this post was submitted on 13 Nov 2025
1190 points (98.0% liked)

Technology

76820 readers
1725 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
1190
Breaking: Google is easing up on Android's new sideloading restrictions! (www.androidauthority.com)
submitted 2 days ago by popcar2@programming.dev to c/technology@lemmy.world
220 comments fedilink hide all child comments
 

Google: "Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified. We are designing this flow specifically to resist coercion, ensuring that users aren't tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands."

Thank god. I would've ditched Android for good if this went through, and while it sounds like it would be annoying for casual users to enable unverified apps, at least we can still install them.

you are viewing a single comment's thread
view the rest of the comments
[–] poopkins@lemmy.world -1 points 1 day ago (1 children)

I genuinely believe that it was motivated by the desire to deter scammers. What leads you to believe it's not? There are many gullible people out there who will follow, precisely as you pointed out, phishing links that encourage them to sideload an unverified app.

No system is perfect, and I also believe that Google Play does a fair job of removing malicious apps.

I'm sorry to try to bring some nuance into this thread as I know that discourse isn't welcome on Lemmy, but I'm just trying to wrap my head around the outrage. Providing a way to let experienced users continue to sideload apps while safeguarding the more gullible seems like a good idea and I still genuinely don't understand what your preferred solution would be.

[–] greenacres3233@lemmy.dbzer0.com 6 points 1 day ago (1 children)

I understand that thoughtprocess, I really do because I've thought the same at one point. Most who are angry and frustrated at Google have.

To explain it a bit, it's pretty much what I said before. If it really were to deteer scammers, they would implement better security and safety in their Play Store first. There's also ways they could block phishing attempts through there, but instead they use a bulldozer to hammer a small nail to a wall when a hammer would do just fine. I'm sure if you do a search for articles there'll be news covering this, and surely son statistic if you are more curious on numbers.

What they need is better checks in the very first step, because locking down sideloading won't fix their inherently flawed Play store security and vetting. It's like putting a patch of glue on a crack in the wall, but right next to it there's already a gaping hole.

[–] poopkins@lemmy.world 1 points 19 hours ago (2 children)

Ironically, in my attempts to find any kind of information about this, it only resulted in news articles reporting on the number of developer accounts banned and announcements from Google warning users about scams and providing recommendations to safeguard themselves.

I don't agree that Google has taken a singular approach to this problem; there are numerous ways in which they are combating scams, of which this piece is just one.

I believe people in this thread are (deliberately or not) looking at this from a very narrow point of view and not seeing how (1) there is a risk that is mitigated by preventing gullible users from installing malware through sideloading, (2) Google has reconsidered this solution after hearing community feedback and (3) Google uses numerous mechanisms to eliminate bad actors from the Play store.

To touch on the last one, it seems many of those mechanisms are not done transparently as I've seen threads on /r/AndroidDev back before I left Reddit about individuals being lifetime banned even by association to a scammer.

At the risk of sounding insincere—such is the nature of an online discussion forum—I'd like to tap into the ways you see the safety and security of the Play store to be deficient. How are phishing attempts successful there? In the articles I've read about phishing through fake apps, they all went through the route of sideloading. One example was to get "special features" in WhatsApp by downloading an APK, and another was to enable developer mode to install an antivirus APK because "the device was infected." While I found articles describing imposter apps, searching for those apps on Google Play didn't surface any of them, so it seems from my spot checks that it's working.

To me, this entire discussion is quite conflicting, because on one hand, we all recognize the risk of malware, but at the same time the community is furious about whatever Google attempts to do about it.

Call me naive, but my family and I are very content with our Android phones and have no qualms with the way Google Play functions today. I remain confused about why this comment section is so mad.

[–] greenacres3233@lemmy.dbzer0.com 2 points 9 hours ago* (last edited 9 hours ago)

I wouldn't say that you're naive, you're just asking questions about something you want more information on since the info you have seen doesn't match up with the general opinion.

I found some articles, both in favour of Googles security and some that are not so you can read through them and decide for yourself if this can be considered Google being lax or if they are doing their best:

https://www.malwarebytes.com/blog/news/2025/09/224-malicious-apps-removed-from-the-google-play-store-after-ad-fraud-campaign-discovered

https://www.bleepingcomputer.com/news/security/over-200-malicious-apps-on-google-play-downloaded-millions-of-times/

https://www.cpomagazine.com/cyber-security/over-300-malicious-apps-on-google-play-store-engaged-in-ad-fraud-and-data-theft-installed-60-million-times/

https://edition.cnn.com/2023/07/11/tech/google-ai-lawsuit

https://en.wikipedia.org/wiki/Criticism_of_Google

https://www.creativefuture.org/google-scandal-timeline/

My own opinion: Google takes action sometimes, but as some of these articles says, many ads from scammers came through apps installed on the Play Store. Not by side loading or third parties. They do take action, but some may argue that they often don't do that until it's already widespread and argue about the morality of the company itself, but I'm going to focus on our original question - the side loading issue. After reading through these articles, I still find myself questioning why Google would block side loading and blame scammers, when it's already a problem in the Play Store itself. The only reasonable answer I can think of is to keep their monopoly and remove projects like Aurora Store, microG, ReVanced and so on. Especially since it is well known that Google does not care about its users, only about its profits.

[–] greenacres3233@lemmy.dbzer0.com 1 points 9 hours ago

An sort of TLDR maybe, or side discussion - many does not trust that google do something with the intent of being good. Their history has been anything but good so far, and therefore oppose it out of fear of the actual intent behind their decisions. Blocking side loading takes away freedom to install whatever we want, and Google seems to blame malicious actors using third party sources when malicious apps already exist in the Play Store and their security gets bypassed.