this post was submitted on 19 Mar 2026

88 points (100.0% liked)

Technology

82830 readers

3408 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

This is Android's new 'advanced flow' for sideloading apps without verification, includes one-day waiting period (9to5google.com)

submitted 3 hours ago by real_username56@lemmy.ml to c/technology@lemmy.world

43 comments fedilink hide all child comments

top 43 comments

sorted by: hot top controversial new old

[–] kalapala@sopuli.xyz 1 points 29 minutes ago

Is there EU petition against this already?

[–] Sanctus@anarchist.nexus 110 points 3 hours ago (4 children)

A one day wait period to install an app on your mobile pocket computer. Fucken bullshit.

[–] Dojan@pawb.social 1 points 54 seconds ago

It used to be no time at all. You could just do it. From that perspective they’ve already taken a mile.

[–] Nester@feddit.uk 6 points 2 hours ago (1 children)

It appears that the "security wait" will be a one time thing when you first allow installing from unverified sources. After enabling it it will remain on indefiniately.

Not quite as bad as I was fearing, but will kinda annoying.

[–] potustheplant@feddit.nl 21 points 1 hour ago* (last edited 1 hour ago) (1 children)

"Not quire as bad"? My dude, you have to ask for permission from a corporation to install an app on your phone that you supposedly own and paid for. On what planet is this not awful?

[–] 007ace@lemmy.ca -2 points 1 hour ago (3 children)

It looks like a glorified 'developer mode' switch that has the 1 day wait to prevent someone from grabbing your phone, turning on sideloading, installing some hazardous app, and then having their way with your info. This appears to be the best of both worlds.

Like when unlocking your bootloader wiped your info. Just do it first. not a year in to using your device, if thats your plan.

[–] phoenixz@lemmy.ca 1 points 21 minutes ago

Oh yeah, because those guys seriously can't wait a day

This has nothing to do with security

[–] fuckwit_mcbumcrumble@lemmy.dbzer0.com 2 points 47 minutes ago

If they're already into your phone there's so many legitimate ways to extract your data. The ability to sideload an app won't impact that.

[–] CEbbinghaus@lemmy.world 2 points 54 minutes ago

Sure. Because as we know people grabbing your unlocked phone to sideload apps onto it is an almost daily occurrence. Which of us hasn't had a stranger install a cryto miner while we looked away for a second.

Get real. This is an imaginary problem affecting the 0.01% they are using to tell you this action is justifiable. Getting more control is the aim of their game

[–] alekwithak@lemmy.world -4 points 2 hours ago (1 children)

One day wait period to enable installing third party apps. Afterwards no extra wait time or verification.

[–] MrQuallzin@lemmy.world 3 points 1 hour ago

For now. Don't fight to give them an inch

[+] hydrashok@sh.itjust.works -19 points 2 hours ago* (last edited 2 hours ago) (5 children)

I think it is a reasonable compromise. They could have made it a day wait for any and every time you wanted to side load like this. It prevents accidental or malicious activation, while also giving you the feature you want with the smallest of roadblocks as confirmation you want it. And you only have to do it one time. I don’t think it’s the burden you do.

[–] TheTechnician27@lemmy.world 38 points 2 hours ago* (last edited 2 hours ago) (3 children)

People this willing to let a self-enriching corporate nanny state erode their ability to use the products they paid for terrify me.

People this willing to fall for the blatant corporate strategy of "We'll announce something unthinkable but then backpedal to something "only" terrible (and then probably do the unthinkable thing later now that we've encroached further and softened the blow)" for the millionth time confound me.

Show some dignity; jesus christ. This isn't a "compromise". Me breaking into your house, threatening to kill you, but then "only" hitting you with a bat and leaving isn't a "compromise".

[–] CmdrShepard49@sh.itjust.works 8 points 2 hours ago

In the sales world, this effect is called "price anchoring" and is used by tons of companies. All those sales you see where something is "marked down 50%!" are using a manufacturers price that does exist in real life to get that 50% markdown. In reality, the sale price is just the actual price of the item but people see the "huge discount" and think they're getting a deal.

[–] hydrashok@sh.itjust.works 0 points 51 minutes ago

Hyperbole much?

This is a basic balance between the needs of the few, and the security of the many. The benefits of a one day speed bump are far more beneficial for the billions of Android users in the world, and offer no meaningful negatives to those that wish to enable this feature beyond that delay.

I realize that many people here are in or adjacent to IT work, and so are more passionate about these sorts of topics and are well versed in the risks, but in my opinion, allowing a simple, immediate way to bypass all security checks and install whatever you want immediately is a pretty big security hole, even if it is self-created. It makes sense to put those roadblocks up to protect the 99.9% that will never use this feature, as well as those that may activate it not understanding the risk. You may be comfortable with it, and that’s great, but that doesn’t mean every Android should. This is why prompts asking about coercion and not your IT prowess.

Finally. your example is poor. Google is not breaking into your phone and hurting you in way. If anything, it’s like a real estate agent that’s not giving you the keys until the bank opens so your check can clear. It’s a process issue, nothing more.

Your ability to use your device, as you see fit, installing anything you want, is entirely possible with a single one-day delay. As I said, I don’t think it is an unreasonable ask, nor the enormous inconvenience you make it out to be.

[–] ag10n@lemmy.world 3 points 2 hours ago (1 children)

Long live lineagos

[–] grue@lemmy.world 10 points 2 hours ago (2 children)

Things like LineageOS are a workaround, not a solution.

The solution has to be legal, not technical. Companies have to be stopped from trying to fuck with users' property rights in the first place!

[–] nekusoul@lemmy.nekusoul.de 3 points 1 hour ago

Yup. I've heard this first about Home Assistant, but software like this often inadvertently acts like a pacifier for tech enthusiasts. We may have our neat solution for the moment and be content with that, but that doesn't help anyone else, or us in the long term. Things will get worse with no push-back.

Disclaimer: That's not to say that we shouldn't advocate for those tools in the meantime as well. We just shouldn't lose track of the actual problem.

[–] Willoughby@piefed.world -1 points 1 hour ago* (last edited 1 hour ago)

People get what they pay for.

[–] meme_historian@lemmy.dbzer0.com 2 points 1 hour ago

No. Fuck all of that. I will not have some fucking Corp tell me what I can install and when on my own goddamn hardware.

If they want to implement something like this, make it an opt-in toggle during device setup to put the phone into nanny mode

[–] UnspecificGravity@piefed.social 13 points 2 hours ago (1 children)

What is it a compromise between? People who think they own the thing they paid for and people who don't?

[–] markz@suppo.fi 2 points 1 hour ago (1 children)

Obviously we need to find a middle ground between owning the things we purchase, and not owning them. Having access, but making it annoying is a very reasonable option.

[–] UnspecificGravity@piefed.social 2 points 1 hour ago (2 children)

Why? We are paying full price for these devices and nothing in any agreement made at the time of purchase suggests that you don't own them. Why is it necessary to meet a middle ground between "you got what you paid for" and "you didn't"?

[–] markz@suppo.fi 2 points 1 hour ago

Because everything must get worse.

[–] chunes@lemmy.world 1 points 1 hour ago

that was a very obvious joke

[–] grte@lemmy.ca 12 points 2 hours ago (1 children)

I don't need google telling me what I can put on this fucking phone I bought and paid for.

[–] hydrashok@sh.itjust.works -4 points 1 hour ago

And they’re not. Load all the unsigned stuff you want after you wait one day. Again, I don’t see how this is a huge burden to ask.

[–] Luminous5481@anarchist.nexus 6 points 2 hours ago (1 children)

A reasonable compromise would be not telling people what they can and can't do on devices they paid for. If Google wants that level of control, they can buy my phone for me.

[–] hydrashok@sh.itjust.works -1 points 1 hour ago

While I understand your sentiment, with all due respect, they are giving you the control with this process. You’re only mad you have to wait one day one time before you can do it.

[–] RoddyStiggs@lemmy.blahaj.zone 3 points 1 hour ago

Completely unacceptable. Do away with this horseshit entirely or I'm out.

[–] markz@suppo.fi 26 points 3 hours ago (1 children)

So, the idea is to make the process as annoying as possible.

[–] Lost_My_Mind@lemmy.world 15 points 2 hours ago

No. It's to make it very annoying. It's not as annoying as possible, because it could always be more annoying.

[–] IsoKiero@sopuli.xyz 14 points 2 hours ago (1 children)

"This is Android's new 'advanced flow' for INSTALLING apps without verification". Sideloading is such a bullshit term made only to confuse consumers. They can wrap that in sparkling wrapper, but it's still security theater at best and definetly misleading. Apps from F-Droid or any other app 'store' are not any less safe than the ones at googles own offering.

[–] Ulrich@feddit.org -5 points 1 hour ago

The advanced flow is not for "installing apps". It's for sideloaded apps.

[–] nekusoul@lemmy.nekusoul.de 3 points 1 hour ago

Even if it's only a thing that needs to be done once: Either the one-day delay has to go, or Google.

There's nothing redeeming about their plans.

[–] saltesc@lemmy.world 6 points 2 hours ago* (last edited 2 hours ago) (1 children)

Do usual dev mode shit...

You then have to confirm that you aren’t being coached/guided/instructed by a bad actor to turn off the security measures.

This is followed by a device restart and re-authentication that “cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.”

A required “Security wait” takes one day to “confirm that this is really you who’s making this change with our biometric authentication (fingerprint or face unlock) or device PIN.” This is a one-time wait.

Afterwards, you can install apps from unverified developers indefinitely, while there’s also a 7-day “Turn on temporarily” option.

I don't think the wait is necessary. If someone were to continue being scammed after a reboot, they'd continue to be scamme tomorrow. An additional education piece after the reboot would be more effective.

[–] unknownuserunknownlocation@kbin.earth 14 points 2 hours ago

Jfc, the apps scammers usually use are on the fucking play store. Good fucking dammit this is stupid.

[–] BrianTheeBiscuiteer@lemmy.world 3 points 2 hours ago (1 children)

They already showed their hand. Doesn't matter if they've backed down. My new phone is going to use GrapheneOS and if this shit trickles down (Graphene is still based on Android) I'm going full Linux phone.

[–] illi@piefed.social 2 points 1 hour ago

At this point it is a waiting game. My next phone might be Android, but I sure hope the mobile Linux ecosystem is in a good place for the one after that. Preferably I'd switch on nearest opportunity though. I still have some time left in terms of support for my current phone so I have time to think and test the waters.

[–] TheThag@lemmy.world 2 points 2 hours ago

So it needs developer mode huh, plenty of apps dont work with that on, truly awful even if i can turn it back off after.

[+] alekwithak@lemmy.world -10 points 2 hours ago* (last edited 1 hour ago) (1 children)

Headline is a little misleading. There is a one day waiting period when you enable installing third party applications. After that you can install them indefinitely. It's to stop active scams. I agree it's BS, but it's a lot less BS than I was expecting and what the headline/comments are making it out to be.

[–] CmdrShepard49@sh.itjust.works 3 points 2 hours ago (1 children)

What active scams? These scams should be pretty ubiquitous at this point if they're doing all this to "stop" them, but I've never even heard of anyone having security issues from sideloaded apps.

[–] alekwithak@lemmy.world -1 points 1 hour ago

I don't agree that tech companies need to put up walled gardens to protect people from themselves, but 'what scams' is insanely disingenuous. Obviously the scams where people, usually elderly, are walked through the process of enabling third party apps so the scammer, posing as a bank or other trusted institution, can then install malicious apps. If you've really never heard of that then I think you need to step outside of your bubble a bit more.