Yikes this really doesn’t look good. Is there any reporting on it from independent journalists (or anyone else who isn’t also advertising their own competing operating system)?
Not that I’ve seen and I’d take what Purism say with a grain of salt: they’ve acted like pretty shitty gatekeepers themselves. Nothing they mentioned in the article seems too egregious in truth and they’re exaggerating the scale of it: Play Store app DRM exists already, and the restrictions on browser-downloaded apps they mention can be bypassed (albeit by having to go into settings) and don’t apply to apps installed through other apps stores (F-Droid, etc).
Nothing they mentioned in the article seems too egregious in truth
Doesn’t it? To be honest, if the article is telling the truth and not exaggerated, I find this pretty egregious. How you installed an app should be irrelevant, so the idea of an API to say “did this come from the Play Store” is fucking shit. And the ability to block installation of apps that call certain APIs entirely is even worse.
Lots of things that have very valid reasons on paper that also just happen to give Google a stupid amount of control and will backfire for a somewhat small percentage of people in very bad ways. We've been at "you can't use pretty much any bank unless you agree to either Google or Apple terms" for quite some years now, now we're giving those same app developers ways to detect if their device has accessibility APIs enabled (useful to protect against bot farms, but also a functional check for "you're able-bodied") or is in security support (also a functional check for "not reliant on hand-me-downs").
Lol. So this API for ‘security’ and ‘integrity’ basically has a built in malware trojan:
Avoid caching integrity verdicts
Caching integrity verdicts increases the risk of proxying, which is an attack where a bad actor reuses a verdict from a good device for abusive purposes in another environment. Instead of caching responses, you can make a standard API request to get a verdict on demand.
From the article it sounds like the limitations come for some app types downloaded directly from a browser. I think this doesn’t affect alternate app stores like f-droid where you are effectively delegating approval to their process.
I have come across the other limitations mentioned with the Home Assistant companion app which I could only get matter registration to work with the version downloaded from the Play store.
bjoern_tantau@swg-empire.de
on 07 Jun 10:55
nextcollapse
Well, but where do you get F-Droid? Or stuff like ReVanced Manager.
Or Epic’s stuff. Wasn’t Google just now sued for this shit and nobody understood why Google lost and Apple didn’t because you can easily sideload on Android.
I completely agree. Unless Google is forced to install more than one app store by default, or forced to have multiple app stores downloadable on Play Store, three is no realistic way to install a third party app store on a phone. In both cases, Google's cooperation is required.
The article says it only applied to apps requesting certain permissions. I agree I’m an ideal world it would be nice to get f-droid directly from the Play store but at least according to the article the ability to install it isn’t being blocked here.
WhyJiffie@sh.itjust.works
on 07 Jun 15:57
nextcollapse
one could argue that installing packages is a dangerous permission
Allowing fdroid from to come from the play store is NOT a solution by any means. Users should have the right to never touch the play store or agree to googles TOS.
Maybe for the Singapore thing. For the play integrity thing, it applies to apps from anywhere except the play store directly. I use Aurora to install apps that say “not compatible with your device” for no reason. But a week or two ago ago, they started blocking access and saying I needed to install from the play store.
Fortunately I was able to downgrade and they kept working, but I don’t know how long that will last. At some point the server side will change the API.
throwawayacc0430@sh.itjust.works
on 07 Jun 15:54
collapse
So you can’t use banking apps, or you mean like you cant even use F-Droid FOSS apps at all?
Fortunately I haven’t had to do this for anything like my bank app or its multifactor code app, but yeah it would be like that. For apps not published on the play store, they continue working.
Never had an issue with them. Writing from my Librem 5
Lyra_Lycan@lemmy.blahaj.zone
on 07 Jun 11:24
nextcollapse
effectively pushing users to install apps only through the Google Play Store
I wonder what this will mean for Aurora and Fdroid etc.
rikudou@lemmings.world
on 07 Jun 12:16
nextcollapse
Well, both will be unable to install certain types of apps.
curbstickle@lemmy.dbzer0.com
on 07 Jun 15:25
nextcollapse
That doesnt appear to be true, the restriction seems to be on apps being installed from file managers, web browsers, messaging, etc.
F-droid and the like are not part of that list.
This still isn’t good, but it doesnt stop you from having F-droid manage your messaging apps it would seem.
Edit: If you’re down voting because you think its using the same method as a file manager as the user that replied to me, this is incorrect. This is also an issue going back several versions.
F-Droid uses a session installer method for 3rd party app stores, it does not use the same method as a file manager.
For an article about a similar issue brought up by similar restrictions in previous updates, you can refer to this article:
For what it’s worth I use aurora store and have already noticed some apps refusing to open/work unless I reinstall them from the play store.
curbstickle@lemmy.dbzer0.com
on 08 Jun 02:17
collapse
How did you install aurora store?
I’m curious because ive seen no issues with F-Droid (just had a few updates actually), and the F-Droid team have commented on this sort of approach before, including the method being used for installation.
I don’t think so, I actually updated it via f-droid before but resorted to sideloading the apk myself for faster updates.
I’ve noticed it so far for my apps: Tilla (subscription manager), ChatGPT, Poe
throwawayacc0430@sh.itjust.works
on 08 Jun 02:20
collapse
But how do you install F-Droid after, say, a factory reset because you had to troubleshoot something?
curbstickle@lemmy.dbzer0.com
on 08 Jun 02:29
collapse
No idea. Play Store then update itself via its at store rev? Preinstalled on a ROM? Via adb?
That said, all the link refers to is a few sample permissions (which would not include F-Droid from that list) and only via certain methods being downloaded. Or they have it wrong and its “opened from”.
Its still shitty, but as of now I’m not sure if there is any impact to installing F-Droid, but I can say the method of installation has complied with previous versions of googles “protections” (as in forced limitations) and that appears to continue to be true.
Vanilla_PuddinFudge@infosec.pub
on 07 Jun 17:35
collapse
Aaaaand now I’m carrying around a laptop again, at least mini pcs are tiny now, maybe a small handheld would do…
if any of this shit hinders me, I’ll get a dumb phone and the cheapest iphone available for manditory work-based things and say so-long to being a mobile OS user.
This is my immediate first thought seeing this. This fucking sucks. Part of the whole benefit of something like LineageOS or e (OS?) was being able to use Fdroid to stay away from Google as much as possible. Now this is going to potentially make things weird.
doesn’t do anything to f-droid, but probably kills aurora a bit. the developer can prevent their app from being sideloaded. why would one prevent that if they are distributing via f-droid too?
Integrate777@discuss.online
on 07 Jun 13:40
nextcollapse
In Singapore, lots of boomers are downloading scam apps from facebook lured by promises of discounts and free gifts, handing out accessibility privileges, and they’ll even argue vehemently against loved ones and bank staff when confronted. When it all inevitably blows up, they blame absolutely everyone except themselves, including praising Apple for some reason.
Being the largest voting block, they managed to get banks responsible for reimbursing their losses and there was even an idea floated of getting everyone to contribute to a shitty scam insurance fund. Many major banking apps are paranoid af and block usage from simple things like usb debugging turned on.
Absolutely stupidity. And there’s nothing we can do about it when the politicians love them so much.
Usb debugging is sketchy as shit. You should almost never turn that on, and immediately turn it off once you’re finished with whatever it is you’re doing with that on.
mazzilius_marsti@lemmy.world
on 07 Jun 17:58
nextcollapse
agree completely. But I recently broke my phone screen, the usual Samsung green screen of death, and I wish I had that turned on to copy the data over lol.
If you can copy data over, then someone else can too. It’s important to have backups. Maybe syncthing or some other home server will do nicely.
interdimensionalmeme@lemmy.ml
on 08 Jun 16:11
collapse
I have it on all the time in tcpip mode. I need it for file sync and remote streaming my phone with scrcpy. Especially when I use my phone as a wireless webcam.
MonkderVierte@lemmy.zip
on 07 Jun 13:49
nextcollapse
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
All of this while EU forbids Apple to do the same, what is the idea here? Measuring how EU reacts?
surewhynotlem@lemmy.world
on 07 Jun 15:43
nextcollapse
Is it the same though? Google is allowing the developers to choose to prevent sideloading. I thought Apple’s issue was that they prevented side loading completely.
…did you read the ad…? It quite obviously answers your question and calls out the difference. The large, glaring one. The one that probably even a first grader would grasp.
One of the reasons why I got a Android over ios :(
shortwavesurfer@lemmy.zip
on 07 Jun 16:14
nextcollapse
From what I can tell, all of this shit is on Google versions of Android. If you are on AOSP such as lineage or graphene, from what I understand this has no effect whatsoever.
throwawayacc0430@sh.itjust.works
on 07 Jun 16:23
collapse
But this is not the only aspect of Google’s autocratization; Apps who’s developers have enabled the Google Play Integrity APIs will not run on custom roms.
GreenKnight23@lemmy.world
on 07 Jun 17:00
nextcollapse
cool, any dev who requires that is acting in bad faith against my privacy and doesn’t deserve my support.
The problem comes when it’s not an app you’re using for the app’s sake, but because it’s the app of some company you have a real-world relationship with. Your bank’s app being the most important one that comes to my mind, considering I’ve already heard about some banks trying to restrict users to only Google’s flavour of Android before this.
GreenKnight23@lemmy.world
on 07 Jun 17:32
nextcollapse
and that’s important why? pick a different bank, or don’t use the app at all.
I get that some folks think using the app is a requirement. that may be true for some but not all.
don’t support shitty services and these companies won’t continue to abuse us.
Honestly other than a fingerprint lock, I’ve found the apps suck compared to just a browser on a PC anyhow. Half the apps could just be webpages, and a bunch of those are just wrappers to a web rendering layer anyhow
shortwavesurfer@lemmy.zip
on 07 Jun 17:26
collapse
I’m sorry, but in that case, it wasn’t worth running the app to begin with. You can either find a third-party app that lets you access the same content, such as Newpipe and YouTube, or you can use it from a web browser, such as your bank, and if you can’t do either of those, then just don’t fucking use that service.
I was willing to totally switch banks because my previous bank required me to use a mobile app and I did not want to do so. If I must go through some annoyance to use something that works properly, I will.
For me at least, running as much open source as I can possibly do is worth more than the inconvenience caused by not being able to use these shit services.
I use open source whenever I can, but sometimes that just isn’t an option in the real world. I work in IT at a hospital that REQUIRES Duo. I use GrapheneOS. I was able to get it to work, but it was a horrible experience.
I did honestly think about this, but its honestly more trouble than it’s worth. Carrying around two phones is just kind of am eh experience, plus I’m new, and I don’t wanna be that guy. If I kept having issues with it, that is probably the route I would have ended up taking, but it’s working as expected now. I’m not a FOSS purest or anything either way. I have a librebooted thinkpad, but I also have several proprietary apps on my phone. Its all about usability for me.
01189998819991197253@infosec.pub
on 08 Jun 14:28
nextcollapse
I was “required” to use duo. Okta worked fine. Might be the same in your situation, might be worth a looksee.
shortwavesurfer@lemmy.zip
on 09 Jun 18:32
collapse
If your work requires you to use specific software, make them purchase you a device to run that software on and leave it at work.
flop_leash_973@lemmy.world
on 07 Jun 19:19
nextcollapse
Are they talking about the changes that were made that allow a dev to prevent their app from launching if it fails a Play integrity check?
If so I don’t see that as a big deal since it is up to the dev to use it. OSS devs that want to distribute their app via apk download won’t enable it, and anyone distributing cracked apks will just disable that along with whatever other changes they are making.
KingRandomGuy@lemmy.world
on 07 Jun 21:05
collapse
Some apps only require ‘basic’ play integrity verification, but now check to see if they’re installed via the Play Store. They refuse to run if they’re installed via an alternative source.
This has been a problem for GrapheneOS, since some apps filter themselves out of the Play Store search if you don’t pass strong play integrity, despite the fact that they don’t require it. Luckily Graphene now had a bypass for this.
ColeSloth@discuss.tchncs.de
on 07 Jun 19:34
nextcollapse
The restrictions on apk access over the past 10 years have already been an annoying pita. Many of the best power user apks have had to gut themselves over their original functionality, all while obtaining root access over your owned devices has become harder or next to impossible.
Let them keep those. I hereby declare that if I don’t own the thing, I ain’t buying it. So no root, no $$$.
ColeSloth@discuss.tchncs.de
on 07 Jun 20:42
collapse
Yeah, but I still really like my micro SD card slot and pen on my note 20 ultra. Dunno what I’ll do when I have to replace it.
SinningStromgald@lemmy.world
on 07 Jun 22:33
collapse
The pen is the only reason I have stuck with Samsung. If they made a Pixel with a smart pen that I could put GrapheneOS on I’d buy it in a second.
ColeSloth@discuss.tchncs.de
on 07 Jun 22:40
collapse
Yeah. Id pick up a redmi 10+ pro if it had a pen and sacrifice away the SD card slot. Id at least have a huge battery and awesome cooling.
FreedomAdvocate@lemmy.net.au
on 08 Jun 16:17
collapse
If you would get that why wouldn’t you just get a Galaxy S2X Ultra?
ColeSloth@discuss.tchncs.de
on 08 Jun 19:22
collapse
I meant redmagic 10 pro plus. My bad.
As for the samsungs:
Because it’s priced higher than it should be, it has a slightly lower performance chip, a much lower capacity battery, and older battery tech that will degrade faster and charges slower. The best redmagic out specs the samsungs in every way but picture quality and does it for $500 less.
FreedomAdvocate@lemmy.net.au
on 08 Jun 19:56
collapse
Sure, but the Redmagic doesn’t have things the Samsung does - one of which seems to be a dealbreaker for you, the built in stylus.
ColeSloth@discuss.tchncs.de
on 08 Jun 22:57
collapse
Yeah, but I’m not paying an extra $500 for a stylus. Either way I think I’ll have at least another year out of this thing.
FreedomAdvocate@lemmy.net.au
on 09 Jun 06:46
collapse
It’s not just the stylus. Better screen (I think, though could be wrong, haven’t read/watched much about the redmagic but had a quick look at spec comparisons), better software (including Dex), etc.
ColeSloth@discuss.tchncs.de
on 09 Jun 11:04
collapse
The better software part is pretty debatable, but dex is cool for the people who use it.
Eh, if you are still on a Gservices Version of Android you are lost anyway
So I just urge y’all to step back and watch at this clownshow.
masterofn001@lemmy.ca
on 07 Jun 21:46
nextcollapse
There is exactly one app I use that is available only on play store - my bank.
I don’t really need the app.
They have a website.
I have a few phones, just got one that now has grapheneOS.
I’ve been using it for a few weeks to see how it works before I switch over anything to use it as my main. it has a lot of very interesting privacy/security features to test out.
Either way, I don’t get anything from the play store anymore.
Degoogled ROMs are gonna be the bomb in the future.
anticurrent@sh.itjust.works
on 07 Jun 22:13
nextcollapse
Maybe you should curb your enthusiasm a bit. have you seen what it take to unlock the bootloader from most manufacturers? you might even need your grandma’s birth certificate before you’re allowed to do so in the future
I am aware, but what choices do we have? I for one stopped using banking apps in my Android phone, not a big deal, we didn’t have banking apps there pre 2007 right?
I know not everyone can do it, but we can fight back in our own ways.
And voting with your wallet should be an obvious statement at this point.
RubberElectrons@lemmy.world
on 08 Jun 00:55
collapse
CalyxOS works with most banking apps, and is don’t degoogled.
This article is a thinly veiled ad paired with fearmongering to get gullible users to buy the shit phones they sell (or not, some people have been on “waitlists” for 5+ years after providing a full payment).
Granted, their phones are fully open, but have next to no apps.
Personally I’ll stick with Android 12, rooted, and see what the future brings.
Deflated0ne@lemmy.world
on 08 Jun 07:26
nextcollapse
Why is it so hard to “Don’t be Evil”
interdimensionalmeme@lemmy.ml
on 08 Jun 08:26
collapse
That would mean less money, at least in the short term, but also in the long term as it grants the user the autonomy of optionality, the power to choose some of Google’s edicts. Really it’s about the power to shape the choices of the users in the future. Take their power away. And in the future this will be conducive to leverage this power against the user for more money.
Kinda depressing that all of big-tech seems to have given up “innovating” (finding applications for publicly-funded research), and have become rent-seeking dinosaurs.
Teknikal@eviltoast.org
on 08 Jun 14:50
nextcollapse
Not bothered if necessary Il patch every apk before installing it, one more stupid American move that will ultimately give the entire market to the Chinese.
threaded - newest
That sounds illegal.
Depends. Are you from the EU or not?
I am, that’s why it sounds illegal. :D
Yikes this really doesn’t look good. Is there any reporting on it from independent journalists (or anyone else who isn’t also advertising their own competing operating system)?
Not that I’ve seen and I’d take what Purism say with a grain of salt: they’ve acted like pretty shitty gatekeepers themselves. Nothing they mentioned in the article seems too egregious in truth and they’re exaggerating the scale of it: Play Store app DRM exists already, and the restrictions on browser-downloaded apps they mention can be bypassed (albeit by having to go into settings) and don’t apply to apps installed through other apps stores (F-Droid, etc).
Doesn’t it? To be honest, if the article is telling the truth and not exaggerated, I find this pretty egregious. How you installed an app should be irrelevant, so the idea of an API to say “did this come from the Play Store” is fucking shit. And the ability to block installation of apps that call certain APIs entirely is even worse.
I haven't seen proper reporting but the Play Integrity install source thing is accurate. There's a reasonably good overview straight from the devil himself.
Lots of things that have very valid reasons on paper that also just happen to give Google a stupid amount of control and will backfire for a somewhat small percentage of people in very bad ways. We've been at "you can't use pretty much any bank unless you agree to either Google or Apple terms" for quite some years now, now we're giving those same app developers ways to detect if their device has accessibility APIs enabled (useful to protect against bot farms, but also a functional check for "you're able-bodied") or is in security support (also a functional check for "not reliant on hand-me-downs").
Lol. So this API for ‘security’ and ‘integrity’ basically has a built in malware trojan:
From the article it sounds like the limitations come for some app types downloaded directly from a browser. I think this doesn’t affect alternate app stores like f-droid where you are effectively delegating approval to their process.
I have come across the other limitations mentioned with the Home Assistant companion app which I could only get matter registration to work with the version downloaded from the Play store.
Well, but where do you get F-Droid? Or stuff like ReVanced Manager.
Or Epic’s stuff. Wasn’t Google just now sued for this shit and nobody understood why Google lost and Apple didn’t because you can easily sideload on Android.
I completely agree. Unless Google is forced to install more than one app store by default, or forced to have multiple app stores downloadable on Play Store, three is no realistic way to install a third party app store on a phone. In both cases, Google's cooperation is required.
The article says it only applied to apps requesting certain permissions. I agree I’m an ideal world it would be nice to get f-droid directly from the Play store but at least according to the article the ability to install it isn’t being blocked here.
one could argue that installing packages is a dangerous permission
Allowing fdroid from to come from the play store is NOT a solution by any means. Users should have the right to never touch the play store or agree to googles TOS.
Maybe for the Singapore thing. For the play integrity thing, it applies to apps from anywhere except the play store directly. I use Aurora to install apps that say “not compatible with your device” for no reason. But a week or two ago ago, they started blocking access and saying I needed to install from the play store.
Fortunately I was able to downgrade and they kept working, but I don’t know how long that will last. At some point the server side will change the API.
So you can’t use banking apps, or you mean like you cant even use F-Droid FOSS apps at all?
Fortunately I haven’t had to do this for anything like my bank app or its multifactor code app, but yeah it would be like that. For apps not published on the play store, they continue working.
It’s funny because one browser I use is downloaded from the browsers website which I then use to install the update to said browser.
Google needs a Luigi.
Purism is sketchy btw:
www.youtube.com/watch?v=wKegmu0V75s
www.youtube.com/watch?v=-IjUryQOlgk
(Louis Rossman videos explaining how a customer was denied a refund for a “pre-order” and then they tried to coerce Louis to take down the video.)
Edit: typo
As a person who experienced the customer support regrading preorders I can confirm this firm is extremly sketchy.
Never had an issue with them. Writing from my Librem 5
I wonder what this will mean for Aurora and Fdroid etc.
Well, both will be unable to install certain types of apps.
That doesnt appear to be true, the restriction seems to be on apps being installed from file managers, web browsers, messaging, etc.
F-droid and the like are not part of that list.
This still isn’t good, but it doesnt stop you from having F-droid manage your messaging apps it would seem.
Edit: If you’re down voting because you think its using the same method as a file manager as the user that replied to me, this is incorrect. This is also an issue going back several versions.
F-Droid uses a session installer method for 3rd party app stores, it does not use the same method as a file manager.
For an article about a similar issue brought up by similar restrictions in previous updates, you can refer to this article:
androidauthority.com/android-15-restricted-settin…
You can also refer to this thread in the F-Droid forums which covers this as well, from 2 1/2 years ago:
forum.f-droid.org/t/…/10
Which also includes a merged discussion from the last time this came up 9 months ago.
F-Droid has been using the session installer method for quite some time.
F-Droid uses the same way to install packages as the file manager does.
F-Droid uses Session Installer, which is an “app store” method.
This is not a new issue:
androidauthority.com/android-15-restricted-settin…
For what it’s worth I use aurora store and have already noticed some apps refusing to open/work unless I reinstall them from the play store.
How did you install aurora store?
I’m curious because ive seen no issues with F-Droid (just had a few updates actually), and the F-Droid team have commented on this sort of approach before, including the method being used for installation.
I don’t use aurora, so I’m not overly familiar.
Apk from their gitlab page
I wonder if it is because you added that way, rather than from f-Droid or something.
No idea. If I had a spare still running android (trying out postmarketos on a few devices) I’d like to give it a try. Maybe I’ll spin up a VM.
What apps?
I don’t think so, I actually updated it via f-droid before but resorted to sideloading the apk myself for faster updates.
I’ve noticed it so far for my apps: Tilla (subscription manager), ChatGPT, Poe
But how do you install F-Droid after, say, a factory reset because you had to troubleshoot something?
No idea. Play Store then update itself via its at store rev? Preinstalled on a ROM? Via adb?
That said, all the link refers to is a few sample permissions (which would not include F-Droid from that list) and only via certain methods being downloaded. Or they have it wrong and its “opened from”.
Its still shitty, but as of now I’m not sure if there is any impact to installing F-Droid, but I can say the method of installation has complied with previous versions of googles “protections” (as in forced limitations) and that appears to continue to be true.
Aaaaand now I’m carrying around a laptop again, at least mini pcs are tiny now, maybe a small handheld would do…
if any of this shit hinders me, I’ll get a dumb phone and the cheapest iphone available for manditory work-based things and say so-long to being a mobile OS user.
I recently started carrying a GPD microPC because of this bullshit.
It’s like a very bulky phone. Pocketable but kinda chonk. Thumb typing kinda thing.
But it runs Fedora + gnome with no problems.
My phone is now just for quick stuff and a way to make a WiFi hotspot.
Just FYI, no, F-Droid will not be impacted.
Links in this comment explain, they are incorrect about how F-Droid works.
This is my immediate first thought seeing this. This fucking sucks. Part of the whole benefit of something like LineageOS or e (OS?) was being able to use Fdroid to stay away from Google as much as possible. Now this is going to potentially make things weird.
I hope f-droid has nothing to do with Google play store, thought they are their own store without connection to Google.
doesn’t do anything to f-droid, but probably kills aurora a bit. the developer can prevent their app from being sideloaded. why would one prevent that if they are distributing via f-droid too?
well, it sucks
In Singapore, lots of boomers are downloading scam apps from facebook lured by promises of discounts and free gifts, handing out accessibility privileges, and they’ll even argue vehemently against loved ones and bank staff when confronted. When it all inevitably blows up, they blame absolutely everyone except themselves, including praising Apple for some reason.
Being the largest voting block, they managed to get banks responsible for reimbursing their losses and there was even an idea floated of getting everyone to contribute to a shitty scam insurance fund. Many major banking apps are paranoid af and block usage from simple things like usb debugging turned on.
Absolutely stupidity. And there’s nothing we can do about it when the politicians love them so much.
Usb debugging is sketchy as shit. You should almost never turn that on, and immediately turn it off once you’re finished with whatever it is you’re doing with that on.
agree completely. But I recently broke my phone screen, the usual Samsung green screen of death, and I wish I had that turned on to copy the data over lol.
If you can copy data over, then someone else can too. It’s important to have backups. Maybe syncthing or some other home server will do nicely.
I have it on all the time in tcpip mode. I need it for file sync and remote streaming my phone with scrcpy. Especially when I use my phone as a wireless webcam.
All of this while EU forbids Apple to do the same, what is the idea here? Measuring how EU reacts?
Is it the same though? Google is allowing the developers to choose to prevent sideloading. I thought Apple’s issue was that they prevented side loading completely.
…did you read the ad…? It quite obviously answers your question and calls out the difference. The large, glaring one. The one that probably even a first grader would grasp.
One of the reasons why I got a Android over ios :(
From what I can tell, all of this shit is on Google versions of Android. If you are on AOSP such as lineage or graphene, from what I understand this has no effect whatsoever.
But this is not the only aspect of Google’s autocratization; Apps who’s developers have enabled the Google Play Integrity APIs will not run on custom roms.
cool, any dev who requires that is acting in bad faith against my privacy and doesn’t deserve my support.
The problem comes when it’s not an app you’re using for the app’s sake, but because it’s the app of some company you have a real-world relationship with. Your bank’s app being the most important one that comes to my mind, considering I’ve already heard about some banks trying to restrict users to only Google’s flavour of Android before this.
and that’s important why? pick a different bank, or don’t use the app at all.
I get that some folks think using the app is a requirement. that may be true for some but not all.
don’t support shitty services and these companies won’t continue to abuse us.
Honestly other than a fingerprint lock, I’ve found the apps suck compared to just a browser on a PC anyhow. Half the apps could just be webpages, and a bunch of those are just wrappers to a web rendering layer anyhow
I’m sorry, but in that case, it wasn’t worth running the app to begin with. You can either find a third-party app that lets you access the same content, such as Newpipe and YouTube, or you can use it from a web browser, such as your bank, and if you can’t do either of those, then just don’t fucking use that service.
I was willing to totally switch banks because my previous bank required me to use a mobile app and I did not want to do so. If I must go through some annoyance to use something that works properly, I will.
For me at least, running as much open source as I can possibly do is worth more than the inconvenience caused by not being able to use these shit services.
I use open source whenever I can, but sometimes that just isn’t an option in the real world. I work in IT at a hospital that REQUIRES Duo. I use GrapheneOS. I was able to get it to work, but it was a horrible experience.
I’d be telling them to provide a work phone.
I did honestly think about this, but its honestly more trouble than it’s worth. Carrying around two phones is just kind of am eh experience, plus I’m new, and I don’t wanna be that guy. If I kept having issues with it, that is probably the route I would have ended up taking, but it’s working as expected now. I’m not a FOSS purest or anything either way. I have a librebooted thinkpad, but I also have several proprietary apps on my phone. Its all about usability for me.
I was “required” to use duo. Okta worked fine. Might be the same in your situation, might be worth a looksee.
If your work requires you to use specific software, make them purchase you a device to run that software on and leave it at work.
Edit: nvm, i see that was brought up already
I agree. Not having access on my terms is absolutely a deal breaker for me and could cause me to stop doing business with a company.
K bye
Are they talking about the changes that were made that allow a dev to prevent their app from launching if it fails a Play integrity check?
If so I don’t see that as a big deal since it is up to the dev to use it. OSS devs that want to distribute their app via apk download won’t enable it, and anyone distributing cracked apks will just disable that along with whatever other changes they are making.
Some apps only require ‘basic’ play integrity verification, but now check to see if they’re installed via the Play Store. They refuse to run if they’re installed via an alternative source.
This has been a problem for GrapheneOS, since some apps filter themselves out of the Play Store search if you don’t pass strong play integrity, despite the fact that they don’t require it. Luckily Graphene now had a bypass for this.
The restrictions on apk access over the past 10 years have already been an annoying pita. Many of the best power user apks have had to gut themselves over their original functionality, all while obtaining root access over your owned devices has become harder or next to impossible.
Let them keep those. I hereby declare that if I don’t own the thing, I ain’t buying it. So no root, no $$$.
Yeah, but I still really like my micro SD card slot and pen on my note 20 ultra. Dunno what I’ll do when I have to replace it.
The pen is the only reason I have stuck with Samsung. If they made a Pixel with a smart pen that I could put GrapheneOS on I’d buy it in a second.
Yeah. Id pick up a redmi 10+ pro if it had a pen and sacrifice away the SD card slot. Id at least have a huge battery and awesome cooling.
If you would get that why wouldn’t you just get a Galaxy S2X Ultra?
I meant redmagic 10 pro plus. My bad.
As for the samsungs:
Because it’s priced higher than it should be, it has a slightly lower performance chip, a much lower capacity battery, and older battery tech that will degrade faster and charges slower. The best redmagic out specs the samsungs in every way but picture quality and does it for $500 less.
Sure, but the Redmagic doesn’t have things the Samsung does - one of which seems to be a dealbreaker for you, the built in stylus.
Yeah, but I’m not paying an extra $500 for a stylus. Either way I think I’ll have at least another year out of this thing.
It’s not just the stylus. Better screen (I think, though could be wrong, haven’t read/watched much about the redmagic but had a quick look at spec comparisons), better software (including Dex), etc.
The better software part is pretty debatable, but dex is cool for the people who use it.
Eh, if you are still on a Gservices Version of Android you are lost anyway
So I just urge y’all to step back and watch at this clownshow.
There is exactly one app I use that is available only on play store - my bank.
I don’t really need the app.
They have a website.
I have a few phones, just got one that now has grapheneOS.
I’ve been using it for a few weeks to see how it works before I switch over anything to use it as my main. it has a lot of very interesting privacy/security features to test out.
Either way, I don’t get anything from the play store anymore.
It’s F(L)OSS or a website.
As god intended.
😸
Degoogled ROMs are gonna be the bomb in the future.
Maybe you should curb your enthusiasm a bit. have you seen what it take to unlock the bootloader from most manufacturers? you might even need your grandma’s birth certificate before you’re allowed to do so in the future
I am aware, but what choices do we have? I for one stopped using banking apps in my Android phone, not a big deal, we didn’t have banking apps there pre 2007 right?
I know not everyone can do it, but we can fight back in our own ways.
And voting with your wallet should be an obvious statement at this point.
CalyxOS works with most banking apps, and is don’t degoogled.
Certainly depends on where you live.
Unlocking a Samsung phone is trivial here.
Depends on the manufacturer. Ideally, they’re forced to allow choice, but until that happens, we can at least prefer phones that don’t lock you in.
.
This is an ad
Its a straight ad
This sucks, I don’t want a world where o have to carry around 2 devices (a private one and a standard spyware one)
Censorship strikes again.
This article is a thinly veiled ad paired with fearmongering to get gullible users to buy the shit phones they sell (or not, some people have been on “waitlists” for 5+ years after providing a full payment).
Granted, their phones are fully open, but have next to no apps.
Personally I’ll stick with Android 12, rooted, and see what the future brings.
Why is it so hard to “Don’t be Evil”
That would mean less money, at least in the short term, but also in the long term as it grants the user the autonomy of optionality, the power to choose some of Google’s edicts. Really it’s about the power to shape the choices of the users in the future. Take their power away. And in the future this will be conducive to leverage this power against the user for more money.
I asked the AI about it, in case anyone is curious chatgpt.com/…/68454a70-5cd8-8005-8075-3579244f0ce…
I’m tired of this evil is related to money. When did our species die on the hill that money’s more important than humanity itself?
The moment money became the only way to get food.
That is bullshit, the economy is created to force you into the labor market. This is just a symptom of capitalism.
“Purism makes premium phones…” Haaaaaaaaa 😂
Correction: purism sells mediocre phones for premium prices.
media.tenor.com/j3956YuKDZsAAAAM/look-what.gif
Kinda depressing that all of big-tech seems to have given up “innovating” (finding applications for publicly-funded research), and have become rent-seeking dinosaurs.
Capitalism baby
Not bothered if necessary Il patch every apk before installing it, one more stupid American move that will ultimately give the entire market to the Chinese.
…in Singapore…