www.androidauthority.com/android-developer-verification-requirements-3590911/
-
@thamesynne @alexia @bigzaphod Not really, to answer your last question. A repudiation of one dumb idea isn’t an endorsement of its inversion. What’s fun about middle ground is that it always exists, and there’s more of it than you’d think!
@RyanHyde @thamesynne @alexia @bigzaphod
not endorsing the first idea-- is endorsing anarchy, otherwise your just endorsing the first one again;
there is no 'middle ground' on this -- that's just unironically doing the centrist meme where its like "what if we murder half the jews"
.. either you support actual human rights (i.e where they arent violated just because an authority figure said so) .. or you don't ...
it sounds like you don't.
-
@thamesynne @alexia @bigzaphod Not really, to answer your last question. A repudiation of one dumb idea isn’t an endorsement of its inversion. What’s fun about middle ground is that it always exists, and there’s more of it than you’d think!
@RyanHyde the middle ground already exists, and it's the current side-loading process, which requires you to *explicitly* choose a somewhat obscure setting, to allow installation of apps of "unknown sources"
someone who is sideloading will generally already know what they're doing, since they have to flip this permission on. even if done permanently, it's not a global option but a per-app option to allow such installs from, say, the file manager. malware detection via Google Play Protect is *also* already a thing, mentioned in the linked article
you appear to have assumed that arguing against centralized signature verifiers to be *allowed to develop for Android,* means arguing against *any* attempt at verification. instead, it's really just: "Android, let's not do exactly what Apple is doing to wall in the garden, thanks"
seems like the best middle ground would be for Google to simply, not do this thing
-
www.androidauthority.com/android-developer-verification-requirements-3590911/
I must reiterate. I really like open systems.
This is the opposite of that. It's yet more infrastructure for Google to force dependence on Google Play Services in the wider Android ecosystem.
It's also a great way to kill off a bunch of independent developers that make zero money from their project from publishing software for your platform.
This idea needs to be canned. -
@alexia As one of those independent developers that make zero money from my project... fucking hell.
This doesn't really "affect /me/" directly (I (also) publish to Google Play, so I already had to go through this, and thankfully I'm in a place where I can afford to do so while staying relatively safe).
But goddamn does this shit still make my blood boil. I care about what people *in general* can do, not just me. I care about people having the easy option to fork it, for that matter. I also happen to be in a place where a decent chunk of my contributors don't have a development background at all, let alone for Android specifically.
And goddamn does it leave a bitter aftertaste, making me reluctant to give them more of my free labour.
But I also have no realistic plan B, or any real idea what it would look like. iOS is just jumping out of the ashes and into the fire. Mainline phone Linux (Pine, Librem, etc) is just wildly impractical as a sole phone (I can't even file my taxes without BankID..). And what else is there?
@natkr
Well, I'm sure I dont have to explain to you how BankID and a phone in general being required is another vector through which Google ensures vendor lock-in
We really need regulation for these things. -
@alexia I can't wait until there's a ready for prime time mobile Linux distro. Maybe it's time to try some of the alpha alternatives to Android that I understand are out there?
@elaterite If you're looking for something with a more pragmatic "make it work first" approach youre probably interested in the UBPorts project, which maintain Ubuntu Touch nowadays, but they use a lot of the original vendor stuff from Android.
If you're looking for something more idealistic, working towards a future where our devices run mainline Linux, look to postmarketos.org -
@elaterite If you're looking for something with a more pragmatic "make it work first" approach youre probably interested in the UBPorts project, which maintain Ubuntu Touch nowadays, but they use a lot of the original vendor stuff from Android.
If you're looking for something more idealistic, working towards a future where our devices run mainline Linux, look to postmarketos.org -
@bigzaphod @alexia False equivalency. Your garage contraption doesn’t have the same potential for harm as software. Your novel can never log my keystrokes.
-
@alex02
Well, no, not a misunderstanding at all. That is exactly what they mean.
Check the primary source: developer.android.com/developer-verification -
@alex02
Well, no, not a misunderstanding at all. That is exactly what they mean.
Check the primary source: developer.android.com/developer-verification -
@natkr
Well, I'm sure I dont have to explain to you how BankID and a phone in general being required is another vector through which Google ensures vendor lock-in
We really need regulation for these things. -
@bigzaphod @alexia False equivalency. Your garage contraption doesn’t have the same potential for harm as software. Your novel can never log my keystrokes.
@RyanHyde @bigzaphod @alexia fun fact: lots of trojan horses on google play with verified status. grammarly is one example. does "ai-powered text correction", and sends all text you enter into any form to its servers to achieve that.
the fallacy here is seeing google as a trustable arbiter.
-
www.androidauthority.com/android-developer-verification-requirements-3590911/
I must reiterate. I really like open systems.
This is the opposite of that. It's yet more infrastructure for Google to force dependence on Google Play Services in the wider Android ecosystem.
It's also a great way to kill off a bunch of independent developers that make zero money from their project from publishing software for your platform.
This idea needs to be canned. -
@beeoproblem @bigzaphod @alexia Buying tools is not distributing weapons. Building code is not publishing malware. You’re free to the former in both scenarios. You’re not allowed to do the latter, and someone has to be sure that’s not your aim.
There are reasons regulation exists, and while many regulations go too far, eliminating them would be worse than having them.
I encourage you to read my other responses elsewhere here. I’m not advocating for corporations to wield all the power. But I also don’t trust every random developer in the world.
@RyanHyde @beeoproblem @bigzaphod @alexia
> There are reasons regulation exists, and while many regulations go too far, eliminating them would be worse than having them.
"regulations" are enforced through systemic violence and harm from the state & the entire purpose of ' verifying identity ' of developers is so you can inflict said violence and harm onto them, using said weapons given to those whom '"""have to"""" make sure thats not your aim;'
the world is and always will be, better off without large power authority figures with the ability to cause harm to people and pretend its fine,
eliminating regulations would be eliminating systemic violence and harm being done to people in the name of 'enforcing' said regulations, thus the world would be infinitely better off without them
doing so is harm reduction which is good; - what we need is standardization
you don't trust every random developer in the world? cool dont install their software then. don't demand they dox themselves to an authority figure
-
@RyanHyde @bigzaphod @alexia fun fact: lots of trojan horses on google play with verified status. grammarly is one example. does "ai-powered text correction", and sends all text you enter into any form to its servers to achieve that.
the fallacy here is seeing google as a trustable arbiter.
@lritter @RyanHyde @bigzaphod @alexia
no no you see its only malware if the one whos doing it is not a corperation or the state-
such is the shitlib way
-
@zoee @bigzaphod @alexia That’s fine for you to want that. I don’t want that. Both things can be true.
Look, I’m not saying that <Big Tech Company> should have all the power in the world, or at they should be the sole arbiters. But I also don’t think <Whatever Developer> should have free rein. These forces need to be in proper tension for the industry and society to function well.
If you want to make the argument that the system is not currently balanced, I’d agree with you. But I’ll never agree to arguments for an unregulated market.
@RyanHyde @zoee @bigzaphod @alexia
> Market
this is people making software, its not corperate corperations publish shit in the play store, stop making everything capitalist
> Unregulated
aka: your rights arent violated by the state if you do osmething it doesnt approve of
it is of course neither, this is not a market get that capitalist bullshit out of here, this is me making software and sharing it with everyone; not asking for money or anything the fuck off;
and its not 'unregulated' your free to run av software on your thing, reverse engineer the program, and see that it does things you don't want, and then tell other people this file does things you don't want, this is self-regulated.
unregulated software market is what Google Play is.
you cannot demand i verify my identity, as if thats even a static or clear thing to begin with, for the express purpose of the state being able to hurt me easier if it turns out they deem it 'bad' .
-
@bigzaphod @alexia False equivalency. Your garage contraption doesn’t have the same potential for harm as software. Your novel can never log my keystrokes.
False False Equivalency,
it is literally impossible to make a keylogger on mobile, due to the permission system on mobile oses;
he only way it would be possible is if
1- your device is rooted and you grant the app root permissions2- you explicitly gave it permission to see all your keystrokes via accessibility settings (only on some os'es i think?)
3- your app is literally a custom keyboard.
most malware on mobile is infostealers, or spyware, maybe ransomware is possible but i've never heard of it,
but also -- most "legitimate" software on the play store or otherwise following commercial interests, thus actually going to 'the market' .. is spyware or infostealers.please get the details correct before you endorse systemic violence
-
@bigzaphod @alexia False equivalency. Your garage contraption doesn’t have the same potential for harm as software. Your novel can never log my keystrokes.
@RyanHyde @bigzaphod @alexia Who defines whats a "harmful" software? Google? And even if we assume Google is a good corporation, you are still creating a central checking point for all software. What happens when payment processors start demanding that apps harmful to their reputation are blocked by Google? Now you are at the mercy of anyone that can force Google's hand which includes governments around the world. This is just handing more power to those already in power.
-
@RyanHyde @bigzaphod @alexia Who defines whats a "harmful" software? Google? And even if we assume Google is a good corporation, you are still creating a central checking point for all software. What happens when payment processors start demanding that apps harmful to their reputation are blocked by Google? Now you are at the mercy of anyone that can force Google's hand which includes governments around the world. This is just handing more power to those already in power.
@RyanHyde @bigzaphod @alexia And if you are so afraid of harmful software dont sideload apps, its that simple. All apps on the play store are already verified by Google. And even right now, any app that you try to sideload is scanned by play protect by default, and if Google deems it "unsafe" it gets blocked. That is on top of the switch for sideloading deep in the settings that has to be flipped before you can sideload apps. I dont see how this is not enough security for the ordinary user.
-
M magiclike@soc.sekundenklebertransportverbot.de shared this topic
