Comment on Did we win?
Zedstrian@sopuli.xyz 3 weeks ago
Making users wait 24 hours doesn’t improve security; it’s an anti-competitive change designed to make the Google Play store seem like less of a hassle in comparison.
Comment on Did we win?
Zedstrian@sopuli.xyz 3 weeks ago
Making users wait 24 hours doesn’t improve security; it’s an anti-competitive change designed to make the Google Play store seem like less of a hassle in comparison.
over_clox@lemmy.world 3 weeks ago
I can actually see where it can improve security against scammers trying to scam elderly and non-tech savvy people.
For the rest of us that know our way around Android, it’s just a one time annoyance, after completing all the steps to enable sideloading, you won’t have to wait 24 hours anymore.
pennomi@lemmy.world 3 weeks ago
It’s going to be effective, but it’s a sad world where you have to create a total nanny state because there exist a subset of users who are INCREDIBLY stupid.
PseudorandomNoise@lemmy.dbzer0.com 3 weeks ago
Is it still a subset when it’s the majority?
And to be honest, the level of effort scammers are willing to go through is shocking, and AI’s just making it easier for them.
ParlimentOfDoom@piefed.zip 3 weeks ago
Anything less than the whole is a subset, yes.
freeman@sh.itjust.works 3 weeks ago
Evidence that any significant percentage of people, never mind the majority, is getting scammed? Then how many of them via app installs?
Anivia@feddit.org 3 weeks ago
Is it? If you live in a country like India, then a single successful scam will be able to pay for years of living expenses
CainTheLongshot@lemmy.world 3 weeks ago
Something about the smartest bears vs the dumbest humans.
Cocodapuf@lemmy.world 3 weeks ago
It’s sad, but this is the world we live in. It’s constantly disappointing.
But I do want to push back a bit, the people getting scammed are not incredibly stupid, they’re incredibly vulnerable. They’re often people who are generally less tech savvy, but also they’re people who don’t have a lot to lose, it’s a bit counterintuitive, but it’s easier to scam people who take money very seriously.
Crozekiel@lemmy.zip 3 weeks ago
I’d believe that if most Pig Butchering scams weren’t using apps from Google Play already.
over_clox@lemmy.world 3 weeks ago
Fair enough, you have a point. Although, I do think the developer verification thing will make it easier for Google to weed out bad actor developers altogether.
Sure there’s no perfect solution, but at least they’re trying to make it a lot more difficult for the scammers out there, while still leaving power users a path to keep using Android the way we want.
Crozekiel@lemmy.zip 3 weeks ago
I think it is absolutely delusional to assume any of this actually has anything to do with security or safety of users. Google just wants more power and control over, well, everything they can get.
Pika@sh.itjust.works 3 weeks ago
Lets be real though, if they reached that stage, they have already blew through 4 other warnings about installing unsigned APK and enabled the browser or file manager to be able to install applications. It’s almost certain if they are that far deep/commited, they are going to call the scammer back if the scammer left a number.
Yes this might allow for a time delay where the scammers number could be disabled if reported by enough people but, I don’t think this is as secure as they are saying it will be.
over_clox@lemmy.world 3 weeks ago
Sadly, there’s truth in everything you say. Scammers are gonna be scammers, and they’ll just find a new technique plus the long standing social engineering to continue their efforts to rip people off of whatever they can.
Still, it’s something in the middleground, to help grandma be less likely to get scammed, while also giving power users an out and way to keep using their devices the way they want.
grandma@sh.itjust.works 2 weeks ago
I bet they will end up having granny use adb over WebUSB a la GrapheneOS
cageythree@lemmy.ml 3 weeks ago
Yeah, this would be the most promising approach IMO. Whenever I was forced to write something, I did pay more attention to what that said than if I ticked a box next to it.
Maybe even have them write “I am not instructed to install this app by someone else. I am aware that following instructions to install an app this way often have fraudulent intentions”.
(Also if the language was changed recently, it should ask to write it in all languages that were set within the last 14 days or so. Otherwise the scammer will have them switch the language so they don’t understand what they’re writing)
grue@lemmy.world 3 weeks ago
Ask Other Linus how well that sort of thing (“Yes, do as I say!”) works, LOL!
I agree with you that Google’s anti-competitive time delay BS is likely to be ineffective for its claimed purpose, but frankly, I don’t think any other reasonable strategies would be effective either. Honestly, there’s a limit to how much effort you should go through to save idiots from themselves – and how much annoyance you impose on everyone else in the process! – and I think we’ve already hit it.
Pika@sh.itjust.works 2 weeks ago
I have never seen that page before, but that’s hilarious. I somewhat hope that he did that as a demonstration of, hey, someone may do this because it’s hard for me to wrap my head around someone who uses a computer for a living, doing something like that.
Being said, I think that prompt went above and beyond what was needed. At some point you just need to let the user touch the hot stove top… It stated what it was going to do, stated that it was going to be potentially dangerous and unlikely what the user wanted, and then reiterated that it was core essential packages needed for it to run… I don’t know what else they could do there. I would definitely be against adding further restrictions though. If he was willing to type that in, I don’t know what would stop him from doing that, to be honest, Maybe a…" I acknowledge this would break my system…" instead of it being yes-do as I say. But I don’t know.
Being said hard agree there is zero reason that a package like steam should be able to uninstall your desktop., That was definitely a bug or a misconfiguration with the steam package. That was unexcusable. I just think they gave more than enough information of what that would do and he did it anyway.
I firmly agree at some point the ends don’t justify the means and Android has definitely got to that point with unsigned packages prior to making this change., And I don’t think the ends justify the means to implement such a system. And I definitely think there is ulterior motives for implementing it.
3abas@lemmy.world 3 weeks ago
Solution in search of a problem?
I have never seen a scam call involving sideloading an app on a phone… Why would they whenTeamViwer is in the Google app store?
over_clox@lemmy.world 3 weeks ago
Fuck I dunno, I haven’t used the Play Store since Covid lockdown. I rather prefer to sideload most apps and avoid Google for the most part anyways.
zzffyfajzkzhnsweqm@sh.itjust.works 3 weeks ago
Scammers almost always install remote desktop app from play store. This is just anti competitiveness…
DoucheBagMcSwag@lemmy.dbzer0.com 3 weeks ago
Do not redeem
BackgrndNoize@lemmy.world 3 weeks ago
This is only the first step, they will keep adding more bullshit like this in the name of security till you end up with a device that’s nothing more than a advertisement terminal for google
CorrectAlias@piefed.blahaj.zone 2 weeks ago
The problem with this is that most of the apps used in scams are already on the play store. I haven’t ever seen a scam which requests the user to download a third party app, although I’m sure it’s happened on occasion.
My point is that this won’t stop most scams, and primarily cause annoyance for actual power users.