| ▲ | Taterr 4 hours ago |
| None of the comments here seem to discuss or even mention how this situation looks from googles perspective? I feel like HN readers are not aware of the scale of the problem they face or their motivation behind these changes. If you look at the rate of growth of the call/text scam industry I think it's entirely possible that android owners are getting scammed out of more money than google themselves makes on the android platform as a whole. It's at least not that far off. Which doesn't even account for the humanitarian issues which they probably feel partially responsible for. |
|
| ▲ | xigoi 3 hours ago | parent | next [-] |
| Google’s perspective is that they don’t want people to install NewPipe so that the CEO can buy more yachts. |
| |
| ▲ | ChocolateGod 16 minutes ago | parent [-] | | I would bet the amount of people getting scammed is probably higher than those installing NewPipe. |
|
|
| ▲ | schubidubiduba 4 hours ago | parent | prev | next [-] |
| Why does nobody ever think of the poor megacorporation? I mean maybe you're even right and they care a little bit about people being scammed. But if you believe that the scamming thing is any more than a pretense for further establishing Google's absolute control over the Android ecosystem, that is just very naive. Their goal is to make money. Apps installed outside of Google mean less money for them. Ergo, consumer's right to install what they want on their devices must go. |
| |
| ▲ | Taterr 3 hours ago | parent [-] | | I understand usually the megacorporation is simply being anti-consumer with these kinds of changes, and who knows maybe this is the same. But I think this might be an actual exception. They seem to be actually implementing a lot of high effort scam protection features recently in android so unless they did all of that just as an excuse to make side loading harder then they've fooled me. https://security.googleblog.com/2026/02/strengthening-androi...
https://blog.google/innovation-and-ai/technology/safety-secu... For more context, the the "reason" they're increasing the friction in sideloading is to prevent one extremely specific scam where someone instructs you over the phone to download a malicious android app, which then steals your banks 2 factor verification code from your notifications and sends it to the scammers. The 24 hour limitation does seem specifically designed to prevent that so I'm inclined to believe them. | | |
| ▲ | procaryote 2 hours ago | parent | next [-] | | It's pretty easy to make up a reasonable sounding excuse for something you do for your own profit as a company. If they don't even provide any statistic on how frequent these scams are, it can be just words Also, if your bank 2fa code is in your notifications, you should switch 2fa methods to something other than sms, or switch banks. | | |
| ▲ | Taterr 4 minutes ago | parent [-] | | So we should just accept that all apps must treat android notifications as a compromised communication channel? The scammers will find some other way to abuse the very generous permissions allowed by an android app if you prevent the notification attack. |
| |
| ▲ | sunaookami an hour ago | parent | prev [-] | | Do you also believe mass surveillance is necessary to protect children? | | |
| ▲ | Taterr 25 minutes ago | parent [-] | | No. Their stated implementations should be also privacy preserving as they are using on-device LLM models. Not sending your calls or texts to a datacenter. |
|
|
|
|
| ▲ | goku12 2 hours ago | parent | prev | next [-] |
| Their solution to every problem is to take away more control of the smartphones each time from the users who own them. Meanwhile, I have much less problems with scam and security issues and more freedom with software off FDroid. Makes you wonder if the actual problem is perhaps the one coming up with these solutions and their malevolent intentions behind a thin veil of laughable PR. Besides, I don't get people's habit of justifying trillion dollar corporations that can't seem to come up with any non-dystopian solutions. |
|
| ▲ | realusername an hour ago | parent | prev | next [-] |
| Google's perspective is that they want full control on Android. If they really care about scams, the first result when I search for chatgpt is a fake app with a fake logo. Maybe they should start by tackling the scams on the play store. |
|
| ▲ | eloox 4 hours ago | parent | prev [-] |
| That may be, but I think you are missing the point of the outrage: this solution is not good. |
| |
| ▲ | izacus 3 hours ago | parent [-] | | So let's discuss a good solution instead of this boring repetitive outrage. | | |
| ▲ | vanviegen 2 hours ago | parent | next [-] | | Look at the attack vectors that are actually being used, and address them specifically, with minimally invasive measures. If the problem is apps that allow remote control of your device, that people can be socially engineered into installing, put up barriers to gaining just that permissions. That approach would actually help motivate the problem (as scammers can now just use Google-approved apps for such things). If the problem is ads that are pushing scams, Google could start with eradicating them from their own network. They seem to be the primary source. And, god forbid, perhaps even offer an ad blocker integrated in Android. (Yeah, I know.) If the problem is scammers pretending to be a friend or family member in need of help though social apps, Google could force these apps to help users identify these cases (using local privacy friendly heuristics is course) for inclusion in the Play Store. And no, they wouldn't be able to demand the same from apps installed from elsewhere, but that should be firmly outside of their sphere of responsibility. And casual users would be extremely like to stick with the default app store anyhow. Note that all three of these proposals provide a measure of safety from the problems they are addressing much larger than what Google is attempting by banning all non-Google-authorized applications. | | |
| ▲ | Taterr 2 hours ago | parent [-] | | I am quite genuinely curious what you think the best solution to prevent someone instructing a tech illiterate person over the phone to click through every permission warning about a malicious app they're installing is? No amount of scary menus will work. I feel like they only have 2 options, which is to limit some permissions without any exceptions (making their platform more closed), or make it harder to install apps as a whole. Do you have a better idea? |
| |
| ▲ | elwebmaster 2 hours ago | parent | prev | next [-] | | First we need to understand what the root cause of the problem really is then we can discuss solutions. All we've been told is that "Android users are getting scammed, we are going to make side loading impossible". There is no clear cause and effect established, no data shared with the public on what percent of scams were caused by sideloaded apps and how the scams actually operate for us to be able to accept the solution. | | |
| ▲ | realusername an hour ago | parent [-] | | > no data shared with the public on what percent of scams were caused by sideloaded apps and how the scams actually operate for us to be able to accept the solution. They will not share the data because the data goes against their public stance. Apks are already very annoying to install for your average user. The scams will target the web, the playstore and then as a very last resort, direct installs |
| |
| ▲ | TuringTest 3 hours ago | parent | prev [-] | | The problem with that thought is that Goole isn't creating a good solution, it's creating this specific one. |
|
|
