• @[email protected]
    link
    fedilink
    English
    273 months ago

    The problem is that there are very good reasons to have specific authoritative app stores/package repositories. and it is a lot harder to have privileged and unprivileged accounts on a phone versus a computer.

    But yeah. Something has to be done about that since it is the fundamental issue with mobile devices.

    • @[email protected]
      link
      fedilink
      English
      213 months ago

      I mean as someone running Graphene OS it hasnt been that difficult having the playstore being a sandboxed non system app

      • @[email protected]
        link
        fedilink
        English
        73 months ago

        The issue is less the app store itself and more the applications in it. Because while I agree that basically everything should run sandboxed unless specifically given permission, the problem is more about sourcing the apps themselves.

        Google and Apple are far from perfect but they do a good job of protecting big companies. So if you download “Chase bank app” with 12 million stars from “Chase bank company” (like, their actual account and not just me half assing it) then you can pretty much trust that is legit. Whereas downloading that on a random app store you bought so you can play pubg mobile locally or whatever nonsense people were doing? You can pretty much trust that it is not legit but most people won’t understand that.

        In a perfect world? I would love it if people got into a habit of checking hashes (which, is an inherently flawed approach but “works pretty well” if you aren’t already compromised) and so forth. As it stands? There are very good reasons to just tell grandpa to not install random APKs he found on the internet.

      • @[email protected]
        link
        fedilink
        English
        23 months ago

        Exactly. I don’t even use the Play store on GrapheneOS, I use Aurora to get apps from Google Play, and F-Droid for everything else. I don’t even have Google Play services running at all on my main profile, it only runs on my “work” profile because I need an app that needs it.

    • @[email protected]
      link
      fedilink
      English
      123 months ago

      Almost like those systems were designed to be monopolistic and anti-competitive from the very beginning…

    • @[email protected]
      link
      fedilink
      English
      103 months ago

      it is a lot harder to have privileged and unprivileged accounts on a phone versus a computer.

      True. But it shouldn’t be.

    • @[email protected]
      link
      fedilink
      English
      43 months ago

      Is it though? I have three profiles on my phone:

      1. main - all my normal apps; no Google Play whatsoever
      2. work - work apps; Google Play services running
      3. google - Google stuff (like Google Maps and whatnot); Google Play services running

      This is on GrapheneOS, and they basically just ship AOSP with some patches on top.

      • @[email protected]
        link
        fedilink
        English
        3
        edit-2
        3 months ago

        Congrats. You just volunteered to teach all the boomers (and the zoomers who can’t do anything that isn’t google docs) how to set all that up and maintain it

        May Erastil have mercy on your soul

        • @[email protected]
          link
          fedilink
          English
          53 months ago

          Eh, it’s not too bad:

          1. Settings
          2. System
          3. Multiple Users -> Allow
          4. Add User

          Then to switch, there will be a new icon next to the Settings icon when you swipe down. Tap that and select the profile you want.

          I use GrapheneOS, which ships w/o Google Play by default (installation process is a little trickier, but still easy), but most phones won’t have an option to uninstall Google Play since it’s a default system app. But if have managed to install GrapheneOS, setting up a profile to quarantine your Google Play apps is pretty easy.