Comment by godelski
20 days ago
> What they want is to get rid of apps like YouTube Vanced
I think it is also very telling where they're rolling out first. Brazil, Indonesia, Thailand, and Singapore.
It felt weird that the official press release was quoting entities from these countries, as if it should give confidence to the rest of the world. I can't imagine what these countries would want with apps that can be traced back to a government id...
Vanced and such is more of a First World/Western issue. I don't think you're wrong but I got a strong gut feeling there's other pressures in the works. Just something doesn't smell right...
Hm, not sure about that. I know from browser add-ons that markets like Brazil do suffer from increased scams, especially banking scams. I could see that this is also an issue for scam apps.
Firefox for instance does not allow you to install unsigned extensions. You don't need to list them on their storefront, but they want to perform automated tests and have the ability to block extensions through this signing requirement.
So in principle I can see them wanting to address a legitimate issue, but the way they are going about this is way to centralized. IMO they should do something like we have for web certificates, where vendors can add more root authorities than just the one from Google, and users should be able to add their own root certificates if they want to side load apps.
I don't deny that it can be used to reduce scams, but I think there are far better ways to solve this that don't give authoritarian countries extra powers. Thing is, signing doesn't actually address the problem. It is a way to track the problem, not prevent the problem. Don't confuse the two.
That's absolutely not true[0]. You need to sign the extension to publish it to their app store but you don't need it to install. Btw, the Playstore already does this too. Which I'm totally okay with!
[0] https://developer.mozilla.org/en-US/docs/Mozilla/Add-ons/Web...
It is true, and what you quoted does not contradict this.
https://extensionworkshop.com/documentation/publish/signing-...
You can temporarily install extensions in about:debugging, but everything permanent needs to be signed.
> Add-ons need to be signed before they can be installed into release and beta versions of Firefox. This signing process takes place through addons.mozilla.org (AMO), whether you choose to distribute your add-on through AMO or to do it yourself.
1 reply →
Vance is just as big if not bigger problem there.
Sorry, I replied to a sibling comment that was nearly identical[0]. Luck(?) would have it, said other problem was made more explicit[1]
[0] https://news.ycombinator.com/item?id=45035699
>Vanced and such is more of a First World/Western issue
What? I'm from Brazil and Vanced is as big, if not bigger here. In fact, most of my 'first world' friends just pay for YouTube Premium (or whatever it is called), and these kinds of workarounds are mostly used in countries with less purchasing power.
I'm talking about a different kind of problem. Ask the next question (and maybe a few more) about why this is the situation.