Attached: 1 image
Google has news on what you will need to do for still being able to sideload apps:
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this
https://goo.gle/advance-flow
enable developer options
confirm that you are not tricked
restart phone and re-authenticate
wait one day
confirm with biometrics that you know what you are doing
decide if you only want unrestricted installs for 1 week or forever
confirm that you accept the risks
enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this
adb-installs are explicitly allowed to skip the 24 hour wait limit.
This thing is nominally there to shut down phone scammers - people who are technically fluent enough to install adb are very unlikely to be susceptible to them.
Are there even any stats on phone scammers doing this? I wouldn’t be surprised if there were more malicious google play store apps than apps from 3rd party places trying to do this sort of attack.
If anything scammers would just get people to plug their phone into their computers.
Are there even any stats on phone scammers doing this?
I don’t necessarily know about stats. As I understand it, there is some governmental pressure to address the situation, hence why the program is being rolled out in specific markets before the global rollout.
I wouldn’t be surprised if there were more malicious google play store apps than apps from 3rd party places trying to do this sort of attack.
Probably, given that the overwhelming majority of installs happening through the Play Store. Google have some control in this surface though - they can unlist malicious apps and close down their developer accounts. Potentially even take legal action, given that developer accounts require ID these days.
If anything scammers would just get people to plug their phone into their computers.
If a scammer manages to coach someone to install adb, then I’m impressed.
10Mins sounds good. I agree ADB powered alternatives will exist. But, this is too much friction and I’m speaking as a power user who uses fdroid, shizuku, termux and all sorts of power user apps.
It will be tedious when I want to share an awesome open source app with someone who will think it is unsafe because android would warn and make you follow these steps to install “unverified apps”. Many of those friends will find even installing fdroid for updates bloat.
If I ask them to follow this, they would rather give up and not bother. This will be a huge blow to adoption of open source android apps.
I’m almost certain there will be an ADB hack to bring this process down to a couple min. Or faster
It only took me ~10min to install GrapheneOS. A whole new OS!
Changing a single setting should be super quick.
adb-installs are explicitly allowed to skip the 24 hour wait limit.
This thing is nominally there to shut down phone scammers - people who are technically fluent enough to install adb are very unlikely to be susceptible to them.
Are there even any stats on phone scammers doing this? I wouldn’t be surprised if there were more malicious google play store apps than apps from 3rd party places trying to do this sort of attack.
If anything scammers would just get people to plug their phone into their computers.
I don’t necessarily know about stats. As I understand it, there is some governmental pressure to address the situation, hence why the program is being rolled out in specific markets before the global rollout.
Probably, given that the overwhelming majority of installs happening through the Play Store. Google have some control in this surface though - they can unlist malicious apps and close down their developer accounts. Potentially even take legal action, given that developer accounts require ID these days.
If a scammer manages to coach someone to install adb, then I’m impressed.
10Mins sounds good. I agree ADB powered alternatives will exist. But, this is too much friction and I’m speaking as a power user who uses fdroid, shizuku, termux and all sorts of power user apps.
It will be tedious when I want to share an awesome open source app with someone who will think it is unsafe because android would warn and make you follow these steps to install “unverified apps”. Many of those friends will find even installing fdroid for updates bloat.
If I ask them to follow this, they would rather give up and not bother. This will be a huge blow to adoption of open source android apps.