Comment by miki123211

The Play Store was riddled with scam apps last time I used it. Be it fake apps that pretend to do something while doing at best nothing ("system optimizers", "antivirus" apps) over user data mining apps (often targeted at children or young people) to hundreds of clones of commercial or open source apps - you do not have to search very long to find the real scams.

Making sideloading harder has only one goal - growing the wall around the garden a bit higher, piece by piece, layer by layer, while everything within slowly grows more toxic.

If they actually cared about scams on Android, when I explicitly searched for <App I'm going to pay for anyway> in the Play Store, they wouldn't put <Some other random app that pays money to appear above the app I searched for> at the top instead lol

I can say that my parents have never once complained about a scam on their phone caused by sideloading.

In fact I don’t know anyone among any of my friends or family that have ever had that issue.

Every last one of my non-technical friends and family have been hit by spyware on their windows devices.

To say I’m extremely skeptical that this has anything to do with protecting users is an understatement.

In fact I’m willing to go out on a limb and say it’s a nearly non-existent issue outside of people being targeted by nation states.

Would love to see some numbers backing up the claim that sideloading is resulting in mass exploiting of Android devices because I can’t find them.

That's a bit of a surprising postulation.

If there's a reputation, that means it's reasonably widespread. 5% doesn't seem like much.

Does this mean there are so many advanced users sideloading apps to compromise them?

Except users aren't so advanced that they are getting scammed because of side loading?

Or might it be the cascading delays in security updates that don't seem to reach devices between Google, manufacturers, and telcos? This is a much more massive (the 95%) of security hole and backdoors for scams to enter.

These arguments don't really seem to fit together or make sense.

Happy to get some links to read more about all of the statements.

There isn't a snowball's chance in hell that Google is doing this to protect users from scams. It is purely driven by their desire to control the platform and eliminate things like ad-blocking youtube apps. You're far too credulous of evil corporations' stated motives.

Scams are the justification, F-Droid hasn't had any scam apps throughout it's existence, and it's not clear every functionality it currently has will be preserved with this change like auto-updating apps and easy installation of the store itself.

Google could let users add their own signing keys (like browsers allow), and it might be they will let students or power users do this, or they could do what F-Droid does in packaging FOSS apps without developers having to provide extra PII information. If they do neither of these things, it de facto means they're only after control at the expense of normal users.

For example:

  To resolve the problem, scammers would deceive the victims into downloading a malicious app, in an Android Package Kit (APK) file format, sent through WhatsApp.

https://www.straitstimes.com/singapore/android-users-lose-2-...

On the topic of looser app reviews on the Play store vs the App store. I can give you a long list of fake iOS apps where you enter a 4 digit code to watch free movies. People who think Apple is manually reviewing apps are delusional.

And yet the times that I have dealt with Android phone issues (2 times in the last year), it has been an app that was popping up full screen ads.

Both phone users have no idea how to sideload, everything was installed from the Play store.