Google has news on what you will need to do for still being able to sideload apps:
-
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this@grote
I already have developer options enabled. Will I just be jumped to "4. Enable the settings"? And how? -
@nazokiyoubinbou @FifiSch @grote you don't need to "install" graphene os on the motorola partner.
the motorola graphene edition will already have graphene in it when buying it.
so people who want installing app but don't want to flash their device will naturally buy motorola
@lexinova @FifiSch @grote Yeah, and they very possibly won't have any other option. Like I said, the dev is pretty... stubborn about things...
But it won't be in stores most likely. You'll have to buy them online. Which means people will have to know of them first. And you know service providers aren't going to go out of their way to tell anyone.
And, like I said, it's going to be a very very limited set of options and probably quite costly. (The dev seems to have no problem expecting us to pay a lot.) That's if going commercial doesn't further ruin it all...
Not saying it's a bad thing, just that we can't count on this to open things up.
-
@FifiSch @grote I don't really understand that. The instructions are so simple and detailed and the "new OS" is basically exactly the same thing right down to having the same basic startup configuration and etc. The only difference is the Google connections are optional and one can decide for themselves how far they want to go.
It's pretty much just tapping a few things, then copying and pasting two lines or so. Once it's booted you wouldn't tell it apart from stock other than its cleanliness. It's easier than installing Linux on a PC and that's actually a lot easier and less scary than people have been convinced.
I bet if people didn't let Google, Apple, and etc convince them that they are so scared of installing third party options we never would have reached this point.
@nazokiyoubinbou @FifiSch @grote Consider the failure state. If a user fails to set up installing outside programs, they can still use their phone and make calls. If a user fails to install a new OS, they have no phone until they succeed.
-
The irony of the biometric requirement.
In many jurisdictions, a PIN is "content of the mind" (legal protection), but your fingerprint is "physical evidence." By forcing biometrics into the sideloading, they are pushing users toward a security method with weaker legal safeguards.
@terminaltilt for the average person it's probably much more likely that someone's going to try to look over your shoulder or that one of the infinite surveillance cameras captures you entering your pin than it is that the cops force their finger on the fingerprint scanner. In that way biometrics are more secure and people should use them. Biometrics should just also be very easy to disable in moments where that threat is present
-
@lexinova @FifiSch @grote Yeah, and they very possibly won't have any other option. Like I said, the dev is pretty... stubborn about things...
But it won't be in stores most likely. You'll have to buy them online. Which means people will have to know of them first. And you know service providers aren't going to go out of their way to tell anyone.
And, like I said, it's going to be a very very limited set of options and probably quite costly. (The dev seems to have no problem expecting us to pay a lot.) That's if going commercial doesn't further ruin it all...
Not saying it's a bad thing, just that we can't count on this to open things up.
@nazokiyoubinbou @FifiSch @grote sadly we don't have any other credible alternative.
bank and country already have great difficulty accepting the very hardened graphene os.
so don't expect linux phone or lineage to be allowed anytime soon
-
@grote It feels reasonable to me. I haven't realized the scale of the scamming problem they are dealing with. Perhaps we, as power users, underestimate this problem but I bet Google has some good amount of data on that.
-
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this@grote "sideloading", "power user"... all expressions that deliberately make it sound like installing a program of your choice on your computing device is this strange thing that hackers do
-
@argv_minus_one @FifiSch @grote Well, they made it more complicated than it seems. Running adb reboot bootloader is the fastest, most universal way to get to the bootloader, but every phone has a button combo you can use while turning it on. LineageOS instructions usually just tell you to do that I think.
The instructions do also make it sound more complicated than it actually is. When you get down to it, it really is "tap a few things, then copy and paste a couple of commands."
-
They even have a video up where they try to make this all sound nice and positive:
-
@nazokiyoubinbou @FifiSch @grote Consider the failure state. If a user fails to set up installing outside programs, they can still use their phone and make calls. If a user fails to install a new OS, they have no phone until they succeed.
@Epic_Null @FifiSch @grote That's the assumption, yes.
Two things.
First, you can just flash again if you for some reason did something stupid like yanking out the cord while it was transferring.
Second, modern Android devices usually use two separate partitions. When you flash it goes to whichever it's not currently using. So if you render it broken and for some reason can't flash again, you can still just boot the first.
Again, people have let themselves be convinced to be scared of things rather than trying them.
-
@nazokiyoubinbou @FifiSch @grote sadly we don't have any other credible alternative.
bank and country already have great difficulty accepting the very hardened graphene os.
so don't expect linux phone or lineage to be allowed anytime soon
-
@nazokiyoubinbou @FifiSch @grote just hope EU DSA wake up and make a stop to that in EU at minimum, could like GDPR trigger other block to do the same.
-
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with thisI wonder if by doing this you set out a flag that could trigger security alarms or block access to bank apps and DRM apps as Netflix, the same way as having the phone rooted or with a custom ROM
-
@nazokiyoubinbou @FifiSch @grote just hope EU DSA wake up and make a stop to that in EU at minimum, could like GDPR trigger other block to do the same.
-
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this@grote It would be very important to find out if banks and other critical apps will have the liberty to block users who have changed this setting, too.
It would be one thing to go through this whole ordeal once forever. And it would be another thing to do all of this, install my desired app, and then disable it again to get my bank app working on the daily, and then rinse and repeat for every new install I want to make a few weeks later.
-
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this@grote 24 hours of not owning my phone is evil. This is stupid. I'm fine with everything but the pointless 24 hour wait and the biometric requirement. Give us your personally identifiable information and wait in phone purgatory for 24 hours to actually be able to own your device? Ridiculous.
-
@grote Perhaps Windows and MacOS should do this for when you want to sideload Chrome, including corporate machines. Just so Google get depth to the feedback on this process.
-
@lumi @grote wait, this sounds really good though. Blocks in place for bad actors, super impossible to do by accident, but ultimately still full freedom to install anything you want, with a convenient way to revert to a more restricted install mode after a week passes.
This is _inconvenient_ for sure, but it seems designed to be asymmetrically more inconvenient for threat actors than for legit users. And we need serious meaningful friction to thwart scammers, domestic abusers, and them
@ryanprior @grote no, it is not good at all. this is not a solution to anything here
a real solution is to harden the sandbox and vet the permissions. give more and more fine-grained control and inform the user about this. for even better security, have android distributions controlled by different communities, and let distro application packagers vet the permissions for the users, etc. there is a reason the distribution model for linux is so secure
not "you can't install what we don't approve of unless you go through this procedure"
google (and apple, or any other corporation) should have effectively zero control over what i can do nor make it harder for me to gain this control. they should not be able to make me wait or do anything. even bootloader unlocking should not require any verification or other bullshit
the solution is empowering the user and educating them. not making them go through stupid hurdles -
@nazokiyoubinbou @FifiSch @grote First problem: The user needs to know what an OS even is and that they're using one.
Second problem: The user needs to realize that they can use a different OS.
Third problem: The user needs to know the exact model/codename of their phone, find a suitable OS, unlock bootloader, probably install adb and/or other tools (if there is no WebUSB option), etc.Should I continue?
-
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this@grote burn Google, burn Android. They are no longer useful to a human race.
