place of employment.
e.g. If you go to Church you have to accept certain tenants about the faith or at least respect them while you are there. I've been invited to Churches in my local area, by very nice people that I would like to get to know, but I can't believe in Christ, so I don't go.
Suggesting is not making. Non-technical users will not be making changes.
> You are conflating "bad or no support" with "gate-keeping".
If the support is intentionally removed with the goal of keeping out people, then it's both. That was the premise accepted by both of the comments above mine, hence my comment working from that premise.
> Having a "noob" version of installation instructions for something like Arch/Gentoo will have the effect of allowing someone to fumble about and maybe achieve getting something functional, but they won't actually understand what they are actually doing and this will cause them problems in the future as they won't understand how to fix issues when they arise.
Everyone is a noob at some point, so getting rid of documentation is only a means to prevent someone from learning. There is no cost to anyone if someone installs Arch without being an expert in the CLI.
> It is extremely difficult for even for large companies to run their own fork of large open source projects.
Agreed. And if there aren't enough people who are willing to support a fork to manage one, there aren't enough people to justify preventing a change that keeps the current version as it is (which is what in this case, that fork would be).
I.e. if there aren't enough people who support the current version, to maintain an unchanged version as a fork, there aren't enough people who support the current version to justify not changing it in the first place.
> If you aren't willing to "pay your dues", then it maybe better for you to not be involved.
Where are you getting this from? The whole conversation was newcomers making changes. Code contributions (i.e. changes) are explicitly the "dues" that OSS devs 'pay'.
> If you go to Church you have to accept certain tenants about the faith or at least respect them while you are there.
If enough of the congregation feels it needs to change, it will (or it will die out). Modern versions of religions look nothing like they did hundreds of years ago, and not all the changes happened due to schisms/ forks. Everything changes, or it dies.
(Just had to be a little snarky lol. I know you agree)
Part of being a "Senior" in any field is helping those below you. Just think back to all the people that helped us get to where we are today! Yeah, we put in a lot of work ourselves, but it would be insane to have such an ego as to believe we did it all alone. There is no self-made man. No one can pull themselves up by their bootstraps. Nor are there giants' shoulder's to stand upon. Those are just a bunch of normal people standing on one another's shoulders wrapped in a trench coat.
No it isn't. Stating it is doesn't make it so.
If I expect you to follow a particular procedure and not support another (which is deemed initially friendly) that is perfectly valid. If it keeps people out that wouldn't otherwise be able to follow it, that is a positive, not negative.
It can gatekeep and be authoritative.
> That was the premise accepted by both of the comments above mine, hence my comment working from that premise.
And the premise is incorrect. Thus my comment.
There are also other reasons. Like having two version of the documentation causes confusion in itself.
> Everyone is a noob at some point, so getting rid of documentation is only a means to prevent someone from learning.
Not if the "noob" documentation obscures knowledge by letting people skip important parts of understanding the process.
> There is no cost to anyone if someone installs Arch without being an expert in the CLI.
Yes there is. That person will quiz people in discord, forums, voice chats, reddit etc when they will invariably be presented with an issue that they cannot resolve. Similarly that why people distro-hop.
RTFM response actually trains people to solve their own problems and is the correct way, by first following the process and then only asking when the process doesn't work.
> Where are you getting this from? The whole conversation was newcomers making changes. Code contributions (i.e. changes) are explicitly the "dues" that OSS devs 'pay'.
I was talking about the benefits of gate-keeping in general. I never said anything about specific about code contributions.
BTW, these people will affect code contributions. Much of the Linux desktop is a clone of other systems (typically Windows) to appease users that expect that UI. This actually dominated the conversation for about 15 years in linux.
If we are talking about the newbies. They have to prove they can follow the documentation provided i.e. RTFM.
> If enough of the congregation feels it needs to change, it will (or it will die out). Modern versions of religions look nothing like they did hundreds of years ago, and not all the changes happened due to schisms/ forks. Everything changes, or it dies.
Every group is lead by a minority. The minority in every group, set the agenda, not the majority. That is fact of life, if you think otherwise you are mistaken. Even revolts are usually led by people who are part of disgruntled minority. Every one of those changes would have been made either by someone important in the Church or the state (as the state and the church was typically tied).
Every single one of those changes were made by elites or governments at the time. Not the majority of the congregation. BTW many of the Churches in England and Europe didn't change that much, that why loads of these people migrated in the first place to the US.
BTW many young converts are going to the Orthodox Church because they see it as the most "OG" version of the Church, because some people crave what they believe to be the authentic experience.
Such as "RTFM". You're right. People do need to learn to train themselves. That's the most important skill. But the major problem is that noobs are at the beginning. They don't know where to look. They don't know what questions to ask.
The struggle is important, but it can also be too much at times. A senior shouldn't do everything for the junior, but neither should they let them struggle too much. The trick is in the balance. Let them struggle, but pull them back if they stray too far.
If you don't reign them in, then most of them just go far off course. Most of them just get lost and never return. That's not a good situation for anyone. Most wizards come from them not getting too lost while going on this confusing journey. It's more that we just ended up in similar places. But a lot of luck was involved with that. We know the journey itself is important, but you can't tell me that there weren't times that you tripped and fell and they didn't do anything to help you get where you are now (other than learning resilience). We can make things better.
So don't tell a noob to RTFM, they don't even know what the manual is! Point them to the manual, point them to the right section. Say "hey, give this a shot. Let us know how it goes. If you're still stuck we'll probably need to know what <xyz> is". Your "xyz" should always be a hint as to what your guess to the solution is. Gets them thinking about a certain thing they might not have. This still puts everything on them, lets them struggle, but helps prevent them from getting lost. That's not "RTFM" that's "HTM" (Here's the manual)
Really, I'm calling people dumb for gatekeeping the things they enjoy. Things change regardless.
With Linux, you can have your distorts. Because Linux people tend to understand that you don't build "products" but environments. Places to build from. To build in. It's not always but it's a good idea. You can't make a product for everyone, but you can make an environment for everyone. It's why a computer or a phone is so universal but iOS or Android isn't
I think that this reads better "there is nothing that Microsoft wants regular users to touch that they need to edit in the registry directly." The distinction between the two doesn't really matter as long as the user's interests are reasonably aligned with Microsoft's, but the modern Microsoft-the-ad-company approach to Windows means that this is not at all true.
> https://trustmeitsfinebro.com/install.sh | bash
:D
Don't believe that for a second. Industry de-facto standards are a result of power dynamics, and the actual users of the thing wield orders of magnitude less power than they project. If a corporation like MS or Google wanted Linux desktop to happen, no amount of gatekeepers could actually hold the gates.
The reason why Windows is the de-facto standard is because Microsoft put a lot of behind-the-scenes work into making it a de-facto standard. I am meaning them sabotaging everything else, treating the status quo with the famous EEE, many business deals with governments to use it, put it in school curricula, having manufacturers preinstall it to PCs, and bend every piece of connected tech to Windows' direction - hardware drivers, computer games, specialty software, even the internet.
That is how Windows got its desktop users, and how Linux and others didn't really.
More than an hour? That's very strange, enough that I wonder if you had the right impression of things.
Usually the reason to go with command line is that even though it might be bewildering to look at, slamming in the command only takes a moment and you don't need to do any button-hunting.
It's a tradeoff, is what I'm saying. But you seem to be describing a situation where it's significantly worse in every way. Why would a bunch of people all be on that bad plan?
That's usually how long it takes me to get an FFMPEG command I'm planning to use more than once right
If you give someone an already-done ffmpeg command it should be straightforward to use.
The brother wifi laser printer I have works on everything without any installation at all. Windows, mac, linux, my phones.
It looked like SteamOS was going to be a contender, but apparently not.
Back on Linuxland, the userbase realized this about two decades ago, when Ubuntu launched. Having a nice default experience was considered better than having easy tweakability, because Ubuntu could also be configured to the fullest extent in the classic Linux way of reaching into the guts of the system and rearranging things to taste. Not that I would ever recommend tweaking Ubuntu too much, but it can be done.
What about the other end? Most people who like fiddling with Linux by reaching into its internals have settled on distributions such as Arch, where this way of managing the system is expected and thus the distribution works to ensure this experience is as easy and predictable as it can be, by providing a good happy path experience for common scenarios, and providing top-notch documentation for common and uncommon customization options, or minority hardware platforms and devices.
Just enough corners to cover day-to-day usability so that new users would be able to help themselves if they get stumped.
That set of corners has been pretty much covered by Windows 95 when it comes to the GUI.
For tweakability, command-line interface isn't unfriendly — the commands are.
People love talking to ChatGPT. This tells you how friendly typing interface is.
I'm not saying that natural language processing should necessarily be a feature of the interface (although it could make a lot of things much smoother), but FFS, an interactive dialogue-based CLI is a much friendlier thing than "figure out the right incantation" paradigm.
No comments yet
I sideload a glucose monitor app that's not available through Playstore (it's FOSS and health is a tricky area with liability).
It's a fantastic app and the ability to sideload it is a major reason I use Android over iOS.
I also sideload a patched app of the Dexcom glucose reader OEM's shitty app to allow the data to be read by the better (sideload) FOSS app.
https://github.com/NightscoutFoundation/xDrip
https://www.patreon.com/byod/about?
Ok I'm not an ordinary person, I guess, but if I was I'd still use those apps and I know people who are ordinary and do so.
But I am pretty sure that like any other teenagers since the beginning of time he obeys me, and has only rooted his phone for educational purposes.
His friends, though, I am not so sure.
Some of the more savvy ordinary people even export apps as apk for other phones.
https://zimperium.com/blog/the-hidden-risks-of-sideloading-a...
About 1 in 5 users sideload?! That's not something to ignore
Sideloading is a fairly popular practice. Our research indicates that 18.3% of mobile users globally engage in sideloading. In some regions, such as the Asia Pacific, the impact is as high as 43%.
Yes, usually when somebody calls them, pretends to be from the security department of their bank, and asks them to install an app to "catch the hacker who just stole $2000 from your account in the act."
In countries where Android is popular (not the US), this is an extremely common scam vector.
I love steam, but epic is very user hostile.
edit: which I'm not even sure if that counts as side loading
It's crazy how we act like phones are dramatically different than other computers. An average computer user can go to a website, click "download" and then we think the average phone user can't do the exact same thing? It's the same people! They might be used to downloading from one location but it would be laughable to think they couldn't do the normal thing too
(To clarify, I mean apps. Things like GrapheneOS you're going to run into the same issues as expecting my grandma to install Linux. Might be doable but it isn't quite there yet)
I think what people on HN really forget is that the average person isn’t equipped to tell the difference between a legit source sideloaded app or a Trojan horse app that some TikTok video instructed them to install.
I wonder if they could solve that with delays. E.g. you can sideload, but the process is deliberately delayed to take two full days and require carefully reading warning screens and correctly answering questions about the warnings, then getting time to think, multiple times.
Google changing defaults is a permanent change for some large percentage of their userbase. A subset of those can still figure out how to download and run an APK file but have no further recourse against monopolistic behavior.
Maybe those people do need to be protected from scams. Social engineers have complete control over the user, so any control given to the user is owned by the scammer. Seems like the same problem as pig butchering, a technology or process solution can't save someone too stupid to save.
Thinking about less controversial options for Google, they could track if any side-loaded apps have the dangerous permissions, and provide a global true/false status to other apps that request it. So Wallet / whatever would disable features if any "outside" apps were in a position to exploit the user. And Android could offer a button that cleans up the "problem" apps, setting the global status back to false.
sideloading apps was a feature that did not catch on. Now they kill it. Then when Apple launches it, watch them tout it again as a feature.
Right.
And something that Apple has been doing generally from Android (while trying really hard to catch up) - feature after feature and shamelessly releasing it as the next biggest revolutionary thing since the moon landing, or an invention shadowed only that of the wheel and fire.
In fact last few years of Apple's phone advancement has been nothing along with some features which has been Android for years. Or maybe that's not "copying", that's bringing "at par" which is of course different?
News to me. Edit: I misread parent comment.
Though Google Pay is also probably the least private of the major tech-company payment platforms (the others being Apple Pay, Samsung Pay, and Garmin Pay). It is, I think, the only one that actually requires an open network connection on the phone to work. The others all generate one-time codes that get sent through the payment machine's network for verification by Apple/Samsung/Garmin on the backend (i.e. you can tap an Apple Watch to pay with all its radios off, but you can't do that with Google Pay).
From what I gather, Garmin Pay can work with GrapheneOS if you have one of their smartwatches. And Privacy.com works, but not with tap-to-pay.
As an aside - I think the Paypal app in Germany offers HCE tap-to-pay, and In the UK/Europe 'Curve' is a Google pay replacement that runs fine on GrapheneOS (and they have first-party support for huawei phones that don't even ship Google play services anymore)
That being said, it is a reasonable compromise that, as long as people know that beforehand, losing Google Pay as the price to loosen Google's grip on your data, location and preferences is an acceptable one [price].
The linked article is literally an ad for Librem phones though?
When we last got new phones I put GrapheneOS on mine and my partners, I never subsequently had to play tech support on hers.
The Web installer [0] is not really approachable to a normal Android user. The instructions are dense, loaded up with warnings about dozens of edge cases that are discussed in jargon that would intimidate even relatively tech-savvy users:
What's USB passthrough? Did I install my browser through Flatpak or Snap? How would I know? Did I need to understand the paragraph explaining in detail how carrier models lock users in? There's a bunch of stuff in there about Linux... do I need Linux? What's a sha256 hash and do I need to care?
It's not that this is impossible for non-IT-folks to grasp, but there's no chance that my parents are installing this on their phone.
[0] https://grapheneos.org/install/web
FWIW, GOS is an excellent project, but I don't think it's a good fit for non-technical users. But there's nothing stopping someone from creating a distribution of it with a preconfigured Google Play sandbox, some sane defaults and applications, to provide technical support, and to streamline the installation process, or even sell devices with it preinstalled. As long as that entity is trustworthy, it would be a good alternative for people who want to leave the Google/Samsung/etc. ecosystem, but don't have the technical knowledge or want to bother with installing and configuring GOS themselves.
[1]: https://flash.android.com/back-to-public
I have never installed OpenWRT on an home router -- too afraid to brick it, to deal with somewhat manual updates [I think].
I bought a GL.iNet. Totally normie, automatic updates. And then, "Hey look, this is... OpenWRT with a GUI!"
There are some [mobile] brands going on similar direction [albeit one that doesn't seem right to me]. Volla & Fairphone. They provide alternatives. I don't like them [the software options available for them], but alternatives exist, working out of the box.
I own no firsthand experience but read many users require app 2FA to make card payments.
The solution must be social-legislative. The London smog and terrifying auto deaths at 30 KPH were solved but not by niche enthusiast projects.
My phone is play store free, my SO's isn't. I agree having the play store isn't great for privacy but for the purpose of this thread it isn't relevant.
Huh? Banking apps not working on GOS are a rather rare exception (which I have not run into ever and I use several), and streaming apps work just fine. I "only" use Netflix & Amazon Prime but other people attest[0] to Disney+, Paramount, Max, and SkyGo working, too – even without Google services.
[0]: https://discuss.grapheneos.org/d/20256-streaming-apps/6
Easy
DJI forces you to side load their app for their Air Units and Drones. And this is scary. It looks like the rule they violate for the play store is that their app can self modify.
Let that sink in ... Any tension or whatever political bull crap happens and you have a state controlled malware on your device that can do anything it wants with your drone.
Millions of people installed this without really understanding what could be the consequences...
Google clearly knows this. IMO the motivation here is obvious, and it isn't security.
US Senators like Ron Wyden would probably tell you that Apple's approach harms your security overall. After all, he was the one that whistleblew Apple's hidden and warrantless Push Notification surveillance pipeline. Forcing you to rely on a first-party service you can't replace is never a secure option, not in the US nor Europe.
> the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.
We're a long way from that ideal today. Software controls us all the time. Usually that just leads to anti-consumer annoyances like lock screen ads or DLC seat heaters. But when the one controlling the software that controls you is a communist government...
Not sure what the short term practical solution to this is though.
By making it "normal" to install the app via sideloading, there's little Google could do in the event of malicious app behaviour, and the majority of users would not find out about it (at least, not immediately).
all self-modifying really prevents you from doing is stuff like dynamically changing your permissions. which is a broadly reasonable restriction because it'd complicate the approval UI (and the actual enforcement mechanisms) quite a bit further.
Just one month ago they found intentionally embedded Kill Switches in chinese provided solar panels [0][1].
Not even complex apps require capabilities of such self-modification, the fact that a DJI drone app, requires such capabilities, is quite suspicious especially as they are heavily involved in PLA Drone Warfare R&D and Capacity building.
[0](https://www.reuters.com/sustainability/climate-energy/ghost-...)
[1](https://www.rickscott.senate.gov/2025/6/sens-rick-scott-mars...)
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
The issue is even bigger. Even when using Play Store on GrapheneOS with a locked bootloader (which is the recommended configuration by the GrapheneOS project), Google refuses to let apps use the hardware attestation support in the Play Integrity API [1], which blocks certain banking apps, Google Wallet, etc.
It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Time to block the Facebook/Instagram apps then, given https://localmess.github.io ?
[1] https://grapheneos.social/@GrapheneOS/112878070618462132
That's because it's about control, not safety.
The GrapheneOS devs are serious about security, probably more focused on it than 99% of end users. That they manage to release a project with the high level of usability that GrapheneOS achieves is impressive, even if it isn't as convenient to the end user as stock Android. Ultimately, nothing will ever be as convenient to the end user as stock Android or iOS, but that's not the point of the project.
That's my point, though. The projects security requirements don't need to be that stringent. By all means, take advantage of the hardware security on devices that offer it like pixel, but even on devices without that hardware security it would still be the most secure Android based OS available, and orders of magnitudes more people would benefit from having access to that.
GrapheneOS security requirements very much do need to be that stringent. That's the whole reason for the project. Have something that is maximally secure within the most aggressive limits of what is possible today.
It targets end users who either have an acute threat model (e.g. journalists, dissidents) or are willing to tolerate some level of inconvenience (compared to stock Android) to gain the security advantages. Not everyone is willing to make that trade-off, and that's okay. I don't want my daily use phone OS to adopt a more permissive security model to appeal to a broader audience. I suspect most GrapheneOS users share that stance.
There are other AOSP custom distributions that benefit from the security improvements GrapheneOS is able to get accepted upstream (though Google is making this more difficult than it used to be). I think, for people who aren't willing to make the trade-off, a better path is to use another AOSP distribution on the hardware they prefer, or to establish a separate project to build a downstream version of GrapheneOS (under a clearly distinct name) for other, less secure hardware... Trying to shadow each release as closely as possible and make best use of Graphene's generally excellent software customizations (e.g. storage scopes, deny network permission, etc) without pursuing a hard fork.
I'd certainly like something similar for NVIDIA Shield Devices, for example. But I know that's not what Graphene's mission is.
The GrapheneOS devs absolutely will not listen to anyone asking them to loosen their security model. And thank goodness they don't! That's why I use GrapheneOS. It's why many do.
They don't though, that's just a nonsense claim.
Remove the parts dependent on the Pixel security hardware, and you still have a MUCH stronger android OS than anything else available.
> And thank goodness they don't!
Your reasoning does not support your conclusion.
Yes.
And the correct course of action is a separate, downstream project with a different name doing exactly that and shadowing the GrapheneOS releases. Not a weakening of the GrapheneOS security model. If you don't want a maximally secure build of AOSP, you don't want GrapheneOS: you want something else. Maybe something substantially similar, but not GrapheneOS.
>They don't though, that's just a nonsense claim.
I don't know what is nonsensical about claiming that a project whose principal goal is to be maximally secure shouldn't weaken its hardware security requirements. The statement is closer to tautological than it is to nonsensical.
Except that there is explicitly no need for that.
> Not a weakening of the GrapheneOS security model.
There is no weakening for those people like yourself that feel they need the extra security provided by using pixel devices.
> I don't know what is nonsensical about claiming that a project whose principal goal is to be maximally secure shouldn't weaken its hardware security requirements.
The fact that you are claiming a weakening is happening at all is ridiculous. If it was made available for more devices, you, using it on a pixel, would be exactly 0% less secure.
Do you have an understanding of the point you are arguing, or are you repeating things you've heard?
Do you understand that a security model includes allocation of finite developer resources? How much time a project's developers will spend on each class of problems?
The GrapheneOS developers have chosen a narrow set of devices that meet their hardware requirements, and that narrow list of devices allows also them to focus their resources, tightly integrate software hardening with the functioning of the hardware, and makes the project logistically manageable at all. Each clause in that sentence is part of the security model, not just the hardware requirements.
Have you ever tried to get a new build of something like LineageOS (or, once upon a time, CyanogenMod) running on a new device at all? Each ARM SoC (i.e. almost every smartphone) has numerous bespoke customizations, and its own set of largely binary-blob firmware, and often necessitates per board builds of an OS.
Adding even another half dozen devices is highly nontrivial. If you want it that badly, do the work and port GrapheneOS to those devices. Release your work downstream of the project, and benefit from its security improvements in software. It would be a good, worthy project with its own goal of bringing better security to a broader audience who are only using stock Android. That isn't the GrapheneOS project's goal.
Do you understand the purpose of the GrapheneOS project?
Its developers are in an ongoing cyber-arms-race against companies like Cellebrite and against state-level actors. The extreme hardware requirements (the primary two being Titan chips and multiyear firmware update guarantees from the vendor) are chosen with those adversaries in mind. That's their goal.
You and I are incidental users of the project. We are not its intended user: the person who needs a device that is as secure as possible against focused, well-resourced, state-level adversaries.
My stance is that I'm grateful to have access to a top-tier security tool, free and open source, way beyond my actual needs or threat model. I'm grateful it is so easy to use that the compromise (specific hardware required, 3-5% of apps I try not working) is well worth it. My stance is also that I'm against the broadening of project scope for the convenience of people who, like me, don't actually need this level of security but who, unlike me, are unwilling to make the compromise.
I'm not repeating things I've heard. I've built versions of Cyanogen and Lineage for phones I've owned over the years. I have a good idea of the work involved just getting things running at all, before even approaching the question of security. And all I'm saying is, "if you want support on devices beyond the project's scope that badly, do that work yourself and share it with the community."
You went out of your way to avoid answering the question, so it seems the answer was no.
I don't think you have a clue what you're talking about, and are indeed just repeating things you've heard. I don't see this discussion progressing further because of that, instead devolving into an is-too/is-not back and forth.
Your claim the idea that allowing Graphene on a wider array of devices would somehow weaken it's model remains nonsense, and you certainly can't support it, although if you wanted to make an effort that was more than you just asserting and repeating things, I'd be interested to consider it.
Otherwise, you have a great day.
You haven't actually made any specific arguments. Nor refuted any specific arguments I've made. You've just repeated, over and over, everything what I say is nonsense and I must be repeating things I've heard. I'd agree that sort of repetition tends to stall out discourse.
I do hope you end up with (or have already) a smartphone that is secure to your satisfaction, on the hardware that is most convenient to you, whoever ends up doing the work to make that possible. Have a good day also, and best of luck in the search for such a solution.
You're making a claim; I've asked you to support it with more than preaching, and you've been unable to do so. The lack of the discussion progressing is entirely due to that, and nothing more.
https://grapheneos.org/articles/attestation-compatibility-gu...
See replies to this: https://news.ycombinator.com/item?id=32496220
Another note: this obviously does not prevent people from having multiple phones, feel free to buy an extra phone and install LineageOS/Gentoo/whatever you want.
I also haven't seen any specific examples of software that's frequently sideloaded that would be unjustly discriminated against.
I’m an Apple user, but above all I value choice. Isn’t the point of Android that it’s an open ecosystem?
ADB is arguably worse than what Apple did in the EU for sideloading to abide court orders, and Apple was lambasted.
Are there high quality or especially useful apps stores that are not in the Play store.
These are the permissions most used to impersonate a user. SMS access lets an app log into every service you use and get OTP codes. Accessibility tools lets the app open your banking apps etc. whilst you're sleeping.
Singapore has big issues with identity 'trading' - and there are big signs saying things like "if a stranger offers to buy your phone number from you, and you accept, we will send you to prison for 5 years". Same with bank accounts, credit cards, etc.
Basically, if something is tied to your identity, and you let someone else use it for crime, then they're gonna punish you heavily.
In countries where Android is popular and iPhones are expensive, Commentary (Jieshuo) screen reader is a popular and arguably much better alternative to TalkBack, the built-in Android screen reader. Because it's a Chinese app and there's no major conglomerate behind it, it's not on the Play Store.
Because it needs to be able to read all screen contents and drive the entire system UI (that's literally what a screen reader is for), the permissions it requests are quite intrusive. Blocking it from accessing sensitive apps would entirely defeat its purpose, after all, if you need a screen reader in the first place, one that doesn't work in banking apps will be pretty useless to you.
Googlers will probably point to Webaim[1] and say that nobody uses the app so it's not a problem, entirely forgetting that Webaim is mostly filled out by well-off English speakers. If you look at data sources that better represent the global population at large, like the Yandex user survey, you will see something very different.
[1] https://webaim.org/projects/screenreadersurvey10/
An example of "normal" users that side load (through F-droid or direct APK) is most Ingress players. While Ingress itself is in the playstore most people use the "companion" intel app called IITC which isn't in the playstore as it's technically against the ToS.
I had a Pinephone a couple of years ago and receiving phone calls wasn't very reliable.
https://forums.puri.sm/t/nine-months-librem-5-as-my-only-pho...
https://forums.puri.sm/t/a-l5-review-1-week-to-my-ready-to-s...
Tl;dr: calls and texts work fine, battery life is not as good as Android/Apple but usable. Also you can replace the battery on the go.
A few months ago they improved their security somewhat by not letting you disable Play Protect while on the phone: https://9to5google.com/2025/01/29/google-play-protect-calls/
You also can't turn off Play Protect if you've enabled Advanced Protection on your account (which also enforces a range of other security measures) but that's fully opt-in and hasn't even been availble to the wide public for all that long.
How about Google focuses on proper sandboxing and permissions models? With those in place where an app comes from should not be a concern.
(And probably game anti-cheat)
Seriously, just restrict it to signed applications unless debugging mode is active. With explicit permission from the user.
/e/OS already exists and can even be bought preinstalled on Fairphone.
> Police warn new Android malware scam can factory reset phones; over S$10 million lost in first half of 2023
> There have been more than 750 cases of victims downloading the malware into their phones in the first half of 2023, with losses of at least S$10 million (US$7.3 million).
— https://www.channelnewsasia.com/singapore/android-malware-sc...
> DBS, UOB become latest banks to restrict access if unverified apps are found on customers' phones
> They are the latest banks in Singapore to do so – after OCBC and Citibank – amid a spate of malware scams targeting users of Android devices.
— https://www.channelnewsasia.com/singapore/dbs-uob-anti-scam-...
> 74-year-old man loses $70k after downloading third-party app to buy Peking duck
> “I couldn’t believe the news. I thought: Why am I so stupid? I was so angry at myself for being cheated of my life savings. My family is frustrated and I ended up quarrelling with my wife,” said Mr Loh, who has three children.
— https://www.straitstimes.com/singapore/74-year-old-man-loses...
> Singapore Android users to be blocked from installing certain unverified apps as part of anti-scam trial
> "Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources," it added.
— https://www.channelnewsasia.com/business/anduril-secures-305...
> CNA Explains: Are Android devices more prone to malware and how do you protect yourself from scams?
> Why are scammers more likely to target Android users? How do you spot a fake app and what should you do if your device is infected by malware?
— https://www.channelnewsasia.com/singapore/android-malware-sc...
> Nearly 2,000 victims fell for Android malware scams, at least S$34.1 million lost in 2023
> In 2023, about 1,899 cases of Android malware scams were reported in Singapore. The average amount lost was about S$17,960.
— https://www.channelnewsasia.com/singapore/android-malware-sc...
> Android users in Singapore tried to install unverified apps nearly 900,000 times in past 6 months
> These attempts were blocked by a security feature rolled out by Google six months ago as part of a trial to better protect users against malware scams, which led to at least S$34.1 million (US$25.8 million) in losses last year with about 1,900 cases reported.
— https://www.channelnewsasia.com/singapore/android-users-inst...
Computers are cheap these days. You can buy a Raspberry Pi to hack on and use something else for your money. If you like hacking on smart phones, carrying more than one phone is an option. You don’t need root access on every device you own.
Hey, listen, I don't fall for these obvious scams and I even rarely install apps/extensions, but when I do, I know what I'm doing.
There should be a giant "OPT OUT" button (you press it, you're responsible for it) so I'd not be bothered ever again.
1) Apps like uber, lyft, ev charging and parkmobile would crash with null pointer exceptions some weeks but not others, so for the use cases that force me to carry a phone, it doesn’t work.
2) There isn’t a modern e2e sync ecosystem, and backup is completely broken.
3) The camera sort of worked out of the box (pixel pro 6), but to get all the modes, I had to install sandboxed google play services, which halved the standby battery life.
Has this changed in the last 3-4 years?
To your items, and my experience on Pixels 7, 9, and 9a running GrapheneOS regularly for the last two years:
1. I use Uber and Lyft semi-regularly (disabled when not actively using) and don't recall experiencing any crashes. Can't speak to ev or parking apps.
2. It may not meet your definition of modern, but I am very happy with Syncthing Fork on phone alongside Syncthing on linux laptop and desktop (where I run restic nightly backups.) It takes some effort to set up compared to handing the keys to the big corps, I will give you that. I'm still unsatisfied with GrapheneOS backups, but mainly because I want them written to storage where my syncing can send them along, and be able to flash a new phone as if it were a regular drive. But that's maybe asking a lot on phone hardware?
3. Pixel Camera app I pull down from Aurora Store, decline Network permission, and takes photos seamlessly even without Play services. It won't let you actually view photos in app without the Google Photos app which is a bummer. I've taken to using Files to view them, which is cumbersome. Maybe I should just install Photos and decline network.
For games especially, it's a huge problem, especially if you don't use (nor want to use) a Google account
Meaning if you want to use say, a financial app while on Lineage or Graphene, you are SoL if the developer decides to enable that feature.
Apps on android are freely able to talk to each other. It is not a bypass to be able to do so.
This is a reasonable restriction and I am surprised this restriction is coming now and not ten years ago.
Sideloading must be limited to tech savvy users only who know what they are doing.
Who says so?
Google could do this, and it's in their interest.
It happened.
Also it's not clear what exactly it means. Does it have a dialog you can click through like play protect, does adb install still work, etc.
From the article, I presume this is being done in the name of "cyber security" (least common denominator strikes again.) In newer versions of Android, a few warnings/confirmations are shown prior to sideloading an app. I think the best solution here is to gate-keep sideloading behind Developer Mode. Enabling Developer Mode, then enabling side loading, would be complex enough to stop brain dead drive-by side loading from occurring. And (mostly) only people that know what they're doing enable Developer Mode.
> This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers).
It probably hasn't since they started doing this last year, but once scammers find out you can publish your own malware F-Droid repo, they might.
Android has been getting markedly more flaky for me ON MULTIPLE GOOGLE PIXEL DEVICES since 2018. My current Pixel 8a on Android 15 regularly has the underlying UI controls (separate from the launcher) crash and force me to restart if I want to use the app overview switcher since day 1. I also have no app overview button in the stock Android calculator since Android 14, the shipped OS, so if I want to switch between a calculation and another app I must first return to the home screen. Wasn't like this in previous releases! Furthermore, the day/date is routinely cut off in the statusbar and its pulldown. This product passed multiple reviews and 2 major OS releases with these (and many other) obvious and irritating bugs and shows no signs of improvement. If they left these holes in the surface, I can only imagine what's underneath. It's ridiculous, but I guess we're cranking out complexity at a rate that exceeds our ability to manage it (or our ability to manufacture new fucks at a rate exceeding their consumption).
If Purism is shopping for new users, all they would eventually need to do is not get worse at a rate as fast as Android, or more expensive at a rate as fast as iOS devices. Based on what I've seen from them so far...they're not at that point yet: meager specifications, high prices. I will continue to cling to my Android device, but I'll cheer them on from the sidelines.
You can root iphones
"Google Restricts Android Application Installation–What It Means for User Autonomy and Freedom"
The idea that you're not allowed to install any application without it coming directly from $megacorp is the new wierd thing. The idea of installing applications yourself on your computer is well established and normal.
"Sideloading" is a dangerous word that implicitly gives up freedoms. It should not be used.
I've totally gotten into modern AI, cus its actually useful, but I've always been a "luddite" re. smartphones. I've always thought they suck.
Smartphone = a computer that's shitty and dumb enough to be popular.
Garbage article. Also embarrassing so many fell for it.
How about getting a linux phone? (or a dumbphone + a linux portable device)
Old computers, before sandboxing and Windows defender and real-time protection, were more secure, because people were less likely to plug their bank account information, social security number, birth date, and home address into them.
At a certain point we have got to level with the idea that a smartphone is no longer a general purpose computer in your pocket. It's more like a cyber passport. It knows everything about you and authenticates formal activities.
So they weren’t actually more secure – they were less secure and less useful (setting aside the questionable historical accuracy of where popular online banking sits in the timeline relative to OS security measures in that claim). Maybe if we relax the made up constraint that a change must create 100% foolproof security, we can have a more nuanced discussion about ways to improve security.
It feels like this analysis really downplays some advantages making sandboxes and Windows defender and realtime protection got us in the average case (even if in the edge case someone can get hurt).
Ahhh yes. You want some of the action apple is getting from EU commission don't you?
Talking about the api-s that discriminate between playstore and side loaded aps. Which is not clear if are Singapore only
I have never ever used a fully loaded android phone with all the spying, surveillance apps and play services, amazon, facecrook, whatshit, running.
why on earth do muppets insist that they cannot live a life without google and the rest.
I have installed the latest AOSP on all my phones, including family aand friends.
I currently have a motorola edge 20 pro with android 15 installed. and my very old oneplus 5T also has android 15 installed.
all my family and friends have either lineage or E/os installed.
I dont see the problem here. I hear no complaints.
fool me once, More fool anyone who thinks google, facecrook and whatshit is their friend.
Autonomy for me, MEANS, self regulation. this is severely absent in the lives of the modern human being.
luckily for me and other others who are sailing is that you cannot keep sideloading without enabling pirating as well.
the rich techies can downvotes if they want but I and others in India don't have money to pay for your silly todo apps. ha ha.