• 10001110101@lemm.ee
    link
    fedilink
    English
    arrow-up
    35
    ·
    3 days ago

    Kinda depressing that all of big-tech seems to have given up “innovating” (finding applications for publicly-funded research), and have become rent-seeking dinosaurs.

  • Teknikal@eviltoast.org
    link
    fedilink
    English
    arrow-up
    16
    ·
    2 days ago

    Not bothered if necessary Il patch every apk before installing it, one more stupid American move that will ultimately give the entire market to the Chinese.

  • viking@infosec.pub
    link
    fedilink
    English
    arrow-up
    42
    ·
    3 days ago

    This article is a thinly veiled ad paired with fearmongering to get gullible users to buy the shit phones they sell (or not, some people have been on “waitlists” for 5+ years after providing a full payment).

    Granted, their phones are fully open, but have next to no apps.

    Personally I’ll stick with Android 12, rooted, and see what the future brings.

    • interdimensionalmeme@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      1
      ·
      edit-2
      3 days ago

      That would mean less money, at least in the short term, but also in the long term as it grants the user the autonomy of optionality, the power to choose some of Google’s edicts. Really it’s about the power to shape the choices of the users in the future. Take their power away. And in the future this will be conducive to leverage this power against the user for more money.

      I asked the AI about it, in case anyone is curious https://chatgpt.com/share/68454a70-5cd8-8005-8075-3579244f0ce4

  • MonkderVierte@lemmy.zip
    link
    fedilink
    English
    arrow-up
    69
    arrow-down
    3
    ·
    3 days ago

    In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.

    All of this while EU forbids Apple to do the same, what is the idea here? Measuring how EU reacts?

    • surewhynotlem@lemmy.world
      link
      fedilink
      English
      arrow-up
      30
      ·
      3 days ago

      Is it the same though? Google is allowing the developers to choose to prevent sideloading. I thought Apple’s issue was that they prevented side loading completely.

    • 0xD@infosec.pub
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      4
      ·
      2 days ago

      …did you read the ad…? It quite obviously answers your question and calls out the difference. The large, glaring one. The one that probably even a first grader would grasp.

  • Zagorath@aussie.zone
    link
    fedilink
    English
    arrow-up
    64
    ·
    3 days ago

    Yikes this really doesn’t look good. Is there any reporting on it from independent journalists (or anyone else who isn’t also advertising their own competing operating system)?

    • rmuk@feddit.uk
      link
      fedilink
      English
      arrow-up
      43
      arrow-down
      1
      ·
      3 days ago

      Not that I’ve seen and I’d take what Purism say with a grain of salt: they’ve acted like pretty shitty gatekeepers themselves. Nothing they mentioned in the article seems too egregious in truth and they’re exaggerating the scale of it: Play Store app DRM exists already, and the restrictions on browser-downloaded apps they mention can be bypassed (albeit by having to go into settings) and don’t apply to apps installed through other apps stores (F-Droid, etc).

      • Zagorath@aussie.zone
        link
        fedilink
        English
        arrow-up
        13
        arrow-down
        1
        ·
        3 days ago

        Nothing they mentioned in the article seems too egregious in truth

        Doesn’t it? To be honest, if the article is telling the truth and not exaggerated, I find this pretty egregious. How you installed an app should be irrelevant, so the idea of an API to say “did this come from the Play Store” is fucking shit. And the ability to block installation of apps that call certain APIs entirely is even worse.

    • chameleon@fedia.io
      link
      fedilink
      arrow-up
      8
      ·
      3 days ago

      I haven’t seen proper reporting but the Play Integrity install source thing is accurate. There’s a reasonably good overview straight from the devil himself.

      Lots of things that have very valid reasons on paper that also just happen to give Google a stupid amount of control and will backfire for a somewhat small percentage of people in very bad ways. We’ve been at “you can’t use pretty much any bank unless you agree to either Google or Apple terms” for quite some years now, now we’re giving those same app developers ways to detect if their device has accessibility APIs enabled (useful to protect against bot farms, but also a functional check for “you’re able-bodied”) or is in security support (also a functional check for “not reliant on hand-me-downs”).

      • masterofn001@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        3 days ago

        Lol. So this API for ‘security’ and ‘integrity’ basically has a built in malware trojan:

        Avoid caching integrity verdicts Caching integrity verdicts increases the risk of proxying, which is an attack where a bad actor reuses a verdict from a good device for abusive purposes in another environment. Instead of caching responses, you can make a standard API request to get a verdict on demand.

  • Integrate777@discuss.online
    link
    fedilink
    English
    arrow-up
    42
    ·
    edit-2
    3 days ago

    In Singapore, lots of boomers are downloading scam apps from facebook lured by promises of discounts and free gifts, handing out accessibility privileges, and they’ll even argue vehemently against loved ones and bank staff when confronted. When it all inevitably blows up, they blame absolutely everyone except themselves, including praising Apple for some reason.

    Being the largest voting block, they managed to get banks responsible for reimbursing their losses and there was even an idea floated of getting everyone to contribute to a shitty scam insurance fund. Many major banking apps are paranoid af and block usage from simple things like usb debugging turned on.

    Absolutely stupidity. And there’s nothing we can do about it when the politicians love them so much.

    • /home/pineapplelover@lemm.ee
      link
      fedilink
      English
      arrow-up
      9
      ·
      3 days ago

      Usb debugging is sketchy as shit. You should almost never turn that on, and immediately turn it off once you’re finished with whatever it is you’re doing with that on.

      • interdimensionalmeme@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 days ago

        I have it on all the time in tcpip mode. I need it for file sync and remote streaming my phone with scrcpy. Especially when I use my phone as a wireless webcam.

      • mazzilius_marsti@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        ·
        3 days ago

        agree completely. But I recently broke my phone screen, the usual Samsung green screen of death, and I wish I had that turned on to copy the data over lol.

        • /home/pineapplelover@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          ·
          3 days ago

          If you can copy data over, then someone else can too. It’s important to have backups. Maybe syncthing or some other home server will do nicely.

  • ColeSloth@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    23
    ·
    3 days ago

    The restrictions on apk access over the past 10 years have already been an annoying pita. Many of the best power user apks have had to gut themselves over their original functionality, all while obtaining root access over your owned devices has become harder or next to impossible.

    • altphoto@lemmy.today
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      3 days ago

      Let them keep those. I hereby declare that if I don’t own the thing, I ain’t buying it. So no root, no $$$.

      • ColeSloth@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        3
        ·
        3 days ago

        Yeah, but I still really like my micro SD card slot and pen on my note 20 ultra. Dunno what I’ll do when I have to replace it.

        • SinningStromgald@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          3 days ago

          The pen is the only reason I have stuck with Samsung. If they made a Pixel with a smart pen that I could put GrapheneOS on I’d buy it in a second.

          • ColeSloth@discuss.tchncs.de
            link
            fedilink
            English
            arrow-up
            1
            ·
            3 days ago

            Yeah. Id pick up a redmi 10+ pro if it had a pen and sacrifice away the SD card slot. Id at least have a huge battery and awesome cooling.

              • ColeSloth@discuss.tchncs.de
                link
                fedilink
                English
                arrow-up
                1
                ·
                2 days ago

                I meant redmagic 10 pro plus. My bad.

                As for the samsungs:

                Because it’s priced higher than it should be, it has a slightly lower performance chip, a much lower capacity battery, and older battery tech that will degrade faster and charges slower. The best redmagic out specs the samsungs in every way but picture quality and does it for $500 less.

                • FreedomAdvocate@lemmy.net.au
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  2 days ago

                  Sure, but the Redmagic doesn’t have things the Samsung does - one of which seems to be a dealbreaker for you, the built in stylus.

    • anticurrent@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      15
      ·
      3 days ago

      Maybe you should curb your enthusiasm a bit. have you seen what it take to unlock the bootloader from most manufacturers? you might even need your grandma’s birth certificate before you’re allowed to do so in the future

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        5
        ·
        2 days ago

        Depends on the manufacturer. Ideally, they’re forced to allow choice, but until that happens, we can at least prefer phones that don’t lock you in.

      • kadup@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        3 days ago

        Certainly depends on where you live.

        Unlocking a Samsung phone is trivial here.

      • kratoz29@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        3 days ago

        I am aware, but what choices do we have? I for one stopped using banking apps in my Android phone, not a big deal, we didn’t have banking apps there pre 2007 right?

        I know not everyone can do it, but we can fight back in our own ways.

        And voting with your wallet should be an obvious statement at this point.

  • Lyra_Lycan@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    39
    ·
    edit-2
    3 days ago

    effectively pushing users to install apps only through the Google Play Store

    I wonder what this will mean for Aurora and Fdroid etc.

    • thatradomguy@lemmy.world
      link
      fedilink
      English
      arrow-up
      14
      ·
      3 days ago

      This is my immediate first thought seeing this. This fucking sucks. Part of the whole benefit of something like LineageOS or e (OS?) was being able to use Fdroid to stay away from Google as much as possible. Now this is going to potentially make things weird.

      • mybuttnolie@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        19
        ·
        3 days ago

        doesn’t do anything to f-droid, but probably kills aurora a bit. the developer can prevent their app from being sideloaded. why would one prevent that if they are distributing via f-droid too?

      • Emi@ani.social
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        3 days ago

        I hope f-droid has nothing to do with Google play store, thought they are their own store without connection to Google.

      • Vanilla_PuddinFudge@infosec.pub
        link
        fedilink
        English
        arrow-up
        7
        ·
        edit-2
        3 days ago

        Aaaaand now I’m carrying around a laptop again, at least mini pcs are tiny now, maybe a small handheld would do…

        if any of this shit hinders me, I’ll get a dumb phone and the cheapest iphone available for manditory work-based things and say so-long to being a mobile OS user.

        • vala@lemmy.world
          link
          fedilink
          English
          arrow-up
          3
          ·
          3 days ago

          I recently started carrying a GPD microPC because of this bullshit.

          It’s like a very bulky phone. Pocketable but kinda chonk. Thumb typing kinda thing.

          But it runs Fedora + gnome with no problems.

          My phone is now just for quick stuff and a way to make a WiFi hotspot.

      • curbstickle@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        5
        arrow-down
        2
        ·
        edit-2
        3 days ago

        That doesnt appear to be true, the restriction seems to be on apps being installed from file managers, web browsers, messaging, etc.

        F-droid and the like are not part of that list.

        This still isn’t good, but it doesnt stop you from having F-droid manage your messaging apps it would seem.

        Edit: If you’re down voting because you think its using the same method as a file manager as the user that replied to me, this is incorrect. This is also an issue going back several versions.

        F-Droid uses a session installer method for 3rd party app stores, it does not use the same method as a file manager.

        For an article about a similar issue brought up by similar restrictions in previous updates, you can refer to this article:

        https://www.androidauthority.com/android-15-restricted-settings-sideloading-3481098/

        You can also refer to this thread in the F-Droid forums which covers this as well, from 2 1/2 years ago:

        https://forum.f-droid.org/t/sideloading-restrictions-or-removal-in-future-how-it-effects-fdroid/21089/10

        Which also includes a merged discussion from the last time this came up 9 months ago.

        F-Droid has been using the session installer method for quite some time.

          • curbstickle@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 days ago

            No idea. Play Store then update itself via its at store rev? Preinstalled on a ROM? Via adb?

            That said, all the link refers to is a few sample permissions (which would not include F-Droid from that list) and only via certain methods being downloaded. Or they have it wrong and its “opened from”.

            Its still shitty, but as of now I’m not sure if there is any impact to installing F-Droid, but I can say the method of installation has complied with previous versions of googles “protections” (as in forced limitations) and that appears to continue to be true.

        • revanite@lemmy.zip
          link
          fedilink
          English
          arrow-up
          3
          ·
          3 days ago

          For what it’s worth I use aurora store and have already noticed some apps refusing to open/work unless I reinstall them from the play store.

          • curbstickle@lemmy.dbzer0.com
            link
            fedilink
            English
            arrow-up
            3
            ·
            3 days ago

            How did you install aurora store?

            I’m curious because ive seen no issues with F-Droid (just had a few updates actually), and the F-Droid team have commented on this sort of approach before, including the method being used for installation.

            I don’t use aurora, so I’m not overly familiar.

              • curbstickle@lemmy.dbzer0.com
                link
                fedilink
                English
                arrow-up
                1
                ·
                3 days ago

                I wonder if it is because you added that way, rather than from f-Droid or something.

                No idea. If I had a spare still running android (trying out postmarketos on a few devices) I’d like to give it a try. Maybe I’ll spin up a VM.

                What apps?

                • revanite@lemmy.zip
                  link
                  fedilink
                  English
                  arrow-up
                  2
                  ·
                  3 days ago

                  I don’t think so, I actually updated it via f-droid before but resorted to sideloading the apk myself for faster updates.

                  I’ve noticed it so far for my apps: Tilla (subscription manager), ChatGPT, Poe