Comment by kube-system
20 hours ago
> . I should be able to give my non-technical friend an apk and they can use it right then
Unfortunately that is the same vector that scammers use to drain people's bank accounts
20 hours ago
> . I should be able to give my non-technical friend an apk and they can use it right then
Unfortunately that is the same vector that scammers use to drain people's bank accounts
Such is the cost of computing freedom. This line of thinking is analogous to surveillance justifications in meatspace.
The concepts don't need to be at odds with each other.
But also, I don't think that "computing freedom" means you get to use other people's computers without consent. Let's be clear here: Google's requirement for ID only applies to apps distributed from their computer. Presuming that you do actually respect computing freedom, I'd guess you'd support them in this.
I think a good compromise is that they could permit you to sideload. Which they are doing.
But also, if you are very concerned about computing freedom you can also vote with your wallet when you purchase a device.
> But also, I don't think that "computing freedom" means you get to use other people's computers without consent.
Who said anything like that? This is about being able to install software on your own device.
> I don't think that "computing freedom" means you get to use other people's computers without consent
Consent from whom? Consent is already required, why are you discussing this as though consent is not required? Why are you stating it as if people are using other's computers without consent? Right now when I sideload an APK on _my device_, I have to explicitly consent to allowing it to install. And I do not require the author of that APK to have made any deals/interactions with Google. What you mean is Google's consent or a debugger's consent or my consent tomorrow.
So I, as the user, will no longer be able to provide consent alone. I wish that you were right and it was just "no running without consent", but that is today's behavior, and that is being altered.
> I think a good compromise is that they could permit you to sideload. Which they are doing.
They always have, and that was a good compromise. They've now decided you can't sideload until tomorrow unless you break out debugging tools or require the author make special deals with a specific vendor. What exists today is a good compromise, the change is not.
I expect the same from my desktop and mobile devices here.
2 replies →
>Unfortunately that is the same vector that scammers use to drain people's bank accounts
Is the solution really that no one can use a computer without special permission and inspection of government issued identification? If we wouldn't tolerate this with our desktop/laptop OS, why is it suddenly okay for our mobile computing platforms?
If Microsoft required this to run software in Windows, there would be riots.
> Is the solution really that no one can use a computer without special permission and inspection of government issued identification?
No, that is neither the only solution nor is it the one proposed here by Google.
Only physical practicalities will prevent this thinking be applied throughoutly: we can't have guardians preventing people from being scammed face to face. But having to identify yourself on a desktop computer and only be allowed to install software vetted by Microsoft and bunch of governments is readily on the books for the kind of thinking that makes these suggestions.
That's where it inevitably leads to. If people can't be allowed to be responsible for X, next they can't be allowed to be responsible for Y, then Z -- all for their own sake. Google taking some mythical "responsibility" on behalf of their users means the users are left powerless and that is that something Google wants more than just being a "good guy" who protects people from conmen.
It's not like people simply couldn't just limit themselves to installing apps from Google Play already, without these "guardrails". Android currently does make it clear that installing unknown apks from an external source is risky and shouldn't be done unless you really, really know what you're doing. No further technical solutions are required for the problem. You can't fix stupidity with technical means.
If someone is dumb enough to ignore a very explicit warning message, that's their problem. We also don't restrict the sales of kitchen knives just because some people inevitably are going to be dumb enough to hurt themselves with a knife. If they hurt themselves that's their problem, not the problem of more intelligent people.