Comment by thecupisblue
20 days ago
This is not related to malware or scams, and using that is nothing but a PR smoke screen.
While Android is vulnerable, especially to user stupidity, people mostly get scammed by fake credit card charges or by giving access to their notifications and contacts allowing for spam.
And yes, while there are "infected" APK's for popular apps , this again isn't the case here.
The real case here is money.
Apple earns $27B from commision on apps, while Google earns about $3B. Why?
Because Android users are "less willing to pay", which includes pirated APK's and "unlocked" app versions. Eliminating the possibility of using these for 99% of the people will be enough to force them to pay for that app/service in the end, raising the Play store revenues.
Do not trust Google when it comes to "doing it for the user" - their mission is to establish as strong of a monopoly on the platforms and extract as much value as possible. They spent more money on lawyers & policy lobbyists in the last 10 years trying to keep Android closed than some S&P500 companies are worth.
Their incentive is even stronger: most users of ReVanced for example unlock YouTube, which belongs to Google. In that case we are talking about 100% revenue loss, not 30% app commission. This goes for NewPipe, etc.
I wonder if OsmAnd, Termux, F-Droid would survive this or will be casualties. Who will authenticate for a decentralized open source app that has 100 active contributors?
Exactly, especially when Google can revoke your account or keys at anytime.
Basically this give Google the way to blacklist any app you release now, in or out the play store for the sake of "security".
It's just about control and finally squashing the app that aren't to Google taste.
I can't image that ad blockers or ReVanced has any real impact on YouTube. I'm the only one I know using either. So that's 1 in about 300 maybe?
Locking down Chrome and killing ad blockers is not some huge effort, it's closer to the flick of a wrist. Neither is locking down android. They can just do it. And if they think there is nothing anybody can do about it, they will, to get that last 0.01%.
But no doubt they are under an enormous amount of pressure to do this from a variety of corporations and governments as well.
Well of course they are not "doing it for the user" but that would be a different discussion if scams and malware were out of the picture.
Doesn't this kill two birds with one stone?
Forcing users to pay for apps rather than install pirated APK's and unlocked apps both raises Google's revenue and reduces the risks of malware and scams.
The consequence is naturally, the savvy users who know how to avoid risks lose the ability to have more control over their phone.
This assumes that Google actually does reduce malware and scams within their garden, but they do not. They are just as prevalent (perhaps more so) within the apps that Google certifies.
So the only thing it kills is the risks to Google's revenue, not the risks to users' security.
My opinion on this changed as we helped elderly parents with declining capabilities. The internet is an extremely dangerous place for those less cognitively able.
It is extremely hard to live without the internet - it's almost impossible - everything from your bank to your doctor to restaurants to the barber that wants to be paid by Venmo. Taking away your parent's internet connection is even harder than taking away their driver license. (And also more isolating.)
There is no law enforcement; there's no consequence for scammers; there's no technology stack that is safe for the less able. It's a brutal Wild West where the weakest are attacked without recourse, flooded with misinformation and lies, and targeted by significant financial scams.
Okay and how does play protect and play integrity prevent this? Anyone?
Hint: it does not. Look around the play store, it's 80% malware and scams.
Why is this the case? Because it has to be or Google goes bankrupt. Google is an inherently parasidic company. They make their money off of advertisement, scams, and conjobs. The more shit the digital world is for you, the better for them. You will always have an adversarial relationship with Google.
They don't want ads that don't lie. They don't want apps that are honest. They don't want to limit notifications. They don't want to get rid of email spam.
The reason Apple devices are so much more pleasant for everyday use and there's so much less scams and adware isn't because Apple is a saint. Its because ultimately Apple doesn't give much of a fuck if they screw over con artist, because that's not the thing keeping them from bankruptcy.
Thank you! Apple is just as evil as the next company. The difference is in how they make their money and what their incentives are.
Google has chosen the path of duping their customers by selling them to the highest bidder. That's their business model across the board.
Apple has chosen to sell devices at a significant markup with the inherent agreement that they won't sell their customer to the highest bidder. After building trust in that arena for years, it wouldn't take much to destroy that credibility. So far, they know this. I'm getting concerned about them starting to plug ads into their core applications, so only time will tell if they get MBA'd to shit.
Yes, but this doesn't do absolutely anything to prevent this.
I've helped elderly family members and non-techie ones who barely know how to open a facebook account - none of them had "malware apps" installed. Their problems were mostly these:
- Websites asking for notification permission just to spam with unrelated malware or porn notifications
- Their calendars being filled with events that are nothing but links to porn or gambling sites, leading to constant notifications
- Apps that don't work yet are filled with ads - blood pressure meter on your phone, sugar level measurements, step trackers - filled with ads and trying to get 1000$ purchases
- An app actually being a launcher filling your screen with ads.
- Hell, even I, as someone who has deep intimate knowledge of Google Play Billing, got scammed by an app when upgrading from their weekly to their monthly offer, with them now charging both.
Google can intervene at any point here, they have reviewers, they control the store, they control the browser, hell, they basically control the device. And they have rules and policies for it, but it's convenient for them to ignore it. They have their cash cows and will fight tooth and nail to protect them as long as it makes them profit.
> Websites asking for notification permission just to spam with unrelated malware or porn notifications
People have been giving Apple shit forever for not supporting this "web standard" in Safari, but it's 99% used nefariously for this exact purpose. Websites should not be able to send push notifications.
I do not want websites to have equal capabilities to apps. Installing an app on my device is a very purposeful decision I make that I only do if I'm trusting it and willing to manage its permissions. Visiting a website is not.
I set my parents up with a computer and locked it down nice and good. A few months later they called me asking me about this full screen message they couldn't figure out how to make go away that was demanding they call Apple or Google for tech support.
I was able to remote in and close it. Then I noticed the message saying uBlock Origin had been disabled in Chrome (because Google broke ad blocking).
Thanks Google.
I actually filed a complaint with the WA Attorney General over that. My older parents got hit by that exact process. So there’s at least a public record complaint that Google is now actively blocking cybersecurity technology (because that’s what adblocking software ultimately is).
Driving is also extremely dangerous for the less congnitive able, that doesn't mean that we should let BMW decide where and when you are allowed to drive.
We also don't trust old people to live on their own, that doesn't mean we force every adult into dormitories.
Driving is licensed and regulated by the government. Are you suggested internet licenses that required semi-regular tests and strict enforcement by governments?
3 replies →
Then maybe it should be more opt-in. We're losing settings and configurability as time goes on. And like encryption it can be a one way street, requiring a full reset to turn it off. That's open security. This is a cash grab
you're describing the dangers of the open internet, but this is about the dangers of non-app-store apps. android already makes it quite difficult to side-load non-app-store apps; certainly not something a tech-illiterate user could do by accident.