@alexia I wonder what will @fdroidorg folks say about this; if entities like @fsfe or @OpenForumEurope will try to do something preemptive about it taking into account this will go against #DMA at least; etc.. We can't wait for it to be in action before starting to push back.

@alexia

It's also a great way to kill off a bunch of independent developers that make zero money from their project from publishing software for your platform.

Are they going to charge a fee? I don't see any mention of that, but maybe I missed it.

@alexia @bigzaphod What’s cool about anarchy is that it always works because everyone is altruistic. See also libertarianism.

@RyanHyde @alexia it's not anarchy to want to be free to write and run software without permission. People don't need permission to write a novel or build a contraption in their garage.

@bigzaphod @alexia False equivalency. Your garage contraption doesn’t have the same potential for harm as software. Your novel can never log my keystrokes.

@RyanHyde @bigzaphod @alexia cool story, I still don't want google deciding what software I fucking run on my devices and who's allowed to make it

@zoee @bigzaphod @alexia That’s fine for you to want that. I don’t want that. Both things can be true.

Look, I’m not saying that <Big Tech Company> should have all the power in the world, or at they should be the sole arbiters. But I also don’t think <Whatever Developer> should have free rein. These forces need to be in proper tension for the industry and society to function well.

If you want to make the argument that the system is not currently balanced, I’d agree with you. But I’ll never agree to arguments for an unregulated market.

@RyanHyde @bigzaphod @alexia I'm not sure I have the energy for this argument, but it's not just false equivalence but completely wrong.

Write whatever novel you want - if it violates obscenity laws, hate speech, incitement, or terrorism you'll get prosecuted.

A contraption in your garage *very definitely* needs permission if it transmits into non permitted parts of the EM spectrum, emits too much noise, pollution, has the potential to harm anyone, or you wish to take it out in a public place where standards apply (i.e. building your own car).

I don't like the direction this software is going in, but it's something I've predicted for years and been repeatedly downvoted for particularly when it applies to phones.

A manufacturer releases a phone with a very short security lifecycle. People buy it anyway because they don't care if it affects anyone else, as long as it appears to work for them. Go down this road, *eventually* the result is signed, time bombed, mandated, remote disableable firmware.

@RyanHyde @bigzaphod @alexia Yeah okay but that's exactly what this is doing? Google will have the choice to approve or not of a developer. That's absolute and they will abuse this, as companies always do.

What even is the "free rein" for developers you are talking about? That they can make and publish stuff without being forced to go through 50 hoops including revealing their identity to get the approval of your favorite megacorp? Maybe I, a user, don't want a corporation to have more power over my own hardware than me?

We're not even talking about an "industry", or a "market"? This is nonsensical

@RyanHyde @alexia @bigzaphod and what's cool about relying on big centralised bureaucracies to make sure everyone plays nicely is that they're always benevolent, always hyper-efficient, never make mistakes, and never leak confidential information. see also the US government.

(this *is* how we play this game, right?)

@zoee @bigzaphod @alexia This is absolutely a market. Software wants distribution. Distribution wants an audience. An audience is a market. We are that market.

I’m not here to teach basic economic theory though. It’s plainly evident that malicious software exists. Reducing friction to publish software will of course increase the publication rate of malicious software. Security measures are always annoying, but are usually important.

@thamesynne @alexia @bigzaphod Not really, to answer your last question. A repudiation of one dumb idea isn’t an endorsement of its inversion. What’s fun about middle ground is that it always exists, and there’s more of it than you’d think!

@RyanHyde @bigzaphod @alexia you're incorrect

A 2x4 with a nail through it can do plenty of harm and that's at the very bottom of harmful devices a determined hobbyist could make. Or, going by novels, Mein Kampf, Atlas Shrugged, Turner Diaries etc have inspired all kinds of vile people and events.

None of that justifies requiring permission and ID to access basic tools that 99.99% of people use completely innocuously.

@beeoproblem @bigzaphod @alexia Buying tools is not distributing weapons. Building code is not publishing malware. You’re free to the former in both scenarios. You’re not allowed to do the latter, and someone has to be sure that’s not your aim.

There are reasons regulation exists, and while many regulations go too far, eliminating them would be worse than having them.

I encourage you to read my other responses elsewhere here. I’m not advocating for corporations to wield all the power. But I also don’t trust every random developer in the world.

@beeoproblem @bigzaphod OP asked me to get the fuck out of his replied, so this comment omits him. Please reply here if you need to continue.

@RyanHyde @bigzaphod @alexia

Well that's wrong, distributing something and having an audience does not make something a market. See mutual aid for example. And look up "gift economy", hope that helps further your knowledge in basic economic theory!

Tying security measures to the will of a company that has the only goal of making profits is actually not the way to go. If they were actually serious about security, they'd implement better app spawning, use a more hardened memory allocator, prevent apps from using ptrace, and a number of other measures for better sandboxing that are well known at this point. They don't. Because security actually isn't that important to them.

@alexia I guess I've bought my last smartphone then. Can't deal w/ Apple's walled garden. If Android goes there too, I'm out. Fuck this shit.

@RyanHyde @bigzaphod if your issue is not trusting J Random Developer you already have a solution that mostly works. Get your apps from a trusted and vetted app store and never side load. You never need to trust J Ransom Dev ever again.

If one decides to forego that protection then it's on them. Google is pretending to solve a problem that barely exists likely to get around recent court rulings. If they actually cared about security they'd vet play store apps more thoroughly.