undefined | Better HN

0 points2OEH8eoCRo07d ago0 comments

Seems like a very reasonable compromise. What's the catch?

0 comments

fsh7d ago

I don't find it reasonable that Google wants to make me wait 24h to install software on a device I own.

ygjb7d ago

Meh. I get the annoyance, but it's a one time cost for a small subset of their users. I would prefer if there was a flow during device setup that allowed you to opt into developer mode (with all the attendant big scary warnings), but it's a pretty reasonable balance for the vast majority of their users. (I suspect the number of scammers that are able to get a victim to buy a whole new device and onboard it is probably very low).

jcul7d ago

Good point, having a once off advanced option to completely bypass this at device setup would be good.

Also, other commenters have mentioned that adb is unaffected by this which makes it seem like less of a problem, to me at least. Still inconvenient that even if you adb install fdroid you can't install apps directly from it.

izacus7d ago

Note that adb won't have the 24 hour cooldown if you're in such a hurry.

barnacs7d ago

Get with the newspeak, it's called "sideloading" now and your corporate overlords get to dictate the terms.

volkercraig7d ago

They'll just remove the "Advanced" ability in a few years once they've frog boiled people into jumping through hoops to use their phone the way they want.

janice19997d ago

Developers, including non-US citizens, are forced to give Google their government ID to distribute apps. This enables Google to track and censor projects, like NewPipe, an alternative open source Youtube frontend, by revoking signing permissions for developers.

MishaalRahman7d ago

>Developers, including non-US citizens, are forced to give Google their government ID to distribute apps.

Developers can choose to not undergo verification, thereby remaining anonymous. The only change is that their applications will need to be installed via ADB and/or this new advanced flow on certified Android devices.

Either way, you can still distribute your apps wherever you want. If you verify your identity, then there are no changes to the existing installation flow from a user perspective. If you choose not to verify your identity, then the installation will still be possible but only through high-friction methods (ADB, advanced flow). These methods are high-friction so anonymous scammers can't easily coerce their victims into installing malicious software.

Evidlo7d ago

My friend's little kid likes to make games that he and his friends can play. As far as I am aware, these apps don't require any permissions.

Are apps like this more dangerous than browsing to a website? I thought they were entirely sandboxed from the rest of the device?

1 more reply

codethief6d ago

> Developers can choose to not undergo verification, thereby remaining anonymous. The only change is […]

"The only change" – with all due respect, are you even listening to yourself? The "only change" is that you, as a developer, will be completely excluded from publishing apps in the Play Store and that people effectively won't be able to install your app anymore! (Unless you were targeting only e.g. F-Droid users to begin with, which very few apps do.)

In essence, you are cutting down on the privacy of tens of thousands of honest developers around the world in the name of protecting users from scammers and you're pretending that 1) it's a nothingburger and 2) developers have a choice.

1 more reply

codethief7d ago

This. Side loading being restricted is only one part of the problem; the other is mandatory developer verification for apps distributed through the Play Store.

occz7d ago

That's not correct - the flow described in the post outlines the requirements to install any apps that haven't had their signature registered with Google.

That means those apps still keep on existing, they are just more of a hassle to install.

2OEH8eoCRo0OP7d ago

I don't see that on the page

janice19997d ago

They already announced it. Here they only mention the special case where it does not apply:

> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.

i.e. Government-issued ID and fees are needed for more than 20 devices, e,g, every app on F-Droid

2 more replies

codethief7d ago

https://developer.android.com/developer-verification

Note that the OP is about side loading, i.e. installing apps from non-Play Store sources and thereby circumventing developer verification.

izacus7d ago

This is downright wrong.

Aachen7d ago

Care to elaborate then? It's in line with the announcements I've heard

1 more reply

hermanzegerman7d ago

That I have to wait 24 Hours on my own device to install software?

j / k navigate · click thread line to collapse

0 comments

fsh7d ago

I don't find it reasonable that Google wants to make me wait 24h to install software on a device I own.

ygjb7d ago

jcul7d ago

Good point, having a once off advanced option to completely bypass this at device setup would be good.

izacus7d ago

Note that adb won't have the 24 hour cooldown if you're in such a hurry.

barnacs7d ago

Get with the newspeak, it's called "sideloading" now and your corporate overlords get to dictate the terms.

volkercraig7d ago

They'll just remove the "Advanced" ability in a few years once they've frog boiled people into jumping through hoops to use their phone the way they want.

janice19997d ago

MishaalRahman7d ago

>Developers, including non-US citizens, are forced to give Google their government ID to distribute apps.

Evidlo7d ago

My friend's little kid likes to make games that he and his friends can play. As far as I am aware, these apps don't require any permissions.

Are apps like this more dangerous than browsing to a website? I thought they were entirely sandboxed from the rest of the device?

1 more reply

codethief6d ago

> Developers can choose to not undergo verification, thereby remaining anonymous. The only change is […]

1 more reply

codethief7d ago

This. Side loading being restricted is only one part of the problem; the other is mandatory developer verification for apps distributed through the Play Store.

occz7d ago

That's not correct - the flow described in the post outlines the requirements to install any apps that haven't had their signature registered with Google.

That means those apps still keep on existing, they are just more of a hassle to install.

2OEH8eoCRo0OP7d ago

I don't see that on the page

janice19997d ago

They already announced it. Here they only mention the special case where it does not apply:

i.e. Government-issued ID and fees are needed for more than 20 devices, e,g, every app on F-Droid

2 more replies

codethief7d ago

https://developer.android.com/developer-verification

Note that the OP is about side loading, i.e. installing apps from non-Play Store sources and thereby circumventing developer verification.

izacus7d ago

This is downright wrong.

Aachen7d ago

Care to elaborate then? It's in line with the announcements I've heard

1 more reply

hermanzegerman7d ago

That I have to wait 24 Hours on my own device to install software?

j / k navigate · click thread line to collapse