• antihumanitarian@lemmy.world
    link
    fedilink
    English
    arrow-up
    23
    ·
    11 months ago

    If I’m understanding this right, and this basically an API that lets you pick which app store administers an app, that could be quite helpful, not harmful. I currently have fdroid, play store, and Samsung store, and I assume they try to update apps by the fully qualified name, as multiple stores show and try to update a single app instance, sometimes with weird results.

    • TWeaK@lemm.ee
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      11 months ago

      I don’t think that’s really what this is. This sounds like an additional warning screen, on top of the warning screen you already get when you manually install apps from anything other than the Play Store. I expect you’ll still get the same old warning screen even after you pass this screen the one time.

      FYI, if you have root there is a Magisk module that gives FDroid the privilege to install apps without the popup.

    • yeather@lemmy.ca
      link
      fedilink
      English
      arrow-up
      34
      arrow-down
      2
      ·
      11 months ago

      It shows every time you try and sideload a different app. Overall it’s probably a good idea but unlike every other warning on android there is no option to silence it forever.

      • deweydecibel@lemmy.world
        link
        fedilink
        English
        arrow-up
        46
        arrow-down
        2
        ·
        edit-2
        11 months ago

        It’s also very obviously an attempt by Google to scare non-tech savvy people away from third party app stores and sideloading. Regardless of the actual risks involved, it’s very beneficial to their bottom line if people fear anything “unofficial”, so they’re going to maximize every chance to reinforce that fear. A tactic Apple and Microsoft also use to great effect.

        • JustinA
          link
          fedilink
          English
          arrow-up
          19
          arrow-down
          1
          ·
          edit-2
          11 months ago

          But for example, the only official download page for “AccuWeather” is the Google Play Store. Downloading apps from unofficial sources is a common avenue for malware. If you are installing an apk from something that’s not the official page for that app, you had better know what you’re doing.

          I don’t think this shows up if you’re trying to download an update to an F-Droid app, or even F-Droid itself, since those apps don’t use this feature.

          I think Google Play Protect uploading all your sideloaded apps is a bigger issue than showing a warning for unofficial downloads of official apps.

          The only risk I see is that maybe this could be annoying for Aurora Store users, but I would think there’s some bypass for people with degoogled roms.

          • Lojcs@lemm.ee
            link
            fedilink
            English
            arrow-up
            6
            arrow-down
            1
            ·
            11 months ago

            Except you can’t update an app at all if the new apk was modified and thus its signature doesn’t match with the installed one. The only thing it’s trying to ‘protect’ from is updating from other sources

        • Ottomateeverything@lemmy.world
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          1
          ·
          11 months ago

          Shame on Google where shame is due, but I don’t think this is it.

          There are actual risks here. You could end up here without realizing what you’re doing. The action itself is kind of scary so any messaging around it is inherently going to be scary.

          That said, Google is much more open about allowing these doors to remain open than their competition. And they don’t have nearly as much fear mongering about these things than their competition. Sure, it would help their bottom line too, but this one actually has some credibility. But you could say that about almost any decision - that doesn’t mean it’s “obviously an attempt to…”

          Let’s burn Google at the stake for lots of the shit they do, but this ain’t it.

        • BearOfaTime@lemm.ee
          link
          fedilink
          English
          arrow-up
          8
          arrow-down
          3
          ·
          11 months ago

          It also adds FUD, masking the issue of the play store being the greatest distributor of malware

          • tabular@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            11 months ago

            Isn’t the tech savvyness required to sideload not mostly by design? If it was basically the same process then regular people may use it like the 1st party store.

          • Ottomateeverything@lemmy.world
            link
            fedilink
            English
            arrow-up
            3
            ·
            11 months ago

            I strongly disagree. You can literally just search like “xxx app free” and find a link to download it and click “open”. I wouldn’t consider that tech savvy at all.

            • HubertManne@kbin.social
              link
              fedilink
              arrow-up
              5
              ·
              11 months ago

              that actually is dangerous though and should spark a warning. Man I don’t even remember the time when it was relatively safe to just search an app and install it.

          • maynarkh@feddit.nl
            link
            fedilink
            English
            arrow-up
            1
            ·
            11 months ago

            The point of the new EU laws is exactly that the average user should have no more difficulty installing an app from a third party app store than Google’s or Apple’s.

            • HubertManne@kbin.social
              link
              fedilink
              arrow-up
              1
              ·
              11 months ago

              yeah sideloading assumes the app is not in a store though no? Does this happen with f-droid then otr such? the google warning that is.

      • moody@lemmings.world
        link
        fedilink
        English
        arrow-up
        16
        arrow-down
        1
        ·
        11 months ago

        Honestly, I don’t really see an issue with that. It seems no more annoying than Windows UAC or Linux sudo popups. It’s a reminder that your app may have some behavior that you wouldn’t expect from the regular sources. Mainly that it may not get regular updates along with the rest of the apps on your phone.

        Of all the annoying things that Google and Android do this is pretty minor.

        • Kairos@lemmy.today
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          11 months ago

          Yeah because the infinite malware available on the play store is so much safer

  • denast@lemm.ee
    link
    fedilink
    English
    arrow-up
    6
    ·
    11 months ago

    I really hope this will just replace the update dialogue, not add another one on top of it. Manually tapping “update” for all Fdroid apps is a huge slog already

    • ilmagico@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      ·
      11 months ago

      My understanding is that this dialog won’t appear if you update apps from f-droid or other 3rd party store, but only if:

      1. The app was installed from one store (or just the play store, not sure), and
      2. You are now trying to update the app by downloading an apk from somewhere else (e.g. a browser)

      That would normally fail because the signatures don’t match, but I guess there are places, like apkmirror, where you can find apks that are signed by the original developer (and so, they are authentic and 100% safe), but then google will give you a warning that you might not receive updates and such.

      At least, that’s my understanding. A tiny bit annoying, but not a big deal.