Comment by xyzzy_plugh
3 months ago
> we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified. We are designing this flow specifically to resist coercion, ensuring that users aren't tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands.
As long as this is a one-time flow: Good, great, yes, I'll gladly scroll through as many prompts as you want to enable sideloading. I understand the risks!
But I fear this will be no better than Apple's flow for installing unsigned binaries in macOS.
Please do better.
I also think we should stop calling it "sideloading". We need a better word. Sideloading has a negative vibe, as if it's a dangerous thing to install apps from sources other than the Play Store.
Sideloading should be called installing, and installing from the play store should be called jailloading.
I call it installing. If it's from play store I'd say "Install from Play Store".
>Sideloading has a negative vibe
Maybe you've just been drinking the propaganda? "Sideloading" to me rolls off the tongue no worse than "hotswapping" or "overclocking".
We've always called it "install".
3 replies →
Does this allow unsigned binaries like today? Or is this now requiring you have a binary signed by a android developer account but just one without full identity verification.
All Android devices require signed binaries and have done so since 1.0.
Red herring. Self-signed certificates have always been accepted, and generating a certificate is a one-liner:
The public testkey certificate is also accepted so you don’t even need to generate one.
1 reply →
What if it imposed a longish (one time) cooldown period? A day?
Exactly, this would greatly reduce the ability for scammers in "urgent" situations, but for power users who flip the switch on day one it would rarely be a problem. What would be terrible though ... is if Google made it require a network connection or Google approval.
1 day is not longish. That would greatly harm apps like F-Droid. You'd have to go through it every time you want to update your apps.
He said one-time.
1 reply →
The key will be whether they treat experienced users like adults after the initial opt-in