449
this post was submitted on 15 Aug 2024
449 points (97.9% liked)
Technology
59424 readers
2821 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
How about the Google Play as system app? I would like to see that gone too. Just make every app stores normal apps. No special privileges.
The problem is that there are very good reasons to have specific authoritative app stores/package repositories. and it is a lot harder to have privileged and unprivileged accounts on a phone versus a computer.
But yeah. Something has to be done about that since it is the fundamental issue with mobile devices.
I mean as someone running Graphene OS it hasnt been that difficult having the playstore being a sandboxed non system app
I honestly haven't noticed a difference.
The issue is less the app store itself and more the applications in it. Because while I agree that basically everything should run sandboxed unless specifically given permission, the problem is more about sourcing the apps themselves.
Google and Apple are far from perfect but they do a good job of protecting big companies. So if you download "Chase bank app" with 12 million stars from "Chase bank company" (like, their actual account and not just me half assing it) then you can pretty much trust that is legit. Whereas downloading that on a random app store you bought so you can play pubg mobile locally or whatever nonsense people were doing? You can pretty much trust that it is not legit but most people won't understand that.
In a perfect world? I would love it if people got into a habit of checking hashes (which, is an inherently flawed approach but "works pretty well" if you aren't already compromised) and so forth. As it stands? There are very good reasons to just tell grandpa to not install random APKs he found on the internet.
Exactly. I don't even use the Play store on GrapheneOS, I use Aurora to get apps from Google Play, and F-Droid for everything else. I don't even have Google Play services running at all on my main profile, it only runs on my "work" profile because I need an app that needs it.