- enable developer options
- confirm that you are not tricked
- restart phone and re-authenticate
- wait one day
- confirm with biometrics that you know what you are doing
- decide if you only want unrestricted installs for 1 week or forever
- confirm that you accept the risks
- enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this
Fuck it. For the same effort i’ll unlock the bootloader and flash LineageOS.
It is now unironically so much faster, to simply flash another ROM instead of stock android, well that is at least if you plan on doing something is obscure and niche as installing applications.
They are taking away our ability which was previously taken for granted, and some are presenting it as a favour google is granting. Android users are able to install apks in seconds. A 24 hour wait is a trade-off for the user. Nobody should accept this.
A one-time 24 hour wait is an acceptable trade-off. I’m a power user. I’m enabling various developer options on my new device anyway, what’s one more process?
So much hysteria over this that I fully expect to turn out to be an absolute nothingburger once it’s live.
This is so stupid. At this rate I will have to consider Linux powered phones before switching phones in the future.
Needing to wait and follow so many tedious steps to install apps I want, ugh.
This was how xiaomi started to limit bootloader unlocking to the current 3 months wait model.
There’s also a video by a google person in the mastodon toot saying how this is a positive change.
Respectfully, grow up.
It’s a one-time action, and it’s a necessity because humans are dumb and have allowed scammers to guide them through installing dodgy APKs.
We are globally asking for regulators to regulate big tech and this whole verification thing was Google’s attempt to quell that storm. Obviously the original plans weren’t acceptable but this really doesn’t seem like that big of a deal anymore, now that they’ve compromised.
I really don’t see the issue here that power users need to tap a few buttons and wait 24 hours once for each device. You don’t even need to leave developer options enabled, and you’ve still got ADB installation options if you urgently need an APK installed and you hadn’t previously gone through this flow.
The comparison to bootloaders is also a stretch. People in this Lemmy community are so quick to enflame and enrage themselves, it’s worse than Reddit…
It ensures that non-power users stay in the clutches of Google.
the clutches of Google
Please reread the first three words of my previous message.
You’re not talking about growing up, you’re talking about giving up.
Call me when you’re older than 20 and realise how silly you sound.
I’m twice that age: you’re being an immature and a jerk. They’re not the one calling people names.
Absolutely, no. I don’t want to jump hoops or follow complicated procedures and wait a day or longer to start using the apps I want to use on my device I paid with my bills.
If we are on the subject of app installation. Desktop users can already install any and all apps that they desire. Your malware scanner will warn you if you attempt to install a malicious software.
For those people who cannot think for themselves advanced protection mode already disables app installation not approved by play store. So, even this point is moot. Besides, if we let google do this they may add age verification like some social media websites.
The comparison to bootloaders is also a stretch. People in this Lemmy community are so quick to enflame and enrage themselves, it’s worse than Reddit…
Maybe, they have the foresight to see how much worse it can get. It started with the advanced protection setting a year ago. Later OEMs started to add restrictions to bootloader unlock methods. Some like samsung simply removed it with latest software updates.
Not sure if you noticed but this is a one time process per phone.
I rely on xdrip+ for getting blood clucose measurements. That app is not on the play store.
So, in case I’ll loose my phone and have to buy one (or even just need to reset it) I’m 24hrs without blood glucose measurements…? Yeah that sounds great /s.
Install it using ADB which doesn’t adhere to the 24 hour waiting period.
I’m aware. But, why should I go through so many extra steps and wait 24hrs to install apps on a phone I paid. Also, who is to say they won’t increase the requirements later in the name of “security”?
This is not a thing on Linux and Windows. Why should it be on android?
I switched over to the fairphone which is degoogled android, and it’s been honestly great. Linux phone has a way to go, mostly needing to be able to run android apps I think, but /e/OS is a good bridge
I could never use the fairphone after reading about how the leadership responded to grapheneos disclaiming their claims that it was a secure device.
Instead of rebuking their statements, the founder resorted to personal attacks on the the leadership of grapheneos and reiterated the false information that the graphene project had.
Until i had read that I had a very positive mentality of the project but, that definitely has made me think twice about using anything related to /e/os in the future regardless if grapheneOS claims are true or false (they seem true)
Better than Google.
@limerod I already jumped the ship and ordered a Jolla phone. Hope I made the right choice. But if you cannot get it for whatever reason, you can always get one of the supported devices and install Postmarket OS
I have an old redmi lying unused. I will have to experiment on it to understand the ROM flashing scene. PostmarketOS is a good project. Hopefully, the community interest will increase and make things more accessible for everyone.
Plug your Pixel to your PC, click several times on GrapheneOS website and there you go, you’ve just got both freedom and security.
Or go to lenovo store and buy motorola.
why Motorola?
They’re partnering with GrapheneOS to build a phone fully supported by GrapheneOS and to their security standards
Is there a release date for this? Or is it still too early?
I’ve heard they’re targeting early 2027 but I’ve not seen anything official. Just the announcement they’ve agreed to a partnership
Other
motor roll ofMotorola phones probably won’t be compatible with grapheneOSI know what you meant, but I gotta say, I thoroughly enjoyed the autocorrect mishap, so thanks for leaving it intact
I would have totally missed it without your comment!
they are supposed to release a phone with graphene support soon
This is like you bought android phone but you don’t own it
fck goolag
I’m almost certain there will be an ADB hack to bring this process down to a couple min. Or faster
It only took me ~10min to install GrapheneOS. A whole new OS!
Changing a single setting should be super quick.10Mins sounds good. I agree ADB powered alternatives will exist. But, this is too much friction and I’m speaking as a power user who uses fdroid, shizuku, termux and all sorts of power user apps.
It will be tedious when I want to share an awesome open source app with someone who will think it is unsafe because android would warn and make you follow these steps to install “unverified apps”. Many of those friends will find even installing fdroid for updates bloat.
If I ask them to follow this, they would rather give up and not bother. This will be a huge blow to adoption of open source android apps.
adb-installs are explicitly allowed to skip the 24 hour wait limit.
This thing is nominally there to shut down phone scammers - people who are technically fluent enough to install adb are very unlikely to be susceptible to them.
Are there even any stats on phone scammers doing this? I wouldn’t be surprised if there were more malicious google play store apps than apps from 3rd party places trying to do this sort of attack.
If anything scammers would just get people to plug their phone into their computers.
Are there even any stats on phone scammers doing this?
I don’t necessarily know about stats. As I understand it, there is some governmental pressure to address the situation, hence why the program is being rolled out in specific markets before the global rollout.
I wouldn’t be surprised if there were more malicious google play store apps than apps from 3rd party places trying to do this sort of attack.
Probably, given that the overwhelming majority of installs happening through the Play Store. Google have some control in this surface though - they can unlist malicious apps and close down their developer accounts. Potentially even take legal action, given that developer accounts require ID these days.
If anything scammers would just get people to plug their phone into their computers.
If a scammer manages to coach someone to install adb, then I’m impressed.
Yeah that would be impressive lol but they could just get them to install an exe to do it.
What if I haven’t set up biometrics? Cant do it at all or forced to set up biometrics?
Your lockscreen Pin/pattern should be used. Unless, they manage to block that someway…
The better question will be, since authentication is required to complete it, does this mean that devices that don’t have any security or lock pin are not going to be allowed to use unsigned applications?
It’s too early to say but I think it’s fairly obvious that it’s just a mechanism to confirm that the owner of the device is the one making the change. If no biometrics are set, and no lock screen is set, I’d assume the check isn’t needed.
Interesting question. I’m guessing they would be forced to add a screen unlock method to continue or be stuck with Play store apps and perhaps verified apps.
Those people who would not care would probably be left out.
Well at least that’s an easy one to setup and later disable again.
The first prompt is pretty bad. Information is shared through instruction and guides.
This post is slightly disingenuous. It’s not all side loading. It’s only for unverified apps.
What side loading do you need to do where the app developer hasn’t verified or isn’t using the limited distribution? The sad reality is that the vast majority of what remains are scam apps.
Android is perhaps a victim of its own success here in that it now needs to worry about the old grannies that get pressured into installing scam apps more than a tiny minority of power users.
The hysteria is rife on this subject and it’s exhausting.
Open source developers who do not want to register with google, and provide identity verification to google?
What side loading do you need to do where the app developer hasn’t verified or isn’t using the limited distribution?
Well, most of what I install via fdroid?
Only reason for trying to let people jump so many crazy hoops is that they want to secure their app store, control and monetization monopoly.
There is no reason why enabling obscurely hidden dev options and setting the corresponding tick after reading a warning message is not already enough to show that people are aware of what they are doing.
it’s always “protect old grannies” “protect the children” and never “protect people’s interest” “protect freedom” “protect customers rights” riddle me this…
It’s not really about protecting anything on the user side, and never has been. Those are just pretenses to their true cause. It’s all always been about censorship, control, and tracking.
Look at me. LOOK at me.
There is no such thing as “side loading”. It is installing apps you want on your phone.
Don’t get me wrong, I’ve side loaded apps in the past. I just install the apps I want in a safe way these days.
