• someone [comrade/them, they/them]@hexbear.net
    link
    fedilink
    English
    arrow-up
    27
    ·
    2 months ago

    Looking throught the changes, it seems all this isn’t quite as awful as it sounds at first. It’s more about requiring that apps-that-install-apps use the purpose-built API to do it, which was designed so that alternative app stores would be able to do things like easy installs, automatic updates, those sorts of things. I’d like to hear from the F-Droid folks give their thoughts on this.

    • OptimusSubprime [he/him, they/them]@hexbear.netOP
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      edit-2
      2 months ago

      Okay but here’s the kicker:

      If you have an alternative OS like GrapheneOS, you won’t be able to side load there either.

      https://arstechnica.com/gadgets/2024/09/android-now-allows-apps-to-block-sideloading-and-push-a-google-play-version/

      Google’s Play Integrity API is how apps have previously blocked access when loaded onto phones that are in some way modified from a stock OS with all Google Play integrations intact. Recently, a popular two-factor authentication app blocked access on phones with modified firmware, including GrapheneOS, which aims to surpass the security of Android’s stock system. Apps can call the Play Integrity API and get back an “integrity verdict,” relaying if the phone has a “trustworthy” software environment, has Google Play Protect enabled, and passes other software checks.

      Might look reasonable on it’s face, but if I need to fix an app, or possibly get an app that was removed from Google Play, I’m blocked from that. What control I had over my Android phone is gone with Android 15, if I ever get that update. And switching to something else like GrapheneOS or Lineage, I’m blocked if I ever install GApps / GPlay.

      Edit: grammar, clarity.

    • CarbonScored [any]@hexbear.net
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 months ago

      I mean, that’s pretty bad. Only being able to use the API severely restricts the kinds of apps you can install, making a user controlling their own device significantly harder and massively strengthening the hold of the Play Store.

  • Speaker [e/em/eir]@hexbear.net
    link
    fedilink
    English
    arrow-up
    20
    ·
    2 months ago

    I’m going to do the “bad take based on reading only the headline” thing:

    Their accursed walled garden

    Our holy user protection fence

  • heggs_bayer@hexbear.net
    link
    fedilink
    English
    arrow-up
    7
    ·
    2 months ago

    Second, these restrictions don’t apply to any third-party app stores for Android that utilize the operating system’s purpose-built API for installing apps. In fact, Android 15’s restrictions on sideloaded apps are merely an expansion of a security change introduced in a previous version, a change that has not materially impacted third-party app stores and can still be manually disabled by the user.

    F-Droid should be unaffected, so this doesn’t sound terrible TBH. Still hate Google though.

    • kota [he/him]@hexbear.net
      link
      fedilink
      English
      arrow-up
      7
      ·
      2 months ago

      I wonder if it’s going to make installing the initial f-droid apk a huge pain though. Since normally you need to just download it in your browser and install it.

    • coolusername
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      2 months ago

      I have an OG huawei mate pro and the only thing wrong with it is that after an instagram update, video stories you post on instagram would look choppy. I wouldn’t be surprised if they did it on purpose. i think i’m going to abandon instagram completely. the only thing that i would require from harmony os is for them to work with fingerprint authentication for banking apps. also, banks i use would need to collaborate with the huawei app store of course

  • GaveUp [she/her]@hexbear.net
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    2 months ago

    These changes seem fine tbh, non-technical users genuinely have no reason to be side loading apps that can bypass everything. the average Android user probably doesn’t even understand what an operating system is

    Tbh it’d actually be nice if Android out the box could be as locked down as iOS but stay as modifiable as it is now so technical users can still easily open everything up and tinker with it

    • BearOfaTime@lemm.ee
      link
      fedilink
      English
      arrow-up
      10
      ·
      2 months ago

      Side loaded apps can’t bypass anything more than play-provided apps.

      Play still does all it’s protection, annoyingly (even when you turn protection off).

      Root is the only way to get around those protections (or using a ROM that doesn’t have play installed).

      • GaveUp [she/her]@hexbear.net
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 months ago

        I dont mess around with Android but from the article it seems like side loaded apps have easier access to OS APIs?

        That’s what I meant