"sideloading" connotates something that is negative.
On systems before apple's locked-down iphone, it was just called "installing".
The PC revolution started with people just inserting their software into the comptuer and running it. You didn't have to ask the computer manufacturer or the OS vendor permission to do it.
And note that apple doesn't allow you to protect yourself. You cannot install a firewall and block arbitrary software on your phone. For example, you can not block apple telemetry.
I fail to see the difference between this and many other normal parts of life.
Want to renovate and change your home that you own? You need permitting and not all changes are allowed. But you own the home and land so why do you need permitting?
Say you want to modify your car that you own, again depending on the modification that's technically not allowed either (an aerodynamic wing in a place like Japan, for instance, can't be certain dimensions; but if you own the car you should be able to do what you want with it).
Maybe none of these types of things should be beholden to someone holding the reins of the thing you own but it's not like Apple not allowing sideloading is some wholly unique problem.
In all of these cases the law is what is requiring compliance here, not the manufacturer.
If there was a law requiring apps to be approved by someone first then your argument would be valid, but I do not think such a law exists (at least in my country).
While complying with a regulation vs a business requirement may feel like the same thing in practice, there is at least an avenue to change the regulation via, you know, democracy.
Yeah, but the manufacturer can't have some Pinkertons go to your house and murder your wife, sons and dogs over it either. You just have financial responsibility for whatever it voids.
> Want to renovate and change your home that you own? You need permitting and not all changes are allowed. But you own the home and land so why do you need permitting?
I believe both this situation and the iphone software situation are wrong, so it's not really a counter argument.
Conflating government regulation, which is often about safety and the public good (as imperfect and at risk of corruption as it may be), with the policies of private companies trying to replace regular commerce with a surveillance-based rentier economy is disingenuous at best
You can install your own OS on iPhone hardware, what you’re demanding is that Apple allow you to run your own software on their OS. It’s like saying that you don’t own your microwave or lawnmower unless they provide you with an API to build apps on it. Are you just renting your Xbox because you can’t run PlayStation games on it?
> what you’re demanding is that Apple allow you to run your own software on their OS
Yes. I'm not the original commenter, but this is what I expect.
From my POV, the OS exists to virtualise the hardware it runs on. I don't want the OS manufacturer to decide if I'm allowed to have a web browser or play games.
Naive in hindsight, but until game consoles and smartphones came along, it didn't occur to me that an OS would forbid me from installing something.
I would be a bit more careful how I would say compliance.
For example, a coffee maker does have software in there. But it does a job and does it well. There's no cloud garbage, no remote attestation, or much of anything.
To that end, I look at "who can control the device?" If the answer, as someone who paid money for it, and the answer is "the company", then I'm logically not the owner.
Alongside a fraudulent sale, there is also tax fraud by misclassifying these rentals as sales.
I've also seen nobody discussing the tax fraud angle either. We the public are getting cheated as well, from both directions. Its high time we start suing and pressing charges, and making us whole.
Again, these companies who want to "sell" something, but still retain owner-level control at a distance should be classified as a rental.
And a rental means the company still owns this property, and therefore should pay taxes on all of their property.
And that would absolutely mean that game consoles SHOULD not be sold as such. Or better yet, if these companies do make changes against the property owner's decisions, should be prosecuted using the CFAA against the company.
Case in point: Nintendo Switch 2 is remotely destroying consoles that play a game that was ripped by someone else. If it were me, Nintendo of America's C levels would be charged with CFAA and have a nice perp-walk.
But that's the point in the USA. Companies are allowed to use Trojans and hack tools against hardware others own, but if we tried that, I'd be making this message in a jail cell.
Presumably they mean something treating it more like renting a car.
E.g. if a game console manufacturer wants to retain owner-level control of their console, they can rent it to you for $X per month, which would include a Y% sales/VAT/GST/whatever tax.
And correspondingly if the device is sold to you, they should not be able to do things like disallow you from running custom software, remotely brick the device with a soft fuse, etc. and otherwise stop you from using it freely.
I think there is a middle ground (e.g. you can buy the console and either have it in "secure" mode as it ships from the factory, or choose to "root" the device and gain the ability to run custom code - perhaps this would invalidate the manufacturer's attestation keys from the secure enclave or burn a soft fuse as part of the process, so it no longer passes checks for DRM and so on). However that may not be economically viable as I understand the consoles are often loss leaders on the hardware and the profit is made on game sales and licensing.
My question was referring specifically to the “not paying taxes”. TTBOMK, in all western jurisdiction, sales/vat/etc/income taxes on sales are equal to or higher than those owed on rental income - and op kept repeating (in multiple responses) that misclassifying a rental as a sale is a tax fraud for the seller/original-owner. That makes no sense to me.
But regardless, if a company can remotely remove my ability to use a product solely at their discretion, we need a better way to talk about than "buying and selling"
The phone is general purpose. Its impact on daily life and near necessity and our expectation from the last 15 years of haven't them make it different.
I own a blender made by KitchenAid. I am allowed to blend strawberries that have not been approved by KitchenAid. I can make an Onion Banana Durian smoothie if I want. Calling Apple product appliances is a slur to appliance makers
I can see movies that weren’t blessed by Apple, and I can send email with content that wasn’t approved by apple.
Most of these analogies don’t make things much clearer.
The closest one is: the phone is supposedly my employee - I pay its salary (to Apple), but it is asking Apple to approve everything I ask it to do, and they are the only arbiter.
(This analogy also sucks. You have to actually deal with subject matter at hand and not look for shortcuts)
Well you can't run your own OS on iPhone hardware without jailbreaking but that's beside the point. You don't own your Xbox not because you can't run Playstation games on it but because the manufacturer put a digital lock on it they control which denies you the ability to run software they don't approve of on it.
I think we can do better than "well you own it because you're technically allowed to attempt to break the lock." We can demand that users be given ability to remove the lock.
I’m still not seeing the difference between an iPhone and Xbox. They’re both controlling what software you can run on their systems, why are people complaining about one but not the other?
Because iPhones are the primary computer for hundreds of millions of people, and Xboxes are toys that some people have in their living rooms. It's not hard to believe that people have a right to control their computers and consider the situations with both devices bad, but to be far far more concerned about the iPhone.
I don’t where you’ve been the last couple of decades, but plenty of people complain about software restrictions on gaming consoles. There was a whole era when console games were even region-locked, and that fucking sucked…
Because the number of people on HN who think they will become a billionaire if Apple let everyone install their app is much greater than the people who think the same about Xbox.
Devil's advocate: it seems similar to reassigning a lease if you want out before it ends. Lease reassignment is a common clause in rental agreements, it sounds like Apple simply allows you to reassign your indefinite device rental, unlike, for example, Tesla.
There was a class action suit against Sony over preventing PS3 users from installing Linux on their consoles. I think it ended in Sony losing and having to pay reparations. Whether it was a "huge amount" is subject to debate.
Then you kept electing capitalists expecting them to change their stripes. To the point that the capitalists that united with ethnic and religious zeal won out.
Sideloading sounds like sidestepping (synonyms: circumventing, avoiding, evading, bypassing, ignoring, dodging, escaping, skirting). I wonder if the term originated on iOS, where you did have to circumvent things to install programs manually.
I think side-loading is meant to be a third option between downloading and uploading. I think it was installation from a flash drive/card connected to the device.
> On systems before apple's locked-down iphone, it was just called "installing".
If the phone people could make a solid permissions system, this wouldn't be a problem. Applications should by default be able to read their own install files, and have dedicated directories for their local storage, caches, and such.
They can make network connections to their home site, if the user allows it. That's all they get.
That would cover almost every app that doesn't need camera, microphone, or GPS access to work. GPS access infuriates me, because so many lazy developers either don't allow the app to run without it, or never test it, so searching by zip code never works.
Anti-virus apps aren't actually useless. They are slow, inefficient, have bad false positive and negative rates, but they aren't useless. I know it's an unpopular opinion but most HN posters have never been on the other side of this stuff.
Many moons ago I attended an internal tech talk by the Google security team. This was shortly after they got hacked by China around 2010 or so. The talk was a general one on what they were doing to boost the security posture in general.
Number one thing they were doing was moving away from AV scanners on Windows to a regime in which IT would centrally whitelist all apps by signature or EXE/DLL hashes. Beyond the issue of false negatives, the reason was that people would routinely install malware infected software despite being told by the AV scanner that it was infected. They'd be told that and they'd just override it. Nearly always the reason was that they were installing pirated software and wanted it badly enough that they either didn't care that it was virus infected, or they talked themselves into believing a conspiracy theory in which AV companies reported false positives to try and discourage piracy.
The other problem with AV was that it reported true positives centrally, but then they'd be coming from high level executives and there'd be problems with addressing the issue. Whereas in a whitelisting scheme said executive would have to file a ticket to request permission to install the malware-ridden pirated Photoshop or whatever, and they wouldn't do it.
This was very sad and I don't know if they kept it up, that sort of thing is terribly high maintenance and it wouldn't be a surprise if they moved away from it at some point. But when your biggest problem is AV that is accurate but ignored and that's inside one of the world's most sophisticated tech companies, it's fair to say AV is not useless but if anything needs to be even stricter.
> or they talked themselves into believing a conspiracy theory in which AV companies reported false positives to try and discourage piracy.
To be fair, pirated software often uses obfuscation techniques similar to malware, and then it's more like antivirus vendors refusing to add an exception for pirated software, rather than antivirus vendors specifically seeking out pirated software to mark as malware.
Also:
Certain types of scripts and software that I use to configure Windows in unsupported ways are detected as malware by major scanners. While I'm sure someone wouldn't appreciate these scripts being used on their computer by surprise, when I use them intentionally, I want their effects.
Probably because it's targeted at businesses for whom having pirated software on their machines is a substantial legal liability. I remember it used to be labeled as "potentially unwanted program" rather than "virus" - is that no longer the case?
Same with me for Linux, but I would also say that, with the discipline and knowledge I have had for the last 10-15 years I probably wouldn't need anti-virus for Windows either.
Only if you ignore the "npm install" or "pip install" moral equivalent. Free open source packages that come with a side helping of malware have become common in recent years.
Oh I included that I just think that statically things are mostly going fine (unless we are all secretly backdoored in a way that has yet to be made public).
Macs come with an Apple provided antivirus built in, it's called XProtect.
Apple also has enforced a similar policy to what Google is doing, but much stricter, and has done for ~13 years or so (devs must be identified, the OS rejects unsigned code in all territories by default, Apple pre-approves all binaries even outside the app store).
Linux distros have policies far more extreme than anything Google, Apple or Microsoft have ever done. They explicitly don't support installing any software not provided by their "app stores". Getting into those requires giving up your source code to them, and they reserve the right to modify it as they see fit without informing anyone, reject it for any reason or no reason at all (including reasons like "we don't have time"), and they tie getting new releases of your app to the user upgrading to new releases of the OS. If you do try and install stuff from outside of your distribution, not only are there security warnings to click through but an expected outcome is that the OS breaks and the vendor washes their hands of you.
Despite those policies, or perhaps because of them, botnets of Linux servers are common.
Of all consumer-facing platforms only Windows and Android allow installation of unsigned third party code out of the box via some obvious graphical path. And on Windows that right is somewhat theoretical. You can do it but the built in browser will try very hard to stop you, and the OS itself will happily break unsigned code by blocking file open syscalls heuristically. So in practice most apps don't go the unsigned route. On Android OTOH, unsigned (non ID verified) code is sandboxed and works just like regular apps after installation, the OS won't heuristically interfere with the app.
> They explicitly don't support installing any software not provided by their "app stores".
Most Linux distributions don't prevent you from installing third party software at all. You download something, you set the execute bit, it runs.
Users are wary of doing that with software from untrusted sources because, obviously, you're then placing your trust in whoever provided the software instead of the distribution's packaging team. But the OS won't stop you if that's what you want to do, and sometimes you do trust the source of the software.
> Despite those policies, or perhaps because of them, botnets of Linux servers are common.
Botnets of Linux servers are common because some people operate them without security installing updates (common with WordPress), and then attackers exploit known vulnerabilities in the unpatched software.
But "locked" phone platforms regularly discontinue security updates for devices that are still in widespread use. Locking the device doesn't solve that problem at all, and in fact makes it worse because then if the OEM doesn't patch it nobody else can do it either.
The OS doesn't stop you installing third party software - signed or not - on macOS, Windows or Android, so "allow" is nothing interesting. That also won't be changing with Android, given that you can buy a phone with an unlockable bootloader and reflash to some other spin of Android that implements whatever security policies you want. You can put these devices into a mode that allows anything.
The question is whether that's something the vendors make easy, if they support it in the sense that you can do it and they will still deal with you if there's a problem. That's what support means. It's not a synonym for technically possible.
Windows, macOS and Android don't consider installing third party software to put the system in an unsupported state. Linux vendors do.
> The OS doesn't stop you installing third party software - signed or not - on macOS, Windows or Android, so "allow" is nothing interesting.
The concern is that they are now doing this on Android, and have long been on iOS. Moreover, there are really three things here: Fully supported, still easy enough to be practical, and so much friction that it's dead.
If you install Steam on Windows, Microsoft doesn't "support" that -- if you call Microsoft support and want them to fix a problem with Steam, they're going to direct you to Valve. But installing Steam on Windows is easy to do, and therefore common. And it's the same thing with installing Steam on Linux.
Likewise, you can get Linux software from the distribution's repositories, but you can also use pip or npm or flatpak or any number of alternative packaging systems, and doing this is easy and common.
Which, on Android and iOS, it isn't. It's not just "not supported" but so arduous that the alternatives can't gain traction, which is qualitatively different and has consequences in terms of network effect even if it's technically possible to install LineageOS on a handset if you buy just the right one and immediately reinstall the OS and keep a separate phone to run your bank app. And even then you still can't install a mainline kernel on that device and are reliant on the OEM to keep publishing security updates.
> The concern is that they are now doing this on Android
Even with this new policy there are still ways to install unsigned apps on Android e.g. via adb, reflashing to a different build of Android, and so on. But you're absolutely right that there's a spectrum of usability here, which is why "allow" isn't really a useful standard. Only iOS tries to set friction to 100%. Every other platform "allows" third party installation given enough work, which is why it's valid to compare the difficulty of doing so on Linux with other platforms.
Re: Steam. Microsoft absolutely does support that! If you install Steam, Windows breaks, and Steam isn't doing something disallowed like messing with internal data structures, then Microsoft will accept it as a bug in Windows. They work very hard to support apps even when they actually do mess with internals. It's the Linux world that shrugs if a change in Linux breaks Steam when Steam was doing nothing wrong.
Flatpak is a genuine improvement, yes. But for the rest, sorry, you have developer brain switched on! Pip! Easier to use than Android!? These tools:
• Only target developers, and as such regularly do things like try to compile software during install and then fail due to obscure compatibility or versioning issues.
• Have severe malware problems.
You couldn't present pip or npm to the Android team as a solution to the problem they're trying to solve. You blame Android for being "arduous" whilst desktop Linux has spent decades with <5% market share exactly because it's so incredibly arduous. Come on: even with these new policies it is much easier for both users and developers to access/make software on Android. I've developed and distributed software for every OS except iOS at this point, and the differences are clear.
That's an interesting take on Linux. I see it as a lot closer to what Windows programs were like back in the day, where you can install whatever you want.
Linux distributions each have their built in package managers, but there's no 'policy', as I understand it, that prevents installation of, literally, whatever you want. It's generally more difficult than just downloading and double clicking on the installer / exe, but just follow the instructions and it's done.
And, yes, also there are weird version and dependency issues that crop up more than would be ideal, but that's not the topic.
There's no such policy on any OS except iOS I believe. You can override the security mechanisms on every other OS. The question is only how hard is it? On Linux, worst case, it can easily require compiling the program from source. If Apple or Microsoft imposed a policy that said you can install whatever you want but only by compiling from source, people would lose their minds!
And, note, back when I was a Linux user, distro vendors and evangelists justified that situation by security. They said we don't want people distributing software outside of our repositories because that's how Windows users get viruses, so we deliberately won't make it any easier.
So the Linux community doesn't get to cry freedom and decentralization now, IMHO. The time to do that was 25 years ago when Debian was being praised for having big repositories. Some of us actually did point out how centralized and authoritarian that approach was, I even built a system for distributing apps in binary form to all distros (with hacks and shims for binary compatibility), and that projects attracted some volunteers, but we got pilloried for not "getting" UNIX. One Debian developer even called us monkeys.
The users got tired of this and bypassed them with Docker, a much more decentralized system in which anyone can publish images without binary compatibility problems, and using them isn't tied to your OS version or OS vendor policies. But Docker is also centralized around Docker Hub, and Docker Inc do ban images and developers when malware is found:
It's fair to say that the only OS vendors who have ever taken decentralized and free app distribution seriously are Apple, MS and Google. The open source world went all-in on the centralized store model from the start and never looked back.
External, non-distro-maintained package repositories have been common for ages. I was still in elementary school, so my memory is a bit fuzzy, but I'm fairly sure downloading and installing individual packages was something I did too in the 90s. And fundamentally, any system that is open enough that "you can compile whatever you want on the device" is an option can also have binaries distributed.
Sure, the Linux ecosystem has not prioritized binary compatibility as much, so doing so has been harder, people culturally expected "use existing libraries" more than "just bundle everything", but as you note that attitude has shifted too and it always was possible, and nothing seriously suggested preventing it.
Indeed. I remember installing Slackware in '97 and looking at some dev's alternate repos. Looks like Slackware still has third-party repos, though I stopped using it 25 years ago. =)
> And, note, back when I was a Linux user, distro vendors and evangelists justified that situation by security. They said we don't want people distributing software outside of our repositories because that's how Windows users get viruses, so we deliberately won't make it any easier.
Never heard that argument, ever. `apt-get` literally allows you to add whatever repositories you want. You're conflating two completely separate worlds. The first is the world of Linux that pretty much invented the idea of a software repository for an operating system. This was invented because Linux has the notion of "distros", and the trick there is to provide a set of packages that all work together in that distro. That's the purpose of curating packages in the repos (along with Free Software licensing, in the case of distros like Debian). But this system was always federated, where users were empowered to add any additional software repositories they needed. F-Droid on Android copies the exact same architecture, allowing the user to add endpoints of servers they want to pull software from.
The second is a system of control built by Google and Apple. It has nothing in common with the Linux system, but rather was designed to vend proprietary software that extracted money from users, for the purpose of lining Google and Apple's pockets. When Tim Cook testified about app store fees and the judge queried him about why they were so high, he said "To lower those fees would be to give up the full return on our App Store investment." Basically: we're charging this much because we can.
Conflating these two systems and the reasons for their design would be very misleading.
> It's fair to say that the only OS vendors who have ever taken decentralized and free app distribution seriously are Apple, MS and Google. The open source world went all-in on the centralized store model from the start and never looked back.
It is not even remotely fair to say this. In fact, it's so misleading it feels malicious. The only operating system on the planet that offers user-supplied software repositories that work with the built-in package management system is Linux. Full stop. And Linux doesn't even only have one of these systems, it has several. Flatpak, Debian repos, Ubuntu repos, Arch's AUR, Slackware's third party repos, etc. And users don't have to "work around" the system to use any of this - simply adding new URLs works great, and it's always been this way.
In short, Windows and MacOS and Android have never taken third party software distribution seriously in the least, and have done nothing to support it. Linux has built-in support for third-party repositories, and has for decades.
> In short, Windows and MacOS and Android have never taken third party software distribution seriously in the least, and have done nothing to support it. Linux has built-in support for third-party repositories, and has for decades.
They all have sophisticated systems in place specifically to support third party software distribution that works (and is relatively safe):
• Windows has the app store, MSI, and MSIX (which allows efficient installs and updates from arbitrary web servers). MSIX is a package manager, by the way. It also has API support for writing AV scanners, managing software deployments across managed networks and so on.
• macOS has .dmgs, notarization, Gatekeeper
• Android has support for installing APKs from the web with a package identity system that lets anyone self-sign their software.
Above all they consider installing apps that aren't controlled by the vendors to be a core feature, so they work hard to provide binary compatibility, bug workarounds, multi-year deprecation cycles, anti-malware scanners and more, all for the benefit of developers who develop their apps independently of the vendors.
Linux can be reconfigured with additional repositories, technically, but that feature was originally designed for reducing bandwidth usage with mirrors. It wasn't meant to allow third parties to distribute software on their own schedule, which is why these third party repositories are invariably locked to a specific version of a specific distribution. Developers who complain about this are just told every version of every Linux distribution is a unique OS, and that they should open source their apps to let distributors centrally take ownership of their work.
It's changing a bit now with Flatpak. But for the bulk of Linux's history, that was the gig: no supported way to distribute your apps, and third party repositories would come with health warnings from your OS vendor. Not a supported way to use the OS. If it breaks you keep the pieces.
Completely disagree...none of those are systems as comprehensively distributed as what Linux offers. Much of what you listed is centralized infrastructure.
> They explicitly don't support installing any software not provided by their "app stores". Getting into those requires giving up your source code to them, and they reserve the right to modify it as they see fit without informing anyone
I've used Ubuntu, Debian, Manjaro, Mint, and Fedora, and none of them are like this. Which distro do you use that doesn't let you install any software you want?
How can you be so aggressively wrong about so many things in a single post? It’s impressive.
The stuff about Linux not letting you install stuff flies far in the face of like everyone’s knowledge of Linux. Your description of how Linux installation works is pure fantasy.
I didn't say it didn't "let" you. I said it's not supported, as in, the Linux vendors don't consider that to be a feature of the OS that you should actually use.
I've been a Linux user for 25 years. You can reconfigure the OS to use additional repositories. It may or may not work, and only if there is a repository specific to both your distro and its version. But it's not a good idea.
In particular, OS upgrades are very likely to break. Being able to upgrade itself is a basic requirement of any modern OS. If your Linux distro corrupts itself on upgrade or fails to do so and you file a bug report you'll be told to remove any third party software because that's not supported.
This would be like if your Mac started crashing on boot because you downloaded a word processor from a website, and then Apple say "sorry, we only support apps coming from the app store". They don't do that, but Red Hat or Canonical will.
> They explicitly don't support installing any software not provided by their "app stores".
Nonsense. You can and run install whatever you want. Tons of closed source commercial software available for Linux like Matlab come as a .tar file which you extract and run.
In Fedora, we don't "support" third-party packages or installation of software because we can't do much about it if something is wrong. You should go to the provider of the software for help.
But we certainly support your _ability_ to install and run whatever you want. It's your computer, and it's your OS.
Regardless of the party line, in practice there's no big distinction between not caring if it works or not and not allowing it. The difference only matters for highly technical people with lots of time on their hands. For everyone else, if it's not a paved road it's not a road they can travel on at all, and so in practice Linux historically did not "support" third party software in any meaningful way.
And although I was making that argument to Fedora decades ago, it's only recently that this point has been accepted with official support by Red Hat for stuff like Flatpak. Of course other distros developed their own thing as always so it's still not really ideal. But at least the principle was now accepted that third party apps should have a properly supported way to thrive. Far too late, but it's done.
This is so blatantly wrong. On macs it became a little bit hrder very recently (you need to tick a checkmark in the system setting to allow untrusted program running) otherwise you just need to run the program once via right-click.
On most user-friendly linux distros you can just run installer of any program.
It’s a lot harder than that now in macOS - now you have to individually approve each new unsigned binary through the system preferences security panel.
Never in those 20 years did I need one on Windows either. It turns out if you vet the software you install in the first place, malware is pretty rare. That isn't the bar for most regular users of software though.
Working in retail tech support, we got folks bringing in their new macbooks, freshly ruined by new ransomware, utterly baffled that it was possible at all. But when you're trying to use Photoshop without paying... well, shady stuff's still out there.
You have been lucky. It's trivial for someone to write a stealer and trick someone to run it. For example there's been stealers targeting Linux built into trojans of Minecraft mods.
We certainly did, those that fail to obey following the rules, besides the monetary expenses, given enough points they either lose their license or are given some months on a tiny room to think about their life decisions.
If you consider developer has the right to determine who runs their software, it is actually.
My last 10 apk installs:
- 9 apps not available in the local store
- 1 app I changed some setting in the manifest
For less technical people it will also include some shady apk's for example promising free La Liga match broadcast but then scraping everything from phone.
I've found myself having to sideload more apps in Android lately, simply because they didn't update and were removed by Google from the Play Store. Great apps that worked for years and did what I needed them to do are now no longer good enough because the developer didn't choose to stay on a ridiculous treadmill.
No it doesn't, it just connotes not using the "integrated with the OS" install path. There has been a big push to differentiate "developers" from "users" in general, and that is co-opted in a corporate environment to try to restrict the "user" layer while only parceling out the ability to really leverage the system to those deemed "blessed".
> I’ve been programming computers since 1986 and even I have never said it would be cool to side load on my phone.
Because you know about the options, and probably have at least one computer where you can install what you want. Imaging if 1986 you only had access to an iPhone, like most young people today, would you still be programming computers 40 years from now then? There are new computer science students in university that doesn't know how file paths work.
In 1986, it would have been like having my only “computer” my Atari 5200. Are you really arguing that kids today don’t know that computers exist? I can’t see myself enjoying programming if the only thing I had was an iPhone with a keyboard and mouse - but it being “open”.
I have bought one. The problem is that all the good hardware is locked down because of people like you.
All of the services I need to operate my buisness (such as my banking app) are also locked down to locked down OSes thanks to the silent majority and viewers like you.
What bank doesn’t allow you to access them from a website? If your bank doesn’t allow access from a website on your computer then you made a choice to use a hostile bank.
Is this a joke? The reason for TFA is precisely that this is quickly becoming impossible as Google closes down Android. It's already viciously impractical to install a privacy respecting OS like Lineage or Graphene, and now they're coming for the very possibility of installing software.
5 years ago you could install custom rom and still use 99% of apps with it. Now with Google "safety" and "certification" features you won't be able to use most of financial apps and a lot of non financial apps too.
Obviously there no way on earth Google will allow you to decide whatever device you own is "safe". There is still ways to bypass it using kernel hacks, but it's both cat and mouse game and often not very trustworthy since a lot of software used to bypass safetynet is proprietary.
So yep, using custom OS on your phone is impractical because Google made it so.
And people keep saying this - what financial services companies are inaccessible via a web browser? And if they do exist, why do you choose such a bank?
I’ve heard people say Monzo in the UK. But there are plenty of banks in the UK you can choose from in the UK that have websites
> And people keep saying this - what financial services companies are inaccessible via a web browser?
You've already quoted one example so you know which was the trend is going, but since you asked here is another. New bank accounts handed our by https://boq.com.au/ can only be accessed from a phone, or via the web.
I started banking with them a long time ago. All accounts open back then have net banking, but no app. They've recently changed. New bank accounts can be accessed via an app, but web interface. I think this is a good thing in general. Insisting you do transactions using your phone or in a branch is far more secure that allowing payments via the web, or card.
Then choose another bank f not using apps is imprtant to you. I mean you have agency. Are you saying there are no banks in Australia that you can do without an app?
Answer is yes. But 'safety' is not the reason for the recent Google move.
It is a move taken in lockstep with EU's Chat Control and UK's Online Safety Act, and the proposed Kids Online Safety Act in the US. The common objective of all is total control of digital lives of citizens and allowing the government to snoop on all internet communication while not disabling end to end encryption. They need end to end encryption to lock out external adversaries (Russia China etc) but they need to see the contents of encrypted messages to monitor internal adversaries.
First step is blocking you from running any apps not allowed by Google/Apple.
Second step is putting in the systems to snoop on end to end encrypted communication apps on the endpoints, enabling intel agencies to detect thoughtcrime without exposing everyone's chats to Chinese/Russian intelligence. This will most likely be done by OSes recognizing the apps and extracting private keys on demand.
Last step is locking the bootloaders so you cannot have a phone which lacks the 'features' added in the second step.
I wish Stallman wasn't so silent. For someone who cares so much about software freedom he hasn't said a damn thing about any of what's been going on these past few months with KOSA, the Online Safety Act, etc.
Last I heard he was battling cancer. We've got plenty of new blood fuelling the public discourse. He's done enough. I'm inclined to give him a break and instead put the pressure on the rest of the community to get themselves organised and do something about it.
Do we need people to stand up and push back? Yes. Stallman? I would rather not. The man doesn’t hold influence outside of some of our community, and is toxic because of things he has said and done to the outside world. Just look up his definition of “child” and read that in context to his statement about sex and he is discredited to most people
I hadn't heard of anything he had said on the subject before your comment, so I did a quick search. I don't know if the following is about but one of many problematic views on the subject, or if after this change of mind his views on sex are all fine, but worth knowing that at least on one issue his opinion has improved:
> "Many years ago I posted that I could not see anything wrong about sex between an adult and a child, if the child accepted it.
> "Through personal conversations in recent years, I've learned to understand how sex with a child can harm per psychologically. This changed my mind about the matter: I think adults should not do that. I am grateful for the conversations that enabled me to understand why."
how then? just a rough idea would be nice. because don't see it. as much as it pains me, but i have to admit that i find the article convincing. i see these people around me every day. they have no experience with technology. they didn't even go to school long enough. yet they all have a smartphone with no idea what it is capable of, or what the consequences are. and they are used to the government taking care to protect them.
In the same way Windows and Mac computers can sidel...,ehm sorry, install software: we don't. Stores also sell guns, knives, chainsaws, highly addictive opiates, and 4 ton death machines capable of travelling at 100 mph. We do not restrict ordinary kitchen knives which have been used in terrorist incidents killing dozens, but draw the line at grandma sending $10k to a Nigerian prince?
Even if we are restricting installing apps, there are less heavy handed measures. By enabling .apk installs only via developer options/command line/adb in a way that the average user will never be able to figure out, for example. Sprinkle a few warning pages with scary red lettering and it's fine. Grandma will never figure out how to run adb commands on Gentoo.
There is a tradeoff between liberty and security. You can never guarantee security; the Google rules in the article won't ensure it either, as Google has been shown to simply not care about scam/malware apps published onto its own app store anyway. The whole security angle is a misdirection. The whole move is about control.
> "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
Stores also sell guns, knives, chainsaws, highly addictive opiates, and 4 ton death machines capable of travelling at 100 mph
they don't sell them to people who don't know how to use them. with the exception of knives. but unlike technology, people do know how to use knives without getting hurt. they can easily see that chainsaws are dangerous. they need a drivers license for a car, and they can't get opiates without a prescription.
none of these controls are available for apps, and yet, because they don't know how to use phones/apps safely, because they can't tell the difference between an app that is save, and one that isn't, they risk their livelihood because they fell for a scam. they are not going to install those apps by themselves. they will ask the techshop around the corner to do it for them, and the scammers give the techguy a cut for installing that app that steals your money.
the problem is of course lack of education, but education doesn't have a quick fix. in the meantime many peoples lives will be ruined.
I am pretty sure, in many parts of the United States, an 18 year old can purchase a gun at a store, even if it is the first gun they have ever touched.
they still know that guns are dangerous. and they can tell the difference between a toy gun and a real one. they can't however tell the difference between an app that can be trusted, and an app that will steal their money.
We should be asking the opposite question - is it possible to give control over our computers to a handful of corporations and government, and remain safe from tyranny. Try starting a new political party, or even climbing up the ranks of an existing one, when the establishment knows every wrong opinion or indiscretion, of you and your associates, from when you were a toddler onward.
Ok, so ignore your goveenment paranoia. Sure theyre out to get you.
But ask yourself, would business do this anyway? The answer is yes. Google needs a growth target and modeling app store lockin and fees is there.
Youre free to live in paranoid government land, but its an unnecessary abstraction. Its actually the EU and US rulings against their monopoly thats driving it.
This is just what you'd expect any government that is either competent or greedy to be doing, given the technologies at play.
Calling it "thought crime" is, of course, a bit glib. But things like "we want to monitor the communications of every pro Palestinian university student so we can take proactive disruptive actions" are very real and not so hidden desires and sentiments of modern Western governments.
Depends on how they implement it and how they seed political support. Id they sell it as "save the kids" and give token authority to the same kind of DCMA region lockin, itll become a government backed utility.
Monopoly enforcement only occurs when theres no natural monopoly.
It sounds like the classic selective enforcement quid-pro-quo mafia state bullshit. The government doesn't really care about antitrust compared to control and snooping, it just makes a convenient excuse to arbitrarily punish for compliance. Just look at the "payment for services rendered" given with unenforced broadband expansion funding that wound up in pockets and every ISP having a room 641A.
The owner of a device should have the final say. The way a lot of this is set up basically deprives the owner of one of their core property rights, in particular the right of exclusion. Instead, in many systems the decision about what software to include or exclude is made cryptographically by a third party rather than by the device’s owner. I don’t think we should support limiting people’s property rights for “safety” or other reasons. iOS is probably one the worst in this regard and it sad to see android moving more and more towards this direction.
I have posted multiple times before that this effectively limits people’s property rights. Here are some other posts I have made on the subject:
There are two reasons to install an app: I personally want to install it or a powerful third party will bring down a wildly disproportionate punishment if I don’t. Nowadays the vast majority of app installs are in the second category, and in this category, being able to make it common knowledge that I physically can’t install your (parking app / apartment app / course selection app /banking app) as root with unlimited privileges even if you (tow my car / evict me / expell me / close my bank account) is super valuable. This value skyrockets further if a large section of the population has this same inability to root themselves, which apple coordinates. This is why people buy apple! ask anyone who buys an iphone for grandma. I would be quite pissed off if the government steps in and takes away this coordination mechanism.
Your coordination mechanism is to just to rely on the good will of a single company. How long do you expect it to last before apple starts cooperating with invasive parking apps, banking apps, etc?
What I am saying is the way the cryptography is implemented on locked devices such as iPhone your property rights are being trampled upon via cryptography. By using cryptography, the manufacturer reserves for itself; rather than the owner; the fundamental right to exclude or include what software can run on the CPU, even after the hardware is sold. The cryptography is not a legal agreement either like a lease/loan ect... So this being done via extra-legal means.
For example, let’s say you buy an iDevice and do not even intend to run iOS, but instead want to install/port Linux, or run some bare-metal code. You would have to ask apple to sign that code with their private key, which they won't do. The problem is a sale should have transferred all rights of property rights to you as part of the sale. The clue is you have to ask a third party to even hope to do this points to the fact your being limited on the full enjoyment of your property rights. This cryptography is not a contract or legal instrument either and you don't even have to agree to anything for it to be in effect. You could buy the device and have no intention to use the preinstalled software, and it's in effect before you even open the box.
The problem is the right of exclusion is very important, and can even derive most other property rights for example this paper "Property and the Right to Exclude" [https://core.ac.uk/download/pdf/33139498.pdf]. The fact such an important property right is being blatantly impeded is the problem.
> I have posted multiple times before that this effectively limits people’s property rights. Here are some other posts I have made on the subject:
This is crazy long and not directly about the iPhone, but this is the most comprehensive explaination I've heard of why your plea will probably never be heard:
> Do we pour billions into educating users not to click "yes" to every prompt they see?
Yes, obviously yes. In the same way we teach people to operate cars safely and expect them to carry and utilise that knowledge. Does it work perfectly? Of course not, but at least we entertain the idea that if you crash your car into a wall because you’re not paying attention it might actually be your fault.
Computers are a critical aspect of work and life. While I’m a big proponent of making technology less of a requirement in day to day life—you shouldn’t need to own a smartphone and download an app to pay for parking or charge your car—but in cases where it is reasonable to expect someone to use a computer, it’s also reasonable to expect a baseline competency from the operator. To support that, we clearly need better computer education at all ages.
By all means, design with the user’s interests at front of mind and make doing the right thing easiest, but at some point you have to meet in the middle. We can’t reorient entire industry practices because some people refuse to read the words in front of them.
Now, I'm not going to say we shouldn't try to move the needle. More education around this is unquestionably a good thing.
But this sounds an awful lot like trying to avoid changing the technology by changing human nature. And that's a fool's errand.
There are always going to be a significant percentage of users you're never going to reach when it comes to something like this. That means you can never say "...and now we can just trust people to use their devices wisely!"
Fundamentally, the issue with people clicking things isn't really a problem because it's new technology. It's a problem because they're people. People fall for scams all the time, and that doesn't change just because it's now "on a computer".
> People fall for scams all the time, and that doesn't change just because it's now "on a computer".
But that's exactly the issue. You won't prevent someone from wiring money to Nigeria by restricting what apps they can install on their phone while allowing the official bank app which supports wire transfers.
If someone is willing to press any sequence of buttons a scammer tells them to then the only way to prevent them from doing something at the behest of the scammer is to prevent them from doing it at all.
But that's hardly practical, because you're going to, what? Prevent anyone from transferring money even for legitimate reasons? Prevent people from reading their own email or DMs so they can't give a scammer access to sensitive ones?
The alternatives are educating people to not fall for scams, or completely disenfranchising them so that they're not authorized to make any choices for themselves. What madness can it be that we could choose the second one for ordinary adults?
Adults would choose a locked-down, secure phone for themselves.
Arguably they already do and the numbers wanting an open phone are relatively trivial and the market ends up the way it has.
I do these days, happily, and I speak as someone who owned a Neo Freerunner and an N900. My phone is far too important as a usable, stable device to want to fuck around treating it as an open platform any more.
> Arguably they already do and the numbers wanting an open phone are relatively trivial and the market ends up the way it has.
The market is consolidated into Apple and Google and neither of them actually offers this. Taking away everyone's choices and then saying "look how few people are choosing the thing that isn't available" is a bit of a farce.
Android was sold as being "open" and at first it mostly was, so the people who wanted that got an Android device and everything else disappeared. Then Google closed Android over time, at first in subtle ways that weren't immediately obvious and now they're just telling everyone to DIAF. But by then the alternatives were gone.
I mean it seems like your argument is "nobody wants this thing that people keep getting mad that nobody offers". Obviously people want it; otherwise who are all of these people?
Personal vehicles have turned out to be A Bad Idea, and now the consensus appears to be we should be moving toward more -- perhaps exclusive -- use of public transport, rather than expect people to own a car.
I'm beginning to wonder if the same isn't true of personal "general purpose computing" devices. 99% of people would choose the locked down device, especially if it makes their favorite apps available: Instagram, Netflix, etc. Which it may not if it were open, because then it could not provide guarantees against piracy or tampering by the end user. But still, from an end user perspective, knowing that stuff from bad actors will be prevented or at least severely hampered is a source of peace of mind.
Nintendo figured this out 40 years ago: buy our locked down system, and we can provide a guarantee against the enshittification spiral that tanked the home video game market in 1983, leading to landfills full of unsold cartridges. It sold like hotcakes.
It's not sideloading it is installing an application. Don't use enemy words.
There are some comments attempting to trick people into thinking that some of the least intelligent people of society have more freedom than regular people.
Freedom of speech and to own your belongings is first. This includes installing what you want on your device.
It's not sideloading, you are not doing anything nefarious,shady, on the side, on the edge. It's software installation on your device, your own device.
This newspeak is purposely invented to negatively portrait software installation from sources not controlled by Google/Apple
The term side loading pre-dates smartphones. The term was used to describe how you got media onto an electronic player. Literally by plugging into a port on the side and loading the media from a computer.
I think the premise that app stores, notarisarion and such protect users is false. It’s like saying sunglasses protect you from the sun - they help you not get blinded by it right away, but you still need sunscreen, wear a hat etc.
Apple/Google rejecting some obvious scam apps doesn’t mean people don’t get scammed or hurt in other ways. Just like online age verification doesn’t actually protect children or make you a better parent… its just straw man of sorts, designed to remove agency from users through a false sense of safety.
The iphone system protects people fairly well at the stuff it's designed for, ie installing malware. Obviously sunglasses don't stop you needing sunscreen and the app store doesn't protect me from crashing my car etc.
> It’s like saying sunglasses protect you from the sun
It is actually much closer than you think. There are the standard sunglasses and then you have actually rated sunglasses for various purposes. The more extreme the environment, the more the former gives a false sense of safety that just isn't there.
> The first is that a user has no right to run anyone else's code, if the code owner doesn't want to make it available to them. Consider a bank which has an app. /../ I think the bank has the right to say "your machine is too risky - we don't want our code to run on it."
But should they? Should we also accept Google's browser signing and ban all browsers the bank doesn't like? Am I allowed to accept calls from people they haven't vetted or is it too much of a risk to the bank's bottom line that they might talk me into a scam.
I suppose we should also write off the inevitable privacy and freedom violations in the name of "security".[0] I don't have anything to hide after all.
Plenty of banks will say "only available in Chrome" or "you must be running version xyz of your browser".
There are also banks which are app-only.
You'll also notice that modern phones have a "spam caller" feature. It either gets data from the phone network or from another source. Should your phone block the most obvious spam calls? Your email client already blocks spam.
At a network level, STIR/SHAKEN is also trying to block you from answering fraudulent calls.
These things are happening right now. I expect most people think a reduction in phone spam is worth the occasional false positive.
> Plenty of banks will say "only available in Chrome" or "you must be running version xyz of your browser".
Despite bogus requirements like these, websites have to rely on hacks to figure out what browser you're using, usually making it trivial to spoof (especially between browsers using the same engine). More importantly, websites can't prevent extensions from running, which I believe was one of WEI's goals.
> You'll also notice that modern phones have a "spam caller" feature.
I have yet to see a smartphone that enforces such feature and does not allow the user to disable or configure it.
> At a network level, STIR/SHAKEN is also trying to block you from answering fraudulent calls.
I am unfamiliar with STIR/SHAKEN, but Wikipedia describes it as "a suite of protocols and procedures intended to combat caller ID spoofing". This is fraudulent in the sense of "the caller is not who they claim to be," and not "this caller is on our blacklist" or even "is not on our whitelist". YMMV as some countries require GSM subscribers to ID themselves, but it's still far from a central entity deciding who is allowed to call you.
> But should they? Should we also accept Google's browser signing and ban all browsers the bank doesn't like?
If you want to hold the banks liable for fraud committed against you (which is exactly what happens in many countries), then it’s hardly reasonable to say that they’re not allowed to use what ever technical options they can to prevent that fraud.
You can put forward the argument that banks simply shouldn’t be responsible for fraud committed against their customers. But we only need to look at world of cryptocurrencies to see how well that works in reality.
It's unreasonable to ask them to do a job, and then tie both their hands behind their back and tell them they have to accept being punched in the stomach and that they should be happy about this.
If you want to tax banks and pay the money directly to fraudsters, I guess that's a model you can aim for.
You might struggle to run a financial system without any financial institutions. Once again just look at the wonderful world of cryptocurrencies. They’re speed running all the historical financial scams, and rediscovering why financial regulation exists.
A) It should be harder for non-technical users to accidentally install apps designed to harm them.
B) It should also be possible for anyone to run whatever code they want on hardware they own.
Both can be true, and platforms should support both. Ultimately, it is up to the platform to decide what they want to allow and how they protect their users.
I get why Android is tightening controls: plenty of people install shady APKs they get from random websites or Telegram/WhatsApp groups and get burned. But forcing developers to register with Google isn’t the answer. If I want to run a hobby project on my own phone, I for sure shouldn't have to jump through bureaucratic hoops.
The thing is that Google already has the mechanism to protect users: the Play Store. The real problem is that its review process is weak and flooded with low-quality and malicious apps. Fixing that would do far more good than punishing independent developers. They also don't want to open up anti-trust behavior by actually prioritizing the Play Store and saying that you shouldn't trust an app from a random Chinese App Store.
If Google wants to make Android safer, step one should be cleaning up the Play Store. Step two is making that the obvious, prioritized channel. Only after that should they even think about playing Big Brother.
Just as in the linked article, these two statements make it pretty clear:
> A) It should be harder for non-technical users to accidentally install apps designed to harm them.
> B) It should also be possible for anyone to run whatever code they want on hardware they own
Require something in the neighborhood of:
C) It should be possible to prevent people who can run whatever they want from wanting* to intentionally or accidentally install apps designed to harm them; or, where these harms are either not harmful or are reversible.
If you consider things that help with (C), and apply this principle — “Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith." — then a lot of iOS/iPadOS developer and app ecosystem can be understood as positive intentionality around flavors of C.
* By being scammed, persuaded, misled, confused, coerced, etc.
Unfortunately, some users manage to cause themselves harm using nothing but their own body.
Clearly, there should be a way to restrict their access to that too. Keep them from performing unauthorized bodily actions that could result in self-harm. For safety reasons.
> Vulnerable members of society should be protected from scams.
I'd like to have some clarification what kind of safety level people generally expect from their devices.
As an analogy, consider the different safety expectations of public transport (buses, trains, planes, etc) and individual transport (cars, bikes, scooters, etc).
In public transport, I'm responsible for exactly two things: Choosing the right transport to get on and getting off at the right moment. Everything else is the line operator's fault. The operator is also well within their rights to keep me from unscrewing random panels inside the train, conducting scientific experiments with a plane's onboard WiFi or thrashing the seats when I'm drunk. They can kick me out if I behave too badly. (They can not on arbitrary grounds deny me service if that would trigger anti discrimination protections)
In short, I don't own the train, I don't have any expectations of arbitrary control, but in exchange I do have very high expectations of the service provided, even with very little knowledge of the internal workings of a train.
In contrast, with private transport, I'm much more involved in the technical details of the trip: I have to know the exact route, I have to take every turn myself, I'm expected to know traffic rules and safely interact with other participants and I should at least have a basic knowledge of the internals of my bike or car.
In exchange, I also have much more freedom to modify my transport or to pick a different route.
The question is if the safety expectations for phones are more like the ones of public or of private transport.
The analogy would be, does the your private car allow you to change the ratio between different gears in your car. Or does it allow you to customize the sensitivity of the steering wheel arbitrarily. Or install any custom kind of AC vents in your car and allowing you to make arbitrary cuts in chassis.
Having said that,first and foremost:
Its very difficult to explain to a lot of people people's expectations of vetting and privacy. People are completely fine with FB siphoning of their data and spying on them, but they are not fine if anyone can do it. That is, there should be a barrier to installing malware on the app, and that barrier being the company being a big company is okay with most people. What they're not fine with is any random person being able to do that.
And they will blame the phone manufacturer for all bad applications that can be installed on the phone. If a phone manufacturer allows for side loading applications and a big company requires it. Then, there becomes rhe culture of side loading applications, and suddenly the platform is not safe because there's no trust in applications.
The manufactures have to ensure that people can side load their apps and at the same time ensure that all apps of relevance use platforms like playprotect so that people can be given a simple advice "only use playprotect apps".
The people who were scammed did not run rooted phones. Rooting your phone may allow you to install pirated applications containing malware. But most banking losses comes from scams where the user itself initiated a transaction.
The point of those examples is not about rooting phones, it's that there's a subset of the population who can be informed that they're doing something guaranteed to be self-harming and who will do it anyway, then complain that someone should have stopped them.
These discussions aren't really about tech. They're all about politics. Libertarian societies grant freedom on the understanding that some people can't handle it and will hurt themselves (and maybe even others). Collectivist societies sacrifice freedom on the altar of socializing individual losses. The first example he gives is from the relatively collectivist UK, where "James" sent all his money to a foreign romance scammer despite being warned by his bank not to do it. The twist that the blog author doesn't mention is how the story ends: his family went crying to the BBC who kicked up a fuss and Lloyds decided to give him the amount he lost i.e. make other bank customers pay for his bad decisions.
This is a spectrum: you can't have a society that both grants maximal freedom and that also protects people from themselves.
As societies differ in how collectivist/libertarian/crime-ridden they are yet tech platforms are global, it's inevitable there will be disagreements about where on the spectrum this judgement call should fall. What Google is doing here is actually quite innovative and surprising for a company as historically woke as they are: they're admitting that the problem primarily affects some cultures/countries and not others, so the level of freedom should be different. The rules are being changed to only apply to phones in specific countries, whilst preserving freedoms for those in others. This is a very interesting decision that stands against a multi-decade trend in the tech world of treating every country and culture as if they are all identical.
The elephant in the room is not addressed: software in Google Play with so many antifeatures that it can only be called malware (except that Google doesn't call it malware because it brings revenue), and no alternatives except apps outside Google Play that are not signed by a developer who would submit their identity to Google.
Of course it is. Phone makers could make so that you have to jump through several hoops to get to the "side loading" portion as a compromise. Instead Android is going down the Samsung and iPhone route to cripple the device into making it nearly impossible to root by a mere mortal curious person. Allowing a hard to get to side load switch fixes 99.9% of the issue and still allows for freedom. Google is actively choosing here to do the walled garden like Apple iPhone for profit
Sure. But the societal losses of a vast amount of people getting scammed might in general be more important your individual wish for freedom to run anything you want on your device. I think there are important tradeoffs to be made, and that we have to acknowledge that many people in society less technically skilled might suffer from serious consequences in your proposed model of computation.
People get scammed over phonecalls all the time and we're not opening up for debate my freedom to accept calls from unknown users. Because why would you? Doing that is like using a nuke to kill a fly.
This reeks as a powergrab that restricts my freedom disguised with the classic "for the greater good". Same as the new UK age verification laws
I guess the analogy is not perfect since when making a phone call you're using the network (which you're "renting"). In that sense the callers are blocked from using that network, which makes sense (this would be equiv from being banned from uploading malicious apk to an app store I guess)
What I am saying is that I have not been stopped from taking calls from unknown numbers just because the call might be a scam.
Likewise I don't wanna be stopped from installing an apk just because it might be a scam.
What this does is punish good users. Not stop scams. They will move on to something else or find solutions to this.
Same as the privacy invading tech/E2EE for "national security/protecting children online". You think banning VPN or E2EE apps is going to stop bad actors?
NO! As always it effects normal users for control/power or money.
How many times does this same thing get played over and over again? It's the same script you know?
>But the societal losses of a vast amount of people getting scammed might in general be more important your individual wish for freedom to run anything you want on your device
The societal losses of a vast amount of people having no private, uncensored means of communication, which this is leading to, are orders of magnitude greater. The largest cause of early death in the past century was governments murdering their own citizens, and the more power governments have over their citizens, the easier it becomes for this to happen again.
I say let them be scammed. Idiocy only grows if it's not resisted. People don't learn if they don't see the consequences. Otherwise it'll just make society head into an authoritarian socialist hellhole... not that it wasn't already going in that direction.
Yes there is a clear part from not being able to install what you want on your phone - even though you are free to buy a phone that you can - and authoritarianism. Did you know that you also can’t drive just anything on the highway and in some places you have to get your car inspected every year before you can drive it?
A key part of your analogy is "on the highway", where I am a danger to other people and public infrastructure.
I'm allowed to build a wacky unsafe DIY car and drive it around my own property without getting permission from the government. In many scenarios I don't even need a driver's license.
Bringing the analogy back around, maybe one could argue that if I let my phone get hacked such that it becomes part of a botnet or something then it is a danger to other people, but that's not the typical example. Usually these policies claim to be about protecting me from myself while using a device I own.
Okay, but as the owner then I should at the very least be allowed to load my own signing keys for the boot-rom to load other software. Like what if I want to run/port linux to the device. A locked down boot-loader deprives me of full enjoyment of the use of my tangible property.
...but we're conspicuously not implementing that feature. So take it, leave it, or build your own phone.
By the way, if you do go down the route of building your own phone, pedophiles, drug dealers, and terrorists will use it, and you're now on the hook to do something about it.
That silly pedophile point is getting old. Most victims of pedophiles are part of their own family or social circles. In a majority of cases no phone or even the internet is involved to commit the crime.
We could ban the internet completely and minors wouldn't be any safer.
> I think the bank has the right to say "your machine is too risky - we don't want our code to run on it."
I disagree. Let's go with preferring user agency until banks are in trouble.
> Again, it probably isn't fair to ban users who run on permissive software, but it is a rational choice by the manufacturer. And, yet again, I think software authors probably should be able to restrict things which cause them harm.
I disagree. Ban users when they cheat, not when they have the power to cheat.
Strongly agreed. Banking apps should run on on anything that can run them. Banks should not be the gatekeepers in charge of deciding what's a "good" or a "bad" device.
When the device is being set up for the first time, ask the user if they want to enable developer mode. Make the warnings as scary as you like. When the device is booting, display a prominent "developer mode enabled" message. But, once the device is booted, there should be no way for apps to query developer-mode status, to prevent discriminatory apps.
The only way to toggle the flag after setup would entail a full factory reset of the device. You could go one step further and have it be a fully permanent flag, in efuses.
Sandboxing should prevent most of those issues. We can't control the users giving permissions to everything, but with more control on those permissions, or disabled by default, a phone should stay pretty safe, or am I missing something?
Its not the sandboxing, its the access to user data that apps can request. a mobile OS allows apps to request and be granted all kinds of permissions, and 80% of the world population doesn't really understand what all things are possible for each of the permissions they give to an app. For example being able to export the whole contact list, or read all files in folders (where users may have saved notes with passwords) or real time tracking of gps location with wifi mac address sniffing, listen in on conversations, be able to screenshot other apps, trigger touch events... none of this a sandbox can prevent.
When there are problems reported about an app, there has to be a known party to hold accountable. I agree that a developer path that is complex enough that only people who know all the impacts are able to use to side load random apps they own or from someone they can trust, but the general population has to be protected unless at the individual level they are savvy.
People have been trained to tap through those prompts without really reading them, and it’s unreasonable to expect a less technical user to know what the implications of granting a permission are.
Giving illiterate people access to computers is going to be dangerous for them no matter what you do. UIs and operating systems should consider their caretakers instead.
Or maybe when you buy a phone you can pay $5 extra to get the OS build that allows sideloading, or make it cost $5 and require you to hand-sign a bunch of forms to upgrade an existing phone to a sideloading-capable version. A little extra friction at phone purchase time (rather than app download time) would likely steer most people, especially non-techies, toward the safer option. Sure, maybe it doesn't stop the problem completely; someone completely bought in to some scam may go through the effort anyway. But if someone is that gullible, they're pretty destined to be scammed out of their money no matter what the protection.
Why should people pay for the privilege of installing apps without having to submit their personal record to an American mega corp which then vet what they install?
You have the issue reversed. I should people should be able to buy specifically locked phones separately if they want to. Actually they already can.
I want an option to give fake permissions. A lot of apps are pretty necessary (due to network effects). I don't want to give my contact or location data to them but they also refuse to work without it, even though they don't it for the stuff I am doing. So just let me provide fake data instead. As far as the app is concerned, it has the permissions it so wanted.
That used to exist, but it's bad UX, because the user doesn't understand why the app they didn't give permissions to doesn't work well, and gives it a bad review. It's better UX for the app to say "I can't work without this permission", though it's worse for tech-savvy users.
> It's better UX for the app to say "I can't work without this permission", though it's worse for tech-savvy users.
The app shouldn't get to decide what permissions it "can't work without." That's how you get calculator apps that claim they can't possibly work without GPS location.
Why? The user might want to just browse the map without displaying his location on it. The user might want to just provide an address instead of his own location (assuming that function exists in the app). Why not just let the user run it, and let whatever actually needs the permission fail gracefully? Whether or not the app functionality lost is worth providing access to data gated by a permission should be up to the user, not up to the developer.
Because giving the app fake location data when the permission is denied leads to the user complaining that the map isn't showing their correct location. Apps don't want to get a bad rating for user error.
You could have two classes of apps - manufacturer approved ones that do the usual stuff and unapproved ones that get limited access regardless of what the user types?
>People have been trained to tap through those prompts without really reading them, and it’s unreasonable to expect a less technical user to know what the implications of granting a permission are.
Can you please explain why there is no big push from the Google and Apple to remove microphone and camera access from the browsers? You claim that most users are "less skilled" and will allow anything , so for the grater good why not pushing to remove microphone, camera and file upload permissions? Why do we trust this users with reading a popup for permissions ?
Or maybe if the popups are not clear or good enough maybe is not the users fault ?
That’s just advocating for the same thing, OS makers removing users abilities to do things they want with their devices. Pretty much everyone in this comment section that is advocating against what Google is doing would advocate against that as well.
I do not see this Apple fanboys asking Apple to remove the camera and microphone features in their OSX operating system. They have many stories about grandma getting tricked to sideload soem evil app from Facebook but somehow same grandma does never get tricked to share her microphone, camera or screen. So I concluded that it is all their minds creating a narative to feel better about them getting screwed by Apple (we all have this problem where we invent some reason to justify some decision we did but in this case is a big mob)
Or maybe your absolutist bullshit is, in fact, bullshit, and there's nuance to be had that explains the discrepancy you observe.
In this case, one nuance is the fact that camera and microphone permissions are very very often necessary in the browser for video chats. Y'know, exactly the kind of thing that grandma might want to do with her grandkids on a regular basis.
> Our research [1] finds that users often make rational decisions on the most used capabilities on the web today — notifications, geolocation, camera, and microphone. All of them have in common that there is little uncertainty about how these capabilities can be abused. In user interviews, we find that people have clear understanding of abuse potentials: notifications can be very annoying; geolocation can be used to track where one was and thus make more money off ads; and camera and microphone can be obviously used to spy on one’s life. Even though there might be even worse abuse scenarios, users aren't entirely clueless what could possibly go wrong.
Be careful with this statement. The whole premise behind banks requiring non-rooted phones is "we can be sure that sandboxing works on the original ROMs—e.g., it will prevent malware from screenshotting our app, and we know that certain custom ROMs patch this snapshot-prohibition code out, thus deliberately breaking the sandbox that we rely upon".
For me it’s a matter of settings. As a user I would have option to choose “secure” mode that disallow installing apps from unofficial sources, but if I want to I should have option to allow side loading. Everything else is just corporations need to have to much control.
The problem is that important services will then be (and already are!) only permitted to run in “secure” mode.
I literally have a banking app that will refuse to run on an “unsecure” phone. Today I can still install unsigned apps, but removing that ability is explicitly the goal of this policy change.
Users aren't safe anyway when the gatekeeper is Google. They're deeply evil these days and our phones are mainly a surveillance tool for them.
Apple is only slightly better. They limit espionage from other parties but not their own. And meta ads still exist so they block was not very effective.
The problem is that apps can detect when I say "no you cannot have this data"
A decade ago, we had Xposed modules that would hook into the permissions systems, and give you the option to feed apps fake, generated data. So if it tried to scrape my location or phone number or whatever else, it got garbage
I find it telling that all the exemples of scams they use to justify preventing apps installation without registering through an American corporation are entirely unrelated to apps installation. Just show the protect the users angle is completely bogus.
I remain wholly unconvinced that side loading and user safety are even related at scale. They are orthogonal.
There are plenty of apps available through the Play store that are not safe. Even if side loading requires chain-of-trust, malicious behavior will remain rampant. I'll concede that it restricts the ease with which one can redistribute malware but by how much? It doesn't seem significant to me compared to the hassle for end users/developers.
It all seems so contrived. The only rational explanation to all of this is backpedaling into a closed garden.
MacOS handles it pretty well, I can use it to do what Doctorow calls general computing and my mother can use it to shop and do email. Apple allowing freedom for MacOS but not iOS is inconsistent and I see no good reason for that.
Except Apple code signing on MacOS is basically what Google is trying to copy over to Android. I can run arbitrary programs on MacOS, but I have to go and remove the com.apple.quarantine attribute from any application that doesn't have Apple's explicit permission to exist, i.e. most FOSS apps. I suspect that option will go away eventually.
That already happened. ARM Macs require code to either be signed or "ad-hoc signed", which doesn't use a key so it's not really a signature, it's more like a SHA hash whitelist that's local to your machine.
This is the point I keep getting at in the other thread, it's a confusing topic.
It is technically possible, yes. You can turn Gatekeeper off via the command line in various ways, or even via an obscure deliberately non-discoverable set of GUI tricks.
But it isn't reasonable to expect any normal person to do that. So, in practice, any app that isn't some open source widget targeting developers does register them with Apple. In this sense it also isn't possible.
This isn't specific to ARM. It's also been true on Intel Macs for a long time too. The only thing that changed on ARM is some minor detail - the kernel now requires a "signature" for all binaries, but a "signature" is also allowed to be a hash match against a local machine-specific whitelist, so this doesn't make much difference in practice to anyone except toolchain developers. It seems to have mostly been about reducing tech debt in the security stack.
The registration process is however very lightweight. There are no app policies involved beyond "don't distribute malware" and "verify your ID so we can do something about it if you do". It's not like the app store where there are lots of very subjective criteria. To get an identity is nearly automatic, you can do it as an individual with a credit card and approval is automated. Ditto for applications: it's automatic and driven by a simple (albeit undocumented) REST API. You upload a zip containing your signed app to S3, it's processed automatically, the app now works. The notarization API is extremely open - you need an API key, but otherwise anyone can notarize anything, including apps written by other people. So in the early years of this system when lack of notarization just triggered a security warning, lots of people notarized any app they found that was missing it. This made a nice smooth backwards compatible path to transition the ecosystem. Nowadays, there is no bypassable security warning, an unnotarized app is just described as corrupted and won't open without tricks.
So - does macOS "support" sideloading or not? It's very ambiguous. You can argue both yes and no.
They'd have a job doing that one. Speaking as a 30 year laptop user with no interest in ipads. I've never seen the point of ipads - it's like a phone that can't make phone calls.
I'm with you but it's not up to us. Computing has been moving more and more away from desktops and laptops in new (human) generations. iPadOS is slowly becoming Mac-like where you can have a cursor, dock, and have apps open as windows. The Pro models already use the same silicon as some Macs. They could start by eliminating the lower spec Macs because the iPad is basically the same but with a touch screen. You'll just need to get all your apps on the App Store so Apple gets their cut.
.... yet. We as consumers could push for this though with enough momentum. Not likely but there is nothing stopping Apple from doing it from a technical standpoint other than greed.
Now that Android is going full retard with their authoritarian BS, it’s time to build a new phone operating system or at least make the ones we already have viable.
It’s a monumental undertaking, but it needs to be done.
Congratulations, aspiring developer and solver of your own problems.
Please read this primer on applied cryptography and hand over ID and personal information to be able to be "managed" within the ecosystem in which you aspire to be more competent.
The answer to this question is yes. You need to make enabling sideloading somewhat difficult and make it require a modicum of tech literacy. The only reason that the phone companies do what they do is to make more money from their stores. They don’t care about people or their safety.
The orange website is filled with tech-savvy people who understand all this. To play devils advocate, google is trying to protect the lower-half of the IQ distribution: examples given in the article are the folks who were *told by their bank they were being scammed, and still sent money anyway*. There is no amount of prompts that can protect a user from their own stupidity.
>Is it possible to allow sideloading and keep users safe?
Why is this a question of _allow_? Who is my hardware provider that he is somehow my guardian and must _allow_ me to install software that I want to install?
>Is it possible to allow people to do sports and keep them safe?
>Is it possible to allow people to roam freely and keep them safe?
>Is it possible to allow people to not be locked up in a padded cell and keep them safe?
People are responsible for what they are doing, and teaching them about technology is the best way to do deal with this example here, as it doesn't infringe anyone's human rights and would give anyone the resources to check their sources.
Every sporting body that I know of has rules to keep people safe. Even dangerous sports like boxing and American Football pit some effort into keeping participants reasonably safe.
Similarly, every modern society has rules to keep people safe when roaming. That might be as simple as warning signs it as complex as a coastguard.
We've had decades of warning people about online scams and I don't see any slowdown in the volume of scammy emails that I receive. Education clearly isnt working - and that imposes a cost on all of us.
We've had decades of 'simple warning signs' or measures as complex as coastguards and yet people are still periodically lost in the wilderness, badly injured, or even killed. Education clearly isn't working here either — what restrictions should we impose on people's right to roam to solve this?
You clearly know the answer here since you used the word “periodically”. There’s a massive difference between hundreds and millions. No one is stopping you from buying a non Google phone, no one is stopping you from running calyx or graphene. Mitigation for the things that affect the most number of people is how the world works.
> Mitigation for the things that affect the most number of people is how the world works.
Millions of people hurt themselves, physically hurt themselves, every day, doing things that we could easily restrict. Yet we still allow them to buy knives, glassware that can break, hammers, power tools, non automated vehicles of all kinds, the list goes on.
We also spend a lot of time educating them on the dangers, far more than is spent warning about online scams, and we do it at a far earlier age (age 0, for some of them).
Of course we still allow the sale of safe knives and plastic mugs, so people are free to choose; that point still stands. I'd argue that there is more competition in tableware, and less friction shifting between it, than there is in mobile operating systems.
> No one is stopping you from buying a non Google phone, no one is stopping you from running calyx or graphene.
Google and phone manufacturers have been actively moving in that direction and have a long history of being actively hostile to those things. This is just another move on the same board to restrict these freedoms.
They don't come into your own house and tell you what to do though. The police aren't going to arrest you for swimming in your own pool without a lifeguard. That's completely absurd.
they are, and they're correct in that comparison. except that the laws for the pool don't require a branded fence or anything, it's just a height and gate-lock requirement.
Google is telling you to buy their particular brand of fence (which has inextricably an insane markup). And they disallow it for pool shapes they dont like and you dont have an appeals process for it.
And those laws are completely unjust. It is absurd to place an obligation on someone to protect people who are trespassing on the owner's property. If you are poking around someone else's home, it's on you if you get into something that hurts you.
> it's on you if you get into something that hurts you.
So if you're a 3 year old child that wanders into a neighbor's yard and drowns, it's on you?
We know young children wander where they're not supposed to go, despite their parents' best efforts to supervise them.
So we do our best to legislate safety regulations when they can be low cost and high reward, like preventing children from falling into pools and drowning. We can't do everything, but when it comes to pool fencing the benefits seem to obviously and greatly outweigh the harms.
Okay, how would you fix the scammy email problem? Only allow authorizing people to send emails after they applied for a government issued address?
Outlaw all non big corpo operating systems?
Perfect surveillance? All because some boomers can't into common sense?
It's also ironic that you bring up warning signs as a counterexample to my point, as it's exactly what I am saying. You can warn them, but you don't bar them from doing so.
What about making side loading require some moderate level of technical sophistication? Like connecting to the phone over usb and having to manually type some long shell commands, or exit vim, or write a compiling c program, or some other layman proof filter to activate installing outside apps. I feel like grandma would be too intmimidated by this (good), making it too frustrating for even the most determine scammer to explain, no matter how desperate they are for her social security checks. Have it be done in the bootloader so you can't follow these instructions while on the phone, and require physical interactivity with the device (can't be automated over usb). Regardless, this policy is an unacceptable infringement on digital freedom by google.
I believe this is already the case. You can purchase phones that may be bootloader unlocked, allowing custom firmware to be installed. This enables a tech-savvy user to sideload anything they like.
Closed drivers need Android userspace -> Android panics or otherwise refuses to function if it decides it's SE Linux policy is compromised -> you still don't have control over the device.
And we're back to "just break into the thing you've already paid for." Nope. Go away. No more smartphone crap.
Ffs. Now we're requiring the aspiring tech user to develop fluency with not just applied cryptography, but SELinux?
Tech industry has completely lost the goddamn plot. Or more specifically, is doing everything it can to make it nigh impossible for the average user to navigate the info asymmetry to actually use the hardware they paid for.
> There are, I think, two small cracks in that argument.
> The first is that a user has no right to run anyone else's code, if the code owner doesn't want to make it available to them. Consider a bank which has an app. When customers are scammed, the bank is often liable. The bank wants to reduce its liability so it says "you can't run our app on a rooted phone".
> Is that fair? Probably not. Rooting allows a user to fully control and customise their device. But rooting also allows malware to intercept communications, send commands, and perform unwanted actions. I think the bank has the right to say "your machine is too risky - we don't want our code to run on it."
> The same is true of video games with strong "anti-cheat" protection. It is disruptive to other players - and to the business model - if untrustworthy clients can disrupt the game. Again, it probably isn't fair to ban users who run on permissive software, but it is a rational choice by the manufacturer. And, yet again, I think software authors probably should be able to restrict things which cause them harm.
It's not clear to me whether in this fragment the author is stating the two alleged cracks in the argument or rather only the first one — the second one being Google's ostensible justification for the change. Either way, neither of these examples are generalisable arguments supporting that 'a user has no right to run anyone else's code, if the code owner doesn't want to make it available to them'.
With regards to banking apps, the key point has been glossed over, which is that that when customers are scammed the bank is 'often' liable. Are banks really liable for scams caused by customer negligence on their devices? If they're not, this 'crack' can be thrown out of the window; if they are, then it is not an argument for "you can't run our app on a rooted phone", but rather "we are not liable for scams which are only possible on a rooted phone".
As for the second example, anti-cheat protection in gaming, the ultimate motivation of game companies is not to prevent 'untrustworthy clients' from 'running their code'. The ability of these clients to be 'disruptive to other players' is not ultimately contingent on their ability to run the code, but rather to connect to the multiplayer servers run by the gaming company or their partners. The game company's legitimate right 'to ban users who run on permissive software' is not a legitimate argument in favour of users not having full control over their system.
Thanks for the feedback. Those examples are meant to cover the first point.
The problem if you are a bank is that scammed people can be very persistent about trying to reclaim their money. There's a cost to the bank of dealing with a complaint, doing an investigation, replying to the regulator, fielding questions from an MP, having the story appear in the press about the heartless bank refusing to refund a little old lady.
It is entirely rational for them to decide not to bear that cost - even if they aren't liable.
> rather "we are not liable for scams which are only possible on a rooted phone".
Who is going to prove that though? It’s much simpler and less stressful on our court systems if a bank just says “we don’t allow running on rooted phones” and then if a user takes them to court the burden is on proving whether the phone was rooted or not rather than proving if the exploit that affected them is only possible on a rooted phone.
> Are banks really liable for scams caused by customer negligence on their devices?
In the UK, not legally liable. However culture is not 100% aligned with the law and in practice banks that stick to the rules will be pilloried by the left-wing press and politicians, they risk regulator harassment etc, so they sometimes decide to socialize the losses anyway even when the law doesn't force them. The blog post cites an example of that.
To stop this you'd have to go further and pass a law that actively forbids banks from giving money to people who lost it to scammers through their own fault.
Safety is not a valid reason to limit freedom. We cannot, and should not try to, keep people safe from their own bad decisions. That is treating adults like children, which is offensive to human dignity.
What about (a) speed limits, (b) drink driving laws, (c) seat belt laws, and (d) helmet laws for bicycle and motorcycle riders? I assume in your world view that all of these categories are "limiting your freedom". I am fine with all of them.
Yes if the os sandboxes everything. If you choose to give it access to a file it can mirror that file so that any edits can be undone. Sure it uses more space but way safer unless they find a jailbreak outta their sandbox.
There are millions of homeless or otherwise struggling people all around the world, who would let anyone to use their identity for a small compensation. I don't really see how this requirement to register in Google will help with app security. So the malware will be signed with John Smith living under a bridge, now what?
Unfortunately, the reality is that often their identity is not actually "good enough" to perform these actions. For example, many of these people don't have an address/bank account/email.
I have come to the conclusion that both Android and iOS, along with the banking systems, are all doomed platforms.
Even something like GrapheneOS, in theory the best path to security and privacy and liberty, was falling way short even before this latest announcement from Google.
The problem lies partially in the app ecosystems, which embrace spyware and exploiting users (requiring all the worst Google APIs), and partially in governments, which will leverage any centralized organization like Google to gain control (EU chat control etc.).
The solution cannot be just a custom OS or an OS fork. In fact, ecosystem compatibility is toxic and slows down growth of real alternatives. There needs to be some wholly independent and decentralized offering.
The challenge is hardware compatibility and core services like digital IDs. Most apps should be solved by using a website instead.
These issues are especially important because the future is increasingly digital. Smart phones, smart glasses, smart watches, VR glasses, smart homes, and even brain implants. I don't want to live in a future where I'm either left behind or my whole life is controlled by Google/Apple/the government/etc.
The “use a website instead” angle doesn’t really work for a lot of things, and given the impermanence of websites these days, is actually a major point of potential failure.
The "use a website instead" angle should work for the majority of things people spend phone time on. For the few things that could not be a PWA, some extra effort is needed.
So what is Play Protect doing and the F can I not control what apps run at start up and which apps run in the background. That would give me way more protection than having signed apps.
< Vulnerable members of society should be protected from scams.
There are three ways to deliver protection: build better walls, defeat attackers after successful initial attacks, defeat attackers before successful initial attacks.
The article ties itself into knots because it recognizes that the first way cannot deliver 100% security. But it refuses to recognize that there are two additional ways.
The United States military could go after scammers operating from foreign compounds. It could treat the economic targeting of American citizens as acts of economic war. It chooses not to. Freedom is not free, and when your country chooses to literally not fight for your freedom, it's hardly any wonder that your freedoms are eroded.
Remember XKCD 538: https://xkcd.com/538/ Cybersecurity and physical security are fundamentally linked.
Scammers can operate from literally any country in the world, in any location where they have access to the internet. The idea of the military busting into a Bin Laden-style scammer compound is very romantic, but plenty of these operate from regular offices or homes, and it’s trivial for someone new to get into the scamming business if a big scammer is taken down.
People forget both why the US invaded Afghanistan in the first place, and why US financial sanctions are so effective. The US invaded Afghanistan, a country whose government was not directly involved in the 9/11 attacks, because that government refused to extradite OBL and other senior Taliban leadership, to bring them to justice in the United States. US financial sanctions are so effective because they cut off foreign institutions from the US financial system if those institutions do business with those who harm Americans and American interests. Soft power is backed by hard power, first against organizations hosted by governments willing to cooperate with the US, and eventually against governments unwilling to cooperate.
That scammers can operate from anywhere is beside the point. More often than not, law enforcement and the military know where that is. A conscious decision is made not to prioritize or fund fighting it.
That’s easy when you’re dealing with people operating in countries where your existing relationship is poor or non-existent. There’s nothing practical that country can do to fight back against U.S. demands.
But try applying that approach to India or China. Do you think those countries are going to allow the U.S. military to operate on their home turf, shooting at their citizens, and not retaliate? It doesn’t even have to be military retaliation, the U.S. economy is heavily intertwined with those countries, just look at the consequences of Trumps tariffs. Do you honestly think U.S. citizens would be willing to trade off the trade benefits of working with those countries, just so you run a military raid on building of scammers?
> Do you think those countries are going to allow the U.S. military to operate on their home turf, shooting at their citizens, and not retaliate?
It's not related to scamming, but the US did just bomb Iranian nuclear facilities; the reaction was a face-saving gesture that was intentionally weak so as to de-facto de-escalate. So the answer to your question is basically yes. The costs of a wider war are too large to the host country to make it worth it to continue to allow scammers to operate freely.
> just look at the consequences of Trumps tariffs. Do you honestly think U.S. citizens would be willing to trade off the trade benefits of working with those countries, just so you run a military raid on building of scammers?
Don't you realize that Trump's election, his tariffs, all this is due to popular sentiment that the US was getting the raw end of the deal in its foreign affairs, that there was a need to, literally, put America First? If anything, such ideas, to have targeted attacks and enforcement aimed at the exact actors targeting American citizens, have been at their most popular in decades, at least since the Iraq war went off the rails.
> It's not related to scamming, but the US did just bomb Iranian nuclear facilities; the reaction was a face-saving gesture that was intentionally weak so as to de-facto de-escalate.
Last I checked Iran and U.S. didn’t have a great relationship, so I don’t really know what point you’re trying to make. If anything you’re just further reinforcing my point. Iran is already cut off from the U.S. financial system, not many people there running scams against American citizens when they literally can’t transfer the money into the country.
> Don't you realize that Trump's election, his tariffs, all this is due to popular sentiment that the US was getting the raw end of the deal in its foreign affairs, that there was a need to, literally, put America First?
What does popular sentiment have anything to do with the practical reality? You can have all the popular sentiment you want, doesn’t change the facts on the ground. If US popular sentiment is that it wants to speed run a declining empire, that doesn’t change the fact that even Trump is cowed by the likes of Xi Jinping, and amusingly, Putin.
> If anything, such ideas, to have targeted attacks and enforcement aimed at the exact actors targeting American citizens, have been at their most popular in decades, at least since the Iraq war went off the rails.
Are you honestly trying to equate an atrocity like 9/11 to financial fraud?
Yeah. And even in situations where there’s no alliance to disrupt (e.g., Chinese scam compounds in functionally lawless areas of Myanmar), I don’t imagine that most Americans would be sold on the idea of a military operation against scammers.
>> Vulnerable members of society should be protected from scams.
> There are three ways to deliver protection
While I agree with your idea I'd like to remember that there are previous steps: teach people to be less vulnerable. Teach people to be less greedy. Teach people the consequences of actions.
Being less vulnerable is an obvious definition: know how to not fall for some scams.
Less greedy: some scams revolve around the idea of quick and ease profits and the comeback is hurtful because the person thinks he would get x and ends up losing 500x.
Consequences of actions: there's a lot of value to the group that observes the (bad) consequences of one actions. Pain, even from others, teaches something. The more we protect people from consequences, the better and safer it is about small losses until the actions go beyond the protection and the consequences are catastrophic.
I fully agree that there's a different strategy for before the line is crossed, one that is often more humane, more freedom-respecting, and cheaper to boot. Too often those strategies are sadly under-funded.
That's beside the point that the line, too often, is being crossed, and perpetrators are allowed to perpetuate their crimes, instead of the military and/or law enforcement stepping in and performing their organization's missions to protect us, especially the most vulnerable among us.
It's a false dichotomy; according to information Google has provided, most Android malware is downloaded from Google's own Play Store, so preventing sideloading won't have a significant effect on malware installations.
At point of purchase, you get to decide whether you want secure mode or not. Then after that, if you want to change it, you have to open a support ticket with the manufacturer.
Look at the people who are conned into buying Apple Gift Cards so that they can "pay their taxes".
If they can be convinced of that, how hard will it be for a scammer to say "we've detected a problem with your phone. To avoid being imprisoned for piracy, please file this support ticket so we can debug things."?
being conned into buying gift cards means the weak link isn't with the security of the phone, but with the person's brain.
Making the device so locked down that no such con could exist also means there's no way to use the phone in ways that haven't been authorized - and as a power user, i detest that i am paying a price for the safety of those who are too stupid. I do not want to pay that price.
Conveniently, google gets to remain in a position to earn more money from being in the controlling seat.
as they say, if you trade freedom for security, you'll end up with neither.
This is a false dichotomy. The following are not the only two possible solutions:
* Everyone has to trust one of two giant mega-corporations to make good decisions for everyone
* Everyone has to take on the evaluation of everything themselves, do their own admin, understand opsec, etc etc.
Freedom does not entail the latter. Freedom means having the freedom to do it, but also having the freedom to delegate it, and to decide who to delegate it to. We don't have to be technology "preppers". We can set up and fund independent organisations to do this -like Debian, for example. And have competition between them.
Yes, that means some people will delegate their trust to their religious cult. That's the price of freedom
If only there was no app stores... sigh... I would only download apps from the reputable company I like (myfavoritebigbank.com), trusting their brand and reputation for my security. If a client-side app can threaten their security, that's a weakness on their part.
And if a lone developer has a cool new idea, and its app is recommended by users I trust on an obscure specialized forum, then I'll decide to install their app from "coollonedeveloper.com".
If only we could invent some kind of "domain names" system that one would have control and responsibility over, instead of trusting some broken unscalable app stores...
> Here's the story of a bank literally telling a man he was being scammed and he still proceeded to transfer funds to a fraudster.
> The bank blocked a number of transactions, it spoke to James on the phone to warn him and even called him into a branch to speak to him face-to-face.
Y'know, at some point the cost of protecting the dumbest people is too much to be worth it. I am perfectly fine with some people getting hacked, doxxed and scammed out of their life savings if the alternative is everyone losing their freedoms.
Freedoms are important because without them people with power go unchecked more and more. It's a slow process but it culminates in 1) dictatorship at the state level 2) exploitation at the corporate level.
Frankly, I think this sort of behavior in a non-senile person constitutes disability, and I think it demonstrates societal failure to provide people with disabilities with support structures. Where was a friend or family, why was this guy operating a bank account to begin with?
Most of this problem is solved by not hiding the trust model.
Do you want an phone where you trust Apple/Google/3rd party to make a "malware or not" decision? Or one where all that is turned off and you can do whatever? Go right ahead in either case - you control the trust, rather than it being made for you by the platform vendor.
Similarly, we have certificate infrastructure where the TLS roots are owned by a small number of people. These are generally trusted, but some people/organizations edit them down (ex: removing roots from state actors deemed untrustworthy). But it's hidden, and generally a lot of choices.
Even linux distros, you pick which package signing keys you trust.
And Docker/K8s... oh wait, there's no default keys and containers remain being developer's puke bags in most cases, and the repos are rugpulled by corporations regularly...
They don't even need to know it is a thing that exists. The defaults (ie. the status quo of implied trust in the OS vendor) are fine for this type of user.
What universele are these people in? Though the app/play store is a fantastic way to obtain shitware that either steals data (seems to be nearly mandatory, if you look at the apps of these store operators), CPU time through mining of some sort, eats through your brain (by inserting horrific amounts of ads, much of which such clear scams I really don't get how this is allowed) or simply ask extra money for essential features one by one.
Everything about the so called stores is so decrepit, the safest way to get any decent software on is side loading / fdroid. How could you in sincerity argue any different?
A hand saw, an axe, or hammer are designed to be effective not safe. the only reason computers are treated differently is because they present avenues for control of the consumer that can be presented under the guise of safety. ill keep myself safe tyvm
Devices should offer a local signing cert, where you can sign an app for that device only. Then make the app signing process enforce binding agreement that you assume all responsibility related to the app.
I think sideloading should be allowed only if you actually connect your phone to a computer. This barrier will prevent a lot of vulnerable people from being scammed.
Alternatively, sideloading could require you to delete all App Store apps. In other words, disabling Google Play Protect should require you to wipe your phone. This is another barrier that will prevent a lot of people from getting scammed.
Alternatively, require the user to decide whether they want sideloading or not at device setup time, with no ability to change this decision without wiping and starting from scratch.
It wouldn't solve the "getting infected via cracked apps" problem, but it would at least solve the "users being scammed into sideloading something they don't want" problem.
And there's folks like me, who would like to install F-Droid, and be able to use GMail for work, all on the same device. I feel like the number of folks that have basic use cases like this far outnumbers the folks that are getting scammed.
At what ratio do you say "this freedom is worth it?" I feel like narrative is always that we point out one bad thing that happened, and then the immediate answer is to take away freedom. What happened to a balanced analysis?
I think what happened is due to asymmetry: it's very easy to point out the cost of freedom, but it's very hard to articulate it's value.
That's why we so relentlessly march toward authoritarianism: we think taking away freedom will solve our problems. Then, one day we wake up and realize the lack of freedom has become our biggest problem, but by that point, it's too late.
The people who fall for these scams will just get tricked into buying giftcards anyway. There's nothing you can do for them if you don't want to institutionalize them, stop bothering the rest of us.
I don't see that changing either. Banking apps, government auth, Whatsapp¹, public transport apps², etc. The status quo is that a small number of official app store apps are all but required.
1: Still basically required if you have young children and want things like play dates. Oh Signal? Yeah, the recent push means that some tech-savvy users now have both Whatsapp and Signal installed. In the Netherlands, you can do without Whatsapp, but not if you don't want to turn your child into a social recluse.
2: For example, in order to use Germany's Deutschlandticket one of the participating public transport companies apps is required. This is a huge regression compared to the initial paper ticket, but there it is.
I guess requiring a transport subscription to get the ticket, via app or smart card, is rather analogous to the topic of adding friction to the undesired path.
Yet Google has no problem with displaying these vulnerable people scammy ads (which is also the most common way they actually discover these malicious APKs), since it brings them revenue..
What if we'd instead require users to verify themselves before being allowed to see ads? I'm sure that would be more effective for preventing scams, fraud and abuse.
The most secure OS existing, Qubes OS, allows and encourages installing any untrusted software and protects you with strong, hardware-assisted virtualization.
> Are you allowed to run whatever computer program you want on the hardware you own?
Yes. It is a basic human right.
> This is a question where freedom, practicality, and reality all collide into a mess.
No; it isn't. The answer is clear and not messy. If you are not allowed to run programs of your choice, then it is not your hardware. Practicality and "reality" (whatever that means) are irrelevant issues here.
Maybe you prefer to use hardware that is not yours, but that is a different question.
It seems that this is another one of those things where the lowest common denominator sets the rules for everyone. Most people arent tech savvy programmers so giving them the freedom to do 'whatever they want' will lead them to hurt themselves in some way. Of course this is not an excuse for locking down your hardware. Smartphones just came into being as a consumer-first product and didnt require many of the freedoms that programmers needed, which is why computers are fundamentally more open than smartphones. Apple of course is trying to change that with their Macs
TBF historically systems were designed with such poor UX that it was sometimes quite difficult not to do stupid things. Such as using Windows back in the day without installing software from the internet at large (ie there was no reputable package manager).
But that's a system design issue as opposed to an argument against user freedom.
Only that nothing about this requires big expertise. If you are a user of computers, you should be able to navigate the basics. It's the same like driving a car, you must know the traffic rules and how to behave, but that doesn't mean you have to understand how your engine works in detail.
If you want to drive a car you go through driving school and have to pass the tests to get a drivers license. Theres no drivers license for the internet and not really any strict set of rules you have to follow in order to get online - most people pick up a sense for rules online by osmosis, usually about how to not get scammed or get malware - sometimes they have to learn by first hand experience. If we go by your comparison this would be like learning to drive by crashing a couple cars. I definitely believe anyone whos even a little tech savvy underestimates how complicated or confusing technology can be for the average person.
> this is another one of those things where the lowest common denominator sets the rules for everyone
In that case, the solution should be to raise the lowest commmon denominator. Lots of issues like that could be prevented by investing in education to increase technology literacy. But long term investments (even public ones) do not match well with quarterly reports.
However, this isn't entirely a tech problem - it's a social/human one.
Not every mechanic has a driver's license. Sure, they may enjoy working on cars and the technology of cars... but for one reason or another they may have never gotten or have lost their driver's license.
Not everyone who is tech literate is similarly socially literate. I have programmer co-workers who have been scammed into sending gift card authentication codes or installed malware (or allowed the installation) onto their personal computing devices.
It isn't possible to prevent someone from accessing the internet any more than it is possible to prevent them from accessing a phone.
I am not saying that one should have a license to access the internet. Rather, I am saying that a device that holds and maintains the authentication mechanism for doing banking transactions, it is not unreasonable for the maker of that device and its software to attempt to mitigate the possibility that they are held liable for negligence in allowing user installed software to do banking without the owner's consent.
With the uncertainty that everything in the operating system and hardware is locked down to the point where no-consent access by malware to those banking capabilities is completely restricted (and thus they're not liable for negligence) - the wall that is being put up to try to prevent that is "no software that has not been vetted can be run on this device."
Consider that the phone is often the authentication mechanism and second factor for authorization to restricted systems. Authy, Microsoft Authenticator, and other 2nd factor applications typically do not run on general computing devices.
Technical literacy does not imply social or security literacy.
> Technical literacy does not imply social or security literacy.
Indeed. And people were falling for scams long before the Internet. What's new is the push to make that the fault of bystanders... thus causing those bystanders to intervene. It's neither the bank's fault, nor Google's fault, if somebody falls for a scam. Or installs malware. Or whatever. If you try to make it their fault, they're going to do really annoying things that you don't want.
Sure, you can sell security tools, or curation, or whatever. Many people will even want to buy them, but things break when that starts being a duty. And the only way to prevent it from becoming a duty is to accept that people own their own mistakes.
> And the only way to prevent it from becoming a duty is to accept that people own their own mistakes.
This tends to be counter to consumer protection laws or data privacy laws.
A company that can be held to strict liability for their actions can be sued (and be found liable) even if they presented that the action is unreasonable or dangerous.
In saying a consumer who buys a 100% "you can do anything on it" device liable for every action that that device takes no matter what initiated that action?
To me, the argument that you should be able to do anything on the device and be held liable for all the actions that device allows is very similar to that of "the maker of the device has no liability for providing a device that can be misused."
If that is the case, then (to me) this would need to be something that would need to be changed by the courts and the laws (and such a company would need to pull completely out of Europe).
Indeed, the bad attitude I'm talking about has found its way into some laws, as well as into other kinds of norms and expectations. That doesn't make it good.
You may be exaggerating it, but insofar as you're right, you're just describing the problem.
> no software that has not been vetted can be run on this device
That’s just it. Software isn’t being vetted. Witness all the scam apps in the iOS and Android app stores. Even paid developer accounts don’t stop people from publishing these, nor does Apple’s walled garden protect you from them.
Do not make perfect the enemy of the good. There are failings of vetting.
That said, for sensitive apps they tend to go through more strict scrutiny of their functionality. Publishing a "Wəlls Fargo" application will likely not get approval.
The question isn't "does it need to be 100%" but rather "if was not done at all, would Apple or Google be liable for flaws in their software (e.g. VM breakouts) that allows malware to do banking transactions, location tracking, or place calls (e.g. 1-900 number dialing) without user consent?"
I'm fairly certain that Apple and Google take measures to limit their liability. With how courts and countries are finding technology companies liable for such (consumer and data privacy protections), I would expect to see more restrictions on the device to try to further limit the company's exposure.
I deal with a lot of young people who have grown up with tech, and my experience is that in general they haven't got a sodding clue about how anything works, or the implications of any of this.
Or it's not a computer and really something more like a television. In that case these things should be thought of as a vice rather than a productivity tool.
The social structure of the smartphone app ecosystem is remarkably similar to the cable provider -> network -> show situation from before too.
The example I always go to is a Nintendo or PlayStation, etc.
They’re clearly just computers, they’re “hardware you own”, but you’ve never been able to run whatever software you want on them. But it’s been like this since the 1970’s and there’s never been an uproar over it.
For me the difference is that you know what you’re getting into when you buy a console, and it’s clear up front that it’s not for “general” computing. I’m inclined to put smart phones into this category as well, but I can see how reasonable people may disagree here.
For me the difference is that you know what you’re getting into when you buy a console, and it’s clear up front that it’s not for “general” computing. I’m inclined to put smart phones into this category as well, but I can see how reasonable people may disagree here.
I think there is a huge difference. You can perfectly live your life without a game console. Even if you are a game addict and it is absolutely necessary for you to live, you could buy a PC and game on that.
Smartphones are a necessity nowadays. Some banks only have smartphone apps (or require a smartphone app to log in to their website). Some insurers want you to upload invoices with an app. Some governments require an app to log in (e.g. the Dutch DigiID). You need a smartphone to communicate with a lot of organizations and groups.
Smartphones have become extremely essential. And two companies can decide what does and what doesn't get run on a smartphone and they can take their 30% over virtually everything. They can destroy a company by simply blocking their app on a whim (contrast with game studios, which could always publish their game for PC or Mac or whatever).
It is not a healthy, competitive market. It is the market version of a dictatorship. And Google forbidding non-app store installs is making it worse.
Governments should intervene to guarantee a healthy market (the EU is trying, but I think they are currently worried about the tariff wrath).
There was a documentary over here on TV about people that do not use smartphones. The conclusion was that it was almost impossible, they often have to rely on other people for certain things, and are excluded from a lot of social circles.
They have the same hardware in them as a personal computer, and essentially always have. (The original Nintendo had the same CPU as an Apple II.) The difference is only how they were marketed, and the artificial limitations on what software you could run.
The problem is larger than just smart phones. Smart phones are the templates for all future devices. You car now runs Android as well.
In the future, when your whole house is controlled by a computer, do you want that computer to be controlled by Google or to be controlled by yourself?
I think it's always going to evolve that way when people are so concerned about "safety" (no matter how that's defined) that all the escape hatches are removed.
Is it the people that are pushing for this though? Apple has long pushed privacy and security as a way to maintain their control over personal devices, the people just believe it and accept it. Google is just taking notes and seeing how profitable that approach is. Provided there's no push back, they'll succeed easily with no one actually asking for this.
Increasingly, I keep noticing that all human-corporation relationships are a rehash of older power structures and basically struggles for power in which people gradually keep losing it until they realize they are exploited and then finally start fighting back.
People started free and equal, then some specialized into warriors[0] and gradually built deeper and deeper hierarchical power structures, called themselves "nobles" and started exploiting the "commoners".
At some point people snapped, killed a bunch of them (French revolution, US was for independence, etc.) and decided they wanna rule themselves.
And then companies started getting bigger and bigger, with deeper hierarchical power structures, the "nobles" call themselves "executives" or "shareholders" and the people doing actual productive work are not longer "commoners", they are "workers"[1].
[0]: And thus controlled the true source of power - violence.
[1]: Ironically admitting that people who are not workers are not doing real work, they are just redistributing other people's work and money.
I don't like describing it as cycles because it is too simplistic and pretend it is inevitable, robbing people of agency.
I prefer to think of society as a system where different actors have different goals and gradually lose/gain influence through a) slow processes where those with influence gain more from people who are sufficiently happy to be apathetic b) fast processes when people become sufficiently unhappy to reach for the source of all real world influence - violence.
This happens because uneducated/dumb/complacent people let it happen. It can be prevented by teaching them the importance if freedoms and to always fight back. But that goes directly against the interests of those in power - starting from parents who want children to be obedient.
Control over hardware isn’t actually the issue at stake here: many Android devices can unlock their bootloaders in a moderately safe way. Go nuts.
It’s a more tricky issue where Google and other parties can restrict access to their services to devices they deem legitimate. Their services, their rules. Your hardware. Different arguments required.
It’s everywhere: Widevine is used to prevent stealing 4K content (incl ATSC 3.0), gaming providers use it for anti-cheat, banks use it to rate limit abuse. It’s not just Android.
(I say this as someone with an Apple Vision Pro running visionOS 1.0 with the hope to jailbreak it one day. I’m actually unable to do whatever I want to their hardware, unlike my Pixel phones.)
There are actually just about no services that genuinely need hardware attestation other than some DRMed music/video and zelle. Everything else pretty much works on Linux in a browser or has some substitute that does.
Yes, only some things for now! I hope it stays that way or decreases, but that’s not the way the arrow is pointing.
Providers still implement it where they can, like for blackout restrictions for US sports games: impossible to enforce on the web because I can spoof location. Very possible to enforce on iOS because jailbreaking is not possible. Possible to enforce on Android because you can check if spoofing was made possible.
It’s currently the primary reason I can’t play games online on Linux.
If there are rooms in your house someone else could lock you out of, do you own the house or do they?
If someone else could use your car without your permission, do you own the car or do they?
If someone could grow their own plants in you back yard, do you own the garden or do they?
If someone else could choose what programs run on your computer, do you own the computer or do they?
Saying "basic human right" instead of just "basic right" may be odd, but definitionally, owning a thing means having the right to say how it is used. Either you own it and have that right, or you don't own it and don't have that right. That's what owning means.
There are times when it is necessary to limit the rights that a individual has so that the system that the individual lives within can work.
You can buy a radio transmitter, but you're not allowed to operate it without a license. You can likewise buy a car, but you aren't allowed to operate that either without a license.
You do not have the right to modify your phone so that it acts as a radio frequency jammer.
Possession of a device does not give an individual unrestricted rights to what can be done with it.
Requiring something and locking someone out are completely different things.
I’m fine with government requiring smoke detectors in my home, I’m not fine with completely unregulated private entity deciding how I live in my home, bought with my money.
And in case of a muffler, there’s literally no one in this entire world who can stop me from removing it. There are repercussion for doing so, but nobody stole my rights from removing it.
It's practically impossible due to the closed drivers and specs, directly causing planned obsolescence and e-waste. It should be a part of the right to repair.
That’s a great ideal, but Android is used both by sophisticated users who want a phone they can tinker with and the tech-illiterate grandparents of the world, who will never have a legitimate reason to install an app outside the Play Store, and who would never attempt to do that unless they were being guided by a scammer.
So, put a toggle somewhere. When the toggle is toggled, put up a big fat warning sheet and say if somebody on the phone or mail asks you to do that, 99.9% it's a scammer.
If people still go for it, then it is their responsibility. A lot of things in life require responsibility because otherwise the results can be disastrous. But we don't forbid them, because it would be a huge violation of freedoms.
But it’s not someone on the phone - it’s their best friend / star-crossed lover who they met on WhatsApp because of a chance wrong-number text! Since then they’ve become incredibly close, and they can trust each other with anything. When their lover gives them some amazing investment advice and it requires clicking through a scary-looking prompt (like they do all the time on a phone), who do they trust - their one true love or a generic warning message on their phone?
You have to take into account that the threat model here is vulnerable people, often older, being taken in by scammers who talk to them for weeks and gain their complete confidence. To the victims, it feels like a real romantic relationship, not someone who could even possibly be a scammer.
The solution is not taking people's freedom away. The solution is education. Lesson 1: lovers are not for investment advise.
Also, scams also happen outside smartphones.
What's next? Are we going to revoke people's control over their financials because they might be scammed? Let's have the bank approve before we can do a transaction. And since we are using their payment platform, maybe they should also take 30%.
Please stop feeding their narrative. Scammers are Google/Apple's "but think of the children".
Aren’t they? I ask my partner for investment opinions all the time.
> Let's have the bank approve before we can do a transaction.
Yes… That’s already how it works. Banks use heuristics to detect and prevent suspicious transactions. That’s why most of these scams ultimately involve crypto.
Aren’t they? I ask my partner for investment opinions all the time.
Obviously, the probability of it being a scammer reduces with the amount of time. In the end it's a function of time vs. effort. Scamming billionaires by marrying them and waiting until they die happens frequently enough. A 5 year scam for a few thousand bucks, unlikely.
As usual, use common sense, which you would have to do anyway if you do investments.
There are lots of older people who have never really invested their money, have a lot in their savings account, and might be excited by the idea of a get-rich-quick crypto investment they hear about from someone they trust. Even if they’ve only known them for a little while.
> Banks use heuristics to detect and prevent suspicious transactions.
... and it's really fucking annoying when their heuristics misfire-- which is not at all rare-- especially since they do all they can to externalize all costs of that to the customer.
We've been trying to educate people about passwords and phishing for years/decades now, and it has not worked. Further, every day a new ten thousand (US) people need to be educated:
> So, put a toggle somewhere. When the toggle is toggled, put up a big fat warning sheet and say if somebody on the phone or mail asks you to do that, 99.9% it's a scammer.
The proverbial grandparents will follow the instructions of the scammers and will click through all of that. We've had decades of empirical evidence: people will keep clicking and tapping on dialogue boxes to achieve their goal.
People have physically driven to cryptocurrency ATMs on the instructions of scammers:
Who cares? Granny is still allowed to buy knives and accidentally chop off her fingers while she cooks. If she ends up doing that it's either her fault or she's too old to be using knives. We don't ban or blunt knives just because you can cut yourself with them.
Okay great, seeing how every reasonable warning and technical restriction is completely pointless and how people will do everything they're told if they're naive enough and the person on the other end is convincing enough, we can skip this whole dance.
Because at the end of the day the scammer is going to convince your grandma to go to the bank, withdraw the entirety of her savings and send them to the scammer in an envelope.
Any technical restrictions therefore only harm our personal freedoms and don't actually protect those who are vulnerable because those people's problems aren't technical in nature.
Then why not lock down their devices. Why aren't people using the parental controls on their parents phones to lock it down and own in on their behalf? I don't understand this idea that because there are some people vulnerable to scams that we all have to give up control to Apple and Google. The option to move the trust and ownership to another party is useful, but it doesn't have to be just those two parties as options.
Not everyone has children. Not everyone has children who they remain in contact with. Not everyone has children who are tech-adept enough to do that. Not everyone has children who are less vulnerable than themselves.
Well maybe let's start small and cover the people that do first, just to see how that goes. Instead we're starting with all people on the planet, and it will be declared a success because the metrics will say it was, there's no rolling this back.
And it doesn't have to be children of parents, that's just the common example that's brought out every time this comes up.
We literally did start with that… that’s the current situation, everyone has parental toggles and yet millions of people get scammed for billions of dollars a year. You’re acting like we (and these massive corporations) haven’t been trying for decades at this point. And you’re saying we shouldn’t be trying more stuff, we should just stop and give up and let innocent people get scammed because you want to be able to run whatever on your phone.
Maybe I'm wrong, but I have never seen Apple or Google suggest that someone use the parental control tools on a vulnerable adult person's phone to prevent them from hurting themselves. They have never run such a campaign for awareness or changed those tools to make them more palatable to controlling adult's phones (these tools are always sold as things to enable on a child's device). So no, I don't think we've started with that. We've started by adding some toggles and scary warning, and I agree that hasn't worked. I never suggested we stop trying, I suggested we allow the trusted owner/admin of the device to be more easily assigned to someone that person trusts, not just forcing Google into that role without consent.
You do not want to live in a world where that's normalized. There are legal processes for determining when somebody's "vulnerable" enough to need a guardian. Those process are heavy and strict for a damned good reason. And sometimes still not strict enough.
If I'm drunk and give my friend my car keys and ask them to not let me do anything stupid, I'm not giving up my legal rights to autonomy. I don't think this is any different. Legal guardianship is entirely unrelated, unless we're having some slippery slope fun.
So you expect aging parents to actively ask their children to put controls on their devices, and not to reverse that decision when it matters most?
Many, probably most, of the people most at risk aren't going to do that.
When you're (somewhat) drunk, you know that you're drunk, and you're still able to comprehend how that will slow down your reactions while driving. When you're being scammed, you think you're right... and if you begin to doubt that, you may tend to push the thought out of your mind rather than follow it through, and to evade things that might bring it back. And it's very hard to admit to yourself that you're permanently impaired in that sort of way... especially when you're impaired in that sort of way.
I'm expecting us that come up with something better than "give all computing control to two US companies" Yes this idea has flaws that you're an expert at picking at, but there's gotta be some middle ground that doesn't treat all of us as the most tech illiterate or scammable people.
> let innocent people get scammed because you want to be able to run whatever on your phone.
As always it comes down to insulting and emotionally guilt tripping people to screw them out of their freedoms and of course there's never even a shred of evidence to support any of these incredible claims. You're laying it on too thick, give us a break.
> You’re acting like we (and these massive corporations) haven’t been trying for decades at this point.
You're acting like this would make a dent in the total number of people who are scammed every day.
And it just so happens that the only acceptable remedy necessitates infringing on billions of people's personal freedoms which will, incidentally, secure trillions in future profits for these corporations. All that for a temporary speed bump that would only affect a minority of scammers who would adapt in a month.
So because it's low on the list it's not a right? Where do we draw the line? Let's do an experiment. Which rights can we take away from you? Some are pretty far down the list, right? The right to live is pretty important, so that's all the way up on the list. So where's the line drawn?
How is this overly simplistic? It is pretty simple. You buy some hardware, and some company wants to force you to use their telemetry ridden, data collecting software under the guise of stupid people being unable to do a google search and comparing a string. I can safely say I don't want to live in your technocratic techbro wet dream.
Remote attestation is a useful capability. One example: it can be used to create a camera such that the photographer can prove that an image is an accurate recording of reality and not AI-generated. Without remote attestation, we will soon enter a state of affairs in which the courts (and anyone else, too) cannot ever rely on photographic or video evidence.
The banking system has been relying on remote attestation for decades to ensure that devices used in settling financial transactions have not been tampered with:
Also, I think the chip-and-PIN cards used for most in-store transactions in Europe for the last 20 years rely on remote attestation and tamper resistance to prevent fraud.
Finally, in the domain of desktop and laptop computers, there is a big security hole in that most components (certainly, disk drives and storage devices, but basically any peripheral or board) are essentially embedded computers that can be pwned with the result that they stayed pwned even if the owner of the computer installs the OS from scratch. One solution to this would be for suppliers of peripherals and boards to get much better at securing their products or to stop using microprocessor to implement their products, but it would be quite a lot of work (and governmental intervention or at least intervention by industry-wide quasi-governmental entities that currently do not exist) to get from the current situation to the one I just described. The only products currently available that are secure against this threat (aside perhaps from using 40-year-old computers) use verified-boot technology to implement the security.
I.e., the only desktop and laptop computers you can buy where you can be reasonable sure some attacker hasn't installed malware in the computer's disk drive or track page or wifi module are things like Macs and Chromebooks, which implement the security using verified boot.
So we should all give up our rights so we can use the fancy new locked down technology to digitally sign our photographs. Oh, and now every photograph you ever post on social media can be tracked to your device. I love your future!! We should also install a camera in your bathroom. Just to attest. It's just attestation, bro.
I am sorry that free choice what software to install on your device goes against your existential fear of "AI extinction" as displayed in your profile description. I guess I was wrong, and surrendering all your rights, being tracked and used for datapoints that will in turn be used to train AI is actually good.
I don't think the "ethic" you are proposing (i.e., a consumer should have free choice of what software to install on their own device) has much bearing one way or the other on AI extinction risk.
Do you simply not care that this Linux computer that you have such warm feelings about is fairly easy to pwn (in part because of the lack of verified boot and in part because desktop Linux software is just much easier to pwn than the systems software on a Mac or a Chromebook or an iPhone or an Android phone) such that if you ever got to be an effective activist against some government or some powerful industrial interest, that government or industrial interest could fairly easily eavesdrop on everything you do with this Linux computer?
That doesn't sound much like protecting your individual rights.
You're right. My loonixtard brain didn't grok this without your input. My device is going to be pwned because I didn't use a Microsoft verified image. Should I ever feel the need to start the revolution, I will make sure to use secure boot and use Microsoft windows using my employers account.
It appears that most PC makers didn't implement verified boot correctly (e.g., they negligently left sample keys in the firmware they shipped), which is why I avoided any mention of Windows in my previous comments.
Google having your privacy in mind is laughable: this is a company that literally makes money from collecting information about people. So please, don't buy into that folk tale - it's a company, their interest is and always will be one thing: revenue.
- from printers refusing to print unless the ink was of the blessed brand
- to planned obsolescence of Apple phones
- to adversarial inoperability of Apple's trash lighting cable charger with well established standards
- to Apple refusing out of store transactions so they can steal developers' profits
- to Anthropic luring users saying they will never train on your chats but then training on your chats
- to facebook basically backdooring your device so they can track you cross vpn and incognito https://localmess.github.io/
- to locking your OS on your own device to not be able to install software that is not blessed by google so they can control what you install and bully the developers for a bigger slice of the pie
Companies like Meta, Google, Microsoft, Palantir, Apple are absolute garbage, a menace to society, a parasite that grows like a tumor and can only be stopped not by the non existent "invisible hand of the market", but by being regulated and fined to oblivion.
Evolution used to work by some people dying before they could reproduce.
That's how we become the smartest animal on the planet. But it no longer works, we are very good at keeping everyone alive. And there's nothing wrong with that, as long as we don't compromise our freedoms to achieve it.
Some people getting exploited is the modern equivalent of leopards eating your face. It would be nice to protect people from it happening but NOT by everyone giving up basic human rights. And yes, in the modern world, running any software on your hardware should be a basic human right.
Especially at a time where computation is starting to resemble intelligence. Otherwise we all become serfs all over again.
A certain kind of arrogant man who hails from the land of theory tends to believe that everything can be perfectly optimized, that even real-world systems can be designed with mathematical guarantees as to some constraint or another. In their world every thing and every one is an abstract variable to be managed and modified, a goat to be herded. User input is modeled as untrustworthy, hostile input and treated accordingly. The unwashed masses have never toiled in their sterile computer science cathedrals, never been anointed with the sacred waters of ROOT, and thus could never possibly deserve to wield the powers of computation without the infallible guidance of Saint Jobs (peace be upon him) and his holy host.
To compute on one's own is to open one's electronic soul to the Sins of Free Software. Such devilish arts must be shunted to the margins of society, till they may be purged on That Day when all shall bask in Google's light forevermore.
Even assuming this is a good faith effort by Google (which I seriously down of course), there's a point where you can only do so much to protect people.
Showing them the permissions requested, training them to not install things from outside the store unless they know what they're doing, explicitly needing to manually enable installation of software from the outside, etc etc.
That's it. You've done your job.
And if, despite all that, some people still want to continue to use their phones in a dangerous manner LET THEM suffer the consequences of their ignorance. Let them bruise their knee. They're grown ups, presumably. Some people just need to learn the hard way, and we shouldn't architect the entire system to protect that lowest common denominator.
You absolutely do not need to childproof the entire phone to protect people from themselves. For me, that's why it's patently obvious that this move has an ulterior motive.
Safety is important, but may not that important. So, shouldn’t we just create something like a "secure virtual machine" to make it easier to protect sensitive content, rather than requiring the highest level of security for everything?
There is something that's always perplexed me. Why is it that money when transferred electronically can so easily disappear into obscurity or oblivion? Why is there no full audit trail?
Restated, every electronic transfer requires a sender and a receiver—and there are standardized (electronic) protocols to ensure funds are debited from sender's account and credited to the receiver's account. So we ought to know where monies end up but so often we don't.
The way around these scams is (a) have infallible fully identifiable trace routes, and (b) destination banks must be known to the sending bank and meet an international standard of prudence and integrity or funds would not be transfered, and that ought to be a lawful requirement. (Ipso facto, it would be incumbent on recipient banks to know its account holders and to act on fraudulent transactions.)
In other words, the electronic funds transfer system should be transparent from the sender's account right through to the recipient's bank and the actual bank account within that destination bank. In short, the funds should be traceable right through to the point where the recipient withdraws cash from the destination bank and walks out the bank's door. (There are ways that a destination/bank can keep certain details about the recipient private and yet still allow the money trail capable of being audited that I can't address here.)
In effect, the requirements ought to be (1) sending banks would only transfer funds to banks of known integrity, (2) receiving banks must have procedures in place to recover monies from accounts in the event of fraud, and (3) protocols such as delaying payments, putting funds in escrow until transactions are proven legitimate, and methods of recovering/refunding funds etc. are properly established. Transparency would also mean transactions would be reversible in case of fraud.
Ideally, such procedures would be set out in ISO protocols and by law banks could only transfer funds to other banks that follow the protocols.
Yes, I know this sounds simple and the world's banking systems are complex and convoluted and that there'd be many objections from many sources, banks, credit card companies, money traders and so on but it cannot be denied that the great weakness in funds transfer is that monies can vanish without a trace. Frankly that's unacceptable in an age of electronic money transfer where every cent is accounted for along the transfer route. That various entities can obfuscate that accounting at various points in the transfer process ought no longer be acceptable.
To say it can't be done or that it's unacceptably complex is bullshit, for example banks and credit card companies such as Visa and MasterCard had no trouble blocking funds transfered to WikiLeaks.
The real problem is that the world's banking system is a law unto itself and that banks would on many grounds object strongly to introducing a system.
Look at it this way: similar schemes to that which I've outlined are already in place in say conveyancing, property is only deemed exchanged and the transfer complete when lawyers 'meet' and exchange money and land deeds. Same happens when say two waring countries meet and exchange captive soldiers on the spot.
Given the many billions of dollars lost to scammers every year it's clear that banking transfer systems are hopelessly flawed. Things would soon change if banks told customers that they cannot transfer monies to xyz destination because the money trail is untrusted/cannot be authenticated and that it would be unlawful for them to so act.
Victims would almost certainly have transferred funds to money mules, who would have then immediately broken digital audit trails to the ultimate destination by withdrawing as cash before passing it around.
The entire excuse is that banks need people to sign their software because otherwise they can't identify who stole people's money using bank transfers.
How is it possible that one can even say that shit with a straight face?
Friendly reminder that rather than have malicious apps steal bank credentials using zero days, all the people I’ve known who’ve been scammed… voluntarily read out their OTP to said scammer, or transferred the money themselves to the scammer’s bank account using the official banking app.
Funnily and ironically enough, a phone that is rooted and fails safety net would likely not allow the bank apps to open, and thus be safer in such a case.
I'd like a source for that. News to me if that is common at all. Not to mention there are apps on the playstore / ios store that can be used in a similar way without sideloading.
> controlling household members sneakily installing creepy things on devices of those they live with and want to control.
This is actually the happy path: parenting! I would love to see this approach taken with parenting, rather than trying to age-verify the internet.
Of course what you're talking about is abusive behavior, but my point is that's not what we're solving for here: and "parent has control" scenario has the dual-use of "the abuser has control". I don't think we can fix that by requiring code signatures or banning sideloading.
Back when the Apple hardware for iPhone offered real isolation between apps, yes. But that's really hard to maintain and isn't PRISM-friendly. Neither Apple nor Google can justify offering real isolation for apps in the current market.
Yes but they're virtual now where the early apps were physically or logically isolated with memory isolation and secret vault. They still have the secret vault but the virtualization layer is all software and the OS has special access.
---
iOS and Android still provide per-app sandboxes, but those sandboxes are managed entirely by the OS kernel and higher-level frameworks.
Secure Enclave (iOS) and Titan M/TEE (Android) still exist for cryptographic operations, biometric data, and DRM, but access is brokered by the OS. The enclave doesn’t run apps; it just provides cryptographic functions.
OS privilege expansion: system services have visibility into app data at runtime for telemetry, background tasks, push notifications, etc. Apps are isolated from each other, but not from the platform owner.
Result: app-to-app compromise is still difficult, but OS-level compromise (intentional or not) gives broad access. This design simplifies features like push services, app updates, and sync, but makes "true isolation" (hardware separation, zero OS visibility) infeasible in today’s consumer mobile ecosystems.
On systems before apple's locked-down iphone, it was just called "installing".
The PC revolution started with people just inserting their software into the comptuer and running it. You didn't have to ask the computer manufacturer or the OS vendor permission to do it.
And note that apple doesn't allow you to protect yourself. You cannot install a firewall and block arbitrary software on your phone. For example, you can not block apple telemetry.
2. I try to install my own software.
3. I'm prevented in installing my software on my device without "permission" from manufacturer.
4. Therefore, I do not own said hardware; manufacturer still does.
5. Therefore this is a indefinite rental instead of a sale.
6. I was defrauded with a fake sale, and Apple is defrauding IRS by not being properly taxed over millions of rental units (phones, tablets)
Want to renovate and change your home that you own? You need permitting and not all changes are allowed. But you own the home and land so why do you need permitting?
Say you want to modify your car that you own, again depending on the modification that's technically not allowed either (an aerodynamic wing in a place like Japan, for instance, can't be certain dimensions; but if you own the car you should be able to do what you want with it).
Maybe none of these types of things should be beholden to someone holding the reins of the thing you own but it's not like Apple not allowing sideloading is some wholly unique problem.
If there was a law requiring apps to be approved by someone first then your argument would be valid, but I do not think such a law exists (at least in my country).
While complying with a regulation vs a business requirement may feel like the same thing in practice, there is at least an avenue to change the regulation via, you know, democracy.
I believe both this situation and the iphone software situation are wrong, so it's not really a counter argument.
Yes. I'm not the original commenter, but this is what I expect.
From my POV, the OS exists to virtualise the hardware it runs on. I don't want the OS manufacturer to decide if I'm allowed to have a web browser or play games.
Naive in hindsight, but until game consoles and smartphones came along, it didn't occur to me that an OS would forbid me from installing something.
For example, a coffee maker does have software in there. But it does a job and does it well. There's no cloud garbage, no remote attestation, or much of anything.
To that end, I look at "who can control the device?" If the answer, as someone who paid money for it, and the answer is "the company", then I'm logically not the owner.
Alongside a fraudulent sale, there is also tax fraud by misclassifying these rentals as sales.
I've also seen nobody discussing the tax fraud angle either. We the public are getting cheated as well, from both directions. Its high time we start suing and pressing charges, and making us whole.
No you can’t? Things like Project Sandcastle barely function on a single model. It can’t even access the network
I have a purely mechanical lawn mower. I can replace any part of the engine, frame, switches, I can add a second engine if I wanted to.
An Iphone doesn't let you do any of this. "Their OS", no dude, I bought it, it's in my hand.
Again, these companies who want to "sell" something, but still retain owner-level control at a distance should be classified as a rental.
And a rental means the company still owns this property, and therefore should pay taxes on all of their property.
And that would absolutely mean that game consoles SHOULD not be sold as such. Or better yet, if these companies do make changes against the property owner's decisions, should be prosecuted using the CFAA against the company.
Case in point: Nintendo Switch 2 is remotely destroying consoles that play a game that was ripped by someone else. If it were me, Nintendo of America's C levels would be charged with CFAA and have a nice perp-walk.
But that's the point in the USA. Companies are allowed to use Trojans and hack tools against hardware others own, but if we tried that, I'd be making this message in a jail cell.
What taxes exactly are you referring to?
E.g. if a game console manufacturer wants to retain owner-level control of their console, they can rent it to you for $X per month, which would include a Y% sales/VAT/GST/whatever tax.
And correspondingly if the device is sold to you, they should not be able to do things like disallow you from running custom software, remotely brick the device with a soft fuse, etc. and otherwise stop you from using it freely.
I think there is a middle ground (e.g. you can buy the console and either have it in "secure" mode as it ships from the factory, or choose to "root" the device and gain the ability to run custom code - perhaps this would invalidate the manufacturer's attestation keys from the secure enclave or burn a soft fuse as part of the process, so it no longer passes checks for DRM and so on). However that may not be economically viable as I understand the consoles are often loss leaders on the hardware and the profit is made on game sales and licensing.
My question was referring specifically to the “not paying taxes”. TTBOMK, in all western jurisdiction, sales/vat/etc/income taxes on sales are equal to or higher than those owed on rental income - and op kept repeating (in multiple responses) that misclassifying a rental as a sale is a tax fraud for the seller/original-owner. That makes no sense to me.
But regardless, if a company can remotely remove my ability to use a product solely at their discretion, we need a better way to talk about than "buying and selling"
Apple wants to sell appliances. The parent commenter wants to buy a computer.
That's the fundamental disagreement.
Most of these analogies don’t make things much clearer.
The closest one is: the phone is supposedly my employee - I pay its salary (to Apple), but it is asking Apple to approve everything I ask it to do, and they are the only arbiter.
(This analogy also sucks. You have to actually deal with subject matter at hand and not look for shortcuts)
I think we can do better than "well you own it because you're technically allowed to attempt to break the lock." We can demand that users be given ability to remove the lock.
So... Who's the jailer?
As an owner, I want THEIR rights.
It’s a disingenuous argument.
You actually can’t.
It’s not indefinite, because the vendor won’t support the hardware indefinitely. It’s also not a rental, because you are free to resell the hardware.
So Apple has never allowed sideloading. Google however?
Well if an update breaks that, it would be the same thing sort of.
The energy in this comment is 'Mr Gotcha', and is as "inspiring".
But the terminology did seem to spring up with iOS. It makes sense to call it that there. But on a platform that allows it, it's just installing.
If the phone people could make a solid permissions system, this wouldn't be a problem. Applications should by default be able to read their own install files, and have dedicated directories for their local storage, caches, and such. They can make network connections to their home site, if the user allows it. That's all they get.
This covers most games. What else does it cover?
Many moons ago I attended an internal tech talk by the Google security team. This was shortly after they got hacked by China around 2010 or so. The talk was a general one on what they were doing to boost the security posture in general.
Number one thing they were doing was moving away from AV scanners on Windows to a regime in which IT would centrally whitelist all apps by signature or EXE/DLL hashes. Beyond the issue of false negatives, the reason was that people would routinely install malware infected software despite being told by the AV scanner that it was infected. They'd be told that and they'd just override it. Nearly always the reason was that they were installing pirated software and wanted it badly enough that they either didn't care that it was virus infected, or they talked themselves into believing a conspiracy theory in which AV companies reported false positives to try and discourage piracy.
The other problem with AV was that it reported true positives centrally, but then they'd be coming from high level executives and there'd be problems with addressing the issue. Whereas in a whitelisting scheme said executive would have to file a ticket to request permission to install the malware-ridden pirated Photoshop or whatever, and they wouldn't do it.
This was very sad and I don't know if they kept it up, that sort of thing is terribly high maintenance and it wouldn't be a surprise if they moved away from it at some point. But when your biggest problem is AV that is accurate but ignored and that's inside one of the world's most sophisticated tech companies, it's fair to say AV is not useless but if anything needs to be even stricter.
To be fair, pirated software often uses obfuscation techniques similar to malware, and then it's more like antivirus vendors refusing to add an exception for pirated software, rather than antivirus vendors specifically seeking out pirated software to mark as malware.
Also:
Certain types of scripts and software that I use to configure Windows in unsupported ways are detected as malware by major scanners. While I'm sure someone wouldn't appreciate these scripts being used on their computer by surprise, when I use them intentionally, I want their effects.
How is that curl https://... | sudo sh going?
Apple also has enforced a similar policy to what Google is doing, but much stricter, and has done for ~13 years or so (devs must be identified, the OS rejects unsigned code in all territories by default, Apple pre-approves all binaries even outside the app store).
Linux distros have policies far more extreme than anything Google, Apple or Microsoft have ever done. They explicitly don't support installing any software not provided by their "app stores". Getting into those requires giving up your source code to them, and they reserve the right to modify it as they see fit without informing anyone, reject it for any reason or no reason at all (including reasons like "we don't have time"), and they tie getting new releases of your app to the user upgrading to new releases of the OS. If you do try and install stuff from outside of your distribution, not only are there security warnings to click through but an expected outcome is that the OS breaks and the vendor washes their hands of you.
Despite those policies, or perhaps because of them, botnets of Linux servers are common.
Of all consumer-facing platforms only Windows and Android allow installation of unsigned third party code out of the box via some obvious graphical path. And on Windows that right is somewhat theoretical. You can do it but the built in browser will try very hard to stop you, and the OS itself will happily break unsigned code by blocking file open syscalls heuristically. So in practice most apps don't go the unsigned route. On Android OTOH, unsigned (non ID verified) code is sandboxed and works just like regular apps after installation, the OS won't heuristically interfere with the app.
Most Linux distributions don't prevent you from installing third party software at all. You download something, you set the execute bit, it runs.
Users are wary of doing that with software from untrusted sources because, obviously, you're then placing your trust in whoever provided the software instead of the distribution's packaging team. But the OS won't stop you if that's what you want to do, and sometimes you do trust the source of the software.
> Despite those policies, or perhaps because of them, botnets of Linux servers are common.
Botnets of Linux servers are common because some people operate them without security installing updates (common with WordPress), and then attackers exploit known vulnerabilities in the unpatched software.
But "locked" phone platforms regularly discontinue security updates for devices that are still in widespread use. Locking the device doesn't solve that problem at all, and in fact makes it worse because then if the OEM doesn't patch it nobody else can do it either.
The OS doesn't stop you installing third party software - signed or not - on macOS, Windows or Android, so "allow" is nothing interesting. That also won't be changing with Android, given that you can buy a phone with an unlockable bootloader and reflash to some other spin of Android that implements whatever security policies you want. You can put these devices into a mode that allows anything.
The question is whether that's something the vendors make easy, if they support it in the sense that you can do it and they will still deal with you if there's a problem. That's what support means. It's not a synonym for technically possible.
Windows, macOS and Android don't consider installing third party software to put the system in an unsupported state. Linux vendors do.
The concern is that they are now doing this on Android, and have long been on iOS. Moreover, there are really three things here: Fully supported, still easy enough to be practical, and so much friction that it's dead.
If you install Steam on Windows, Microsoft doesn't "support" that -- if you call Microsoft support and want them to fix a problem with Steam, they're going to direct you to Valve. But installing Steam on Windows is easy to do, and therefore common. And it's the same thing with installing Steam on Linux.
Likewise, you can get Linux software from the distribution's repositories, but you can also use pip or npm or flatpak or any number of alternative packaging systems, and doing this is easy and common.
Which, on Android and iOS, it isn't. It's not just "not supported" but so arduous that the alternatives can't gain traction, which is qualitatively different and has consequences in terms of network effect even if it's technically possible to install LineageOS on a handset if you buy just the right one and immediately reinstall the OS and keep a separate phone to run your bank app. And even then you still can't install a mainline kernel on that device and are reliant on the OEM to keep publishing security updates.
Even with this new policy there are still ways to install unsigned apps on Android e.g. via adb, reflashing to a different build of Android, and so on. But you're absolutely right that there's a spectrum of usability here, which is why "allow" isn't really a useful standard. Only iOS tries to set friction to 100%. Every other platform "allows" third party installation given enough work, which is why it's valid to compare the difficulty of doing so on Linux with other platforms.
Re: Steam. Microsoft absolutely does support that! If you install Steam, Windows breaks, and Steam isn't doing something disallowed like messing with internal data structures, then Microsoft will accept it as a bug in Windows. They work very hard to support apps even when they actually do mess with internals. It's the Linux world that shrugs if a change in Linux breaks Steam when Steam was doing nothing wrong.
Flatpak is a genuine improvement, yes. But for the rest, sorry, you have developer brain switched on! Pip! Easier to use than Android!? These tools:
• Only target developers, and as such regularly do things like try to compile software during install and then fail due to obscure compatibility or versioning issues.
• Have severe malware problems.
You couldn't present pip or npm to the Android team as a solution to the problem they're trying to solve. You blame Android for being "arduous" whilst desktop Linux has spent decades with <5% market share exactly because it's so incredibly arduous. Come on: even with these new policies it is much easier for both users and developers to access/make software on Android. I've developed and distributed software for every OS except iOS at this point, and the differences are clear.
I recently upgraded macOS, and it took me a couple of reboots and scarily-worded system configuration changes to re-enable (signed) kernel extensions…
Linux distributions each have their built in package managers, but there's no 'policy', as I understand it, that prevents installation of, literally, whatever you want. It's generally more difficult than just downloading and double clicking on the installer / exe, but just follow the instructions and it's done.
And, yes, also there are weird version and dependency issues that crop up more than would be ideal, but that's not the topic.
And, note, back when I was a Linux user, distro vendors and evangelists justified that situation by security. They said we don't want people distributing software outside of our repositories because that's how Windows users get viruses, so we deliberately won't make it any easier.
So the Linux community doesn't get to cry freedom and decentralization now, IMHO. The time to do that was 25 years ago when Debian was being praised for having big repositories. Some of us actually did point out how centralized and authoritarian that approach was, I even built a system for distributing apps in binary form to all distros (with hacks and shims for binary compatibility), and that projects attracted some volunteers, but we got pilloried for not "getting" UNIX. One Debian developer even called us monkeys.
The users got tired of this and bypassed them with Docker, a much more decentralized system in which anyone can publish images without binary compatibility problems, and using them isn't tied to your OS version or OS vendor policies. But Docker is also centralized around Docker Hub, and Docker Inc do ban images and developers when malware is found:
https://jfrog.com/blog/attacks-on-docker-with-millions-of-ma...
Not so different to what the app stores do.
It's fair to say that the only OS vendors who have ever taken decentralized and free app distribution seriously are Apple, MS and Google. The open source world went all-in on the centralized store model from the start and never looked back.
Sure, the Linux ecosystem has not prioritized binary compatibility as much, so doing so has been harder, people culturally expected "use existing libraries" more than "just bundle everything", but as you note that attitude has shifted too and it always was possible, and nothing seriously suggested preventing it.
https://slackware.pkgs.org/
Never heard that argument, ever. `apt-get` literally allows you to add whatever repositories you want. You're conflating two completely separate worlds. The first is the world of Linux that pretty much invented the idea of a software repository for an operating system. This was invented because Linux has the notion of "distros", and the trick there is to provide a set of packages that all work together in that distro. That's the purpose of curating packages in the repos (along with Free Software licensing, in the case of distros like Debian). But this system was always federated, where users were empowered to add any additional software repositories they needed. F-Droid on Android copies the exact same architecture, allowing the user to add endpoints of servers they want to pull software from.
The second is a system of control built by Google and Apple. It has nothing in common with the Linux system, but rather was designed to vend proprietary software that extracted money from users, for the purpose of lining Google and Apple's pockets. When Tim Cook testified about app store fees and the judge queried him about why they were so high, he said "To lower those fees would be to give up the full return on our App Store investment." Basically: we're charging this much because we can.
Conflating these two systems and the reasons for their design would be very misleading.
> It's fair to say that the only OS vendors who have ever taken decentralized and free app distribution seriously are Apple, MS and Google. The open source world went all-in on the centralized store model from the start and never looked back.
It is not even remotely fair to say this. In fact, it's so misleading it feels malicious. The only operating system on the planet that offers user-supplied software repositories that work with the built-in package management system is Linux. Full stop. And Linux doesn't even only have one of these systems, it has several. Flatpak, Debian repos, Ubuntu repos, Arch's AUR, Slackware's third party repos, etc. And users don't have to "work around" the system to use any of this - simply adding new URLs works great, and it's always been this way.
https://wiki.archlinux.org/title/Unofficial_user_repositorie...
https://documentation.ubuntu.com/server/explanation/software...
In short, Windows and MacOS and Android have never taken third party software distribution seriously in the least, and have done nothing to support it. Linux has built-in support for third-party repositories, and has for decades.
They all have sophisticated systems in place specifically to support third party software distribution that works (and is relatively safe):
• Windows has the app store, MSI, and MSIX (which allows efficient installs and updates from arbitrary web servers). MSIX is a package manager, by the way. It also has API support for writing AV scanners, managing software deployments across managed networks and so on.
• macOS has .dmgs, notarization, Gatekeeper
• Android has support for installing APKs from the web with a package identity system that lets anyone self-sign their software.
Above all they consider installing apps that aren't controlled by the vendors to be a core feature, so they work hard to provide binary compatibility, bug workarounds, multi-year deprecation cycles, anti-malware scanners and more, all for the benefit of developers who develop their apps independently of the vendors.
Linux can be reconfigured with additional repositories, technically, but that feature was originally designed for reducing bandwidth usage with mirrors. It wasn't meant to allow third parties to distribute software on their own schedule, which is why these third party repositories are invariably locked to a specific version of a specific distribution. Developers who complain about this are just told every version of every Linux distribution is a unique OS, and that they should open source their apps to let distributors centrally take ownership of their work.
It's changing a bit now with Flatpak. But for the bulk of Linux's history, that was the gig: no supported way to distribute your apps, and third party repositories would come with health warnings from your OS vendor. Not a supported way to use the OS. If it breaks you keep the pieces.
I've used Ubuntu, Debian, Manjaro, Mint, and Fedora, and none of them are like this. Which distro do you use that doesn't let you install any software you want?
The stuff about Linux not letting you install stuff flies far in the face of like everyone’s knowledge of Linux. Your description of how Linux installation works is pure fantasy.
I've been a Linux user for 25 years. You can reconfigure the OS to use additional repositories. It may or may not work, and only if there is a repository specific to both your distro and its version. But it's not a good idea.
In particular, OS upgrades are very likely to break. Being able to upgrade itself is a basic requirement of any modern OS. If your Linux distro corrupts itself on upgrade or fails to do so and you file a bug report you'll be told to remove any third party software because that's not supported.
This would be like if your Mac started crashing on boot because you downloaded a word processor from a website, and then Apple say "sorry, we only support apps coming from the app store". They don't do that, but Red Hat or Canonical will.
Nonsense. You can and run install whatever you want. Tons of closed source commercial software available for Linux like Matlab come as a .tar file which you extract and run.
But we certainly support your _ability_ to install and run whatever you want. It's your computer, and it's your OS.
And although I was making that argument to Fedora decades ago, it's only recently that this point has been accepted with official support by Red Hat for stuff like Flatpak. Of course other distros developed their own thing as always so it's still not really ideal. But at least the principle was now accepted that third party apps should have a properly supported way to thrive. Far too late, but it's done.
Working in retail tech support, we got folks bringing in their new macbooks, freshly ruined by new ransomware, utterly baffled that it was possible at all. But when you're trying to use Photoshop without paying... well, shady stuff's still out there.
https://support.curseforge.com/en/support/solutions/articles...
My last 10 apk installs:
- 9 apps not available in the local store - 1 app I changed some setting in the manifest
For less technical people it will also include some shady apk's for example promising free La Liga match broadcast but then scraping everything from phone.
If you want an open phone, buy one. But I instruct all of the older members of my family to buy iPhones and iPads.
I’ve been programming computers since 1986 and even I have never said it would be cool to side load on my phone.
Because you know about the options, and probably have at least one computer where you can install what you want. Imaging if 1986 you only had access to an iPhone, like most young people today, would you still be programming computers 40 years from now then? There are new computer science students in university that doesn't know how file paths work.
All of the services I need to operate my buisness (such as my banking app) are also locked down to locked down OSes thanks to the silent majority and viewers like you.
There are none that are usable.
Is this a joke? The reason for TFA is precisely that this is quickly becoming impossible as Google closes down Android. It's already viciously impractical to install a privacy respecting OS like Lineage or Graphene, and now they're coming for the very possibility of installing software.
Obviously there no way on earth Google will allow you to decide whatever device you own is "safe". There is still ways to bypass it using kernel hacks, but it's both cat and mouse game and often not very trustworthy since a lot of software used to bypass safetynet is proprietary.
So yep, using custom OS on your phone is impractical because Google made it so.
I’ve heard people say Monzo in the UK. But there are plenty of banks in the UK you can choose from in the UK that have websites
You've already quoted one example so you know which was the trend is going, but since you asked here is another. New bank accounts handed our by https://boq.com.au/ can only be accessed from a phone, or via the web.
I started banking with them a long time ago. All accounts open back then have net banking, but no app. They've recently changed. New bank accounts can be accessed via an app, but web interface. I think this is a good thing in general. Insisting you do transactions using your phone or in a branch is far more secure that allowing payments via the web, or card.
As fraud continues to increase I suspect most payment systems will go that way. I would not be surprised if the bulk of non-cash payments on the planet are already done by phone: https://theconversation.com/no-more-card-charges-how-austral...
It's actually an EU law that financial apps must use something like Play Integrity and online banking must be authenticated by a smartphone.
It is a move taken in lockstep with EU's Chat Control and UK's Online Safety Act, and the proposed Kids Online Safety Act in the US. The common objective of all is total control of digital lives of citizens and allowing the government to snoop on all internet communication while not disabling end to end encryption. They need end to end encryption to lock out external adversaries (Russia China etc) but they need to see the contents of encrypted messages to monitor internal adversaries.
First step is blocking you from running any apps not allowed by Google/Apple.
Second step is putting in the systems to snoop on end to end encrypted communication apps on the endpoints, enabling intel agencies to detect thoughtcrime without exposing everyone's chats to Chinese/Russian intelligence. This will most likely be done by OSes recognizing the apps and extracting private keys on demand.
Last step is locking the bootloaders so you cannot have a phone which lacks the 'features' added in the second step.
> "Many years ago I posted that I could not see anything wrong about sex between an adult and a child, if the child accepted it.
> "Through personal conversations in recent years, I've learned to understand how sex with a child can harm per psychologically. This changed my mind about the matter: I think adults should not do that. I am grateful for the conversations that enabled me to understand why."
https://www.stallman.org/archives/2019-jul-oct.html#14_Septe...
(I do agree with your comment overall, anyway.)
how then? just a rough idea would be nice. because don't see it. as much as it pains me, but i have to admit that i find the article convincing. i see these people around me every day. they have no experience with technology. they didn't even go to school long enough. yet they all have a smartphone with no idea what it is capable of, or what the consequences are. and they are used to the government taking care to protect them.
Even if we are restricting installing apps, there are less heavy handed measures. By enabling .apk installs only via developer options/command line/adb in a way that the average user will never be able to figure out, for example. Sprinkle a few warning pages with scary red lettering and it's fine. Grandma will never figure out how to run adb commands on Gentoo.
There is a tradeoff between liberty and security. You can never guarantee security; the Google rules in the article won't ensure it either, as Google has been shown to simply not care about scam/malware apps published onto its own app store anyway. The whole security angle is a misdirection. The whole move is about control.
> "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety."
- Benjamin Franklin
they don't sell them to people who don't know how to use them. with the exception of knives. but unlike technology, people do know how to use knives without getting hurt. they can easily see that chainsaws are dangerous. they need a drivers license for a car, and they can't get opiates without a prescription.
none of these controls are available for apps, and yet, because they don't know how to use phones/apps safely, because they can't tell the difference between an app that is save, and one that isn't, they risk their livelihood because they fell for a scam. they are not going to install those apps by themselves. they will ask the techshop around the corner to do it for them, and the scammers give the techguy a cut for installing that app that steals your money.
the problem is of course lack of education, but education doesn't have a quick fix. in the meantime many peoples lives will be ruined.
You have already given in to tyranny when you've given that total control.
But ask yourself, would business do this anyway? The answer is yes. Google needs a growth target and modeling app store lockin and fees is there.
Youre free to live in paranoid government land, but its an unnecessary abstraction. Its actually the EU and US rulings against their monopoly thats driving it.
Again, the paranoia is just drivel.
This is just what you'd expect any government that is either competent or greedy to be doing, given the technologies at play.
Calling it "thought crime" is, of course, a bit glib. But things like "we want to monitor the communications of every pro Palestinian university student so we can take proactive disruptive actions" are very real and not so hidden desires and sentiments of modern Western governments.
> Its actually the EU and US rulings against their monopoly thats driving it.
Can you elaborate on this? Locking phones down like this would seem to make Google an even bigger target for future anti-trust suits, no?
Monopoly enforcement only occurs when theres no natural monopoly.
Well, in this domain (government surveillance), probably not paranoia.
https://en.m.wikipedia.org/wiki/Edward_Snowden
I have posted multiple times before that this effectively limits people’s property rights. Here are some other posts I have made on the subject:
* https://news.ycombinator.com/item?id=39349288
* https://news.ycombinator.com/item?id=39236853
* https://news.ycombinator.com/item?id=35067455
* https://news.ycombinator.com/item?id=40727203
That's the problem to attack - not user freedom. "Mandatory app" is an anti-accessibility anti-feature.
That may be the crux of the misunderstanding. The 'licensing' of music, movies, TV shows when you "purchase" them is coming / has come to hardware.
The owner of the device is who controls what you can do with it, not necessarily who paid to keep it in their pocket.
For example, let’s say you buy an iDevice and do not even intend to run iOS, but instead want to install/port Linux, or run some bare-metal code. You would have to ask apple to sign that code with their private key, which they won't do. The problem is a sale should have transferred all rights of property rights to you as part of the sale. The clue is you have to ask a third party to even hope to do this points to the fact your being limited on the full enjoyment of your property rights. This cryptography is not a contract or legal instrument either and you don't even have to agree to anything for it to be in effect. You could buy the device and have no intention to use the preinstalled software, and it's in effect before you even open the box.
The problem is the right of exclusion is very important, and can even derive most other property rights for example this paper "Property and the Right to Exclude" [https://core.ac.uk/download/pdf/33139498.pdf]. The fact such an important property right is being blatantly impeded is the problem.
This is crazy long and not directly about the iPhone, but this is the most comprehensive explaination I've heard of why your plea will probably never be heard:
https://youtu.be/ZK742uBTywA?si=poDXl3Mz7lYwdUxa0
(TLDR: international treaties)
Yes, obviously yes. In the same way we teach people to operate cars safely and expect them to carry and utilise that knowledge. Does it work perfectly? Of course not, but at least we entertain the idea that if you crash your car into a wall because you’re not paying attention it might actually be your fault.
Computers are a critical aspect of work and life. While I’m a big proponent of making technology less of a requirement in day to day life—you shouldn’t need to own a smartphone and download an app to pay for parking or charge your car—but in cases where it is reasonable to expect someone to use a computer, it’s also reasonable to expect a baseline competency from the operator. To support that, we clearly need better computer education at all ages.
By all means, design with the user’s interests at front of mind and make doing the right thing easiest, but at some point you have to meet in the middle. We can’t reorient entire industry practices because some people refuse to read the words in front of them.
But this sounds an awful lot like trying to avoid changing the technology by changing human nature. And that's a fool's errand.
There are always going to be a significant percentage of users you're never going to reach when it comes to something like this. That means you can never say "...and now we can just trust people to use their devices wisely!"
Fundamentally, the issue with people clicking things isn't really a problem because it's new technology. It's a problem because they're people. People fall for scams all the time, and that doesn't change just because it's now "on a computer".
But that's exactly the issue. You won't prevent someone from wiring money to Nigeria by restricting what apps they can install on their phone while allowing the official bank app which supports wire transfers.
If someone is willing to press any sequence of buttons a scammer tells them to then the only way to prevent them from doing something at the behest of the scammer is to prevent them from doing it at all.
But that's hardly practical, because you're going to, what? Prevent anyone from transferring money even for legitimate reasons? Prevent people from reading their own email or DMs so they can't give a scammer access to sensitive ones?
The alternatives are educating people to not fall for scams, or completely disenfranchising them so that they're not authorized to make any choices for themselves. What madness can it be that we could choose the second one for ordinary adults?
Arguably they already do and the numbers wanting an open phone are relatively trivial and the market ends up the way it has.
I do these days, happily, and I speak as someone who owned a Neo Freerunner and an N900. My phone is far too important as a usable, stable device to want to fuck around treating it as an open platform any more.
The market is consolidated into Apple and Google and neither of them actually offers this. Taking away everyone's choices and then saying "look how few people are choosing the thing that isn't available" is a bit of a farce.
Nobody cared, so they went away.
I mean it seems like your argument is "nobody wants this thing that people keep getting mad that nobody offers". Obviously people want it; otherwise who are all of these people?
If this is so, we need a lot MORE locked down tech. Most people on the roads are killers
Personal vehicles have turned out to be A Bad Idea, and now the consensus appears to be we should be moving toward more -- perhaps exclusive -- use of public transport, rather than expect people to own a car.
I'm beginning to wonder if the same isn't true of personal "general purpose computing" devices. 99% of people would choose the locked down device, especially if it makes their favorite apps available: Instagram, Netflix, etc. Which it may not if it were open, because then it could not provide guarantees against piracy or tampering by the end user. But still, from an end user perspective, knowing that stuff from bad actors will be prevented or at least severely hampered is a source of peace of mind.
Nintendo figured this out 40 years ago: buy our locked down system, and we can provide a guarantee against the enshittification spiral that tanked the home video game market in 1983, leading to landfills full of unsold cartridges. It sold like hotcakes.
There are some comments attempting to trick people into thinking that some of the least intelligent people of society have more freedom than regular people.
Freedom of speech and to own your belongings is first. This includes installing what you want on your device.
Apple/Google rejecting some obvious scam apps doesn’t mean people don’t get scammed or hurt in other ways. Just like online age verification doesn’t actually protect children or make you a better parent… its just straw man of sorts, designed to remove agency from users through a false sense of safety.
But it comes with the rather large price of a huge limitation to my personal choices.
It is actually much closer than you think. There are the standard sunglasses and then you have actually rated sunglasses for various purposes. The more extreme the environment, the more the former gives a false sense of safety that just isn't there.
But should they? Should we also accept Google's browser signing and ban all browsers the bank doesn't like? Am I allowed to accept calls from people they haven't vetted or is it too much of a risk to the bank's bottom line that they might talk me into a scam.
I suppose we should also write off the inevitable privacy and freedom violations in the name of "security".[0] I don't have anything to hide after all.
[0]: https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
There are also banks which are app-only.
You'll also notice that modern phones have a "spam caller" feature. It either gets data from the phone network or from another source. Should your phone block the most obvious spam calls? Your email client already blocks spam.
At a network level, STIR/SHAKEN is also trying to block you from answering fraudulent calls.
These things are happening right now. I expect most people think a reduction in phone spam is worth the occasional false positive.
You may have a different opinion.
Despite bogus requirements like these, websites have to rely on hacks to figure out what browser you're using, usually making it trivial to spoof (especially between browsers using the same engine). More importantly, websites can't prevent extensions from running, which I believe was one of WEI's goals.
> You'll also notice that modern phones have a "spam caller" feature.
I have yet to see a smartphone that enforces such feature and does not allow the user to disable or configure it.
> At a network level, STIR/SHAKEN is also trying to block you from answering fraudulent calls.
I am unfamiliar with STIR/SHAKEN, but Wikipedia describes it as "a suite of protocols and procedures intended to combat caller ID spoofing". This is fraudulent in the sense of "the caller is not who they claim to be," and not "this caller is on our blacklist" or even "is not on our whitelist". YMMV as some countries require GSM subscribers to ID themselves, but it's still far from a central entity deciding who is allowed to call you.
But otherwise I agree, I hate the same shit about requiring 2fa. Let me fucking decide about how much I care about my account being stolen.
If you want to hold the banks liable for fraud committed against you (which is exactly what happens in many countries), then it’s hardly reasonable to say that they’re not allowed to use what ever technical options they can to prevent that fraud.
You can put forward the argument that banks simply shouldn’t be responsible for fraud committed against their customers. But we only need to look at world of cryptocurrencies to see how well that works in reality.
Of course it's reasonable? You can give someone a job and also ask them to do it a certain way.
And they can say “no”. Which is pretty much what the banks do.
If you want to tax banks and pay the money directly to fraudsters, I guess that's a model you can aim for.
A) It should be harder for non-technical users to accidentally install apps designed to harm them.
B) It should also be possible for anyone to run whatever code they want on hardware they own.
Both can be true, and platforms should support both. Ultimately, it is up to the platform to decide what they want to allow and how they protect their users.
I get why Android is tightening controls: plenty of people install shady APKs they get from random websites or Telegram/WhatsApp groups and get burned. But forcing developers to register with Google isn’t the answer. If I want to run a hobby project on my own phone, I for sure shouldn't have to jump through bureaucratic hoops.
The thing is that Google already has the mechanism to protect users: the Play Store. The real problem is that its review process is weak and flooded with low-quality and malicious apps. Fixing that would do far more good than punishing independent developers. They also don't want to open up anti-trust behavior by actually prioritizing the Play Store and saying that you shouldn't trust an app from a random Chinese App Store.
If Google wants to make Android safer, step one should be cleaning up the Play Store. Step two is making that the obvious, prioritized channel. Only after that should they even think about playing Big Brother.
> A) It should be harder for non-technical users to accidentally install apps designed to harm them.
> B) It should also be possible for anyone to run whatever code they want on hardware they own
Require something in the neighborhood of:
C) It should be possible to prevent people who can run whatever they want from wanting* to intentionally or accidentally install apps designed to harm them; or, where these harms are either not harmful or are reversible.
If you consider things that help with (C), and apply this principle — “Please respond to the strongest plausible interpretation of what someone says, not a weaker one that's easier to criticize. Assume good faith." — then a lot of iOS/iPadOS developer and app ecosystem can be understood as positive intentionality around flavors of C.
* By being scammed, persuaded, misled, confused, coerced, etc.
Yes. Remove all of the features from the software. Now, I know you're wondering, "What if my users eat the battery?"
Next, remove the hardware itself. Now users cannot harm themselves at all.
Clearly, there should be a way to restrict their access to that too. Keep them from performing unauthorized bodily actions that could result in self-harm. For safety reasons.
I'd like to have some clarification what kind of safety level people generally expect from their devices.
As an analogy, consider the different safety expectations of public transport (buses, trains, planes, etc) and individual transport (cars, bikes, scooters, etc).
In public transport, I'm responsible for exactly two things: Choosing the right transport to get on and getting off at the right moment. Everything else is the line operator's fault. The operator is also well within their rights to keep me from unscrewing random panels inside the train, conducting scientific experiments with a plane's onboard WiFi or thrashing the seats when I'm drunk. They can kick me out if I behave too badly. (They can not on arbitrary grounds deny me service if that would trigger anti discrimination protections)
In short, I don't own the train, I don't have any expectations of arbitrary control, but in exchange I do have very high expectations of the service provided, even with very little knowledge of the internal workings of a train.
In contrast, with private transport, I'm much more involved in the technical details of the trip: I have to know the exact route, I have to take every turn myself, I'm expected to know traffic rules and safely interact with other participants and I should at least have a basic knowledge of the internals of my bike or car.
In exchange, I also have much more freedom to modify my transport or to pick a different route.
The question is if the safety expectations for phones are more like the ones of public or of private transport.
The analogy would be, does the your private car allow you to change the ratio between different gears in your car. Or does it allow you to customize the sensitivity of the steering wheel arbitrarily. Or install any custom kind of AC vents in your car and allowing you to make arbitrary cuts in chassis.
Having said that,first and foremost:
Its very difficult to explain to a lot of people people's expectations of vetting and privacy. People are completely fine with FB siphoning of their data and spying on them, but they are not fine if anyone can do it. That is, there should be a barrier to installing malware on the app, and that barrier being the company being a big company is okay with most people. What they're not fine with is any random person being able to do that.
And they will blame the phone manufacturer for all bad applications that can be installed on the phone. If a phone manufacturer allows for side loading applications and a big company requires it. Then, there becomes rhe culture of side loading applications, and suddenly the platform is not safe because there's no trust in applications.
The manufactures have to ensure that people can side load their apps and at the same time ensure that all apps of relevance use platforms like playprotect so that people can be given a simple advice "only use playprotect apps".
I am not sure this is a solvable problem.
The people who were scammed did not run rooted phones. Rooting your phone may allow you to install pirated applications containing malware. But most banking losses comes from scams where the user itself initiated a transaction.
These discussions aren't really about tech. They're all about politics. Libertarian societies grant freedom on the understanding that some people can't handle it and will hurt themselves (and maybe even others). Collectivist societies sacrifice freedom on the altar of socializing individual losses. The first example he gives is from the relatively collectivist UK, where "James" sent all his money to a foreign romance scammer despite being warned by his bank not to do it. The twist that the blog author doesn't mention is how the story ends: his family went crying to the BBC who kicked up a fuss and Lloyds decided to give him the amount he lost i.e. make other bank customers pay for his bad decisions.
This is a spectrum: you can't have a society that both grants maximal freedom and that also protects people from themselves.
As societies differ in how collectivist/libertarian/crime-ridden they are yet tech platforms are global, it's inevitable there will be disagreements about where on the spectrum this judgement call should fall. What Google is doing here is actually quite innovative and surprising for a company as historically woke as they are: they're admitting that the problem primarily affects some cultures/countries and not others, so the level of freedom should be different. The rules are being changed to only apply to phones in specific countries, whilst preserving freedoms for those in others. This is a very interesting decision that stands against a multi-decade trend in the tech world of treating every country and culture as if they are all identical.
I'm not the user of my phone, I'm its owner.
This reeks as a powergrab that restricts my freedom disguised with the classic "for the greater good". Same as the new UK age verification laws
That debate was had already and was lost. Phone scammers get blocked by telcos all the time.
What I am saying is that I have not been stopped from taking calls from unknown numbers just because the call might be a scam. Likewise I don't wanna be stopped from installing an apk just because it might be a scam.
Same as the privacy invading tech/E2EE for "national security/protecting children online". You think banning VPN or E2EE apps is going to stop bad actors?
NO! As always it effects normal users for control/power or money.
How many times does this same thing get played over and over again? It's the same script you know?
The societal losses of a vast amount of people having no private, uncensored means of communication, which this is leading to, are orders of magnitude greater. The largest cause of early death in the past century was governments murdering their own citizens, and the more power governments have over their citizens, the easier it becomes for this to happen again.
Sounds like an interesting claim, mind sharing your source / calculation?
I'm allowed to build a wacky unsafe DIY car and drive it around my own property without getting permission from the government. In many scenarios I don't even need a driver's license.
Bringing the analogy back around, maybe one could argue that if I let my phone get hacked such that it becomes part of a botnet or something then it is a danger to other people, but that's not the typical example. Usually these policies claim to be about protecting me from myself while using a device I own.
...but not in others. Which is why those who still have the freedom will continue fighting for it.
By the way, if you do go down the route of building your own phone, pedophiles, drug dealers, and terrorists will use it, and you're now on the hook to do something about it.
...Back to square one.
We could ban the internet completely and minors wouldn't be any safer.
I disagree. Let's go with preferring user agency until banks are in trouble.
> Again, it probably isn't fair to ban users who run on permissive software, but it is a rational choice by the manufacturer. And, yet again, I think software authors probably should be able to restrict things which cause them harm.
I disagree. Ban users when they cheat, not when they have the power to cheat.
When the device is being set up for the first time, ask the user if they want to enable developer mode. Make the warnings as scary as you like. When the device is booting, display a prominent "developer mode enabled" message. But, once the device is booted, there should be no way for apps to query developer-mode status, to prevent discriminatory apps.
The only way to toggle the flag after setup would entail a full factory reset of the device. You could go one step further and have it be a fully permanent flag, in efuses.
When there are problems reported about an app, there has to be a known party to hold accountable. I agree that a developer path that is complex enough that only people who know all the impacts are able to use to side load random apps they own or from someone they can trust, but the general population has to be protected unless at the individual level they are savvy.
So no free applications. Prepare to pay a subscription for every flashlight app.
You have the issue reversed. I should people should be able to buy specifically locked phones separately if they want to. Actually they already can.
The app shouldn't get to decide what permissions it "can't work without." That's how you get calculator apps that claim they can't possibly work without GPS location.
Can you please explain why there is no big push from the Google and Apple to remove microphone and camera access from the browsers? You claim that most users are "less skilled" and will allow anything , so for the grater good why not pushing to remove microphone, camera and file upload permissions? Why do we trust this users with reading a popup for permissions ?
Or maybe if the popups are not clear or good enough maybe is not the users fault ?
In this case, one nuance is the fact that camera and microphone permissions are very very often necessary in the browser for video chats. Y'know, exactly the kind of thing that grandma might want to do with her grandkids on a regular basis.
Though, that document also states:
> Our research [1] finds that users often make rational decisions on the most used capabilities on the web today — notifications, geolocation, camera, and microphone. All of them have in common that there is little uncertainty about how these capabilities can be abused. In user interviews, we find that people have clear understanding of abuse potentials: notifications can be very annoying; geolocation can be used to track where one was and thus make more money off ads; and camera and microphone can be obviously used to spy on one’s life. Even though there might be even worse abuse scenarios, users aren't entirely clueless what could possibly go wrong.
[1]: https://dl.acm.org/doi/10.1145/3613904.3642252
I literally have a banking app that will refuse to run on an “unsecure” phone. Today I can still install unsigned apps, but removing that ability is explicitly the goal of this policy change.
Apple is only slightly better. They limit espionage from other parties but not their own. And meta ads still exist so they block was not very effective.
A decade ago, we had Xposed modules that would hook into the permissions systems, and give you the option to feed apps fake, generated data. So if it tried to scrape my location or phone number or whatever else, it got garbage
There are plenty of apps available through the Play store that are not safe. Even if side loading requires chain-of-trust, malicious behavior will remain rampant. I'll concede that it restricts the ease with which one can redistribute malware but by how much? It doesn't seem significant to me compared to the hassle for end users/developers.
It all seems so contrived. The only rational explanation to all of this is backpedaling into a closed garden.
You do not. You can go into System Settings and allow the app to run.
It is technically possible, yes. You can turn Gatekeeper off via the command line in various ways, or even via an obscure deliberately non-discoverable set of GUI tricks.
But it isn't reasonable to expect any normal person to do that. So, in practice, any app that isn't some open source widget targeting developers does register them with Apple. In this sense it also isn't possible.
This isn't specific to ARM. It's also been true on Intel Macs for a long time too. The only thing that changed on ARM is some minor detail - the kernel now requires a "signature" for all binaries, but a "signature" is also allowed to be a hash match against a local machine-specific whitelist, so this doesn't make much difference in practice to anyone except toolchain developers. It seems to have mostly been about reducing tech debt in the security stack.
The registration process is however very lightweight. There are no app policies involved beyond "don't distribute malware" and "verify your ID so we can do something about it if you do". It's not like the app store where there are lots of very subjective criteria. To get an identity is nearly automatic, you can do it as an individual with a credit card and approval is automated. Ditto for applications: it's automatic and driven by a simple (albeit undocumented) REST API. You upload a zip containing your signed app to S3, it's processed automatically, the app now works. The notarization API is extremely open - you need an API key, but otherwise anyone can notarize anything, including apps written by other people. So in the early years of this system when lack of notarization just triggered a security warning, lots of people notarized any app they found that was missing it. This made a nice smooth backwards compatible path to transition the ecosystem. Nowadays, there is no bypassable security warning, an unnotarized app is just described as corrupted and won't open without tricks.
So - does macOS "support" sideloading or not? It's very ambiguous. You can argue both yes and no.
https://github.com/maxgoedjen/secretive
Now that Android is going full retard with their authoritarian BS, it’s time to build a new phone operating system or at least make the ones we already have viable.
It’s a monumental undertaking, but it needs to be done.
When I started computing, sideloading was just called installing a program.
Apps created by me for my routine,
Does that mean i would not be able to install my apps ??
Please read this primer on applied cryptography and hand over ID and personal information to be able to be "managed" within the ecosystem in which you aspire to be more competent.
Why is this a question of _allow_? Who is my hardware provider that he is somehow my guardian and must _allow_ me to install software that I want to install?
>Is it possible to allow people to do sports and keep them safe?
>Is it possible to allow people to roam freely and keep them safe?
>Is it possible to allow people to not be locked up in a padded cell and keep them safe?
People are responsible for what they are doing, and teaching them about technology is the best way to do deal with this example here, as it doesn't infringe anyone's human rights and would give anyone the resources to check their sources.
Similarly, every modern society has rules to keep people safe when roaming. That might be as simple as warning signs it as complex as a coastguard.
We've had decades of warning people about online scams and I don't see any slowdown in the volume of scammy emails that I receive. Education clearly isnt working - and that imposes a cost on all of us.
Millions of people hurt themselves, physically hurt themselves, every day, doing things that we could easily restrict. Yet we still allow them to buy knives, glassware that can break, hammers, power tools, non automated vehicles of all kinds, the list goes on.
We also spend a lot of time educating them on the dangers, far more than is spent warning about online scams, and we do it at a far earlier age (age 0, for some of them).
Of course we still allow the sale of safe knives and plastic mugs, so people are free to choose; that point still stands. I'd argue that there is more competition in tableware, and less friction shifting between it, than there is in mobile operating systems.
Google and phone manufacturers have been actively moving in that direction and have a long history of being actively hostile to those things. This is just another move on the same board to restrict these freedoms.
You mean, the iPhone, which restricts everything even more?
For example https://www.forbes.com/advisor/legal/personal-injury/attract...
Societies often place limits on individual freedoms.
Google is telling you to buy their particular brand of fence (which has inextricably an insane markup). And they disallow it for pool shapes they dont like and you dont have an appeals process for it.
So if you're a 3 year old child that wanders into a neighbor's yard and drowns, it's on you?
We know young children wander where they're not supposed to go, despite their parents' best efforts to supervise them.
So we do our best to legislate safety regulations when they can be low cost and high reward, like preventing children from falling into pools and drowning. We can't do everything, but when it comes to pool fencing the benefits seem to obviously and greatly outweigh the harms.
Outlaw all non big corpo operating systems?
Perfect surveillance? All because some boomers can't into common sense?
It's also ironic that you bring up warning signs as a counterexample to my point, as it's exactly what I am saying. You can warn them, but you don't bar them from doing so.
> Is it possible to run and app store and keep people safe?
The answer is clearly "no", so I'm not sure what we're discussing.
If there’s a real downside, they’ll be affected.
And we're back to "just break into the thing you've already paid for." Nope. Go away. No more smartphone crap.
Tech industry has completely lost the goddamn plot. Or more specifically, is doing everything it can to make it nigh impossible for the average user to navigate the info asymmetry to actually use the hardware they paid for.
If it doesn't, don't we all have our answer on what we should do?
Is it possible to restrict software installation and keep users free?
> The first is that a user has no right to run anyone else's code, if the code owner doesn't want to make it available to them. Consider a bank which has an app. When customers are scammed, the bank is often liable. The bank wants to reduce its liability so it says "you can't run our app on a rooted phone".
> Is that fair? Probably not. Rooting allows a user to fully control and customise their device. But rooting also allows malware to intercept communications, send commands, and perform unwanted actions. I think the bank has the right to say "your machine is too risky - we don't want our code to run on it."
> The same is true of video games with strong "anti-cheat" protection. It is disruptive to other players - and to the business model - if untrustworthy clients can disrupt the game. Again, it probably isn't fair to ban users who run on permissive software, but it is a rational choice by the manufacturer. And, yet again, I think software authors probably should be able to restrict things which cause them harm.
It's not clear to me whether in this fragment the author is stating the two alleged cracks in the argument or rather only the first one — the second one being Google's ostensible justification for the change. Either way, neither of these examples are generalisable arguments supporting that 'a user has no right to run anyone else's code, if the code owner doesn't want to make it available to them'.
With regards to banking apps, the key point has been glossed over, which is that that when customers are scammed the bank is 'often' liable. Are banks really liable for scams caused by customer negligence on their devices? If they're not, this 'crack' can be thrown out of the window; if they are, then it is not an argument for "you can't run our app on a rooted phone", but rather "we are not liable for scams which are only possible on a rooted phone".
As for the second example, anti-cheat protection in gaming, the ultimate motivation of game companies is not to prevent 'untrustworthy clients' from 'running their code'. The ability of these clients to be 'disruptive to other players' is not ultimately contingent on their ability to run the code, but rather to connect to the multiplayer servers run by the gaming company or their partners. The game company's legitimate right 'to ban users who run on permissive software' is not a legitimate argument in favour of users not having full control over their system.
The problem if you are a bank is that scammed people can be very persistent about trying to reclaim their money. There's a cost to the bank of dealing with a complaint, doing an investigation, replying to the regulator, fielding questions from an MP, having the story appear in the press about the heartless bank refusing to refund a little old lady.
It is entirely rational for them to decide not to bear that cost - even if they aren't liable.
Who is going to prove that though? It’s much simpler and less stressful on our court systems if a bank just says “we don’t allow running on rooted phones” and then if a user takes them to court the burden is on proving whether the phone was rooted or not rather than proving if the exploit that affected them is only possible on a rooted phone.
In the UK, not legally liable. However culture is not 100% aligned with the law and in practice banks that stick to the rules will be pilloried by the left-wing press and politicians, they risk regulator harassment etc, so they sometimes decide to socialize the losses anyway even when the law doesn't force them. The blog post cites an example of that.
To stop this you'd have to go further and pass a law that actively forbids banks from giving money to people who lost it to scammers through their own fault.
https://youtu.be/Ag1AKIl_2GM?t=57
> 01. Vulnerable members of society should be protected from scams.
00: yes, always; 01: yes, but not at the expense of 00 (or probably some other things)
How would you feel if your brain was “safeguarded” against potentially harmful thoughts?
Even something like GrapheneOS, in theory the best path to security and privacy and liberty, was falling way short even before this latest announcement from Google.
The problem lies partially in the app ecosystems, which embrace spyware and exploiting users (requiring all the worst Google APIs), and partially in governments, which will leverage any centralized organization like Google to gain control (EU chat control etc.).
The solution cannot be just a custom OS or an OS fork. In fact, ecosystem compatibility is toxic and slows down growth of real alternatives. There needs to be some wholly independent and decentralized offering.
The challenge is hardware compatibility and core services like digital IDs. Most apps should be solved by using a website instead.
These issues are especially important because the future is increasingly digital. Smart phones, smart glasses, smart watches, VR glasses, smart homes, and even brain implants. I don't want to live in a future where I'm either left behind or my whole life is controlled by Google/Apple/the government/etc.
There are three ways to deliver protection: build better walls, defeat attackers after successful initial attacks, defeat attackers before successful initial attacks.
The article ties itself into knots because it recognizes that the first way cannot deliver 100% security. But it refuses to recognize that there are two additional ways.
The United States military could go after scammers operating from foreign compounds. It could treat the economic targeting of American citizens as acts of economic war. It chooses not to. Freedom is not free, and when your country chooses to literally not fight for your freedom, it's hardly any wonder that your freedoms are eroded.
Remember XKCD 538: https://xkcd.com/538/ Cybersecurity and physical security are fundamentally linked.
That scammers can operate from anywhere is beside the point. More often than not, law enforcement and the military know where that is. A conscious decision is made not to prioritize or fund fighting it.
But try applying that approach to India or China. Do you think those countries are going to allow the U.S. military to operate on their home turf, shooting at their citizens, and not retaliate? It doesn’t even have to be military retaliation, the U.S. economy is heavily intertwined with those countries, just look at the consequences of Trumps tariffs. Do you honestly think U.S. citizens would be willing to trade off the trade benefits of working with those countries, just so you run a military raid on building of scammers?
It's not related to scamming, but the US did just bomb Iranian nuclear facilities; the reaction was a face-saving gesture that was intentionally weak so as to de-facto de-escalate. So the answer to your question is basically yes. The costs of a wider war are too large to the host country to make it worth it to continue to allow scammers to operate freely.
> just look at the consequences of Trumps tariffs. Do you honestly think U.S. citizens would be willing to trade off the trade benefits of working with those countries, just so you run a military raid on building of scammers?
Don't you realize that Trump's election, his tariffs, all this is due to popular sentiment that the US was getting the raw end of the deal in its foreign affairs, that there was a need to, literally, put America First? If anything, such ideas, to have targeted attacks and enforcement aimed at the exact actors targeting American citizens, have been at their most popular in decades, at least since the Iraq war went off the rails.
Last I checked Iran and U.S. didn’t have a great relationship, so I don’t really know what point you’re trying to make. If anything you’re just further reinforcing my point. Iran is already cut off from the U.S. financial system, not many people there running scams against American citizens when they literally can’t transfer the money into the country.
> Don't you realize that Trump's election, his tariffs, all this is due to popular sentiment that the US was getting the raw end of the deal in its foreign affairs, that there was a need to, literally, put America First?
What does popular sentiment have anything to do with the practical reality? You can have all the popular sentiment you want, doesn’t change the facts on the ground. If US popular sentiment is that it wants to speed run a declining empire, that doesn’t change the fact that even Trump is cowed by the likes of Xi Jinping, and amusingly, Putin.
> If anything, such ideas, to have targeted attacks and enforcement aimed at the exact actors targeting American citizens, have been at their most popular in decades, at least since the Iraq war went off the rails.
Are you honestly trying to equate an atrocity like 9/11 to financial fraud?
> There are three ways to deliver protection
While I agree with your idea I'd like to remember that there are previous steps: teach people to be less vulnerable. Teach people to be less greedy. Teach people the consequences of actions.
Being less vulnerable is an obvious definition: know how to not fall for some scams.
Less greedy: some scams revolve around the idea of quick and ease profits and the comeback is hurtful because the person thinks he would get x and ends up losing 500x.
Consequences of actions: there's a lot of value to the group that observes the (bad) consequences of one actions. Pain, even from others, teaches something. The more we protect people from consequences, the better and safer it is about small losses until the actions go beyond the protection and the consequences are catastrophic.
That's beside the point that the line, too often, is being crossed, and perpetrators are allowed to perpetuate their crimes, instead of the military and/or law enforcement stepping in and performing their organization's missions to protect us, especially the most vulnerable among us.
Imagine how internet would look like of we had just a single authority issuing SSL certificates.
At point of purchase, you get to decide whether you want secure mode or not. Then after that, if you want to change it, you have to open a support ticket with the manufacturer.
Kinda like how SIM-locking works.
If they can be convinced of that, how hard will it be for a scammer to say "we've detected a problem with your phone. To avoid being imprisoned for piracy, please file this support ticket so we can debug things."?
Making the device so locked down that no such con could exist also means there's no way to use the phone in ways that haven't been authorized - and as a power user, i detest that i am paying a price for the safety of those who are too stupid. I do not want to pay that price.
Conveniently, google gets to remain in a position to earn more money from being in the controlling seat.
as they say, if you trade freedom for security, you'll end up with neither.
* Everyone has to trust one of two giant mega-corporations to make good decisions for everyone
* Everyone has to take on the evaluation of everything themselves, do their own admin, understand opsec, etc etc.
Freedom does not entail the latter. Freedom means having the freedom to do it, but also having the freedom to delegate it, and to decide who to delegate it to. We don't have to be technology "preppers". We can set up and fund independent organisations to do this -like Debian, for example. And have competition between them.
Yes, that means some people will delegate their trust to their religious cult. That's the price of freedom
And if a lone developer has a cool new idea, and its app is recommended by users I trust on an obscure specialized forum, then I'll decide to install their app from "coollonedeveloper.com".
If only we could invent some kind of "domain names" system that one would have control and responsibility over, instead of trusting some broken unscalable app stores...
> The bank blocked a number of transactions, it spoke to James on the phone to warn him and even called him into a branch to speak to him face-to-face.
Y'know, at some point the cost of protecting the dumbest people is too much to be worth it. I am perfectly fine with some people getting hacked, doxxed and scammed out of their life savings if the alternative is everyone losing their freedoms.
Freedoms are important because without them people with power go unchecked more and more. It's a slow process but it culminates in 1) dictatorship at the state level 2) exploitation at the corporate level.
Do you want an phone where you trust Apple/Google/3rd party to make a "malware or not" decision? Or one where all that is turned off and you can do whatever? Go right ahead in either case - you control the trust, rather than it being made for you by the platform vendor.
Similarly, we have certificate infrastructure where the TLS roots are owned by a small number of people. These are generally trusted, but some people/organizations edit them down (ex: removing roots from state actors deemed untrustworthy). But it's hidden, and generally a lot of choices.
Even linux distros, you pick which package signing keys you trust.
And Docker/K8s... oh wait, there's no default keys and containers remain being developer's puke bags in most cases, and the repos are rugpulled by corporations regularly...
Once you’ve explained the difference between Google and “the internet”, you may stand a chance. I wish you luck, I’ve been trying that for a while.
BRB, heading out for popcorn.
Everything about the so called stores is so decrepit, the safest way to get any decent software on is side loading / fdroid. How could you in sincerity argue any different?
Instead we pour billions into educating users to be submissive sheeple.
"Freedom is not worth having if it does not include the freedom to make mistakes."
Alternatively, sideloading could require you to delete all App Store apps. In other words, disabling Google Play Protect should require you to wipe your phone. This is another barrier that will prevent a lot of people from getting scammed.
It wouldn't solve the "getting infected via cracked apps" problem, but it would at least solve the "users being scammed into sideloading something they don't want" problem.
At what ratio do you say "this freedom is worth it?" I feel like narrative is always that we point out one bad thing that happened, and then the immediate answer is to take away freedom. What happened to a balanced analysis?
I think what happened is due to asymmetry: it's very easy to point out the cost of freedom, but it's very hard to articulate it's value.
That's why we so relentlessly march toward authoritarianism: we think taking away freedom will solve our problems. Then, one day we wake up and realize the lack of freedom has become our biggest problem, but by that point, it's too late.
1: Still basically required if you have young children and want things like play dates. Oh Signal? Yeah, the recent push means that some tech-savvy users now have both Whatsapp and Signal installed. In the Netherlands, you can do without Whatsapp, but not if you don't want to turn your child into a social recluse.
2: For example, in order to use Germany's Deutschlandticket one of the participating public transport companies apps is required. This is a huge regression compared to the initial paper ticket, but there it is.
What if we'd instead require users to verify themselves before being allowed to see ads? I'm sure that would be more effective for preventing scams, fraud and abuse.
Yes. It is a basic human right.
> This is a question where freedom, practicality, and reality all collide into a mess.
No; it isn't. The answer is clear and not messy. If you are not allowed to run programs of your choice, then it is not your hardware. Practicality and "reality" (whatever that means) are irrelevant issues here.
Maybe you prefer to use hardware that is not yours, but that is a different question.
But that's a system design issue as opposed to an argument against user freedom.
In that case, the solution should be to raise the lowest commmon denominator. Lots of issues like that could be prevented by investing in education to increase technology literacy. But long term investments (even public ones) do not match well with quarterly reports.
However, this isn't entirely a tech problem - it's a social/human one.
Not every mechanic has a driver's license. Sure, they may enjoy working on cars and the technology of cars... but for one reason or another they may have never gotten or have lost their driver's license.
Not everyone who is tech literate is similarly socially literate. I have programmer co-workers who have been scammed into sending gift card authentication codes or installed malware (or allowed the installation) onto their personal computing devices.
It isn't possible to prevent someone from accessing the internet any more than it is possible to prevent them from accessing a phone.
I am not saying that one should have a license to access the internet. Rather, I am saying that a device that holds and maintains the authentication mechanism for doing banking transactions, it is not unreasonable for the maker of that device and its software to attempt to mitigate the possibility that they are held liable for negligence in allowing user installed software to do banking without the owner's consent.
With the uncertainty that everything in the operating system and hardware is locked down to the point where no-consent access by malware to those banking capabilities is completely restricted (and thus they're not liable for negligence) - the wall that is being put up to try to prevent that is "no software that has not been vetted can be run on this device."
Consider that the phone is often the authentication mechanism and second factor for authorization to restricted systems. Authy, Microsoft Authenticator, and other 2nd factor applications typically do not run on general computing devices.
Technical literacy does not imply social or security literacy.
Indeed. And people were falling for scams long before the Internet. What's new is the push to make that the fault of bystanders... thus causing those bystanders to intervene. It's neither the bank's fault, nor Google's fault, if somebody falls for a scam. Or installs malware. Or whatever. If you try to make it their fault, they're going to do really annoying things that you don't want.
Sure, you can sell security tools, or curation, or whatever. Many people will even want to buy them, but things break when that starts being a duty. And the only way to prevent it from becoming a duty is to accept that people own their own mistakes.
This tends to be counter to consumer protection laws or data privacy laws.
A company that can be held to strict liability for their actions can be sued (and be found liable) even if they presented that the action is unreasonable or dangerous.
In saying a consumer who buys a 100% "you can do anything on it" device liable for every action that that device takes no matter what initiated that action?
To me, the argument that you should be able to do anything on the device and be held liable for all the actions that device allows is very similar to that of "the maker of the device has no liability for providing a device that can be misused."
If that is the case, then (to me) this would need to be something that would need to be changed by the courts and the laws (and such a company would need to pull completely out of Europe).
You may be exaggerating it, but insofar as you're right, you're just describing the problem.
That’s just it. Software isn’t being vetted. Witness all the scam apps in the iOS and Android app stores. Even paid developer accounts don’t stop people from publishing these, nor does Apple’s walled garden protect you from them.
That said, for sensitive apps they tend to go through more strict scrutiny of their functionality. Publishing a "Wəlls Fargo" application will likely not get approval.
The question isn't "does it need to be 100%" but rather "if was not done at all, would Apple or Google be liable for flaws in their software (e.g. VM breakouts) that allows malware to do banking transactions, location tracking, or place calls (e.g. 1-900 number dialing) without user consent?"
I'm fairly certain that Apple and Google take measures to limit their liability. With how courts and countries are finding technology companies liable for such (consumer and data privacy protections), I would expect to see more restrictions on the device to try to further limit the company's exposure.
Absolutely not a Scooby.
The social structure of the smartphone app ecosystem is remarkably similar to the cable provider -> network -> show situation from before too.
They’re clearly just computers, they’re “hardware you own”, but you’ve never been able to run whatever software you want on them. But it’s been like this since the 1970’s and there’s never been an uproar over it.
For me the difference is that you know what you’re getting into when you buy a console, and it’s clear up front that it’s not for “general” computing. I’m inclined to put smart phones into this category as well, but I can see how reasonable people may disagree here.
I think there is a huge difference. You can perfectly live your life without a game console. Even if you are a game addict and it is absolutely necessary for you to live, you could buy a PC and game on that.
Smartphones are a necessity nowadays. Some banks only have smartphone apps (or require a smartphone app to log in to their website). Some insurers want you to upload invoices with an app. Some governments require an app to log in (e.g. the Dutch DigiID). You need a smartphone to communicate with a lot of organizations and groups.
Smartphones have become extremely essential. And two companies can decide what does and what doesn't get run on a smartphone and they can take their 30% over virtually everything. They can destroy a company by simply blocking their app on a whim (contrast with game studios, which could always publish their game for PC or Mac or whatever).
It is not a healthy, competitive market. It is the market version of a dictatorship. And Google forbidding non-app store installs is making it worse.
Governments should intervene to guarantee a healthy market (the EU is trying, but I think they are currently worried about the tariff wrath).
Unfortunately, the copyright lobby of the video game industry was too strong in the 70s/80s/90s, so here we are.
In the future, when your whole house is controlled by a computer, do you want that computer to be controlled by Google or to be controlled by yourself?
People started free and equal, then some specialized into warriors[0] and gradually built deeper and deeper hierarchical power structures, called themselves "nobles" and started exploiting the "commoners".
At some point people snapped, killed a bunch of them (French revolution, US was for independence, etc.) and decided they wanna rule themselves.
And then companies started getting bigger and bigger, with deeper hierarchical power structures, the "nobles" call themselves "executives" or "shareholders" and the people doing actual productive work are not longer "commoners", they are "workers"[1].
[0]: And thus controlled the true source of power - violence.
[1]: Ironically admitting that people who are not workers are not doing real work, they are just redistributing other people's work and money.
https://www.youtube.com/watch?v=uqsBx58GxYY
I don't like describing it as cycles because it is too simplistic and pretend it is inevitable, robbing people of agency.
I prefer to think of society as a system where different actors have different goals and gradually lose/gain influence through a) slow processes where those with influence gain more from people who are sufficiently happy to be apathetic b) fast processes when people become sufficiently unhappy to reach for the source of all real world influence - violence.
This happens because uneducated/dumb/complacent people let it happen. It can be prevented by teaching them the importance if freedoms and to always fight back. But that goes directly against the interests of those in power - starting from parents who want children to be obedient.
It’s a more tricky issue where Google and other parties can restrict access to their services to devices they deem legitimate. Their services, their rules. Your hardware. Different arguments required.
It’s everywhere: Widevine is used to prevent stealing 4K content (incl ATSC 3.0), gaming providers use it for anti-cheat, banks use it to rate limit abuse. It’s not just Android.
(I say this as someone with an Apple Vision Pro running visionOS 1.0 with the hope to jailbreak it one day. I’m actually unable to do whatever I want to their hardware, unlike my Pixel phones.)
Providers still implement it where they can, like for blackout restrictions for US sports games: impossible to enforce on the web because I can spoof location. Very possible to enforce on iOS because jailbreaking is not possible. Possible to enforce on Android because you can check if spoofing was made possible.
It’s currently the primary reason I can’t play games online on Linux.
And yet you can't install an alternative OS like Mobian, postmarketOS or PureOS due to the closed drivers and specs.
> Yes. It is a basic human right.
Says who?
What's your philosophical argument in favour of this?
> hardware you own
Please explain how owning an item of hardware implies that running whatever computer program you want on it is a basic human right.
If someone else could use your car without your permission, do you own the car or do they?
If someone could grow their own plants in you back yard, do you own the garden or do they?
If someone else could choose what programs run on your computer, do you own the computer or do they?
Saying "basic human right" instead of just "basic right" may be odd, but definitionally, owning a thing means having the right to say how it is used. Either you own it and have that right, or you don't own it and don't have that right. That's what owning means.
There are times when it is necessary to limit the rights that a individual has so that the system that the individual lives within can work.
You can buy a radio transmitter, but you're not allowed to operate it without a license. You can likewise buy a car, but you aren't allowed to operate that either without a license.
You do not have the right to modify your phone so that it acts as a radio frequency jammer.
Possession of a device does not give an individual unrestricted rights to what can be done with it.
I’m fine with government requiring smoke detectors in my home, I’m not fine with completely unregulated private entity deciding how I live in my home, bought with my money.
And in case of a muffler, there’s literally no one in this entire world who can stop me from removing it. There are repercussion for doing so, but nobody stole my rights from removing it.
Is it illegal to spin up a Linux server on your mobile phone?
If people still go for it, then it is their responsibility. A lot of things in life require responsibility because otherwise the results can be disastrous. But we don't forbid them, because it would be a huge violation of freedoms.
You have to take into account that the threat model here is vulnerable people, often older, being taken in by scammers who talk to them for weeks and gain their complete confidence. To the victims, it feels like a real romantic relationship, not someone who could even possibly be a scammer.
Also, scams also happen outside smartphones.
What's next? Are we going to revoke people's control over their financials because they might be scammed? Let's have the bank approve before we can do a transaction. And since we are using their payment platform, maybe they should also take 30%.
Please stop feeding their narrative. Scammers are Google/Apple's "but think of the children".
Aren’t they? I ask my partner for investment opinions all the time.
> Let's have the bank approve before we can do a transaction.
Yes… That’s already how it works. Banks use heuristics to detect and prevent suspicious transactions. That’s why most of these scams ultimately involve crypto.
Obviously, the probability of it being a scammer reduces with the amount of time. In the end it's a function of time vs. effort. Scamming billionaires by marrying them and waiting until they die happens frequently enough. A 5 year scam for a few thousand bucks, unlikely.
As usual, use common sense, which you would have to do anyway if you do investments.
... and it's really fucking annoying when their heuristics misfire-- which is not at all rare-- especially since they do all they can to externalize all costs of that to the customer.
We've been trying to educate people about passwords and phishing for years/decades now, and it has not worked. Further, every day a new ten thousand (US) people need to be educated:
* https://xkcd.com/1053/
The proverbial grandparents will follow the instructions of the scammers and will click through all of that. We've had decades of empirical evidence: people will keep clicking and tapping on dialogue boxes to achieve their goal.
People have physically driven to cryptocurrency ATMs on the instructions of scammers:
* https://bc-cb.rcmp-grc.gc.ca/ViewPage.action?siteNodeId=2136...
* https://www.usatoday.com/story/money/2025/04/21/bitcoin-atm-...
Warning sheets will do nothing.
Because at the end of the day the scammer is going to convince your grandma to go to the bank, withdraw the entirety of her savings and send them to the scammer in an envelope.
Any technical restrictions therefore only harm our personal freedoms and don't actually protect those who are vulnerable because those people's problems aren't technical in nature.
And it doesn't have to be children of parents, that's just the common example that's brought out every time this comes up.
Many, probably most, of the people most at risk aren't going to do that.
When you're (somewhat) drunk, you know that you're drunk, and you're still able to comprehend how that will slow down your reactions while driving. When you're being scammed, you think you're right... and if you begin to doubt that, you may tend to push the thought out of your mind rather than follow it through, and to evade things that might bring it back. And it's very hard to admit to yourself that you're permanently impaired in that sort of way... especially when you're impaired in that sort of way.
As always it comes down to insulting and emotionally guilt tripping people to screw them out of their freedoms and of course there's never even a shred of evidence to support any of these incredible claims. You're laying it on too thick, give us a break.
> You’re acting like we (and these massive corporations) haven’t been trying for decades at this point.
You're acting like this would make a dent in the total number of people who are scammed every day.
And it just so happens that the only acceptable remedy necessitates infringing on billions of people's personal freedoms which will, incidentally, secure trillions in future profits for these corporations. All that for a temporary speed bump that would only affect a minority of scammers who would adapt in a month.
Give the knowledgeable the freedom to use their skills. Separately, develop ways to help/protect specifically those that need it.
My suspicion is: were you to list them, running programmes on hardware you own would be fairly low on that list.
The banking system has been relying on remote attestation for decades to ensure that devices used in settling financial transactions have not been tampered with:
https://en.wikipedia.org/wiki/IBM_4758
Also, I think the chip-and-PIN cards used for most in-store transactions in Europe for the last 20 years rely on remote attestation and tamper resistance to prevent fraud.
Finally, in the domain of desktop and laptop computers, there is a big security hole in that most components (certainly, disk drives and storage devices, but basically any peripheral or board) are essentially embedded computers that can be pwned with the result that they stayed pwned even if the owner of the computer installs the OS from scratch. One solution to this would be for suppliers of peripherals and boards to get much better at securing their products or to stop using microprocessor to implement their products, but it would be quite a lot of work (and governmental intervention or at least intervention by industry-wide quasi-governmental entities that currently do not exist) to get from the current situation to the one I just described. The only products currently available that are secure against this threat (aside perhaps from using 40-year-old computers) use verified-boot technology to implement the security.
I.e., the only desktop and laptop computers you can buy where you can be reasonable sure some attacker hasn't installed malware in the computer's disk drive or track page or wifi module are things like Macs and Chromebooks, which implement the security using verified boot.
Do you simply not care that this Linux computer that you have such warm feelings about is fairly easy to pwn (in part because of the lack of verified boot and in part because desktop Linux software is just much easier to pwn than the systems software on a Mac or a Chromebook or an iPhone or an Android phone) such that if you ever got to be an effective activist against some government or some powerful industrial interest, that government or industrial interest could fairly easily eavesdrop on everything you do with this Linux computer?
That doesn't sound much like protecting your individual rights.
It's just not. Otherwise, all servers would be running your beloved iOS, wouldn't they?
>in part because of the lack of verified boot
This does not matter. I can generate my own keys.
>easier to pwn [...] than [...]an iPhone
Lol... If anything, phones are more vulnerable because you have less access to sandboxes and VMs.
Hey, look, an Apple CVE from two days ago. https://nvd.nist.gov/vuln/detail/CVE-2025-43284
And this one's from this month. https://nvd.nist.gov/vuln/detail/CVE-2025-43300
And here's Apple's sandbox failing, last month. https://nvd.nist.gov/vuln/detail/CVE-2025-43274
It's IMHO a matter between trust and hope.
Do we really think that Google has complete control over the stuff they distribute?
Do we really think that a single person delivering some software outside of Google ecosystem is evil?
Judging these things is rather hard without some form of trust and hope.
And it's not something everyone can pick up seriously without the needed knowledge and tools.
Corporations have a long tradition:
- from printers refusing to print unless the ink was of the blessed brand
- to planned obsolescence of Apple phones
- to adversarial inoperability of Apple's trash lighting cable charger with well established standards
- to Apple refusing out of store transactions so they can steal developers' profits
- to Anthropic luring users saying they will never train on your chats but then training on your chats
- to facebook basically backdooring your device so they can track you cross vpn and incognito https://localmess.github.io/
- to locking your OS on your own device to not be able to install software that is not blessed by google so they can control what you install and bully the developers for a bigger slice of the pie
Companies like Meta, Google, Microsoft, Palantir, Apple are absolute garbage, a menace to society, a parasite that grows like a tumor and can only be stopped not by the non existent "invisible hand of the market", but by being regulated and fined to oblivion.
That's how we become the smartest animal on the planet. But it no longer works, we are very good at keeping everyone alive. And there's nothing wrong with that, as long as we don't compromise our freedoms to achieve it.
Some people getting exploited is the modern equivalent of leopards eating your face. It would be nice to protect people from it happening but NOT by everyone giving up basic human rights. And yes, in the modern world, running any software on your hardware should be a basic human right.
Especially at a time where computation is starting to resemble intelligence. Otherwise we all become serfs all over again.
If you can't explain why i am wrong, consider i am right.
To compute on one's own is to open one's electronic soul to the Sins of Free Software. Such devilish arts must be shunted to the margins of society, till they may be purged on That Day when all shall bask in Google's light forevermore.
Showing them the permissions requested, training them to not install things from outside the store unless they know what they're doing, explicitly needing to manually enable installation of software from the outside, etc etc.
That's it. You've done your job.
And if, despite all that, some people still want to continue to use their phones in a dangerous manner LET THEM suffer the consequences of their ignorance. Let them bruise their knee. They're grown ups, presumably. Some people just need to learn the hard way, and we shouldn't architect the entire system to protect that lowest common denominator.
You absolutely do not need to childproof the entire phone to protect people from themselves. For me, that's why it's patently obvious that this move has an ulterior motive.
More like: time for regulators to step up and do their work.
Restated, every electronic transfer requires a sender and a receiver—and there are standardized (electronic) protocols to ensure funds are debited from sender's account and credited to the receiver's account. So we ought to know where monies end up but so often we don't.
The way around these scams is (a) have infallible fully identifiable trace routes, and (b) destination banks must be known to the sending bank and meet an international standard of prudence and integrity or funds would not be transfered, and that ought to be a lawful requirement. (Ipso facto, it would be incumbent on recipient banks to know its account holders and to act on fraudulent transactions.)
In other words, the electronic funds transfer system should be transparent from the sender's account right through to the recipient's bank and the actual bank account within that destination bank. In short, the funds should be traceable right through to the point where the recipient withdraws cash from the destination bank and walks out the bank's door. (There are ways that a destination/bank can keep certain details about the recipient private and yet still allow the money trail capable of being audited that I can't address here.)
In effect, the requirements ought to be (1) sending banks would only transfer funds to banks of known integrity, (2) receiving banks must have procedures in place to recover monies from accounts in the event of fraud, and (3) protocols such as delaying payments, putting funds in escrow until transactions are proven legitimate, and methods of recovering/refunding funds etc. are properly established. Transparency would also mean transactions would be reversible in case of fraud.
Ideally, such procedures would be set out in ISO protocols and by law banks could only transfer funds to other banks that follow the protocols.
Yes, I know this sounds simple and the world's banking systems are complex and convoluted and that there'd be many objections from many sources, banks, credit card companies, money traders and so on but it cannot be denied that the great weakness in funds transfer is that monies can vanish without a trace. Frankly that's unacceptable in an age of electronic money transfer where every cent is accounted for along the transfer route. That various entities can obfuscate that accounting at various points in the transfer process ought no longer be acceptable.
To say it can't be done or that it's unacceptably complex is bullshit, for example banks and credit card companies such as Visa and MasterCard had no trouble blocking funds transfered to WikiLeaks.
The real problem is that the world's banking system is a law unto itself and that banks would on many grounds object strongly to introducing a system.
Look at it this way: similar schemes to that which I've outlined are already in place in say conveyancing, property is only deemed exchanged and the transfer complete when lawyers 'meet' and exchange money and land deeds. Same happens when say two waring countries meet and exchange captive soldiers on the spot.
Given the many billions of dollars lost to scammers every year it's clear that banking transfer systems are hopelessly flawed. Things would soon change if banks told customers that they cannot transfer monies to xyz destination because the money trail is untrusted/cannot be authenticated and that it would be unlawful for them to so act.
The entire excuse is that banks need people to sign their software because otherwise they can't identify who stole people's money using bank transfers.
How is it possible that one can even say that shit with a straight face?
Funnily and ironically enough, a phone that is rooted and fails safety net would likely not allow the bank apps to open, and thus be safer in such a case.
Also see: wrench vs RSA encryption at https://xkcd.com/538/
Who could disagree with that?
The problem is it’s often controlling household members sneakily installing creepy things on devices of those they live with and want to control.
I'd like a source for that. News to me if that is common at all. Not to mention there are apps on the playstore / ios store that can be used in a similar way without sideloading.
This is actually the happy path: parenting! I would love to see this approach taken with parenting, rather than trying to age-verify the internet.
Of course what you're talking about is abusive behavior, but my point is that's not what we're solving for here: and "parent has control" scenario has the dual-use of "the abuser has control". I don't think we can fix that by requiring code signatures or banning sideloading.
---
iOS and Android still provide per-app sandboxes, but those sandboxes are managed entirely by the OS kernel and higher-level frameworks.
Secure Enclave (iOS) and Titan M/TEE (Android) still exist for cryptographic operations, biometric data, and DRM, but access is brokered by the OS. The enclave doesn’t run apps; it just provides cryptographic functions.
OS privilege expansion: system services have visibility into app data at runtime for telemetry, background tasks, push notifications, etc. Apps are isolated from each other, but not from the platform owner.
Result: app-to-app compromise is still difficult, but OS-level compromise (intentional or not) gives broad access. This design simplifies features like push services, app updates, and sync, but makes "true isolation" (hardware separation, zero OS visibility) infeasible in today’s consumer mobile ecosystems.