@thamesynne @RyanHyde @alexia @bigzaphod

can't forget- they also rely on deliberately and guaranteeing to 'not playing nice' (i.e *violence, abuse, and mistreatment, and human rights violations*) when people don't follow their idea on what 'playing nicely' is, and at the same time perpertrate a soceity where that is seen is completely fine and acceptable as long as their the ones doing it, and that fosters dehumanization towards its victims; and promotes a system that actively incentivizes not being altruistic;

see libertarianism: ok lets look at it, so basically they say that all that is bad if the one doing it is called the state, but if its called a corperation then it's magically fine, (and some variants of it say the state should ONLY cause harm; and not things like healthcare or running libraries)

yeah so the issue is that your saying its magically fine to do that,

but of course; this logic only applies if your supporting the status quo.

(for OP: confidential information being leaked is good.)

@alexia As one of those independent developers that make zero money from my project... fucking hell.

This doesn't really "affect /me/" directly (I (also) publish to Google Play, so I already had to go through this, and thankfully I'm in a place where I can afford to do so while staying relatively safe).

But goddamn does this shit still make my blood boil. I care about what people *in general* can do, not just me. I care about people having the easy option to fork it, for that matter. I also happen to be in a place where a decent chunk of my contributors don't have a development background at all, let alone for Android specifically.

And goddamn does it leave a bitter aftertaste, making me reluctant to give them more of my free labour.

But I also have no realistic plan B, or any real idea what it would look like. iOS is just jumping out of the ashes and into the fire. Mainline phone Linux (Pine, Librem, etc) is just wildly impractical as a sole phone (I can't even file my taxes without BankID..). And what else is there?

@zoee @RyanHyde @bigzaphod @alexia this is the free reign in question, and probably why these stories are breaking at the same time: https://www.bleepingcomputer.com/news/security/malicious-android-apps-with-19m-installs-removed-from-google-play/

@RyanHyde @thamesynne @alexia @bigzaphod

not endorsing the first idea-- is endorsing anarchy, otherwise your just endorsing the first one again;

there is no 'middle ground' on this -- that's just unironically doing the centrist meme where its like "what if we murder half the jews"

.. either you support actual human rights (i.e where they arent violated just because an authority figure said so) .. or you don't ...

it sounds like you don't.

@RyanHyde the middle ground already exists, and it's the current side-loading process, which requires you to *explicitly* choose a somewhat obscure setting, to allow installation of apps of "unknown sources"

someone who is sideloading will generally already know what they're doing, since they have to flip this permission on. even if done permanently, it's not a global option but a per-app option to allow such installs from, say, the file manager. malware detection via Google Play Protect is *also* already a thing, mentioned in the linked article

you appear to have assumed that arguing against centralized signature verifiers to be *allowed to develop for Android,* means arguing against *any* attempt at verification. instead, it's really just: "Android, let's not do exactly what Apple is doing to wall in the garden, thanks"

seems like the best middle ground would be for Google to simply, not do this thing

@alexia I can't wait until there's a ready for prime time mobile Linux distro. Maybe it's time to try some of the alpha alternatives to Android that I understand are out there?

@alexia Thanks for the tips, Alexia! I looked at postmarketos but my old devices have not been tested with it. I can hack a bit, but I'm not up to doing it from scratch. I'll checkout UBPorts when I get time. Thanks!

@RyanHyde @bigzaphod @alexia and all the software by vendors who have been approved would never ever track me around the internet and essentially act like spyware right? RIGHT?!

@alexia figured. Pos really keep speed running getting sued.

@alexia Yeah, absolutely.

@RyanHyde @bigzaphod @alexia fun fact: lots of trojan horses on google play with verified status. grammarly is one example. does "ai-powered text correction", and sends all text you enter into any form to its servers to achieve that.

the fallacy here is seeing google as a trustable arbiter.

@alexia Yes, Android is getting more and more broken...

Just support #PostmarketOS or something, which is (except audio xD) really well usable

@RyanHyde @beeoproblem @bigzaphod @alexia

> There are reasons regulation exists, and while many regulations go too far, eliminating them would be worse than having them.

"regulations" are enforced through systemic violence and harm from the state & the entire purpose of ' verifying identity ' of developers is so you can inflict said violence and harm onto them, using said weapons given to those whom '"""have to"""" make sure thats not your aim;'

the world is and always will be, better off without large power authority figures with the ability to cause harm to people and pretend its fine,

eliminating regulations would be eliminating systemic violence and harm being done to people in the name of 'enforcing' said regulations, thus the world would be infinitely better off without them

doing so is harm reduction which is good; - what we need is standardization

you don't trust every random developer in the world? cool dont install their software then. don't demand they dox themselves to an authority figure

@lritter @RyanHyde @bigzaphod @alexia

no no you see its only malware if the one whos doing it is not a corperation or the state-

such is the shitlib way

@RyanHyde @zoee @bigzaphod @alexia

> Market

this is people making software, its not corperate corperations publish shit in the play store, stop making everything capitalist

> Unregulated

aka: your rights arent violated by the state if you do osmething it doesnt approve of

it is of course neither, this is not a market get that capitalist bullshit out of here, this is me making software and sharing it with everyone; not asking for money or anything the fuck off;

and its not 'unregulated' your free to run av software on your thing, reverse engineer the program, and see that it does things you don't want, and then tell other people this file does things you don't want, this is self-regulated.

unregulated software market is what Google Play is.

you cannot demand i verify my identity, as if thats even a static or clear thing to begin with, for the express purpose of the state being able to hurt me easier if it turns out they deem it 'bad' .

@RyanHyde @bigzaphod @alexia

False False Equivalency,

it is literally impossible to make a keylogger on mobile, due to the permission system on mobile oses;

he only way it would be possible is if
1- your device is rooted and you grant the app root permissions

2- you explicitly gave it permission to see all your keystrokes via accessibility settings (only on some os'es i think?)

3- your app is literally a custom keyboard.

most malware on mobile is infostealers, or spyware, maybe ransomware is possible but i've never heard of it,

but also -- most "legitimate" software on the play store or otherwise following commercial interests, thus actually going to 'the market' .. is spyware or infostealers.

please get the details correct before you endorse systemic violence

@RyanHyde @bigzaphod @alexia Who defines whats a "harmful" software? Google? And even if we assume Google is a good corporation, you are still creating a central checking point for all software. What happens when payment processors start demanding that apps harmful to their reputation are blocked by Google? Now you are at the mercy of anyone that can force Google's hand which includes governments around the world. This is just handing more power to those already in power.