These two are identical for software.
Comment on Google's plan to restrict sideloading on Android has a potential escape hatch for users
LodeMike@lemmy.today 3 days agoCorrection: SSL certificates can expire before someone would want to continue being able to install any given app.
LodeMike@lemmy.today 3 days ago
Zak@lemmy.world 3 days ago
Sure, the developer needs to keep the certificate up to date and re-sign the APK on occasion.
LodeMike@lemmy.today 3 days ago
So any APK I download will just expire at some point in time that’s probably really annoying to know, and then I have to dig through the internet again so I can install the app again?
Zak@lemmy.world 2 days ago
Another option is to allow otherwise-valid signatures after expiration. It’s generally still possible to check them.
LodeMike@lemmy.today 2 days ago
That completely nullifies the entire point of signature validations.
pycorax@sh.itjust.works 3 days ago
If it’s anything like how Windows does it, you would still be able to override it. It just gives you a scary warning and hides the option unless you click “more info” or something.