undefined | Better HN

0 pointssowbug7mo ago0 comments

If I were designing the advanced flow, I'd require the decision to be made at phone setup time. Changing your mind later requires a factory reset.

Real sideloaders (F-Droid users, etc.) know at setup time that that's how they'll be using their phone, so it works for them. But ordinary users who are targets for sideloading malware will become a lot less attractive if attackers must convince them to wipe their phone to complete the coercive instructions.

Aliexpress has a similar approach to protect their accounts from takeovers. If you change or forget your password, all your saved payment methods are erased. This makes the account less valuable to an attacker, at the cost of a little pain to authentic account holders.

0 pointssowbug7mo ago0 comments

If I were designing the advanced flow, I'd require the decision to be made at phone setup time. Changing your mind later requires a factory reset.

0 comments

6 comments · 6 top-level

2019847mo ago

No, that's ridiculous. If I want to send an app to someone, now they have to wipe their phone to install it? That would kill installing non-Play apps far more than Google's original proposal.

arcfour7mo ago

I hadn't installed a non-Play Store app for something like 5 years until this year. I don't see why I should have been forced to factory reset my phone then.

archon8107mo ago

Forgive my bluntness, but I hope you are never allowed on the Android team or near any significant UX decisions on any devices or apps I use or will use.

g-b-r7mo ago

Great, at phone setup when many people don't know anything about the implications of the choice.

And factory reset when it's impossible to backup and restore everything, or anything at all without a Google account

eviks7mo ago

But wiping your phone isn't "a little pain"

cesarb7mo ago

> Real sideloaders (F-Droid users, etc.)

When using F-Droid, I don't think of myself as a "sideloader". I'm using an app store (F-Droid), not installing some random APKs.

(Yes, the F-Droid store app had to be "sideloaded". Once. It updates itself. If or when Google allows alternate store apps in their store app, even that would no longer be necessary.)

j / k navigate · click thread line to collapse