If it’s anything like how Windows does it, you would still be able to override it. It just gives you a scary warning and hides the option unless you click “more info” or something.
Comment on Google's plan to restrict sideloading on Android has a potential escape hatch for users
LodeMike@lemmy.today 2 days agoSo any APK I download will just expire at some point in time that’s probably really annoying to know, and then I have to dig through the internet again so I can install the app again?
pycorax@sh.itjust.works 2 days ago
Zak@lemmy.world 1 day ago
Another option is to allow otherwise-valid signatures after expiration. It’s generally still possible to check them.
LodeMike@lemmy.today 1 day ago
That completely nullifies the entire point of signature validations.
Zak@lemmy.world 1 day ago
How? Expiration doesn’t grant an unauthorized party access to the private key.
LodeMike@lemmy.today 1 day ago
There’s zero cryptographic reason to have a signed date at that point.