• General_Effort@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    19 days ago

    European devs: Our laws will protect us!

    Meanwhile, our laws:

    Article 30

    Traceability of traders

    1. Providers of online platforms allowing consumers to conclude distance contracts with traders shall ensure that traders can only use those online platforms to promote messages on or to offer products or services to consumers located in the Union if, prior to the use of their services for those purposes, they have obtained the following information, where applicable to the trader:

    (a) the name, address, telephone number and email address of the trader;

    (b) a copy of the identification document of the trader or any other electronic identification as defined by Article 3 of Regulation (EU) No 910/2014 of the European Parliament and of the Council (40);

    Article 30, DSA

    • take6056@feddit.nl
      link
      fedilink
      English
      arrow-up
      0
      ·
      18 days ago

      How is trader defined? Is it a developer that’s selling apps or also one that’s just providing it for free?

  • Johnny101 @lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    18 days ago

    Google’s developer verification will only run on mainstream Android with play services. It’s not supposed won’t be running in standard AOSP so the easiest solution would be to switch to a custom ROM like GrapheneOS.

                • MrScottyTay@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  18 days ago
                  • Carrying two massive slabs because a few apps won’t run on one of them

                  • Having a second home because some nights you can’t sleep in one due to noisy neighbours

                  Where the more simple solution would be:

                  • Have a phone that can run all of the apps you need so you don’t need to buy and carry around a second phone
                  • deal with your neighbours and sort stuff out rather than buy and travel to and from a second home.
      • Johnny101 @lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        18 days ago

        Like other people have suggested, maybe get a second phone (one of those really cheap ones with play Services) and use that for that stuff, and keep your main personal phone google-free.

        • hietsu@sopuli.xyz
          link
          fedilink
          English
          arrow-up
          0
          ·
          18 days ago

          Also, aren’t some critical apps like banking apps starting to ban unlocked / non-stock systems? Heard someone complaining about this a while ago.

          • Johnny101 @lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            18 days ago

            Yes, banking apps, streaming apps, even some shopping apps. This has been a problem for a long time. Sometimes its for “security” reasons and sometimes its simply because the app uses Play Service APIs. Another issue on de-googled systems is push notifications, though that is often fixed through alternates like Unified Push

      • Tollana1234567@lemmy.today
        link
        fedilink
        English
        arrow-up
        0
        ·
        18 days ago

        even the OP is softlocking thier newer phones(arbitrary online application to unlock it) in the near future, i expect a full lock sooner or later

    • Crozekiel@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      18 days ago

      They are also working to similarly kill custom ROMs. Just recently the GrapheneOS team mentioned that Google is no longer making their hardware drivers Open Source, and so compatibility with new phones means reverse engineering their own drivers - which is a big reason that custom ROMs support such narrow hardware options already and very often come with limitations and/or features that just don’t work. At best, they figure out how to make it work, but it takes time and updates can lag significantly behind.

      We have a lot of options on the software side for avoiding google (or android), but very limited options on hardware. We need open source mobile hardware support ASAP.

      • FreedomAdvocate@lemmy.net.au
        link
        fedilink
        English
        arrow-up
        0
        ·
        18 days ago

        They’re not so much working to kill custom roms as they are just not giving away their code anymore, going closed source for their own hardware.

          • FreedomAdvocate@lemmy.net.au
            link
            fedilink
            English
            arrow-up
            0
            ·
            17 days ago

            Because Google have been wanting to be closed source for years, which is why nearly all their new features since they released the Pixel have been PixelOS exclusive and not in AOSP.

            They don’t care about killing custom roms, that’s just a side effect of them going closed source for their Phone.

            • rmrf@lemmy.ml
              link
              fedilink
              English
              arrow-up
              0
              ·
              17 days ago

              What do you think the benefit of closing sourcing their software is if not to stifle competition?

              • FreedomAdvocate@lemmy.net.au
                link
                fedilink
                English
                arrow-up
                0
                ·
                17 days ago

                It means they can do way more features without giving away precious IP, and it also just reduces their workload. They don’t need to keep giving out their code for free. It makes their job harder.

                AOSP projects are not and never have been a threat to Google. They aren’t trying to stifle them - that’s just a byproduct of not giving away their code anymore. Giving it away gives literally zero benefits to them. It might only save them 0.01%, but that’s a lot money.

                • rmrf@lemmy.ml
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  17 days ago

                  As someone whose job runs several FOSS projects, I think you’re making up the fact that it adds meaningful workload.

                  I think that, for all intents and purposes, protecting IP is equivalent to stifling competition.

                  I think giving away code benefits the entire Android ecosystem, which might be the largest data mining operating Google has. I fully believe that’s of nonzero benefit.

    • coolkie@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      18 days ago

      But remember, unlocking bootloader is harder and harder for many devices. And Google’s Play Integrity and API changes makes removing trace of unlocked bootloader harder. Many apps not just banking, ChatGPT, games, some of social media is completely unusable in that scenario.

  • WhatAmLemmy@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    This is why I didn’t bother switching to GOS, Lineage, Calyx etc despite being sick of Apple’s anti-foss monopoly — marketed as Privacy™️ and Security™️ — for years.

    The late stage capitalism of western oligarchies indicated that Google’s rug pull of AOSP was an imminent inevitability. After already having to change my services and workflows multiple times over the last 2 decades — despite careful analysis and forethought — due to services ever changing value propositions, acquisitions, and all other forms of enshittification, I’m at the point where I won’t bother wasting energy on 99% of digital products unless they’re open source and I can run them indefinitely on my own Linux server.

    The more dependent you grow on digital products, the more interdependent they become, and the more time and effort is required to replace or substitute them.

    • WhyJiffie@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      19 days ago

      This is why I didn’t bother switching to GOS, Lineage, Calyx etc despite being sick of Apple’s anti-foss monopoly — marketed as Privacy™️ and Security™️ — for years.

      I’m at the point where I won’t bother wasting energy on 99% of digital products unless they’re open source and I can run them indefinitely on my own Linux server.

      but… this doesn’t make any sense. the roms you brought up can be still used indefinitely, they will still be able to install any apps. maybe except when they have installed the official google suite, but that’s always a user choice in the popular android rom world, none of these preinstall it, and microg users are not affected

    • yistdaj@pawb.social
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      What stops those open source projects having that same rugpull? AOSP was open source and for a long time could be installed on one’s phone indefinitely.

      You could argue ownership, but if Audacity can be bought then so can nearly anything.

      • notfromhere@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        19 days ago

        I’m out of the loop, what’s that about Audacity? Looks like they still have a github repo with very recent activity and Wikipedia says their trademark was acquired by a company in 2021.

        • yistdaj@pawb.social
          link
          fedilink
          English
          arrow-up
          0
          ·
          19 days ago

          As far as I remember, Audacity’s maintainers, previously just some volunteers with no organisation, decided to sell the ownership of the project to a company with some guitar platform. Nothing changed at first, they employed the maintainers to work on the same project they were already working on.

          Then they started adding controversial telemetry (outcry convinced them to switch to opt in, I believe) and some soft forks appeared. I vaguely also remember hearing that there’s some contract that the company owns the source code, so relicencing to a proprietary licence is easy and possible in future. All the new software the companty launches is proprietary, and there’s signs they want to tie it all together into a single suite.

          Nothing majorly bad has happened to Audacity, yet. But decisions are no longer community driven, as shown by the telemetry drama. I fear it’s a matter of time.

          • yistdaj@pawb.social
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            19 days ago

            I should probably add: if it becomes proprietary, the remaining soft fork will likely die. Turns out very few people have the technical knowledge for Audacity.

            If you want to read the telemetry controversy/drama, I found this one I’d read years ago: https://github.com/audacity/audacity/pull/835

            I remember feeling a bit bad for the maintainers. There’s a lot of complaining for a minor and optional change, but at the same time it’s interesting that they added telemetry anyway. (Not unmodified however)

    • Tetsuo@jlai.lu
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      20 days ago

      This is why I didn’t bother switching to GOS, Lineage, Calyx etc despite being sick of Apple’s anti-foss monopoly — marketed as Privacy™️ and Security™️ — for years.

      Bullshit. If you liked so much your freedom and privacy you would have many opportunities to use open source ROMs. You chose to stay on your iPhone because it was easy.

      Also absolutely not believing you when you say that you anticipated the rug pull and chose to “not bother” for that reason. What a poor excuse for staying and supporting the closed ecosystem of Apple.

      After already having to change my services and workflows multiple times over the last 2 decades

      I can’t believe someone who has been for years on an iPhone would pretend they are an ardent defender of freedom and open source.

      • WhatAmLemmy@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        19 days ago

        Sure thing, buddy. Nice gate keeping high horse ya got there. FOSS is sure to attract more users with humble geniuses such as yourself antagonizing them. Do you also use Arch, btw?

        “If you don’t spend hundreds of hours switching from big tech corp controlled platform A — you’ve used for almost 20 years — to switch to big tech corp controlled platform B, you obviously don’t support freedom and open source”

        I actually contribute to the development of open source projects. Do you create/give value, or are you just a taker/user? … Or are you just salty you couldn’t see this highly predictable result coming a mile away?

        • baggachipz@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          19 days ago

          The never-ending purity tests are so exhausting. “You’re not a real vegan, you eat fermented food which kills the yeast!”

  • damon@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    Hopefully they go to court to get an injunction. Hopefully, they also go to the powers that be in the EU, those same powers have been so focused on the Apple App Store they failed to take into account Google can do something like this with the Play Store. It would be a shame for the F-Droid project to end but it is completely avoidable.

    • unknownuserunknownlocation@kbin.earth
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      To be fair, up until recently, there was no clear indication that Google would do this. Google made it so that installing non-play store apps was slightly more difficult, Apple made it pretty much impossible. So Apple was a pretty logical target at that point (and honestly, up until then, they had pretty much gotten a free ride - think of the default browser issue in Windows, no one every bothered with Apple).

      • ripcord@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        20 days ago

        We can also do that.

        Complain without doing something is worse than doing something like the other person suggested, though.

        • primrosepathspeedrun@anarchist.nexus
          link
          fedilink
          English
          arrow-up
          0
          ·
          20 days ago

          Complaining tells yhe company this isn’t popular. Complaining while talking about alternatives is helping others towards doing something, and giving the idea that it will be a net negativeove for their hegemony,even if you don’t do shit.

      • cronenthal@discuss.tchncs.de
        link
        fedilink
        English
        arrow-up
        0
        ·
        20 days ago

        Beats me! I’m in the process of moving banking and payment off my phone in preparation for a Linux one. These things will very likely not work on non-proprietary devices.

        • Chee_Koala@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          20 days ago

          Very cool! I’m thinking of going for ubuntu touch, seeing as Android has proven that it’s no longer worth the time investment. Also, Fairphone 5 is my next phone if the current one dies, so it works out.

          Could you share what do you really like about it? And what is your biggest gripe or letdown with it? Thanks!

          • rumba@lemmy.zip
            link
            fedilink
            English
            arrow-up
            0
            ·
            20 days ago

            It’s using Hallium, which is still using Android kernel and drivers, hopefully they can keep that up while vendors are getting increasingly antagonistic.

            It is private.

            If you want to run some android apps you can use waydroid, but it torches the battery.

            If you want to run arm linux apps, you need to dork around with containers as the root os is RO.

            I’m sitting on the fence of shelling out for a decen FP

    • rumba@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      The mobile options for Linux are years out from being ready and the hardware vendors are locking them out as fast as possible.

    • pHr34kY@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      The stepping-stone would be de-googled Android like LineageOS or GrapheneOS. I think Linux is the end-game though.

  • ook@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    I am really glad to see these articles popping up now. Since the news broke a week back or so it was suspiciously quiet about this, despite lots of negative comments here.

  • AlteredEgo@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    How does google plan to enforce this? Will they disable side-loading for any app that isn’t registered with google?

  • kadu@scribe.disroot.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    Technically illegal where I live.

    In Brazil you can’t sell a device with a given feature and then remove said feature in a software update. Even Apple, known for never allowing downgrades, was forced to downgrade and pay a fine to a customer after his iPad 3 updated to iOS 7 and lost an iOS 6 feature.

    In other words… every single Android device sold until today in Brazil allows sideloading. Even if a single customer uses a sideloaded app, removing the ability to sideload freely would be illegal, and because the original feature didn’t require a developer signature it can’t be enforced now.

    The issue is, as always, if this went to court somebody would have to manage to explain to a tech illiterate judge what a “developer signature” is, how this relates to “sideloading” and so on.

    • Lojcs@piefed.social
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      … Brazil is one of the first countries this’ll go into effect and I also remember something about how that first batch of countries was chosen because their governmemts support this change.

      • kadu@scribe.disroot.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        20 days ago

        because their governmemts support this change.

        I can see how Google’s PR team might use this argument, but it’s certainly illegal in Brazil so our government most definitely isn’t supporting this decision. Also, it needs to be way more specific than “government” - who exactly is endorsing this? Procon? Anatel? Polícia Federal?

        Either way, the actual reason for targeting Brazil as one of the first is because we do love our piracy, which naturally translates into sideloading being frequent.

        • furry toaster@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          0
          ·
          19 days ago

          brazil and piracy are a match made in heaven, I remember when I was 8 and my mom went with me to a openstreet market to buy xbox360 games, all were pirate copies selling in open sky to anyone to buy, copyright be dammed, and of course can’t forget the famous “gato” to watch all tv channels for free with a android box that definetly does not has a backdoor in it

    • AndyMFK@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      19 days ago

      technically you will still be able to install apps from outside the play store, but the developer will need to verify their identity with google.

      Of course, most developers will refuse to do so (myself included), and so most apps will not be able to be installed. From a technical perspective, installing apps from other sources will still be allowed. So i can see judges ruling that this is not a feature removal.

      You and I both know this is google killing non play store apps, but I don’t think the tech illiterate judges will see it that way.

      • kadu@scribe.disroot.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        19 days ago

        but the developer will need to verify their identity with google.

        If I purchase a device today, it’s got the ability to install apps that are not verified. This is a feature. If now it’s restricted, it violates our code.

      • Auli@lemmy.ca
        link
        fedilink
        English
        arrow-up
        0
        ·
        19 days ago

        Technically you can still install apps unsigned through ADB.

        • filcuk@lemmy.zip
          link
          fedilink
          English
          arrow-up
          0
          ·
          19 days ago

          Considering it’s easier than ever to start up something like Shizuku, it could be used to grant f-droid access to install apps bypassing the requirement.
          Obviously not a good solution by any means.

    • scarabic@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      19 days ago

      Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices.

      Are they actually proposing to make any previously sold devices “certified” through a software update, though? Your points are right on if this edict applied to all devices.

      • kadu@scribe.disroot.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        19 days ago

        A “certified Android device” is a device running Google Play Services, Play Protect, Google’s WideVine DRM scheme and a few other requirements. If you purchase a device from a known manufacturer, like Samsung, you’re falling into this category.

    • ɯᴉuoʇuɐ@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      0
      ·
      19 days ago

      The problem might be that Google will argue this isn’t a downgrade at all, but an upgrade (for “security” reasons). I don’t want to be a pessimist, but the tech illiterate judges could eat that up.

      • Prathas@lemmy.zip
        link
        fedilink
        English
        arrow-up
        0
        ·
        18 days ago

        That’s exactly what they’re hoping for, and why we need to keep pouring out our outcry to reach them and hope they become more tech-literate.

    • Scrollone@feddit.it
      link
      fedilink
      English
      arrow-up
      0
      ·
      18 days ago

      Also, let’s stop calling it “sideloading”. Sideloading has a bad vibe. We just want to INSTALL software on our own devices.

  • EzTerry@lemmy.zip
    link
    fedilink
    English
    arrow-up
    0
    ·
    19 days ago

    I am perfectly ok with android apps being required to be signed by not just a certificate (they always were just it could be self signed and just needed to match to upgrade without removing data) but a list of trusted entities.

    As long as:

    • I can install my own key on my phone (I’d I am trusted)
    • major distributors like fdroid and have a key installed without friction (like web CAs)
    • Google let’s me mark their key as untrusted (I probably won’t but I should be able to refuse things they trust (at install time, not disabling preloaded apps like settings)

    Without this it feels too much extending the monopoly despite being forced to allow 3rd party stores.

  • EonNShadow@pawb.social
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    My job doesn’t allow me to use a jailbroken/rooted device

    So if/when this goes through I’ll be switching to iOS.

    Given the choice between two closed platforms, I’ll pick the one that ostensibly says they’re privacy focused instead of the one actively enshittifying their product.

    • kamen@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      I obviously don’t know your situation, but using your own phone for work is a bit of a red light. If you’re required to use a phone for work, ideally the job should provide you one that meets their requirements.

      • snoons@lemmy.ca
        link
        fedilink
        English
        arrow-up
        0
        ·
        20 days ago

        I must assume they mean no use it for their business that they own. Otherwise I’ll just be sad.

      • Alphane Moon@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        20 days ago

        Yeah, a mandatory work phone (where the employer can define requirements) should be purchased and funded by the employer.

        • sugar_in_your_tea@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          19 days ago

          Exactly.

          My work only requires that I have their MFA. They don’t care if it’s rooted, it just needs to allow me to login. I’m guessing if I pushed back enough, they’d find an alternative.

    • DarkAri@lemmy.blahaj.zone
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      You should just get a cheap phone to use for work. No reason to have their software on your own device. That will undoubtedly be used for creepy purposes.

        • DarkAri@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          0
          ·
          20 days ago

          Still worth it. The amount of time you will save by not having junk on your phone slowing it down will make up for it.

          • yeehaw@lemmy.ca
            link
            fedilink
            English
            arrow-up
            0
            ·
            17 days ago

            I don’t find this applies. I have an email account and chat app for work. I’m using a 4 year old phone. It’s not slow.

            Also having stuff consime your disk doesn’t really slow it down.

      • filcuk@lemmy.zip
        link
        fedilink
        English
        arrow-up
        0
        ·
        19 days ago

        Work profiles exist for this reason. A completely separate environment that is isolated from the rest of the phone and can be turned on and off on demand.
        Some manufacturers, like Samsung, make it difficult to access, but it’s there.

  • interdimensionalmeme@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    19 days ago

    The justification is simple, I don’t see the confusion, they want absolute power and for all alternatives to wither and die ? What is there not to understand ?

  • Wispy2891@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    19 days ago

    What pisses me off it that they say they do this for security. It changes absolutely anything.

    They really think that malware developers will say “oh no! I need to submit a picture of an id card to sign my malware! It’s literally impossible to submit a jpg of a stolen id card, I’m ruined and out of a job!”

    What does it change? Waste 20 minutes of some malware developer while they register under a stolen id? They already have a system that scans for known malware and automatically remove it.

          • boonhet@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            0
            ·
            19 days ago

            Not really, it’s more about children not being exposed to things usually. Hence starting with age requirements for porn and they move forward to other things.

            • SpaceCadet@sopuli.xyz
              link
              fedilink
              English
              arrow-up
              0
              ·
              19 days ago

              “Protecting the children from harmful content and predators”, “protecting people from terrorists and criminals”, “protecting users from hackers” are all forms of security, and are all used as arguments to erode freedoms.

              It all boils down to: just give up this bit of freedom so we can keep everyone safe.

    • brucethemoose@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      18 days ago

      Thing is, Play Store is already filled with malware or near-malware from seemingly verified developers. I ran into several scam clone apps just today. It’s even snuck in through OEM apps.

      Same on iOS, which supposedly verifies devs.

      If ‘verification’ and curation is their idea of security, well… It appears their system is already overloaded, yet they want to expand it?

    • keegomatic@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      18 days ago

      Both things can be true. It definitely is better for security. It’s pretty much indisputably better for security.

      But you know what would be even better for security? Not allowing any third-party code at all (i.e., no apps).

      Obviously that’s too shitty and everyone would move off of that platform. There’s a balance that must be struck between user freedom and the general security of a worldwide network of sensitive devices.

      Users should be allowed to do insecure things with their devices as long as they are (1) informed of the risks, (2) prevented from doing those things by accident if they are not informed, and (3) as long as their actions do not threaten the rest of the network.

      Side-loading is perfectly reasonable under those conditions.

      • TeddE@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        18 days ago

        It’s pretty much indisputably better for security.

        I dispute this. While adding extra layers of security looks good on paper, flawed security can be worse than no security at all.

        Android packages already have to be signed to be valid and those keys already are very effective in practice. In effect these new measures are reinventing the wheel as to what a layperson would think this new system does.

        Adding this extra layer in fact has no actual security benefit beyond posturing/“deterrence”. Catching a perpetrator is not the same thing as preventing a crime. Worse - catching a thief in meatspace has the potential to recover stolen goods, but not so in digital spaces - either the crime is damage or destruction of data for which no punishment undoes the damage or the crime is sharing private data which in practice would almost certainly have been immediately fenced to multiple data brokers.

        And were only getting started with this security theater:

        • Nothing prevents an organization from hiring a developer for long enough to register before being flushed (or the same effect with a burner account on fiver)
        • Nothing in this program does anything to get code libraries vetted - many of these developers may accidentally be publishing code from poisoned wells that they have no practical knowledge of.
        • None of these measures make scams less profitable.
        • None of this addresses greyware - software that could technically qualify as legal (because the user agreed to terms of service for a service of dubious value)
        • All of this costs time and resources that will likely inevitably be shouldered on low paid engineers that could have put that effort to better uses.
        • Metrics and statistics may likely be P-hacked to reflect that the new system as a success (because there’s internal pressure to make it look good) this turning-security-into-press-releases would have collateral of making accountability overall worse.

        But you know what would be even better for security?

        While we’re at it we could add the tropes of removing network connectivity, or switch to using clay tablets kept in a wooden box guarded by a vengeful god. Both of those would be more secure, too.

        Users should be allowed to do insecure things with their devices

        100% agree with you here - it’s fundamentally the principle of “Your liberty to swing your fist ends just where my nose begins”. Users should be given the tools and freedom to do as they want with their property - up until it affects another person or their property in an unwanted way.

        • keegomatic@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          17 days ago

          I think we mostly agree. And I do agree that “flawed security can be worse than no security at all.” I think, though, that this doesn’t make security worse, just that it doesn’t make it that much better.

          But even simple filters can make a significant difference: maybe you remember the early-ish Lemmy debacle of turning off captchas for signups by default, ostensibly because captchas are now completely defeated… which led to thousands and thousands of bot accounts being created pretty much immediately across a bunch of instances, and the feature being turned back on by default.

          • TeddE@lemmy.world
            link
            fedilink
            English
            arrow-up
            0
            ·
            16 days ago

            I’ll agree to that.

            And I also think that there’s no way I trust Alphabet (holding company of Google) to be the sole arbiters of who gets to run code - neither in a philosophical sense nor as a gatekeeper to one top five compute platforms used by a substantial chunk of the world population.

            It absolutely does not justify creating a policy that would wholesale obliterate F-Droid, arguably one of their larger competitors.

    • fodor@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      19 days ago

      Of course they know that. It’s about power and money. After all, they already have a security program that filters out malware. If we believe their stated reasoning (which we don’t), they’re tacitly admitting that their current security program is a complete failure, and also that they will not try to fix it.

  • MrSulu@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    19 days ago

    Let’s hope that the rest of the world, specifically Europe smash this ridiculous proposal apart for what it is. Europe has already sorted out USB-C etc. Its not perfect and they don’t get everything right, but certainly big enough to make stuff right.

    • kalkulat@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      19 days ago

      Yep. The E.U. has allowed itself to be dominated for too long by the US megacorps. It has the talent, ideas, and manufacturing to tell US firms to bugger off … and the sooner, the better for us all.

      • ghosthacked@lemmy.wtf
        link
        fedilink
        English
        arrow-up
        0
        ·
        19 days ago

        Unless you want hillbilly outrage slop destabilising your continent, you better get control away from American tech companies.

      • Tollana1234567@lemmy.today
        link
        fedilink
        English
        arrow-up
        0
        ·
        18 days ago

        they are also going hard on surveillance, private info too, backed by RU of course.i think russell vought is behind the anti-porn verifications in the EU