We really really need an open OS for mobile phones that is actually competitive with commercial offerings.
I don't think the OS is the problem - it's that some of the critical service/apps people rely on (government ID, banking) only exist for the closed systems. Third party OS's try to "solve" it through various container approaches running the official apps, but since they see that as a security problem it's not something you can fully trust to be working at all times.
That's the only reason I'm still on android. If I install a different OS I won't be able to login to do anything government related. I won't even be able to pay with my credit card online. I could get a physical code device from the government, but I'm not gonna lie, I really like the ease of access of having an app for that stuff, instead of a seperate device I have to have on me at all times.
All those "apps" are websites. You could say NFC is special, but so is gps.
Exactly. Locking basic services behind apps should be illegal. Services must be accessible to everyone.
same goes for the weather app ...
(context: some years ago they locked the publicly-funded german weather service's API, so common people can't access it anymore. you need to use a spam-ridden app to access it now.)
You know, it's true - I have never heard a Linux user refer to something as sideloading, even though Linux is the platform that originated official software repositories.
The key thing to understand is that there's a big fucking difference between a "repository" and an "app store." One is designed for the convenience of users; the other is designed to exploit them.
Exactly right. The message of the post is that "side-loading" is only used in reference to exploitation services. We could just as easily refer to side loading in Linux and it would be accurate in every way, except that there is no exploitation.
It's literally the exception that proves the rule.
This does feel like a bit of a double-standard to me. I’ve hated how Microsoft and Apple have introduced app stores on Windows and macOS and try to push people to only install from there instead of directly from the developer. And yet on Linux the advice seems to be never ever download directly from the developer; you should only download from the package repository provided by your OS (which sure feels like an App Store). And that package probably wasn’t even provided by the developer or the OS but some random volunteer that you just assume has good intentions.
The key difference is that one is advised, the other is enforced.
If you used Linux before the repos were fully developed then you understand why they were created.
Who else remembers "dependency hell?"
Corpos just took the same idea and twisted it into something else.
My package manager installs all of the dependencies the program needs and takes care of updates, too. If I install directly from the developer, I have to do all that myself. Fuck that.
Nothing ever comes “directly from the developer”, and any developer that attempts to do so ends up in a level of hell not yet documented. There are way too many distros, way too many architectures, way too many moving targets, that also includes iOS, macOS and Windows. No single developer can hit them all. There's no standard packaging either. So, usually they only package for one or a handful of popular distros, or one container format. But that's the magic of FOSS. Anyone can take the source code and repackage it, redistribute it and make it available for others. This is assumed to be a strength and not a weakness of FOSS and Linux. Thus, the distros create their own official repositories where they make themselves responsible that everything will mostly work nicely with one another.
The difference is that package repositories are safe havens of compatibility. While appStores are enforced cages that cannot be escaped. If a package repository tries to fuck up with users, hurt the FOSS space (looking at you Ubuntu Snaps), or gets compromised by a bad actor; you just move to another repository, another distro, a different format, another safe space. If Android or Apple decides to enshittify and fuck over customers, users, get compromised or do something to hurt developers, you are fuck out of luck. This difference matters.
My feed is curated by the Illuminati
That's what they want you to think.
They claim this is about security but when your system is compromised there is fuck all they will do to help you.
Fucking hypocritical, control-hungry pricks.
nudging the EU with a stick Come on, do something
Plot twist: EU enacts Chat Control.
It was said you were to destroy the Sith, not join them!
The number of people I encounter, even on Lemmy, that genuinely believe and rigorously argue that being able to install or distribute software on devices you own is actually bad because “security” is beyond horrifying to me. They have been brainwashed into thinking that corporate monopolies are not only acceptable but desirable because you can completely and blindly trust Mom’s Old Fashioned Robot Oil to make all your decisions for you, for a modest fee and no opting out, of course.
This is why society is collapsing.
Megacorps gonna megacorp.
Monopolies gonna monopoly.
We can fight these giants by not using their services & products.
It only gets harder to fight them the more we give in.
I can't even get people to switch to LibreOffice, not cuz they use some advanced MS Office feature but because the interface "looks dated". So they'd rather pay a subscription for life to use software that spies on them than download free software that does what they need but has a 2010s style interface.
Humans suck so much.
I finally want to switch to android and boom: Custom ROMs and "sideloading" gets swept off the platter. Well ok I guess I‘ll just wait for a good linux mobile OS
So annoyed that just bought a Pixel 8a for Graphene. I thought I'd get to use it til 2030 when it stops getting security patches and now I might not even get a full year out of it.
I strongly disagree. There is absolutely a use case for my mom not needing me to wipe her phone every time she tries to get Duolingo or whatever.
There is no scenario where an entire segment of devices should be locked to two companies having full control of what software can run worldwide, though. That part demands regulatory intervention.
One person's inability to use a common device is not an excuse to make it worse for everyone else.
My parents are pretty incompetent when it comes to tech, but it wasn't difficult for them to understand not to install random shit and call if in doubt.
It's not one person, it's the vast majority of the userbase.
Which, to be clear, is again not a reason to have a duopoly decide what software can be made or executed in the first place. It's fine to have Google decide what the Play store will carry, and it's even fine for Android devices to require a manual bypass to run unsigned software. It's not fine for Apple and Google (and I guess Huawei by necessity) to have final arbitrary say on what software is acceptable on all handheld mobile devices.
That's the same argument people used to praise Microsoft for forcing mandatory updates.
Every year they force untested updates breaking the OS or even bricking the hardware.
And Windows is still vulnerable despite the updates.
You're right that there's value in having a software repository with "vetted" apps in it. And at the same time, there's a difference between "here's stuff we've done some kind of due diligence on" and "you aren't allowed to install anything we haven't okayed." That's what Apple and now Google are doing.
(I also think there's value in having a word like "sideload" to describe the action of installing software not in a repository. It's just that it's tied up now in this paternal attitude from the big companies)
This isn't a fight over security, or even the control to form a walled garden. This is to eliminate privacy, the ability to run anonymously written code. This forces every bit of code to be tied to a name and face. It shortens the legal legwork needed to pin down who made what, this will be used to eliminate anonymous groups compiling their own E2EE communication network. Time is important when your trying to use a compromised member of a group to make a honeypot trap.
Is this the context? https://mastodon.social/@arstechnica/115091392102147470
arstechnica@mastodon.social - Google will block sideloading of unverified Android apps starting next year
Google says it's no different than checking IDs at the airport.
https://arstechnica.com/gadgets/2025/08/google-will-block-sideloading-of-unverified-android-apps-starting-next-year/?utm_social-type=owned
I think that, with the current state of OSes like Windows and Android, there should be some minimal amount of friction to enabling installation of non-vetted apps. Maybe some switch that can't be enabled accidentally, or without understanding that there's risk involved (or at least a switch that can be disabled and password protected) for the sake of children or the elderly.
On the other hand, though, an OS should be built with enough security and sandboxing that no single application can brick your entire device without at least tapping through and giving it a ton of permissions; which means that the only remaining risk to the end user would be access to disinformation or other harmful content, or the risk of personal information exfiltration (i.e. phishing). At that point, a simple block list (or even just an allow list) maintained by a trusted guardian or third party would be sufficient to keep children or the elderly from harmful content, and whoops we've just invented the internet again.
I am once again begging for Boot2Gecko to become a thing.
Yeah I can accept some kind of "hey we can't verify this, you are on your own if you want to install" warning message, but if it prevents me then I don't want it.
These guys forget that they are an incredibly stark minority of users. Most users cannot be trusted to have free reign over their own system. We all know this to be true. You've troubleshot your grandma's Jitterbug phone that somehow had Internet Explorer toolbars installed onto it, you know this to be true.
Maybe there is no reasonable case for a developer to have any say over what you - specifically you, the guy who knows what "*nix" means - do with your hardware. But there are plenty of reasonable cases for the other 99.99% of users.
Posts like this are like a mechanic saying "There is no reason for a manufacturer to force drivers into having a catalytic converter in their own engine". Like... okay, maybe your car is special because you're a literal expert, but the rest of the world need that thing because they can't be trusted to manage their emissions on their own.
But these users can fuck their phone up perfectly fine with the offerings provided by the horribly curated play store and thats even intentional. I dont doubt there are also techilliterate users who seek out dodgy sites to sideload some shitty apk. But i dont believe google one bit this move is made to make the experience more secure for this subset of users. Its about as much control as possible over their platform because the line must go up.
You already can't "sideload" without navigating the options and going through a big scary pop-up saying you better know what you're doing. In other words, it's already locked down enough.
This is not about making grandma safe. It is about control.
That's fine. They should be LEGALLY required to allow ME to make that call and offer an avenue to allow me to remove it all.
Nobody is saying everyone's machine MUST be completely open and insecure.
But that's a far cry from giving me no recourse to make MY hardware do what I want it to.
And before anybody screams "liability", they're going to hold you to an EULA anyway - throw a couple lines in there.
Posts like this are like a mechanic saying “There is no reason for a manufacturer to force drivers into having a catalytic converter in their own engine”
It's more along the lines of "There's no reason for manufacturers to forbid my mechanic from installing a perfectly fine catalytic converter just because said manufacturer doesn't like it"
Giving manufacturers full control over the software users run will not end well. Why should google tolerate a browser that runs an adblock extension? Currently they do so because the alternative would be losing users to alternatives but if they have all android devices under control and make deals with most of the browser devs (it's all chromium already and firefox is almost entirely financed by google) then you'll find yourself forced to watch ads. This is what they're slowly creeping towards.
I'm probably going to spam this around a bit, since most people don't seem to know about it, but a reminder that FuriLabs has a (GNU+)Linux phone with decent spec.s and the ability to run Android app.s (from what I've heard) pretty decently: https://furilabs.com/
Biggest drawback is it's based on Halium. Usual growing pains of a new product/company apply but apparently the company is pretty responsive and their dev.s have worked with customers to get things like calling working with the carrier and bands of their country where it hasn't worked before so improvements move pretty quickly.
Collection of different experiences I've variously seen online over the last year or so:
I don't own one, myself, so I can't give any personal experience but I've seen it around for a few years now but most people don't seem to even know about it. Maybe there's a reason for that? But none I've ever seen anyone say.
I can only hope the EU will set Google straight, the way they did Apple.
A place to share screenshots of Microblog posts, whether from Mastodon, tumblr, ~~Twitter~~ X, KBin, Threads or elsewhere.
Created as an evolution of White People Twitter and other tweet-capture subreddits.
Rules:
Related communities:
