Google Restricts Android Sideloading—What It Means for User Autonomy and the Future of Mobile Freedom – Purism
Technology
89
Beiträge
60
Kommentatoren
0
Aufrufe
-
The restrictions on apk access over the past 10 years have already been an annoying pita. Many of the best power user apks have had to gut themselves over their original functionality, all while obtaining root access over your owned devices has become harder or next to impossible.
Let them keep those. I hereby declare that if I don't own the thing, I ain't buying it. So no root, no $$$.
-
I’d be telling them to provide a work phone.
I did honestly think about this, but its honestly more trouble than it's worth. Carrying around two phones is just kind of am eh experience, plus I'm new, and I don't wanna be that guy. If I kept having issues with it, that is probably the route I would have ended up taking, but it's working as expected now. I'm not a FOSS purest or anything either way. I have a librebooted thinkpad, but I also have several proprietary apps on my phone. Its all about usability for me.
-
Let them keep those. I hereby declare that if I don't own the thing, I ain't buying it. So no root, no $$$.
Yeah, but I still really like my micro SD card slot and pen on my note 20 ultra. Dunno what I'll do when I have to replace it.
-
Are they talking about the changes that were made that allow a dev to prevent their app from launching if it fails a Play integrity check?
If so I don’t see that as a big deal since it is up to the dev to use it. OSS devs that want to distribute their app via apk download won’t enable it, and anyone distributing cracked apks will just disable that along with whatever other changes they are making.
Some apps only require 'basic' play integrity verification, but now check to see if they're installed via the Play Store. They refuse to run if they're installed via an alternative source.
This has been a problem for GrapheneOS, since some apps filter themselves out of the Play Store search if you don't pass strong play integrity, despite the fact that they don't require it. Luckily Graphene now had a bypass for this.
-
This post did not contain any content.
Eh, if you are still on a Gservices Version of Android you are lost anyway
So I just urge y'all to step back and watch at this clownshow.
-
This post did not contain any content.
There is exactly one app I use that is available only on play store - my bank.
I don't really need the app.
They have a website.
I have a few phones, just got one that now has grapheneOS.
I've been using it for a few weeks to see how it works before I switch over anything to use it as my main. it has a lot of very interesting privacy/security features to test out.
Either way, I don't get anything from the play store anymore.
It's F(L)OSS or a website.
As god intended.
-
I haven't seen proper reporting but the Play Integrity install source thing is accurate. There's a reasonably good overview straight from the devil himself.
Lots of things that have very valid reasons on paper that also just happen to give Google a stupid amount of control and will backfire for a somewhat small percentage of people in very bad ways. We've been at "you can't use pretty much any bank unless you agree to either Google or Apple terms" for quite some years now, now we're giving those same app developers ways to detect if their device has accessibility APIs enabled (useful to protect against bot farms, but also a functional check for "you're able-bodied") or is in security support (also a functional check for "not reliant on hand-me-downs").
Lol. So this API for 'security' and 'integrity' basically has a built in malware trojan:
Avoid caching integrity verdicts
Caching integrity verdicts increases the risk of proxying, which is an attack where a bad actor reuses a verdict from a good device for abusive purposes in another environment. Instead of caching responses, you can make a standard API request to get a verdict on demand. -
From the article it sounds like the limitations come for some app types downloaded directly from a browser. I think this doesn't affect alternate app stores like f-droid where you are effectively delegating approval to their process.
I have come across the other limitations mentioned with the Home Assistant companion app which I could only get matter registration to work with the version downloaded from the Play store.
It's funny because one browser I use is downloaded from the browsers website which I then use to install the update to said browser.
Google needs a Luigi.
-
This post did not contain any content.
Degoogled ROMs are gonna be the bomb in the future.
-
Degoogled ROMs are gonna be the bomb in the future.
Maybe you should curb your enthusiasm a bit. have you seen what it take to unlock the bootloader from most manufacturers? you might even need your grandma's birth certificate before you're allowed to do so in the future
-
This post did not contain any content.
This is an ad
-
Yeah, but I still really like my micro SD card slot and pen on my note 20 ultra. Dunno what I'll do when I have to replace it.
The pen is the only reason I have stuck with Samsung. If they made a Pixel with a smart pen that I could put GrapheneOS on I'd buy it in a second.
-
The pen is the only reason I have stuck with Samsung. If they made a Pixel with a smart pen that I could put GrapheneOS on I'd buy it in a second.
Yeah. Id pick up a redmi 10+ pro if it had a pen and sacrifice away the SD card slot. Id at least have a huge battery and awesome cooling.
-
Maybe you should curb your enthusiasm a bit. have you seen what it take to unlock the bootloader from most manufacturers? you might even need your grandma's birth certificate before you're allowed to do so in the future
I am aware, but what choices do we have? I for one stopped using banking apps in my Android phone, not a big deal, we didn't have banking apps there pre 2007 right?
I know not everyone can do it, but we can fight back in our own ways.
And voting with your wallet should be an obvious statement at this point.
-
I am aware, but what choices do we have? I for one stopped using banking apps in my Android phone, not a big deal, we didn't have banking apps there pre 2007 right?
I know not everyone can do it, but we can fight back in our own ways.
And voting with your wallet should be an obvious statement at this point.
CalyxOS works with most banking apps, and is don't degoogled.
-
The problem comes when it's not an app you're using for the app's sake, but because it's the app of some company you have a real-world relationship with. Your bank's app being the most important one that comes to my mind, considering I've already heard about some banks trying to restrict users to only Google's flavour of Android before this.
Honestly other than a fingerprint lock, I've found the apps suck compared to just a browser on a PC anyhow. Half the apps could just be webpages, and a bunch of those are just wrappers to a web rendering layer anyhow
-
This post did not contain any content.
This sucks, I don't want a world where o have to carry around 2 devices (a private one and a standard spyware one)
-
This is an ad
Its a straight ad
-
This post did not contain any content.
This article is a thinly veiled ad paired with fearmongering to get gullible users to buy the shit phones they sell (or not, some people have been on "waitlists" for 5+ years after providing a full payment).
Granted, their phones are fully open, but have next to no apps.
Personally I'll stick with Android 12, rooted, and see what the future brings.
-
Aaaaand now I'm carrying around a laptop again, at least mini pcs are tiny now, maybe a small handheld would do...
if any of this shit hinders me, I'll get a dumb phone and the cheapest iphone available for manditory work-based things and say so-long to being a mobile OS user.
Just FYI, no, F-Droid will not be impacted.
Links in this comment explain, they are incorrect about how F-Droid works.
