Comment by kodablah
21 hours ago
> Saying there is no opt-out is just false
I can't see where one can opt-out of this new behavior and into the existing behavior, only a description of the new behavior's bypass (which is not the same thing at all)
> easy to bypass the cooling-off period with ADB
I don't think this is a reasonable use of the term "easy". I should be able to give my non-technical friend an apk and they can use it right then, with the one "are you very sure" screen.
> . I should be able to give my non-technical friend an apk and they can use it right then
Unfortunately that is the same vector that scammers use to drain people's bank accounts
Such is the cost of computing freedom. This line of thinking is analogous to surveillance justifications in meatspace.
The concepts don't need to be at odds with each other.
But also, I don't think that "computing freedom" means you get to use other people's computers without consent. Let's be clear here: Google's requirement for ID only applies to apps distributed from their computer. Presuming that you do actually respect computing freedom, I'd guess you'd support them in this.
I think a good compromise is that they could permit you to sideload. Which they are doing.
But also, if you are very concerned about computing freedom you can also vote with your wallet when you purchase a device.
4 replies →
>Unfortunately that is the same vector that scammers use to drain people's bank accounts
Is the solution really that no one can use a computer without special permission and inspection of government issued identification? If we wouldn't tolerate this with our desktop/laptop OS, why is it suddenly okay for our mobile computing platforms?
If Microsoft required this to run software in Windows, there would be riots.
> Is the solution really that no one can use a computer without special permission and inspection of government issued identification?
No, that is neither the only solution nor is it the one proposed here by Google.
1 reply →
If someone is dumb enough to ignore a very explicit warning message, that's their problem. We also don't restrict the sales of kitchen knives just because some people inevitably are going to be dumb enough to hurt themselves with a knife. If they hurt themselves that's their problem, not the problem of more intelligent people.
I will say, an underrated use case for even small, local LLMs is making command line tools drastically more accessible to laypeople
I now know zero people I don't think should use linux, and people I know seems to run quite a gamut of technical know-how compared to most other technical folks I know
Having an LLM directly and autonomously drive command line tools outside of a strict sandbox sounds like a ticking time bomb.
Thinking tokens: "The files I'm trying to read are missing, I need to figure out why. I see the problem, I accidentally ran rm -rf /home/user. Let me run git restore. No that didn't work. Let me try git reset --hard origin/HEAD. That still didn't work. I should inform the user."
Output: "I was unable to complete the task you requested. Restore /home/user and I will try again"
I tend to set people up with a chat interface, which is pretty good for asking for commands or scripts that the user will then copy into their terminal. Most people I've gotten to try linux do pretty well with just a wiki, but once they run into something they want to do that's kind of idiosyncratic they tend to ask me for help. While I think running models that have access to a shell is dangerous and should be handled carefully, the fact that they've been trained for this use case generally means they're pretty good at shell commands and can give you one a decent chunk of the time. I'm never willing to inject an external dependency controlled by a company into people's computing needs unless they specifically ask for it, so this is usually a lightweight local model specialized in tool use, but not given shell access. This isn't much different from how they'd use search engine for this purpose these days, but if running locally, it can be more fault-tolerant to issues that affect their internet access as well as offering better privacy guarantees, albeit obviously a little less capable
ADB is not the only option. Do the 24hs wait then the experience will not be much different than what already happens today: https://imgur.com/a/Z9hoYIh
Doing a 24h wait _is_ much different from what happens today. That's the whole point. If my two options to run an application of my choosing are to use ADB to flip a switch or to wait a day, that is ridiculous.
I am only slightly comforted by the fact that desktop computing had set (some) self-ownership precedence before the current restrictive computing hegemony took control, though even that is eroding.
Wait until you find out about games consoles
The way you give your non-technical friends an APK and they just install it is by you signing it.
I should not have to enter into a business relationship with google just to hand my non-technical friend an APK any more than I have to enter into a business relationship with the Linux Foundation to hand my friend an AppImage.
And then having Google approve it, so hopefully your app does not do anything that Google does not like, such as block ads.
But I want to let someone MITM my non-technical friend and repalce my APK with malware.
> I can't see where one can opt-out of this new behavior and into the existing behavior, only a description of the new behavior's bypass (which is not the same thing at all)
I don't understand this, the ability to bypass new behavior in settings menus is basically the defenition of a new feature having an opt-out. Can you elaborate?