Comment

Comment on Head of the Signal app threatens to withdraw from Europe

I don’t understand why you can’t read: (1) developer verification can be disabled, bypassed, or worked with, (2) you called it sideloading removal, which it isn’t.

You just don’t like the extra steps that limit the ease for ignorant users to install software known to be malicious that could have been blocked. I don’t like handholding my dumbass folks through the preventable IT problems they created.

source

Sort:hotnew top

mr_satan@lemmy.zip ⁨3⁩ ⁨weeks⁩ ago
This does fuck all for “security”. It’s targeting, mainly, power users and puts just more hoops for developers. This has nothing with security (they should purge malware from Play store first) and everything to do with consolidating power over users.

It’s a blatant power grab and I’m surprised to see this interpreted as anything else. Arguing about semantics just helps Google fuck everyone over.

source
sidelove@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
So let me buy a goddamn phone that I can install what I want in it. Again, I do not give a shit about any phone manufacturers that want to make a walled garden out of their Android installations. I agree, it’s perfect for the grandmas of the world. But Google is forcibly doing this to every goddamn phone, phone manufacturer, and Android enthusiast.

The only silver lining is that whenever Google decides that unregulated social media services like Lemmy are not family-safe I won’t have to listen to your malicious horseshit.

source
- lmmarsano@lemmynsfw.com ⁨2⁩ ⁨weeks⁩ ago
  Seems you don’t care about grandmas & gen z.
  
  forcibly doing this to every goddamn phone, phone manufacturer, and Android enthusiast
  
  They can manage.
  
  whenever Google decides that unregulated social media services like Lemmy are not family-safe I won’t have to listen to your malicious horseshit
  
  So casual users can get wrecked, yet I’m malicious? Maybe think of users other than yourself, weigh the potential losses to them by successful attacks, and consider whether OS designers have a legitimate claim in preventing exposure of known threats to casual users while still allowing power users to bypass those checks.
  
  You’re assuming I use an Android app (trash) to get on here, and not a proper workstation or web browser. You’re welcome to this “malicious horseshit” for eternity.
  
  source
khannie@lemmy.world ⁨3⁩ ⁨weeks⁩ ago

developer verification can be disabled, bypassed, or worked with

In reality, this is useless given the technical capabilities (or access to the technology necessary) of nearly every android user. What percentage of them do you think has the capacity or capability to use ADB?

you called it sideloading removal, which it isn’t.

Strictly it ticks the box, however effectively it is sideloading removal. Arguing otherwise honestly makes me think you work for them. It’s such obvious marketing bullshit “Oh, we left this tiny window open to tick the box which people can use, but almost certainly not you and even if you are capable, it’s a pain in the arse”. There are 7 intelligent people in my house. I’m the only one capable of using ADB without enormous effort, making it a deliberately huge barrier and even I’m not going to do it to install a trusted open source app.

Let’s be clear; the only reason they left that little window open was to have people like you say “no, sideloading is still possible” to cover their arses legally and also for actual developers, not because they care about an open ecosystem.

source
- lmmarsano@lemmynsfw.com ⁨2⁩ ⁨weeks⁩ ago
  What percentage of them do you think has the capacity and capability to use ADB?
  
  All of them: they can follow instructions, plug a cable, and push buttons if they really want to. Most won’t bother: capacity isn’t willpower.
  
  it’s a pain in the arse
  
  That’s the idea: welcome to an effective deterrent.
  
  even I’m not going to do it to install a trusted open source app
  
  Good, then it’ll deter as designed.
  
  the only reason
  
  Nah, the use cases are legitimate:
  
  It will actually deter installation of malicious software once it’s been identified & flagged that way in their system.
  
  It also verifies install packages haven’t been tampered (possibly maliciously) from their original releases.
  
  Malicious software on devices connected to everything including highly sensitive information poses high-cost risks that you & casual users overlook because muh inconvenience 😭. If casual users can’t bother with a straightforward procedure as you say, then how prepared are they to handle the real challenges of a successful attack?
  
  From a security perspective, it makes sense for OS designers to choose to limit exposure to that threat to power users who can be expected to at least have a better idea of what they’re getting themselves into.
  
  source
  - khannie@lemmy.world ⁨2⁩ ⁨weeks⁩ ago
    Google employee confirmed. Absolute trash reasoning verging on trolling it’s so ridiculous. Wild that you arguing so vehemently in favour of reduced access to use your hardware the way you want.
    
    All of them
    
    Laughable. You’ve obviously never worked in any kind of customer support role.
    
    Most people are going to melt at the steps necessary to use adb.
    
    capacity isn’t willpower.
    
    By capacity I meant access to hardware. There are so many people in poorer countries out there that don’t have a laptop, permission to start using one for installing adb on it but also have an android phone.
    
    welcome to an effective deterrent.
    
    I don’t want an effective deterrent that effectively kills fdroid and the like. That’s the whole point. I’ve favoured android because it’s more open. The talking points in favour of it pale in comparison to the loss of freedom.
    
    Honestly just jog on. Please.
    
    source