Language : microblogmemes

[-] ilinamorato@lemmy.world 1 points 2 minutes ago* (last edited 2 minutes ago)

I think that, with the current state of OSes like Windows and Android, there should be some minimal amount of friction to enabling installation of non-vetted apps. Maybe some switch that can't be enabled accidentally, or without understanding that there's risk involved (or at least a switch that can be disabled and password protected) for the sake of children or the elderly.

On the other hand, though, an OS should be built with enough security and sandboxing that no single application can brick your entire device without at least tapping through and giving it a ton of permissions; which means that the only remaining risk to the end user would be access to disinformation or other harmful content, or the risk of personal information exfiltration (i.e. phishing). At that point, a simple block list (or even just an allow list) maintained by a trusted guardian or third party would be sufficient to keep children or the elderly from harmful content, and whoops we've just invented the internet again.

I am once again begging for Boot2Gecko to become a thing.

[-] MudMan@fedia.io 30 points 2 hours ago

I strongly disagree. There is absolutely a use case for my mom not needing me to wipe her phone every time she tries to get Duolingo or whatever.

There is no scenario where an entire segment of devices should be locked to two companies having full control of what software can run worldwide, though. That part demands regulatory intervention.

[-] sanpo@sopuli.xyz 52 points 2 hours ago

One person's inability to use a common device is not an excuse to make it worse for everyone else.

My parents are pretty incompetent when it comes to tech, but it wasn't difficult for them to understand not to install random shit and call if in doubt.

[-] MudMan@fedia.io 12 points 1 hour ago

It's not one person, it's the vast majority of the userbase.

Which, to be clear, is again not a reason to have a duopoly decide what software can be made or executed in the first place. It's fine to have Google decide what the Play store will carry, and it's even fine for Android devices to require a manual bypass to run unsigned software. It's not fine for Apple and Google (and I guess Huawei by necessity) to have final arbitrary say on what software is acceptable on all handheld mobile devices.

[-] sanpo@sopuli.xyz 10 points 1 hour ago

That's the same argument people used to praise Microsoft for forcing mandatory updates.

Every year they force untested updates breaking the OS or even bricking the hardware.
And Windows is still vulnerable despite the updates.

[-] MudMan@fedia.io 3 points 1 hour ago

This is weird in so many ways I have a hard time keeping track.

I mean, no, it's not the same argument. One thing is about how when you have billions of handheld devices largely meant to function as out-of-the-box platforms for specific uses for non-tech savvy users it helps to have them locked out of the box to minimize software issues and maintenance. The other is about peace of mind and automated upkeep during downtime.

But at the same time... yeah, automated updates (which is not the same as mandatory updates) are a good thing. Especially for mainstream home computers that don't have a sysadmin looking after them from a centralized location and have their upkeep down to whatever an individual user decides to do and when. There's a reason a number of Linux distros meant for home devices also install updates in the background. It's a good idea for gaming devices and home computers. The thing that used to piss people off about MS updates is that they used to interrupt people's work to make them happen, which was exceedingly stupid.

None of which has anything to do with Windows or Microsoft pushing bad updates. Bad updates are bad and they aren't any better for not being automated. Nobody cares if you updated yourself or the OS did it for you. If the system pushes a bad patch that bricks your system that's really bad. That should never happen. For the record, it has happened to me way more often on Linux, but your mileage may vary.

And nooone of that has anything to do with vulnerabilities persisting. All systems have vulnerabilities. It's about striking the right balance between how bad those are and how practical it is to close them up. You keep things as secure as you can while keeping them usable, based on what they are being used for.

[-] sanpo@sopuli.xyz 6 points 55 minutes ago

What exactly are you trying to argue here?

You say automated updates good, mandatory updates maybe not?
But there's no difference on Windows, that's the point. You, as a user, get no choice.

You will get broken updates and unwanted features whenever they decide, because it's ultimately about the same thing with both MS and Android: taking away your control of your devices.

[-] LesserAbe@lemmy.world 24 points 1 hour ago

You're right that there's value in having a software repository with "vetted" apps in it. And at the same time, there's a difference between "here's stuff we've done some kind of due diligence on" and "you aren't allowed to install anything we haven't okayed." That's what Apple and now Google are doing.

(I also think there's value in having a word like "sideload" to describe the action of installing software not in a repository. It's just that it's tied up now in this paternal attitude from the big companies)

[-] MudMan@fedia.io 2 points 1 hour ago

Yep. No disagreement from me on any of that.

At most I'd argue that I don't mind that Apple does that as long as someone else does not. If Apple wants to have a closed system that's all good, but from the perspective of regulation and anti-trust you can't have EVERY platform be closed. You need at least one viable open competitor to prevent the owners of the hardware from owning all the software by definition. It's just like I don't have a problem with Nintendo needing to certify all the games on the Switch as long as there is a Steam Deck, or Sony certifying PS5 games as long as you can run games on a PC.

But if all the software on the planet had to be on either the PS5 store or the Nintendo eShop I would absolutely have a problem with those being locked down. That's what this shift means for the mobile market.

[-] 5too@lemmy.world 3 points 1 hour ago

That just sounds like the system needs a separate "Admin" mode to do things like that. Your mom can take the risk of messing with that herself (which can be very educational!), or leave that for you or someone else to handle. But that would let her make a more informed choice, even without technical ability.

[-] makyo@lemmy.world 2 points 1 hour ago

Yeah this is where I'm at too, there is no reason these device makers should be locking us out of doing what we want with our phones. Their app store can exist along side other install options and compete on usability instead of monopoly.

[-] gedaliyah@lemmy.world 53 points 3 hours ago

You know, it's true - I have never heard a Linux user refer to something as sideloading, even though Linux is the platform that originated official software repositories.

[-] grue@lemmy.world 5 points 32 minutes ago

The key thing to understand is that there's a big fucking difference between a "repository" and an "app store." One is designed for the convenience of users; the other is designed to exploit them.

[-] jqubed@lemmy.world 22 points 3 hours ago

This does feel like a bit of a double-standard to me. I’ve hated how Microsoft and Apple have introduced app stores on Windows and macOS and try to push people to only install from there instead of directly from the developer. And yet on Linux the advice seems to be never ever download directly from the developer; you should only download from the package repository provided by your OS (which sure feels like an App Store). And that package probably wasn’t even provided by the developer or the OS but some random volunteer that you just assume has good intentions.

[-] dustyData@lemmy.world 6 points 35 minutes ago

Nothing ever comes “directly from the developer”, and any developer that attempts to do so ends up in a level of hell not yet documented. There are way too many distros, way too many architectures, way too many moving targets, that also includes iOS, macOS and Windows. No single developer can hit them all. There's no standard packaging either. So, usually they only package for one or a handful of popular distros, or one container format. But that's the magic of FOSS. Anyone can take the source code and repackage it, redistribute it and make it available for others. This is assumed to be a strength and not a weakness of FOSS and Linux. Thus, the distros create their own official repositories where they make themselves responsible that everything will mostly work nicely with one another.

The difference is that package repositories are safe havens of compatibility. While appStores are enforced cages that cannot be escaped. If a package repository tries to fuck up with users, hurt the FOSS space (looking at you Ubuntu Snaps), or gets compromised by a bad actor; you just move to another repository, another distro, a different format, another safe space. If Android or Apple decides to enshittify and fuck over customers, users, get compromised or do something to hurt developers, you are fuck out of luck. This difference matters.

[-] zarkanian@sh.itjust.works 8 points 1 hour ago

My package manager installs all of the dependencies the program needs and takes care of updates, too. If I install directly from the developer, I have to do all that myself. Fuck that.

[-] javiwhite@feddit.uk 32 points 2 hours ago

The key difference is that one is advised, the other is enforced.

[-] gedaliyah@lemmy.world 33 points 3 hours ago

If you used Linux before the repos were fully developed then you understand why they were created.

Who else remembers "dependency hell?"

Corpos just took the same idea and twisted it into something else.

[-] zarkanian@sh.itjust.works 4 points 1 hour ago

Dependency hell was what drove me back to Windows. Fortunately, I didn't stay there and I learned how to apt-get.

[-] Venus_Ziegenfalle@feddit.org 69 points 4 hours ago

My feed is curated by the Illuminati

[-] ConstantPain@lemmy.world 4 points 1 hour ago

Only in the US, I guess. In my country and in Europe this will not fly...

[-] sukhmel@programming.dev 2 points 44 minutes ago* (last edited 43 minutes ago)

We can hope…

edit

To clarify, I hope it will not fly outside the US, but looking at the world around I feel this is not very realistic hope

[-] not_IO 5 points 2 hours ago

they are everywhere one just has to learn how to read the signs 🔝🔜⚛️

(/s)

[-] miss_demeanour@lemmy.dbzer0.com 10 points 3 hours ago

That's what they want you to think.

[-] Opisek@lemmy.world 22 points 3 hours ago

nudging the EU with a stick Come on, do something

[-] Vikthor@lemmy.world 17 points 2 hours ago

Plot twist: EU enacts Chat Control.

[-] Opisek@lemmy.world 9 points 2 hours ago

It was said you were to destroy the Sith, not join them!

[-] Diplomjodler3@lemmy.world 93 points 4 hours ago

We really really need an open OS for mobile phones that is actually competitive with commercial offerings.

[-] troed@fedia.io 62 points 4 hours ago

I don't think the OS is the problem - it's that some of the critical service/apps people rely on (government ID, banking) only exist for the closed systems. Third party OS's try to "solve" it through various container approaches running the official apps, but since they see that as a security problem it's not something you can fully trust to be working at all times.

[-] MBech@feddit.dk 26 points 3 hours ago

That's the only reason I'm still on android. If I install a different OS I won't be able to login to do anything government related. I won't even be able to pay with my credit card online. I could get a physical code device from the government, but I'm not gonna lie, I really like the ease of access of having an app for that stuff, instead of a seperate device I have to have on me at all times.

[-] gens@programming.dev 13 points 4 hours ago

All those "apps" are websites. You could say NFC is special, but so is gps.

[-] nekusoul@lemmy.nekusoul.de 6 points 1 hour ago

Exactly. Locking basic services behind apps should be illegal. Services must be accessible to everyone.

[-] NeatNit@discuss.tchncs.de 19 points 4 hours ago* (last edited 3 hours ago)

Is this the context? https://mastodon.social/@arstechnica/115091392102147470

arstechnica@mastodon.social - Google will block sideloading of unverified Android apps starting next year
Google says it's no different than checking IDs at the airport.
https://arstechnica.com/gadgets/2025/08/google-will-block-sideloading-of-unverified-android-apps-starting-next-year/?utm_social-type=owned

[-] Chozo@fedia.io 14 points 4 hours ago

These guys forget that they are an incredibly stark minority of users. Most users cannot be trusted to have free reign over their own system. We all know this to be true. You've troubleshot your grandma's Jitterbug phone that somehow had Internet Explorer toolbars installed onto it, you know this to be true.

Maybe there is no reasonable case for a developer to have any say over what you - specifically you, the guy who knows what "*nix" means - do with your hardware. But there are plenty of reasonable cases for the other 99.99% of users.

Posts like this are like a mechanic saying "There is no reason for a manufacturer to force drivers into having a catalytic converter in their own engine". Like... okay, maybe your car is special because you're a literal expert, but the rest of the world need that thing because they can't be trusted to manage their emissions on their own.

[-] grue@lemmy.world 2 points 27 minutes ago* (last edited 26 minutes ago)

Why do you hate property rights?

Because that's what your argument actually boils down to: utter and complete contempt for users' property rights. You're advocating for subjugating them to corporations as technofeudal serfs.

You know this to be true.

[-] Chozo@fedia.io 1 points 24 minutes ago

You've made up some things there. My concern is that the OP is a poor argument for the point it's trying to make. Not sure where you invented the rest of that bullshit from.

[-] grue@lemmy.world 1 points 15 minutes ago

I didn't make up a damn thing. You clearly and obviously hate property rights. That's the only reason you could possibly justify trying to take them away from people. Just admit it.

Claiming that corporations -- not governments, corporations, which is why your catalytic converter analogy was bullshit BTW -- need to self-servingly restrict people in the name of "protecting" them is fucking dishonest and you know it.

[-] Chozo@fedia.io 1 points 12 minutes ago

Cool, I never claimed anything even close to what you just vomited out. Here's what I did say, though:

The problem I take is with the argument the OP presents, because it incorrectly suggests that the average user has (or should have) an expert-level knowledge of their devices. Safety rails exist for a reason. Yes, they're going too far; but no, removing them outright would not be the better solution.

That's all I was claiming, my guy. Go find your "gotcha" moment somewhere else, because it ain't here.

[-] grue@lemmy.world 1 points 5 minutes ago* (last edited 4 minutes ago)

What's being discussed here isn't "safety rails," though. Why are you lying?

Android already had "safety rails," which is why installing from sources other than the Play Store was called "sideloading" and not just "loading." What's happening now is that Google is turning those barriers against the users and building a cage to imprison them instead.

People need to understand how fucking despicable and beyond the pale this shit actually is, yet you're making excuses for it instead. What the fuck.

[-] Chozo@fedia.io 1 points 2 minutes ago

Yes, you've identified that there are multiple rails. Arguably, too many. It's almost like I pointed that out already.

Yes, they're going too far

Are you illiterate or just trolling?

[-] DeathByBigSad@sh.itjust.works 4 points 1 hour ago

People cannot be trusted to govern themselves, this is why I am supporting the redcoats. HAIL KING GEORGE III! /s

[-] Feyd@programming.dev 22 points 3 hours ago

You already can't "sideload" without navigating the options and going through a big scary pop-up saying you better know what you're doing. In other words, it's already locked down enough.

This is not about making grandma safe. It is about control.

[-] mycodesucks@lemmy.world 21 points 3 hours ago* (last edited 3 hours ago)

That's fine. They should be LEGALLY required to allow ME to make that call and offer an avenue to allow me to remove it all.

Nobody is saying everyone's machine MUST be completely open and insecure.

But that's a far cry from giving me no recourse to make MY hardware do what I want it to.

And before anybody screams "liability", they're going to hold you to an EULA anyway - throw a couple lines in there.

[-] Chozo@fedia.io 1 points 1 hour ago

Nobody is saying everyone's machine MUST be completely open and insecure.

Neither am I. I don't disagree that Google is overstepping with the restrictions they're imposing lately. It's a point I'll damn well argue, myself.

The problem I take is with the argument the OP presents, because it incorrectly suggests that the average user has (or should have) an expert-level knowledge of their devices. Safety rails exist for a reason. Yes, they're going too far; but no, removing them outright would not be the better solution.

[-] Brett@feddit.org 30 points 3 hours ago

But these users can fuck their phone up perfectly fine with the offerings provided by the horribly curated play store and thats even intentional. I dont doubt there are also techilliterate users who seek out dodgy sites to sideload some shitty apk. But i dont believe google one bit this move is made to make the experience more secure for this subset of users. Its about as much control as possible over their platform because the line must go up.

[-] Chozo@fedia.io 1 points 1 hour ago

But i dont believe google one bit this move is made to make the experience more secure for this subset of users.

It's in their financial interests if their platforms aren't synonymous with data breaches. So yes, the security of users is a prerequisite to their profit-driven goals.

[-] justsomeguy@lemmy.world 12 points 3 hours ago

Posts like this are like a mechanic saying “There is no reason for a manufacturer to force drivers into having a catalytic converter in their own engine”

It's more along the lines of "There's no reason for manufacturers to forbid my mechanic from installing a perfectly fine catalytic converter just because said manufacturer doesn't like it"

Giving manufacturers full control over the software users run will not end well. Why should google tolerate a browser that runs an adblock extension? Currently they do so because the alternative would be losing users to alternatives but if they have all android devices under control and make deals with most of the browser devs (it's all chromium already and firefox is almost entirely financed by google) then you'll find yourself forced to watch ads. This is what they're slowly creeping towards.

[-] Luffy879@lemmy.ml 6 points 3 hours ago

That would be true, if the Play store was curated any better.

You can still upload malware to the Play store. It happened numerous times, both on the Apple side, and on the Google Side.

Restricting your choice from 2 places of dodgy places to 1 dodgy place does nothing.

[-] Karyoplasma@discuss.tchncs.de 15 points 4 hours ago

B-b-but brand integrity! Customers love that! (Shareholders too)

[-] Toneswirly@lemmy.world 7 points 4 hours ago

The "reasonable case" is the law, and they will use it against you without mercy

Microblog Memes