Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
thisislife2 4 hours ago

I don't buy this argument at all that this specific implementation is under pressure from the government - if the problem is indeed malware getting access to personal data, then the very obvious solution is to ensure that such personal data is not accessible by apps in the first place! Why should apps have access to a user's SMS / RCS? (Yeah, I know it makes onboarding / verification easy and all, if an app can access your OTP. But that's a minor convenience that can be sacrificed if it's also being used for scams by malware apps).

But that kind of privacy based security model is anathema to Google because its whole business model is based on violating its users' privacy. And that's why they have come with such convoluted implementation that further give them control over a user's device. Obviously some government's too may favour such an approach as they too can then use Google or Apple to exert control over their citizens (through censorship or denial of services).

Note also that while they are not completely removing sideloading (for now) they are introducing further restrictions on it, including gate-keeping by them. This is just the "boil the frog slowly" approach. Once this is normalised, they will make a move to prevent sideloading completely, again, in the future.

cesarb 4 hours ago | parent | next [-]

> Why should apps have access to a user's SMS / RCS?

It could be an alternative SMS app like TextSecure. One of the best features of Android is that even built-in default applications like the keyboard, browser, launcher, etc can be replaced by alternative implementations.

It could also be a SMS backup application (which can also be used to transfer the whole SMS history to a new phone).

Or it could be something like KDE Connect making SMS notifications show up on the user's computer.

thisislife2 3 hours ago | parent [-]

That's all indeed valid.

> One of the best features of Android is that even built-in default applications like the keyboard, browser, launcher, etc can be replaced by alternative implementations.

When sideloading is barred all that can easily change. If you are forced to install everything from the Google Play Store, Google can easily bar such things, again in the name of "security" - alternate keyboards can steal your password, alternate browsers can have adware / malware, alternate launcher can do many naughty things etc. etc.

And note that if indeed giving apps access to SMS / RCS data is really such a desirable feature, Google could have introduced gate-keeping on that to make it more secure, rather than gate-keeping sideloading. For example, their current proposal says that they will allow sideloading with special Google Accounts. Instead of that, why not make it so that an app can access SMS / RCS only when that option is allowed when you have a special Google Account?

The point is that they want to avoid adding any barriers where a user's private data can't be easily accessed.

AnthonyMouse an hour ago | parent | next [-]

> Instead of that, why not make it so that an app can access SMS / RCS only when that option is allowed when you have a special Google Account?

Because then you still need a special Google Account to install your app when it needs to access SMS / RCS.

How about solving this problem in a way that doesn't involve Google rather than the owner of the device making decisions about what they can do with it? Like don't let the app request certain permissions by default, instead require the user to manually go into settings to turn them on, but if they do then it's still possible. Meanwhile apps that are installed from an app store can request that permission when the store allows it, so then users have an easy way to install apps like that, but in that case the app has been approved by Google or F-Droid etc. And the "be an app store" permission works the same way, so you have to do it once when you install F-Droid but then it can set those permissions the same as Google Play.

It's not Google's job to say no for you. It's only their job to make sure you know what you're saying yes to when you make the decision yourself.

OptionX an hour ago | parent | prev [-]

It'd just devolve into security whack a mole about what permissions need those special account or not, ending with basically all of them making it the same as just needing dev verification anyway for anything remotely useful.

And despite that, you assuming that dev verification means no malware. The Play Store requires developers to register with the same verification measures we're talkingand malware is hardly unheard of there.

BrenBarn 15 minutes ago | parent | prev | next [-]

Yeah. I mean the irony is that the one advantage of having a controlled and monitored app store would be that the entity monitoring it enforces certain standards. Games don't need access to your contacts, ever. If Google Play would just straight up block games that requested unnecessary permissions, it might have value. Instead we have 10,000 match-three games that want to use your camera and read all your data and Google is just fine with that. If the issue was access to personal data, a large proportion of existing apps should just be banned.

Groxx 3 hours ago | parent | prev | next [-]

re OTPs, there's a special permission-less way to request sms codes, with a special hash in the content so it's clearly an opt-in by both app and sender: https://developers.google.com/identity/sms-retriever/overvie...

so no, it's not necessary at all. and many apps identify OTPs and give you an easy "copy to clipboard" button in the notification.

but that isn't all super widely known and expected (partly because not all apps or messages follow it), so it's not something you can rely on users denying access to.

krzyk an hour ago | parent | prev | next [-]

Because Tasker is fundamental for some. Those arguments are similar to "think of children".

3 hours ago | parent | prev | next [-]
[deleted]
trueismywork an hour ago | parent | prev | next [-]

Its a fact even if you dont buy this

JulianHC 2 hours ago | parent | prev | next [-]

I concur.

If they are concerned about malware then one of the obvious solutions would be safe guarding their play store. There is significant less scam on iphone because apple polices their app store. Meanwhile scam apps that i reported are still up on google play store.

miki123211 2 hours ago | parent | prev | next [-]

> if the problem is indeed malware getting access to personal data, then the very obvious solution is to ensure that such personal data is not accessible by apps

Then you'd have the other "screaming minority" on HN show up, the "antitrust all the things" folks.

AnthonyMouse an hour ago | parent [-]

The "let's actually enforce antitrust laws" people are in the majority:

https://today.yougov.com/economy/articles/47798-most-america...

https://www.antitrustinstitute.org/wp-content/uploads/2024/1...

lern_too_spel 2 hours ago | parent | prev [-]

> Note also that while they are not completely removing sideloading (for now) they are introducing further restrictions on it, including gate-keeping by them.

This blog post is specifically saying there will be a way to bypass the gatekeeping on Google-blessed Android builds, just as we wanted.

> But that kind of privacy based security model is anathema to Google because its whole business model is based on violating its users' privacy.

Despite this, they sell some of the most privacy-capable phones available, with the Pixels having unlockable bootloaders. Even without unlocking the bootloader to install something like GrapheneOS, they support better privacy than the other mass market mobile phones by Samsung and Apple, which both admittedly set a low bar.