75
don't let google alter the deal
(lemmy.blahaj.zone)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 01 May 2026
75 points (100.0% liked)
Privacy
9788 readers
17 users here now
A community for Lemmy users interested in privacy
Rules:
- Be civil
- No spam posting
- Keep posts on-topic
- No trolling
founded 2 years ago
MODERATORS
I support spreading this message, and fuck Google, but...what's actually happening is they are making harder to install apps, not removing the ability to do so.
https://grapheneos.social/@GrapheneOS/116489468836419322
After massive pushback. Their original plan was basically full control. It still is, but they'll allow you to install something if you ask nicely first.
The other issue is the timing. They can claim this is for security all they want, but it was announced suspiciously close to the courts ruling that Google needed to open up their ecosystem to other app stores. This is a blatant attempt to keep control of the app ecosystem by forcing devs to go through Google regardless of where they intend to release.
I'm not happy with the change, but let's at least get the facts straight, so we can argue our position better. Their original plan included a way to install apps from unknown sources, but it did not describe how that would work.
Of course it did.
For two reasons.
First - if anyone complains they can always say there exists a bypass, no matter how idiotically unworkable and annoying the process might be.
Another aspect is that devs will probably want to test their apps easily and quickly - App stores are notorious for updates taking a few days to be approved. Even for Google, full-on lockdown might seem overkill. They don't want to bother with speeding up their update approval process so devs can push test builds through the Ecosystem. Giving some route towards sideloading is a much saner solution.
I still say fuck them and push back and that total control is there end goal.
However. I agree with what they're putting in place at this time. It's a one time 24 hour hold before you can install apks from unknown places.
Unfortunately, a lot of people are pieces of shit, and I know for pretty much a fact that making this move will prevent old people from getting scammed. Especially for more targeted attacks where you can use ai to fake one of their relatives voices. It pumps a brake on scammers getting people to grant access while under a panic.
So if you're tech savvy, you'll just have to wait an extra 24 hours before you can start side loading after a phone reset or new phone purchase. Not a big deal if it keeps my pops from having his bank account drained. The guy got in a panic when his Facebook billiards game lost his score data. The guy would have left his phone with someone for a week if they told him they could have gotten it back.
Security should not control us, we should control security. In other words, this is not the right solution.
There's a middle ground between complete disregard and complete lockdown. If you've got a better solution to scammers that isn't going to drain your battery, invade your privacy, or hog up resources, I'm all ears. Grow up a little and maybe stop being so "me" centric.
This is clearly not designed to keep people secure. If it was, Google would not force you to make your device less secure to install apps of your choice.
The only way it reduces security is by increasing the attack surface. There is no "now anybody can get root on your phone" vulnerability for enabling developer options, and if there were, Google would patch it. I always enable developer options as soon as I get a new device.
Because of this, the audit described in the "Other" link is deprecated.
That's great for you, but you and I are not the targets that Google is supposedly trying to protect from supposed scams.
Lol at what you call "proof". Also, no one said you had to leave it enabled. Also, also, dev options is a security risk BECAUSE it allows for side loading. Hahaha
It's an attempt to functionally black list every android developer that doesn't want to give Google their personally identifiable information and fuck you for carrying water for this full on fucking fascist move. Your argument is bullshit.
....Do you not know what they're implementing?
All it is, is a one time 24 hour hold when you want to install a non play store apk. You click "allow apks from unknown sources" and then a day later your phone behaves just as it does right now. The end.
Except google has no business telling me what the fuck I can and can't do with my own fuckin property. Good for you that you like the taste of boot leather and the feeling of a heel on your neck but it's none of googles fucking business what I do with my devices in the first place including what I install on them. And the fact you're deliberately ignoring the clear chilling effect this will have on android open source developers by attempting to force them to register with Google proves you're engaging in bad faith and a shill. Go throat your boot somewhere they tolerate quislings.
"oh my God. Oh dear. No. Not 24 hours before I can install f-droid. I'm crippled. Wasting away to nothingness. My edgelord life is ruined. I'm never going to leave the basement again. This one day has ruined anything worth living for. Bleeeeaaagh"
Ok? Its still my phone, my hardware, and now I have to wait 24 hours before I can install wahtever I want on the phone that I goddamn paid for with my own goddamn money.
Also, let's not pretend as if they not eventually going to go back to their original plan once the initial backlash dies down and people get used to the new norm.
Google is "only" locking you out of using your phone for 24 hours...
For extra security, let's make it a week. Let's make it a month. Let's make it a year.
It's a holding period so a phone scammer can't be on the phone with you or over a live chat having you enable and install what they want right away. You're kind of an idiot if you can't see that it would work. Cry me a river if you have to wait a day before installing some of your shit.
Of course it wouldn't work.
Do you think putting a 24 h lock on your grandma's front door will prevent scammers from coming in?
No. No it won't. Any good scammer will be organized enough to start the scam and release the lock, then return after the timeout to finosh the job.
Do you think people vulnerable to scams will magically notice the scam in 24 hours?
Also, do you think most scams use sideloaded apps? Amazon gift cards are an easier vector. There's also premium SMS.
Modern scams have nothing to do with security. They prey on people who fall for them. No security measure, save for a trusted friend telling them it's a scam will work.
What this is is a thinly-veiled attempt to lock users out of using their own devices and to strenghten a slowly-crumbling ecosystem.
Yes, I know it will help prevent it. I've seen it happen in real time. You have time to think if it sounds suspicious after you get off a phone. You have time to decide to call your bank and ask. A lot of times scammers will pretend it's to help a family member in trouble and they need the money immediately, but now the person has time to call others in the family and discover it was all a lie.
You obviously don't know how easy it is to pressure people in the moment, and how much harder it is to do after they aren't under an instant time constraint. Hell, I used to work in sales and I've done it. People do illogical things when they're caught up in the moment. I know 100% this will prevent some people from being scammed.
Well, I was thinking along the lines of, if you fall for a crypto scam, 24 h does nothing about it.
If someone calls as a Nigerian Prince and you want to buy in, a cooldown won't help either.
If someone impersonates your close family, it just might. But I imagine scammers are smart enough to dissuade the victim from calling the known number with a reasonable excuse. Then the cooldown wouldn't help in this situation either. Something something scammers being good and all that.
And even if we disregard all that, there's always the option of having the switch have no cooldown if set during initial device setup. Afterwards - sure. Give a 24 or 48 hour cooldown.
If someone wants it immediately - they can do a factory reset.
But the problem is - this is not what's being done. What is being done is the start of a 72 hour cooldown, then 1 week, then 3 months, then no option to switch off at all. This is what I'm against, and what most other Lemmings are.
And to top it off - acting like this to "protect users" is a slippery slope of ignorance in and of itself.
You see, putting users under a glass dome (what all these "security" measures are) takes away their knowledge. With enough hand-holding ("security" or otherwise), they end up dumb, ignorant and incompetent.
"With great power comes great responsibility". Well, the opposite is also true: "With no power comes no responsibility".
And such powerless users are the ones who will, ironically, fall for ALL the scams.
The ones who are so "protected" that they have no common sense idea of how and what their phone does.
Once "logic" turns to "magic", you're in for a wild ride.
Because, even if they do know (which most won't), they won't be able to prevent the scam.
Why?
Because they're mostly locked out of and don't have posession of their phone.
They may be the owners, but Google is the one who can do what it wants with the phone. Not the user.
I got news for you, buddy. 90% of people already don't know shit about their phones. Half the population couldn't even tell you how much ram is in their phones or what os version it's on. People are lazy and ignorant. Just look at what they allowed the government to become. You overestimate the common man.