[diebeforei485]

I think sideloading should be allowed only if you actually connect your phone to a computer. This barrier will prevent a lot of vulnerable people from being scammed.

Alternatively, sideloading could require you to delete all App Store apps. In other words, disabling Google Play Protect should require you to wipe your phone. This is another barrier that will prevent a lot of people from getting scammed.

[miki123211]

Alternatively, require the user to decide whether they want sideloading or not at device setup time, with no ability to change this decision without wiping and starting from scratch.

It wouldn't solve the "getting infected via cracked apps" problem, but it would at least solve the "users being scammed into sideloading something they don't want" problem.

[rpdillon]

And there's folks like me, who would like to install F-Droid, and be able to use GMail for work, all on the same device. I feel like the number of folks that have basic use cases like this far outnumbers the folks that are getting scammed.

At what ratio do you say "this freedom is worth it?" I feel like narrative is always that we point out one bad thing that happened, and then the immediate answer is to take away freedom. What happened to a balanced analysis?

I think what happened is due to asymmetry: it's very easy to point out the cost of freedom, but it's very hard to articulate it's value.

That's why we so relentlessly march toward authoritarianism: we think taking away freedom will solve our problems. Then, one day we wake up and realize the lack of freedom has become our biggest problem, but by that point, it's too late.

[diebeforei485]

Everyone, not just you, should have a separate device for work.

[msgodel]

The people who fall for these scams will just get tricked into buying giftcards anyway. There's nothing you can do for them if you don't want to institutionalize them, stop bothering the rest of us.

[chii]

deleting all app store apps is too high a barrier, because there may not be a replacement that could be sideloaded.

[Freak_NL]

I don't see that changing either. Banking apps, government auth, Whatsapp¹, public transport apps², etc. The status quo is that a small number of official app store apps are all but required.

1: Still basically required if you have young children and want things like play dates. Oh Signal? Yeah, the recent push means that some tech-savvy users now have both Whatsapp and Signal installed. In the Netherlands, you can do without Whatsapp, but not if you don't want to turn your child into a social recluse.

2: For example, in order to use Germany's Deutschlandticket one of the participating public transport companies apps is required. This is a huge regression compared to the initial paper ticket, but there it is.

[interloxia]

I guess requiring a transport subscription to get the ticket, via app or smart card, is rather analogous to the topic of adding friction to the undesired path.