AFAIK this only applies within Singapore (not sure if this applies to visiting devices) for apps requesting certain permissions (RECEIVE_SMS, READ_SMS, BIND_NOTIFICATIONS, and accessibility) downloaded outside of app stores (F-Droid is fine) and opened directly on the device (adb install is fine).
You can probably bypass the restriction by just disabling Play Protect if you don't want Google to tell you what you can and cannot install, but I'm not in Singapore so I can't confirm if that will work or not. That said, Google has made it impossible to disable Play Protect while on a call, that's probably a smart move.
> In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.
Also, people in Singapore seem to be particularly vulnerable to scams:
> Pang is just one of tens of thousands of Singaporeans to fall foul of scams last year, who lost a total of S$1.1bn, according to police, a 70 per cent increase on the previous year. The true figure could be even higher, according to the Global Anti-Scam Alliance, which estimates that more than two-thirds of Singaporean victims did not report their experience.
> This is a small part of a global criminal enterprise worth an estimated $1tn, but Singaporeans, affluent, digitally advanced and compliant, are particularly vulnerable to these scams. As one person involved in the recovery of assets put it: “They are rich and naive”.
This is blaming the victim, and I'm not having it.
The problem has been that BankCorp are all forcing us into online pathways because it's cheaper for BankCorp. Of course, they don't put good security on the pathways because that would dramatically increase the customer support cost for BankCorp. Getting scammed is "just sucks to be you" because that costs LittlePlebian.
The "solution" is that liability for these kinds of scams need to be on BankCorp, period. LittlePlebian simply cannot be expected to protect themselves from every professional scammer in the universe beyond very basic measures. Bitcoin people regularly get scammed and they are supposedly more "sophisticated" than the average bear. Nobody less sophisticated stands a chance against the professionals.
Worth noting - was that before or after Google started getting painful decisions in court battles on the App Store thing?
Because this is not going to be super positive for them on that front.
> victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads.
I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers, especially when users have gotten habituated to ignoring incessant safety warnings caused by attempts to protect users.
I also keep wondering how safe the Play store is from this stuff. The very existence of obscenely detailed public GPS datasets about Android users show that even "official store" apps are somewhat malicious.
I don't see a real solution besides giving a smart and friendly 3rd party admin rights over the devices of susceptible users.
> I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers
Convert to a one-time escape hatch unlock via a random-question quiz hosted by Google that assesses security and computing knowledge?
If the intent is to prevent the dumbest users from doing something, then a good place to start would be an assessment to determine if a user is actually dumb or not.
It's oxymoronic to attempt cover-all methods that encompass both (a) advanced users who do want to sideload & (b) people who will type in anything the internet tells them will make a cracked app work.
It's also unclear why this post even exists, except as simple marketing FUD.
> Powered by PureOS, a Debian-based Linux operating system, the Librem 5 and Liberty Phones
Can their devices run APKs? The only Linux distro I know of that does is Sailfish, whose weird licensing model makes it really hard to take advantage of unless you have an obscure, obsolete phone and flash it with the image they sell.
To their credit, Purism has invested more into touch Linux with Phosh than most others in the space have, but Linux on a touchscreen is still a befuddlingly garbage experience.
Unless their experience is impacted by the features they're writing about (which it doesn't sound like it is), this post is just trying to make its mainstream alternative sound bad in the hopes that someone buys their crap instead.
Purism devices can run Android APKs via Waydroid. I don't think this Google policy materially affects that, though, so I'm also mystified why they bothered writing this article.
> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers.
There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
I don’t see the full details but this implies that it’s still possible for advanced users to side load whatever they want. They don’t want to make it easy for the average user to start sideloading apps that access SMS permissions or accessibility controls.
If it takes a few extra steps for the advanced user to sideload these apps that’s not really a big infringement on freedom like this purism PR piece is trying to imply. Unfortunately sideloaded apps are a problematic scam avenue for low-tech users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
I think you're dismissing legitimate concerns without fully understanding them, because through the right lens you realize how this can be anticompetitive in the mass market.
Even if some technically inclined folk can install what they want, the masses will stay in the walled garden so that Google can get their cut and exert ideological control. Even now, both Google and Apple engage in practices across their product that are designed to scare people away from third party applications. From Google's terminology when describing Google in banners as "a more secure browser" etc, to Apple requiring a secret incantation in order to run unsigned apps.
All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
The comment you're responding to includes the line:
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Your comment seems to disregard it and instead lay this entirely at Google's feet as if they're seeking anti-competitive behavior - but if this was driven by a government, does Google really deserve all the blame?
(Note that I am explicitly not endorsing the move. I think sideloading should be left mostly untouched.)
> All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
I agree with you. However, the impact of scams should not be underestimated either.
> There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
Only certain permissions actually matter. That's one of three.
But "only in singapore so far" is not reassuring.
And "downloaded via certain paths"? Browsers and file managers are the normal ways to put files onto a phone. That doesn't reassure me at all.
Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading". That said, it's clearly a balancing act between protecting people from installing malware but allowing them to intentionally install things they really do want to install, regardless of what permissions they need.
Every time the technical sophistication required to install apps from anywhere but Google's store (I don't love the term "sideloading" since it kind of denormalizes the act) is increased, the chances anyone will put in the effort to distribute apps any other way goes down. It also means apps Google doesn't want in its store are less likely to get made; I'd really like to see something that prioritizes notifications for me, for example, and I think that's against Google's rules.
I'm sure making it harder to obtain software outside a first-party app store provides some protection to some users from scams, but I really don't want that to be the answer. I don't claim to have a good one myself.
They don't, and they don't even block F-Droid. You can also just disable Play Protect (though Google won't let you while you're on a call, probably a smart move). According to the Singapore police, scammers also have victims download VPNs of Google Play to work around the regional restrictions.
I don't think the restrictions are doing much for victims. I assume Google was pressured into doing this by the authorities, or may be doing this to get in a good spot politically.
requiring a user to own a PC in order to sideload apps (with adb) would, in fact, count as blocking sideloading, albeit partially. so i don't think that's the right limit
> There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
Those "certain paths" include "file managers"; how exactly would you sideload an app without providing the file?
>There are a lot of qualifiers on this: Only in Singapore,
We had a big client from Singapore who only agreed to buy our SaaS subscription after we integrated SingPass (Singapore's national digital identity system) for user login.
When I read "Singapore" in the OP I immediately remembered about it.
The client is not with us anymore, but we still have this thing somewhere in the codebase :)
It will always be possible to side-load apps on Android if you really want. It is one big strength of Android. There are many Android's no-internet deployments in the wild that rely on this feature.
I've got to say, some of the comments here are pretty funny.
> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
There was some Ubuntu (or Linux) forum where I had asked a question and I wanted an app or something (I can't recall now) which was easier to use and do repeatedly. Most of the people were replying with stuff like "why can't you just do <something that involves lots of CLI and more than an hour ro so>" or on the lines of it.
I, someone extremely new to Linux (hell, new to computers), was bewildered. Then a commenter replied with something that helped me and exactly what I needed. He added a note directed towards others which went something like - the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
> the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
This definitely happened with Arch. For some reason they killed the noob guide (which I helped maintain). It was a great guide that helped people go from noob to kinda knowing linux.
You can't have wizards without first having noobs.
Why gatekeep people from enjoying the same thing you enjoy?
Well, I guess all that gave us EndeavourOS and Manjaro. But still, we need more places for people to learn that nitty gritty stuff.
Hell, I'd love to learn more about the hardware hacking the OP is talking about. Love to learn about those GPU hardware modifications people do. I know it's hacker news, but I'd actually love to learn about that hacker stuff. If these companies are going to continue to fight this hard to prevent us from owning the things we buy, it sounds like an important thing to learn. Or else we're soon going to have robot butlers that are just sending lidar maps and high resolution photos of our homes back to these companies. We don't need elitest pricks, we need wizards teaching noobs
Yet telling someone to open regedit, find some deeply-buried branch, create a new binary key, rename it to SetFocusRefreshTimeout and set its value to 0xFFFF is... desktop usability.
>the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
Don't believe that for a second. Industry de-facto standards are a result of power dynamics, and the actual users of the thing wield orders of magnitude less power than they project. If a corporation like MS or Google wanted Linux desktop to happen, no amount of gatekeepers could actually hold the gates.
The reason why Windows is the de-facto standard is because Microsoft put a lot of behind-the-scenes work into making it a de-facto standard. I am meaning them sabotaging everything else, treating the status quo with the famous EEE, many business deals with governments to use it, put it in school curricula, having manufacturers preinstall it to PCs, and bend every piece of connected tech to Windows' direction - hardware drivers, computer games, specialty software, even the internet.
That is how Windows got its desktop users, and how Linux and others didn't really.
> Most of the people were replying with stuff like "why can't you just do <something that involves lots of CLI and more than an hour ro so>" or on the lines of it.
More than an hour? That's very strange, enough that I wonder if you had the right impression of things.
Usually the reason to go with command line is that even though it might be bewildering to look at, slamming in the command only takes a moment and you don't need to do any button-hunting.
It's a tradeoff, is what I'm saying. But you seem to be describing a situation where it's significantly worse in every way. Why would a bunch of people all be on that bad plan?
That may be. But the CLI guys have had the last laugh, no? An LLM can work through a terminal with decades of stability much better than it can poke around constantly changing product UIs.
What's needed is a Dropbox analogue for Linux -- something that doesn't do anything that isn't already possible, but that makes things that are possible accessible to non-specialists.
It looked like SteamOS was going to be a contender, but apparently not.
One reason that people often overlook is that it's much easier (and much less error prone for the user) to give an instruction that uses the cli instead of a GUI tool, e.g. if someone would ask how to add a new user who's in the usb group on Linux, I would always tell the person `adduser --ingroup usb [username] ` instead of giving the GUI instructions which are longer and depend on what desktop the person uses.
People in general are very bad at knowing what the average experience is. We almost all have a predisposition to perceive our experience as being approximately normal, or if not, not too far away from normal. This is especially exaggerated anywhere experts of a domain congregate. They adjust to a significantly biased frame of reference. And that results in opinions that don't fall anywhere within the galaxy of what's reasonable for the vast majority of users of a given thing.
Do ordinary people side load at all? Assuming most people use the phone to do something else, and not for the sake of using the phone, after you get the apps you want/need, ordinary people are likely to just do the same thing/consume the same apps over and over.
If I haven't prohibited him, I am pretty sure my 11 years old son would have installed dozens of pirated games and apps of dubious provenance on his phone.
But I am pretty sure that like any other teenagers since the beginning of time he obeys me, and has only rooted his phone for educational purposes.
A lot of my non-techy friends have a sideloaded copy of spotify/youtube to get premium features for free. I think they just blindly follow some guide they find on tiktok.
I installed fdroid on a friends phone and they use it install newpipe and keep it up to date, without having a tech savy friend around to download the apk relase from github.
A lot of Chinese apps still do. Mostly cause I guess they don't allow Google play store in China (? I think it's blocked, can't quite remember for sure)
Yes, usually when somebody calls them, pretends to be from the security department of their bank, and asks them to install an app to "catch the hacker who just stole $2000 from your account in the act."
In countries where Android is popular (not the US), this is an extremely common scam vector.
And, worse, it isn't even true, right? As Google keeps adding more and more DRM tech to Android, along with APIs that let apps ensure they are running on "legitimate" software, installing GrapheneOS isn't even a viable option going forward unless you are effectively exiting the entire ecosystem anyway.
Apps have to choose to block using a non-stock OS and only a tiny minority of them do it. GrapheneOS bypasses it for many of them and we intend to get it fully resolved. Regulatory action is in progress for this in Europe already and it will be solved. GrapheneOS users can currently use nearly all Android apps with the exception of a subset of banking/financial apps and a tiny number of other apps. Google trying to crack down further will greatly increase the already incoming consequences in multiple countries for the existing Play Integrity API.
Making it difficult for ordinary people to sideload apps that access their SMS or accessibility features (e.g. screen recording, controlling the phone) is the point.
I think what people on HN really forget is that the average person isn’t equipped to tell the difference between a legit source sideloaded app or a Trojan horse app that some TikTok video instructed them to install.
> Making it difficult for ordinary people to sideload apps that access their SMS or accessibility features (e.g. screen recording, controlling the phone) is the point.
I wonder if they could solve that with delays. E.g. you can sideload, but the process is deliberately delayed to take two full days and require carefully reading warning screens and correctly answering questions about the warnings, then getting time to think, multiple times.
Google changing defaults is a permanent change for some large percentage of their userbase. A subset of those can still figure out how to download and run an APK file but have no further recourse against monopolistic behavior.
Maybe those people do need to be protected from scams. Social engineers have complete control over the user, so any control given to the user is owned by the scammer. Seems like the same problem as pig butchering, a technology or process solution can't save someone too stupid to save.
Thinking about less controversial options for Google, they could track if any side-loaded apps have the dangerous permissions, and provide a global true/false status to other apps that request it. So Wallet / whatever would disable features if any "outside" apps were in a position to exploit the user. And Android could offer a button that cleans up the "problem" apps, setting the global status back to false.
And official Android-based OS bring advantages too. For example, Samsung has lot of proprietary and useful features, and GrapheneOS you cannot use Google Pay (one major feature of a phone).
The primary reason why I haven't bought a Pixel and switched to GrapheneOS is because Samsung's OneUI is just so far ahead of the curve. They innovate new software features years before anyone else does.
That being said, it is a reasonable compromise that, as long as people know that beforehand, losing Google Pay as the price to loosen Google's grip on your data, location and preferences is an acceptable one [price].
"Ordinary people" aren't sideloading apps one way or another. In fact this will help 99% of them, since for them sideloading is mostly used for malware and phishing.
And who's going to put GrapheneOS on an ordinary person's phone in the first place?
The Web installer [0] is not really approachable to a normal Android user. The instructions are dense, loaded up with warnings about dozens of edge cases that are discussed in jargon that would intimidate even relatively tech-savvy users:
What's USB passthrough? Did I install my browser through Flatpak or Snap? How would I know? Did I need to understand the paragraph explaining in detail how carrier models lock users in? There's a bunch of stuff in there about Linux... do I need Linux? What's a sha256 hash and do I need to care?
It's not that this is impossible for non-IT-folks to grasp, but there's no chance that my parents are installing this on their phone.
I am legitimately glad for devs of graphene os and for it graphene working in your case but it is not functional if a user needs banking orr streaming apps, or any number of other impacted apps such as mcdonald's or pokemon go.... that is after installing the optional play services, reducing the privacy benefits of graphene.
I own no firsthand experience but read many users require app 2FA to make card payments.
The solution must be social-legislative. The London smog and terrifying auto deaths at 30 KPH were solved but not by niche enthusiast projects.
GrapheneOS is sold preinstalled on devices. People do not have to install it themselves. It's also far easier to install than a desktop OS via https://grapheneos.org/install/web.
The post from Purism is highly inaccurate and is inventing issues which are not real issues along with presenting a product which massive reduces security and app compatibility as somehow solving those things. Dropping mainstream app compatibility and support for the main open source app ecosystem entirely hardly solves a tiny number of apps enforcing using the stock OS.
They ordinary people would be the ones that need this level of protection, since a scammer would talk them into sideloading malware if the device permits it.
No, Murena sells devices with /e/OS which is fork of LineageOS which drastically rolls back privacy and security compared to it. LineageOS itself rolls those back compared to the Android Open Source Project but not nearly as much as /e/OS. LineageOS would be a better choice for privacy, security, app compatibility and usability than Purism's product.
GrapheneOS and /e/OS are very different operating systems. GrapheneOS is a hardened OS with massive privacy/security improvements and a far different appropach to mainstream app compatibility. GrapheneOS can be purchased preloaded on devices including from companies like NitroKey, so that is not something that's a difference between them. GrapheneOS is based on AOSP directly, not LineageOS.
https://eylenburg.github.io/android_comparison.htm is a third party comparison between different alternate mobile operating systems. It could include many more privacy/security features but it's a good starting point.
https://grapheneos.org/features provides an overview of what GrapheneOS provides. It doesn't cover all of the features but it covers a lot of them.
/e/OS lags very far behind on shipping Android privacy/security backports, lags a year or more behind on shipping standard privacy/security patches and does not keep the standard Android privacy/security model or features intact. Like LineageOS, /e/OS mainly supports devices without proper non-stock OS support and without firmware/driver patches. For the few devices they support which do provide those updates, they are much worse than LineageOS at shipping them to users. They don't use standard hardware-based security features even when they're made available to an alternate OS. /e/OS is not a safe option because going months or even years without critical browser engine and OS updates is a serious problem. It is not an academic or theoretical issue. They are failing to patch critical issues and some of those are known to be exploited in the wild.
You can run nearly all Play Store apps on GrapheneOS, but not /e/OS with the much more limited and less secure microG approach. https://bsky.app/profile/grapheneos.org/post/3lamcjfv5r22s explains the difference in approach. Of course, their approach certainly provides dramatically more mobile app compatibility than using the desktop Linux stack on mobile as is being proposed in the original post.
I am the first to be on the "I own my phone let me do whatever the heck I want with it" but recently something hit me.
DJI forces you to side load their app for their Air Units and Drones. And this is scary.
It looks like the rule they violate for the play store is that their app can self modify.
Let that sink in ... Any tension or whatever political bull crap happens and you have a state controlled malware on your device that can do anything it wants with your drone.
Millions of people installed this without really understanding what could be the consequences...
I find it interesting that all the things Apple did from the start in the name of security, Google is slowly needing to do over time in the name of security. Meanwhile, various parties (the EU being the big one) are pushing to have Apple role back some of these controls.
This is why "do whatever the heck I want with it" ought to apply to software, not just hardware. This is one thing I think Richard Stallman got right, all the way back in 1988:
> the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.
We're a long way from that ideal today. Software controls us all the time. Usually that just leads to anti-consumer annoyances like lock screen ads or DLC seat heaters. But when the one controlling the software that controls you is a communist government...
Not sure what the short term practical solution to this is though.
The difference is, in theory if DJI were discovered to be doing something malicious, it could be taken down from the Play Store. If 0% of its current users were side loading the application, that means 100% of their users would be unable to install the app the normal way, and there would be substantial friction to migrate them to sideloading (a google of "install dji app" would probably return a bunch of news articles about whatever the problem was before dji's install instructions).
By making it "normal" to install the app via sideloading, there's little Google could do in the event of malicious app behaviour, and the majority of users would not find out about it (at least, not immediately).
I don't know why you're getting downvoted when its very possibly true.
Just one month ago they found intentionally embedded Kill Switches in chinese provided solar panels [0][1].
Not even complex apps require capabilities of such self-modification, the fact that a DJI drone app, requires such capabilities, is quite suspicious especially as they are heavily involved in PLA Drone Warfare R&D and Capacity building.
The sideloading restriction is easily solved by installing GrapheneOS, which has all the security benefits of Google's Android on Pixel.
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
The issue is even bigger. Even when using Play Store on GrapheneOS with a locked bootloader (which is the recommended configuration by the GrapheneOS project), Google refuses to let apps use the hardware attestation support in the Play Integrity API [1], which blocks certain banking apps, Google Wallet, etc.
It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
> It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
A huge problem with Graphene is the incredibly small number of supported devices. We need something that isn't as reliant on specific hardware, and while that would mean some security features are not supported it would still be better than most other options by far.
Unfortunately, Google's Pixel devices have been the only ones with hardware that meets all of the project's stringent security requirements, including a secure hardware enclave and multiyear commitments from the vendor to firmware security updates (I think 7 years of updates now for the newest Pixels). Those seem to be the big two things that no other Android vendor achieves together.
The GrapheneOS devs are serious about security, probably more focused on it than 99% of end users. That they manage to release a project with the high level of usability that GrapheneOS achieves is impressive, even if it isn't as convenient to the end user as stock Android. Ultimately, nothing will ever be as convenient to the end user as stock Android or iOS, but that's not the point of the project.
Yes, but vanishingly few apps actually use that, rather than Google Play Integrity. As a result, in general it is fair to say that Android apps that require hardware attestation will not run on GrapheneOS. I say this as a satisfied GrapheneOS user.
Time to get serious about contributing to and using projects like https://postmarketos.org! We can continue to fork Android every release, but that's just re-arranging deck chairs on the titanic without upstream driver support.
Readit News
AFAIK this only applies within Singapore (not sure if this applies to visiting devices) for apps requesting certain permissions (RECEIVE_SMS, READ_SMS, BIND_NOTIFICATIONS, and accessibility) downloaded outside of app stores (F-Droid is fine) and opened directly on the device (adb install is fine).
You can probably bypass the restriction by just disabling Play Protect if you don't want Google to tell you what you can and cannot install, but I'm not in Singapore so I can't confirm if that will work or not. That said, Google has made it impossible to disable Play Protect while on a call, that's probably a smart move.
Based on this article from the Singapore police, the approach doesn't seem to have helped much: https://www.police.gov.sg/media-room/news/20250417_police_ad...
> In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.
> Pang is just one of tens of thousands of Singaporeans to fall foul of scams last year, who lost a total of S$1.1bn, according to police, a 70 per cent increase on the previous year. The true figure could be even higher, according to the Global Anti-Scam Alliance, which estimates that more than two-thirds of Singaporean victims did not report their experience.
> This is a small part of a global criminal enterprise worth an estimated $1tn, but Singaporeans, affluent, digitally advanced and compliant, are particularly vulnerable to these scams. As one person involved in the recovery of assets put it: “They are rich and naive”.
https://archive.is/fCmW1
This is blaming the victim, and I'm not having it.
The problem has been that BankCorp are all forcing us into online pathways because it's cheaper for BankCorp. Of course, they don't put good security on the pathways because that would dramatically increase the customer support cost for BankCorp. Getting scammed is "just sucks to be you" because that costs LittlePlebian.
The "solution" is that liability for these kinds of scams need to be on BankCorp, period. LittlePlebian simply cannot be expected to protect themselves from every professional scammer in the universe beyond very basic measures. Bitcoin people regularly get scammed and they are supposedly more "sophisticated" than the average bear. Nobody less sophisticated stands a chance against the professionals.
Because this is not going to be super positive for them on that front.
> victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads.
I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers, especially when users have gotten habituated to ignoring incessant safety warnings caused by attempts to protect users.
I also keep wondering how safe the Play store is from this stuff. The very existence of obscenely detailed public GPS datasets about Android users show that even "official store" apps are somewhat malicious.
I don't see a real solution besides giving a smart and friendly 3rd party admin rights over the devices of susceptible users.
Convert to a one-time escape hatch unlock via a random-question quiz hosted by Google that assesses security and computing knowledge?
If the intent is to prevent the dumbest users from doing something, then a good place to start would be an assessment to determine if a user is actually dumb or not.
It's oxymoronic to attempt cover-all methods that encompass both (a) advanced users who do want to sideload & (b) people who will type in anything the internet tells them will make a cracked app work.
> Powered by PureOS, a Debian-based Linux operating system, the Librem 5 and Liberty Phones
Can their devices run APKs? The only Linux distro I know of that does is Sailfish, whose weird licensing model makes it really hard to take advantage of unless you have an obscure, obsolete phone and flash it with the image they sell.
To their credit, Purism has invested more into touch Linux with Phosh than most others in the space have, but Linux on a touchscreen is still a befuddlingly garbage experience.
Unless their experience is impacted by the features they're writing about (which it doesn't sound like it is), this post is just trying to make its mainstream alternative sound bad in the hopes that someone buys their crap instead.
It's definitely worse than an iPhone, but you're greatly exaggerating. Sent from my Librem 5.
Deleted Comment
https://techcrunch.com/2024/02/07/google-starts-blocking-use...
There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
I don’t see the full details but this implies that it’s still possible for advanced users to side load whatever they want. They don’t want to make it easy for the average user to start sideloading apps that access SMS permissions or accessibility controls.
If it takes a few extra steps for the advanced user to sideload these apps that’s not really a big infringement on freedom like this purism PR piece is trying to imply. Unfortunately sideloaded apps are a problematic scam avenue for low-tech users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
This explains why it’s only in Singapore for now.
Even if some technically inclined folk can install what they want, the masses will stay in the walled garden so that Google can get their cut and exert ideological control. Even now, both Google and Apple engage in practices across their product that are designed to scare people away from third party applications. From Google's terminology when describing Google in banners as "a more secure browser" etc, to Apple requiring a secret incantation in order to run unsigned apps.
All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Your comment seems to disregard it and instead lay this entirely at Google's feet as if they're seeking anti-competitive behavior - but if this was driven by a government, does Google really deserve all the blame?
(Note that I am explicitly not endorsing the move. I think sideloading should be left mostly untouched.)
I agree with you. However, the impact of scams should not be underestimated either.
Only certain permissions actually matter. That's one of three.
But "only in singapore so far" is not reassuring.
And "downloaded via certain paths"? Browsers and file managers are the normal ways to put files onto a phone. That doesn't reassure me at all.
I'm sure making it harder to obtain software outside a first-party app store provides some protection to some users from scams, but I really don't want that to be the answer. I don't claim to have a good one myself.
I don't think the restrictions are doing much for victims. I assume Google was pressured into doing this by the authorities, or may be doing this to get in a good spot politically.
Just because something is technically possible does not make it a solution
Those "certain paths" include "file managers"; how exactly would you sideload an app without providing the file?
We had a big client from Singapore who only agreed to buy our SaaS subscription after we integrated SingPass (Singapore's national digital identity system) for user login.
When I read "Singapore" in the OP I immediately remembered about it.
The client is not with us anymore, but we still have this thing somewhere in the codebase :)
I would prefer if Google moved in the direction of giving apps fake permissions. Otherwise the scammers will just move onto another layer.
> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
I, someone extremely new to Linux (hell, new to computers), was bewildered. Then a commenter replied with something that helped me and exactly what I needed. He added a note directed towards others which went something like - the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
You can't have wizards without first having noobs.
Why gatekeep people from enjoying the same thing you enjoy?
Well, I guess all that gave us EndeavourOS and Manjaro. But still, we need more places for people to learn that nitty gritty stuff.
Hell, I'd love to learn more about the hardware hacking the OP is talking about. Love to learn about those GPU hardware modifications people do. I know it's hacker news, but I'd actually love to learn about that hacker stuff. If these companies are going to continue to fight this hard to prevent us from owning the things we buy, it sounds like an important thing to learn. Or else we're soon going to have robot butlers that are just sending lidar maps and high resolution photos of our homes back to these companies. We don't need elitest pricks, we need wizards teaching noobs
Don't believe that for a second. Industry de-facto standards are a result of power dynamics, and the actual users of the thing wield orders of magnitude less power than they project. If a corporation like MS or Google wanted Linux desktop to happen, no amount of gatekeepers could actually hold the gates.
The reason why Windows is the de-facto standard is because Microsoft put a lot of behind-the-scenes work into making it a de-facto standard. I am meaning them sabotaging everything else, treating the status quo with the famous EEE, many business deals with governments to use it, put it in school curricula, having manufacturers preinstall it to PCs, and bend every piece of connected tech to Windows' direction - hardware drivers, computer games, specialty software, even the internet.
That is how Windows got its desktop users, and how Linux and others didn't really.
More than an hour? That's very strange, enough that I wonder if you had the right impression of things.
Usually the reason to go with command line is that even though it might be bewildering to look at, slamming in the command only takes a moment and you don't need to do any button-hunting.
It's a tradeoff, is what I'm saying. But you seem to be describing a situation where it's significantly worse in every way. Why would a bunch of people all be on that bad plan?
It looked like SteamOS was going to be a contender, but apparently not.
Dead Comment
I sideload a glucose monitor app that's not available through Playstore (it's FOSS and health is a tricky area with liability).
It's a fantastic app and the ability to sideload it is a major reason I use Android over iOS.
I also sideload a patched app of the Dexcom glucose reader OEM's shitty app to allow the data to be read by the better (sideload) FOSS app.
https://github.com/NightscoutFoundation/xDrip
https://www.patreon.com/byod/about?
Ok I'm not an ordinary person, I guess, but if I was I'd still use those apps and I know people who are ordinary and do so.
But I am pretty sure that like any other teenagers since the beginning of time he obeys me, and has only rooted his phone for educational purposes.
His friends, though, I am not so sure.
Some of the more savvy ordinary people even export apps as apk for other phones.
https://zimperium.com/blog/the-hidden-risks-of-sideloading-a...
Yes, usually when somebody calls them, pretends to be from the security department of their bank, and asks them to install an app to "catch the hacker who just stole $2000 from your account in the act."
In countries where Android is popular (not the US), this is an extremely common scam vector.
edit: which I'm not even sure if that counts as side loading
Dead Comment
I think what people on HN really forget is that the average person isn’t equipped to tell the difference between a legit source sideloaded app or a Trojan horse app that some TikTok video instructed them to install.
I wonder if they could solve that with delays. E.g. you can sideload, but the process is deliberately delayed to take two full days and require carefully reading warning screens and correctly answering questions about the warnings, then getting time to think, multiple times.
Google changing defaults is a permanent change for some large percentage of their userbase. A subset of those can still figure out how to download and run an APK file but have no further recourse against monopolistic behavior.
Maybe those people do need to be protected from scams. Social engineers have complete control over the user, so any control given to the user is owned by the scammer. Seems like the same problem as pig butchering, a technology or process solution can't save someone too stupid to save.
Thinking about less controversial options for Google, they could track if any side-loaded apps have the dangerous permissions, and provide a global true/false status to other apps that request it. So Wallet / whatever would disable features if any "outside" apps were in a position to exploit the user. And Android could offer a button that cleans up the "problem" apps, setting the global status back to false.
That being said, it is a reasonable compromise that, as long as people know that beforehand, losing Google Pay as the price to loosen Google's grip on your data, location and preferences is an acceptable one [price].
Deleted Comment
News to me. Edit: I misread parent comment.
The linked article is literally an ad for Librem phones though?
When we last got new phones I put GrapheneOS on mine and my partners, I never subsequently had to play tech support on hers.
The Web installer [0] is not really approachable to a normal Android user. The instructions are dense, loaded up with warnings about dozens of edge cases that are discussed in jargon that would intimidate even relatively tech-savvy users:
What's USB passthrough? Did I install my browser through Flatpak or Snap? How would I know? Did I need to understand the paragraph explaining in detail how carrier models lock users in? There's a bunch of stuff in there about Linux... do I need Linux? What's a sha256 hash and do I need to care?
It's not that this is impossible for non-IT-folks to grasp, but there's no chance that my parents are installing this on their phone.
[0] https://grapheneos.org/install/web
I own no firsthand experience but read many users require app 2FA to make card payments.
The solution must be social-legislative. The London smog and terrifying auto deaths at 30 KPH were solved but not by niche enthusiast projects.
The post from Purism is highly inaccurate and is inventing issues which are not real issues along with presenting a product which massive reduces security and app compatibility as somehow solving those things. Dropping mainstream app compatibility and support for the main open source app ecosystem entirely hardly solves a tiny number of apps enforcing using the stock OS.
Deleted Comment
Dead Comment
Dead Comment
Easy
GrapheneOS and /e/OS are very different operating systems. GrapheneOS is a hardened OS with massive privacy/security improvements and a far different appropach to mainstream app compatibility. GrapheneOS can be purchased preloaded on devices including from companies like NitroKey, so that is not something that's a difference between them. GrapheneOS is based on AOSP directly, not LineageOS.
https://eylenburg.github.io/android_comparison.htm is a third party comparison between different alternate mobile operating systems. It could include many more privacy/security features but it's a good starting point.
https://grapheneos.org/features provides an overview of what GrapheneOS provides. It doesn't cover all of the features but it covers a lot of them.
/e/OS lags very far behind on shipping Android privacy/security backports, lags a year or more behind on shipping standard privacy/security patches and does not keep the standard Android privacy/security model or features intact. Like LineageOS, /e/OS mainly supports devices without proper non-stock OS support and without firmware/driver patches. For the few devices they support which do provide those updates, they are much worse than LineageOS at shipping them to users. They don't use standard hardware-based security features even when they're made available to an alternate OS. /e/OS is not a safe option because going months or even years without critical browser engine and OS updates is a serious problem. It is not an academic or theoretical issue. They are failing to patch critical issues and some of those are known to be exploited in the wild.
You can run nearly all Play Store apps on GrapheneOS, but not /e/OS with the much more limited and less secure microG approach. https://bsky.app/profile/grapheneos.org/post/3lamcjfv5r22s explains the difference in approach. Of course, their approach certainly provides dramatically more mobile app compatibility than using the desktop Linux stack on mobile as is being proposed in the original post.
DJI forces you to side load their app for their Air Units and Drones. And this is scary. It looks like the rule they violate for the play store is that their app can self modify.
Let that sink in ... Any tension or whatever political bull crap happens and you have a state controlled malware on your device that can do anything it wants with your drone.
Millions of people installed this without really understanding what could be the consequences...
Google clearly knows this. IMO the motivation here is obvious, and it isn't security.
> the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.
We're a long way from that ideal today. Software controls us all the time. Usually that just leads to anti-consumer annoyances like lock screen ads or DLC seat heaters. But when the one controlling the software that controls you is a communist government...
Not sure what the short term practical solution to this is though.
By making it "normal" to install the app via sideloading, there's little Google could do in the event of malicious app behaviour, and the majority of users would not find out about it (at least, not immediately).
Just one month ago they found intentionally embedded Kill Switches in chinese provided solar panels [0][1].
Not even complex apps require capabilities of such self-modification, the fact that a DJI drone app, requires such capabilities, is quite suspicious especially as they are heavily involved in PLA Drone Warfare R&D and Capacity building.
[0](https://www.reuters.com/sustainability/climate-energy/ghost-...)
[1](https://www.rickscott.senate.gov/2025/6/sens-rick-scott-mars...)
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
The issue is even bigger. Even when using Play Store on GrapheneOS with a locked bootloader (which is the recommended configuration by the GrapheneOS project), Google refuses to let apps use the hardware attestation support in the Play Integrity API [1], which blocks certain banking apps, Google Wallet, etc.
It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Time to block the Facebook/Instagram apps then, given https://localmess.github.io ?
[1] https://grapheneos.social/@GrapheneOS/112878070618462132
That's because it's about control, not safety.
The GrapheneOS devs are serious about security, probably more focused on it than 99% of end users. That they manage to release a project with the high level of usability that GrapheneOS achieves is impressive, even if it isn't as convenient to the end user as stock Android. Ultimately, nothing will ever be as convenient to the end user as stock Android or iOS, but that's not the point of the project.
https://grapheneos.org/articles/attestation-compatibility-gu...
See replies to this: https://news.ycombinator.com/item?id=32496220