If it’s anything like how Windows does it, you would still be able to override it. It just gives you a scary warning and hides the option unless you click “more info” or something.
Comment on Google's plan to restrict sideloading on Android has a potential escape hatch for users
LodeMike@lemmy.today 3 weeks agoSo any APK I download will just expire at some point in time that’s probably really annoying to know, and then I have to dig through the internet again so I can install the app again?
pycorax@sh.itjust.works 3 weeks ago
Zak@lemmy.world 3 weeks ago
Another option is to allow otherwise-valid signatures after expiration. It’s generally still possible to check them.
LodeMike@lemmy.today 3 weeks ago
That completely nullifies the entire point of signature validations.
Zak@lemmy.world 3 weeks ago
How? Expiration doesn’t grant an unauthorized party access to the private key.
LodeMike@lemmy.today 3 weeks ago
There’s zero cryptographic reason to have a signed date at that point.