Source:
https://mastodon.social/@StaticR@guild.pmdcollab.org/115098597705331466This isn’t a fight over security, or even the control to form a walled garden. This is to eliminate privacy, the ability to run anonymously written code. This forces every bit of code to be tied to a name and face. It shortens the legal legwork needed to pin down who made what, this will be used to eliminate anonymous groups compiling their own E2EE communication network. Time is important when your trying to use a compromised member of a group to make a honeypot trap.
ETA: Whoops, hit the wrong reply button
This isn’t a fight over security, or even the control to form a walled garden. This is to eliminate privacy, the ability to run anonymously written code. This forces every bit of code to be tied to a name and face. It shortens the legal legwork needed to pin down who made what, this will be used to eliminate anonymous groups compiling their own E2EE communication network. Time is important when your trying to use a compromised member of a group to make a honeypot trap.
The number of people I encounter, even on Lemmy, that genuinely believe and rigorously argue that being able to install or distribute software on devices you own is actually bad because “security” is beyond horrifying to me. They have been brainwashed into thinking that corporate monopolies are not only acceptable but desirable because you can completely and blindly trust Mom’s Old Fashioned Robot Oil to make all your decisions for you, for a modest fee and no opting out, of course.
This is why society is collapsing.
I totally disagree. Not because I don’t think like this person does but because I watched us all go from Napster days until now and I 100% anticipate that people who think like this person will be eventually snuffed out by the people advocating against AI. Why I supported AI so much was the idea that it would push for more laws that allowed developers to iterate off each others work. Seeing the push back from AI opponents and also that we live in a world of content creators using the internet to supplement their lifestyle is a recipe to kill any open source community. It is only a matter of time. It will be a death by 1000 paper cuts.
That is an absolutely wild take
In the valley of the blind
Pardon my ignorance, but would loading a forked version of android (like lineageOS or grapheneOS) get around this? I know graphene at least puts all Google services in its own container. Would that allow the rest of the system to run “side loaded” apps? Or is this unavoidable if you use any version based on android?
Larger issue at hand is the number of devices that are able to install / are currently supported by those projects.
Even something like unlocking a bootloader is a daunting task for an average someone who’s even considering flashing a custom rom.
Considering regional variants of phones (looking at you Samsung) making this an even higher and more confusing task for the average someone.
The littering of tools for specific devices, requiring running on specific operating systems, the list goes on as far as hurdles to load a more open operating system on a phone.
It’s like that quote, “you can fool some people some of the time, but you can’t fool all people all of the time”- thing is, they don’t have to. They fool most of the people most of the time, and that is all they need to impose their agenda. The fringe cases, like people rooting and installing alternative OS’s, don’t matter if 99% of the world’s population go along with whatever the corps dictate. The sheer inertia of that will keep pulling the tech where they want it to go, as global industry pulls the same way.
Yes. Those who already don’t give a shit about google will be unaffected.
Cause at this point, I’m considering loading Ubuntu touch on here
I can only hope the EU will set Google straight, the way they did Apple.
The EU will, at some point, cave to the interest of global capital. I am proud that they have fought as well as they have these past few decades, but as long as capitalism rules the planet, capital will always supersede rule of law and democracy in the end.
America is about to, if it has not already, succumb completely to that state of affairs, and once that power is consolidated by the capital, EU will be (one of) the next targets.
Considering:
A) You can still install any app you want beyond the Play Store (the rule is that developers need to get all their apps signed, and doesn’t effect the end user technically)
And
B) Its most likely being done because of the EU, it’s a part of the DSA (https://commission.europa.eu/strategy-and-policy/priorities-2019-2024/europe-fit-digital-age/digital-services-act_en). The “trader status”, and other parts against illegal content)
The EU most like has already set them straight and this is the result.
They claim this is about security but when your system is compromised there is fuck all they will do to help you.
Fucking hypocritical, control-hungry pricks.
Megacorps gonna megacorp.
Monopolies gonna monopoly.We can fight these giants by not using their services & products.
It only gets harder to fight them the more we give in.
I can’t even get people to switch to LibreOffice, not cuz they use some advanced MS Office feature but because the interface “looks dated”. So they’d rather pay a subscription for life to use software that spies on them than download free software that does what they need but has a 2010s style interface.
Humans suck so much.
Ngl, I installed a few OnlyOffices just because of UI.
It has ribbon UI and about the same placement of buttons as MS Office stuff.It’s fine.
(Based in Latvia, but they had a Russian momma, now Singapore.)
because the interface “looks dated”.
The real issue is M$ intentionally not following standards, so that opening an Office doc may or may not properly render in other suites. Hooray for EEE. Fuckers.
Eh, I haven’t had that issue in years. Maybe its a problem for office workers who make extremely complicated documents and spreadsheets, but those aren’t the kinds of people I’m talking about.
EDIT: Not implying you’re wrong about M$ fake open standards bullshit, just that I don’t think its a huge concern for the average home user.
Humans are creatures of habit, and risk averse most of the time. Risk, being change of any sort when things seem “stable.”
All you can do is lead by example and enjoy life and tell those poor souls they’re stupid for spending money for something they can change the look like MS Office easily.
I get what you are saying but is it really too much to ask for an interface that looks like it belongs there?
For legally free and open software that has to maintain UI consistency across Windows, MacOS, and the plethora of open desktop environments? Yes, yes it is.
No it’s not. There are other free and open software offerings that function cross platform and do it more cleanly.
For a project as big and old and full of legacy code as LibreOffice, I think their interface is pretty great. And its way more customizable than MS Office. Its just not the absolute latest and greatest in styling.
And, if MS didn’t make it so hard to maintain compatibility with their “open” file format, TDF might be able to put more resources into UX. As it is, they have to reverse engineer all the nonconforming BS that Microsoft puts in their OOXML implementation.
I prefer the old school style menus and such. I stopped using MS Word around the time that they came out with the ‘ribbon’ style menus or whatever it’s called, so if they ‘update’ it I sure hope it’s as an option or a fork.
I can understand people who grew up with it or who have spent years using it might like it better though.
We really really need an open OS for mobile phones that is actually competitive with commercial offerings.
I don’t think the OS is the problem - it’s that some of the critical service/apps people rely on (government ID, banking) only exist for the closed systems. Third party OS’s try to “solve” it through various container approaches running the official apps, but since they see that as a security problem it’s not something you can fully trust to be working at all times.
That’s the only reason I’m still on android. If I install a different OS I won’t be able to login to do anything government related. I won’t even be able to pay with my credit card online. I could get a physical code device from the government, but I’m not gonna lie, I really like the ease of access of having an app for that stuff, instead of a seperate device I have to have on me at all times.
I will probably have to go the route of two phones soon. One for my stuff and communicating with friends and family, and one (maybe one of the cheaper iphones?) for all the “required” apps.
Funny enough, you tend to see quite some people in China do this. I wonder why.
All those “apps” are websites. You could say NFC is special, but so is gps.
Exactly. Locking basic services behind apps should be illegal. Services must be accessible to everyone.
same goes for the weather app …
(context: some years ago they locked the publicly-funded german weather service’s API, so common people can’t access it anymore. you need to use a spam-ridden app to access it now.)
At the very least you can still pay a small one-time fee for the DWD WarnWetter app (or enter a code for firefighters).
Best 3€ I’ve ever spent purely out of spite, even if the reason behind it is complete BS.
They sometimes hand out codes “to be used only by firefighters and paramedics, wink wink”.
Yea… Like some of those parking applications. Ugh.
To be fair, a lot of those depend on some client side trust. Which is conceptually stupid, but it is the way it is.
This. Alternative OS exist: Ubuntu Touch, postmarketOS, SailfishOS, just to name a few.
What is missing are the apps people want. And those include mostly commercial apps, where the developers need to weigh dev hours vs profits, and decide to only target the big two for obvious reasons. That is the key problem.
I think they’re both pretty big problems. An open OS and hardware that supports it seems to be a huge hurdle, but at least there is a clear vision of how to solve it. The problem you bring up though… It seems like we’ve almost gone too far at this point and it’s gonna be really hard to put the cat back in the bag. It seems like something we need to solve with legislation potentially?
The people writing the legislation are the same people who don’t see a problem with a government-furnished app using Play Integrity
Yes there is a general ignorance to this problem among law makers, in my country at least, as well as a bit of regulatory capture with respect to tech in general. The boogie man of “security” is also a very persuasive concept for a lot of people. This is not a problem that will be solved easily.
You know, it’s true - I have never heard a Linux user refer to something as sideloading, even though Linux is the platform that originated official software repositories.
The key thing to understand is that there’s a big fucking difference between a “repository” and an “app store.” One is designed for the convenience of users; the other is designed to exploit them.
Exactly right. The message of the post is that “side-loading” is only used in reference to exploitation services. We could just as easily refer to side loading in Linux and it would be accurate in every way, except that there is no exploitation.
It’s literally the exception that proves the rule.
This does feel like a bit of a double-standard to me. I’ve hated how Microsoft and Apple have introduced app stores on Windows and macOS and try to push people to only install from there instead of directly from the developer. And yet on Linux the advice seems to be never ever download directly from the developer; you should only download from the package repository provided by your OS (which sure feels like an App Store). And that package probably wasn’t even provided by the developer or the OS but some random volunteer that you just assume has good intentions.
The key difference is that one is advised, the other is enforced.
If you used Linux before the repos were fully developed then you understand why they were created.
Who else remembers “dependency hell?”
Corpos just took the same idea and twisted it into something else.
Dependency hell was what drove me back to Windows. Fortunately, I didn’t stay there and I learned how to apt-get.
Because the Linux repositories are apathetic third parties (ie they have no reason to care whether or not you download any given app) while Microsoft and apple are financially incentivised for you to buy buy buy.
This means that when you download a .exe from a vendor instead of going through the windows store you’re cutting Microsoft out of their cut of what you paid and you’re denying Microsoft information about what it is that you bought. But the flipside is Microsoft didn’t impartially verify that it’s not malicious.
When you download a .deb instead of going through apt, you’re also denying them their cut (of nothing) and you’re denying the repository managers the ability to see what you’re doing, but Linux people generally trust repository managers to not be selling their habits to advertisers and governments.
I will say there is a reason to side load on Linux though, paid software is sometimes unavailable through repos.
My package manager installs all of the dependencies the program needs and takes care of updates, too. If I install directly from the developer, I have to do all that myself. Fuck that.
Nothing ever comes “directly from the developer”, and any developer that attempts to do so ends up in a level of hell not yet documented. There are way too many distros, way too many architectures, way too many moving targets, that also includes iOS, macOS and Windows. No single developer can hit them all. There’s no standard packaging either. So, usually they only package for one or a handful of popular distros, or one container format. But that’s the magic of FOSS. Anyone can take the source code and repackage it, redistribute it and make it available for others. This is assumed to be a strength and not a weakness of FOSS and Linux. Thus, the distros create their own official repositories where they make themselves responsible that everything will mostly work nicely with one another.
The difference is that package repositories are safe havens of compatibility. While appStores are enforced cages that cannot be escaped. If a package repository tries to fuck up with users, hurt the FOSS space (looking at you Ubuntu Snaps), or gets compromised by a bad actor; you just move to another repository, another distro, a different format, another safe space. If Android or Apple decides to enshittify and fuck over customers, users, get compromised or do something to hurt developers, you are fuck out of luck. This difference matters.
I measured the heights of myself and my niece and found them to be different, clearly a double standard must be involved.
You yourself mentioned a lot of differences between corporate app stores and distros’ software repositories. Why are you surprised people rate them differently?
Perhaps because your standards are different from more Linux users’ standards.
I for example would rather take my chances with a random volunteer rather than trust a corporation that had a history of breaking laws and I know it to want to make money off me.
And yet on Linux the advice seems to be never ever download directly from the developer
That’s just advice for making life easy for new people, because distro-packaged software is more likely to work well with the operating system. I run packages from devs, even nightly automated builds of stuff, all the time.
Installing from a repo via a terminal does not feel like an App Store at all. It’s only the GUI apps that do and those are all entirely optional. Exactly how it should be. God’s in his heaven. All’s right with the world.
And yet on Linux the advice seems to be never ever download directly from the developer
Are people really giving this advice that often and that strongly? I find myself building more and more things from source these days. Especially with modern languages that OS maintainers are actually having a difficult time packaging in the way they’re used to.
My feed is curated by the Illuminati
That’s what they want you to think.
Only in the US, I guess. In my country and in Europe this will not fly…
Nope
These requirements go into effect in Brazil, Indonesia, Singapore, and Thailand. At this point, any app installed on a certified Android device in these regions must be registered by a verified developer.
2027 and beyond: We will continue to roll out these requirements globally.
https://android-developers.googleblog.com/2025/08/elevating-android-security.html?m=1
Aren’t they claiming this move is specifically to comply with the EU’s Digital Services act?
Apple just enabled sideloading in the EU to comply with the DMA. I highly doubt that android will be allowed to remove sideloading
We can hope…
edit
To clarify, I hope it will not fly outside the US, but looking at the world around I feel this is not very realistic hope
they are everywhere one just has to learn how to read the signs 🔝🔜⚛️
(/s)
I had to ‘sideload’ the secret of mana port because play store would refuse to validate the license offline after purchase. If I can’t play offline a single player game that i bought, than what should i do.
I also have an apk of wayward souls, because it was removed from the store and i like that game. Also a premium game. So yes. Running software as i see fit.
I am not sure if enhanced (and force-fed) security features are the main problems here. Monopolies, spying and not having easily accessible alternatives (easy from the perspective of a more average user) are the main problems. Because google and apple are monopolies, most security critical apps like banking apps (that you unfortunately need now a days) don’t support alternative OSs which also feedbacks the monopoly. Otherwise I am fine if some people opt for a phone that is basically a locked black box for them so long as there are other alternatives (including those which are still super secure/locked but does not spy).
It is much more crazy to me that you have to fight your device so that it does not sneakily do something that you don’t want it to do (like install AI out of the blue or use data for mapping your habits). And most average users won’t give this fight and that is what these companies really count on.
Do some banks not have websites anymore?
They do but they focus so much on their apps that apps are becoming more practical than the websites to use for small tasks. They are even trying to usher people to use their apps for seed generators. And some other stuff like seeing instantly how much money was withdrawn from your account after a purchase only is useful with a phone app notification. Other “digital banks” like revolut or monzo simply does not exists outside of the app world and in terms of exchange rates and what not, they simply have no competition if you travel couple times a year.
The website only works with Chrome
I finally want to switch to android and boom: Custom ROMs and “sideloading” gets swept off the platter. Well ok I guess I‘ll just wait for a good linux mobile OS
So annoyed that just bought a Pixel 8a for Graphene. I thought I’d get to use it til 2030 when it stops getting security patches and now I might not even get a full year out of it.
GrapheneOS still intends to support all the supported devices until EOL. The sideloading change doesn’t affect them. It won’t apply to GrapheneOS. It only applies to certified OSes and GrapheneOS is not certified because it doesn’t license Google Mobile Services. As per the rip out of the device trees for Pixels, that just makes Pixels like other phones. GrapheneOS has been able to expand it’s automation to build that device support themselves. For new devices, making the support will take longer than it did in the past though, but they will still support those Pixels, as long as they meet the hardware requirements and still allow third-party OS support with all security features intact. Besides that GrapheneOS is actively talking with a major Android OEM right now in order to help them reach the security requirements for a subset of their future devices. They are very optimistic about that.
That’s all great news. I think they deserve another donation from me.
SteamOS. Outside of Ubuntu and other corp distros, if steam made a mobile-specific os or invested in arch enough to make a mobile friendly UI I would be interested
If I ever go insane and write a manifesto this will be on it.
Sounds fairly sane to me.
This is fine, but the other 582 pages contain some real doozies.
