Comment by TGower
21 hours ago
This is a wild misrepresentation of the situation. Saying there is no opt-out is just false, they even provide the information on how users can opt-out. The "mandatory 24 hour cooling-off period" is also misleading, it's easy to bypass the cooling-off period with ADB.
> Saying there is no opt-out is just false
I can't see where one can opt-out of this new behavior and into the existing behavior, only a description of the new behavior's bypass (which is not the same thing at all)
> easy to bypass the cooling-off period with ADB
I don't think this is a reasonable use of the term "easy". I should be able to give my non-technical friend an apk and they can use it right then, with the one "are you very sure" screen.
> . I should be able to give my non-technical friend an apk and they can use it right then
Unfortunately that is the same vector that scammers use to drain people's bank accounts
Such is the cost of computing freedom. This line of thinking is analogous to surveillance justifications in meatspace.
5 replies →
>Unfortunately that is the same vector that scammers use to drain people's bank accounts
Is the solution really that no one can use a computer without special permission and inspection of government issued identification? If we wouldn't tolerate this with our desktop/laptop OS, why is it suddenly okay for our mobile computing platforms?
If Microsoft required this to run software in Windows, there would be riots.
2 replies →
If someone is dumb enough to ignore a very explicit warning message, that's their problem. We also don't restrict the sales of kitchen knives just because some people inevitably are going to be dumb enough to hurt themselves with a knife. If they hurt themselves that's their problem, not the problem of more intelligent people.
I will say, an underrated use case for even small, local LLMs is making command line tools drastically more accessible to laypeople
I now know zero people I don't think should use linux, and people I know seems to run quite a gamut of technical know-how compared to most other technical folks I know
Having an LLM directly and autonomously drive command line tools outside of a strict sandbox sounds like a ticking time bomb.
Thinking tokens: "The files I'm trying to read are missing, I need to figure out why. I see the problem, I accidentally ran rm -rf /home/user. Let me run git restore. No that didn't work. Let me try git reset --hard origin/HEAD. That still didn't work. I should inform the user."
Output: "I was unable to complete the task you requested. Restore /home/user and I will try again"
1 reply →
ADB is not the only option. Do the 24hs wait then the experience will not be much different than what already happens today: https://imgur.com/a/Z9hoYIh
Doing a 24h wait _is_ much different from what happens today. That's the whole point. If my two options to run an application of my choosing are to use ADB to flip a switch or to wait a day, that is ridiculous.
I am only slightly comforted by the fact that desktop computing had set (some) self-ownership precedence before the current restrictive computing hegemony took control, though even that is eroding.
1 reply →
The way you give your non-technical friends an APK and they just install it is by you signing it.
I should not have to enter into a business relationship with google just to hand my non-technical friend an APK any more than I have to enter into a business relationship with the Linux Foundation to hand my friend an AppImage.
And then having Google approve it, so hopefully your app does not do anything that Google does not like, such as block ads.
But I want to let someone MITM my non-technical friend and repalce my APK with malware.
> I can't see where one can opt-out of this new behavior and into the existing behavior, only a description of the new behavior's bypass (which is not the same thing at all)
I don't understand this, the ability to bypass new behavior in settings menus is basically the defenition of a new feature having an opt-out. Can you elaborate?
And I kind of buy the intent behind the cooling-off period anyway. IIRC it's to prevent people from being pressured into installing apps by scammers that could then take their phones hostage
As if there are no scam apps on Google Play.
Yes. That attack is a very real attack. The attacker gets access to the victim's phone and sideloads additional apps that appear to be the victim's legitimate banking application. The victim logs into it and sees a fake balance (as the app is fake). Pressure and other social engineering tactics are invoked and the scammer walks away with all of the victim's money.
You still need Developer's Options enabled and plenty of banking and other apps complain if you do that. Why do I need the Developer's option enabled to run an app I developed myself, to be used by myself? It's clear they're heading to a walled garden and this is just a step towards that.
> Saying there is no opt-out is just false, they even provide the information on how users can opt-out.
The article states that you can't opt-out of the update, which AFAIK is correct.
[flagged]
"Please don't post insinuations about astroturfing, shilling, bots, brigading, foreign agents and the like. It degrades discussion and is usually mistaken. If you're worried about abuse, email hn@ycombinator.com and we'll look at the data."
https://news.ycombinator.com/newsguidelines.html
Yeah, saw that; rubbed me wrong. "If you disagree you are manufactured, a shill." This kind of condescension has never been very convincing. And I mostly agree with the petition.
[flagged]
[flagged]