In classic Google fashion, they hear the complaint, pretend that it's about something else, and give a half baked solution to that different problem that was not the actual issue. Any solution that disadvantages F-Droid compared to the less trustworthy Google Play is a problem.
I should have the right to have parents, friends or anyone use a "free" store that is not under control of Google if the user and app developer wish so. But also, somehow there should be something done to avoid the monopoly forcing to use the Google services. Like major institutions like bank, gov and co being forced to provide alternatives like a webapp when they provide app tied to the Google play store.
This was already the case for enabling sideloading at system level: it warned you. Nobody really says having this toggle is a bad thing, basically the user shouldn't get an ad network installing apk's just browsing around the web without their informed consent (and android has been found to be vulnerable to popunder style confirmations in the past).
They also already had the PlayProtect scanning thing that scans sideloaded APK's for known malware and removes it. People already found this problematic since what's to stop them pulling off apps they just don't like, and no idea what if any telemetry it sends back about what you have installed. There have been a handful of cases where it proved beneficial pulling off botnet stuff.
Finally, they also have an additional permission per-application that needs to be enabled to install APK's. This stops a sketchy app from installing an APK again without user consent to install APK's.
The question is: How many other hurdles are going to be put in place? Are you going to have to do a KYC with Google and ping them for every single thing you want to install? Do you see how this gets to be a problem?
For it to be truly considered open source, you should be able to fork it and create your own edits to change the defaults however you wish. Whether that is still a possibility or not, is a completely separate issue from how they proceed with their own fork.
It's my phone.
If you don't like their choices, you should be able to install other software you do like. There should be completely free options that people can choose if they desire. But the majority of people just want a working phone, that someone like Google is taking great pains to make work safely and reliably.
There is a difference between making a choice because there has to be something there (setting a default wallpaper, installing a default phone/sms app so your phone works as a phone) and actively choosing to act against the user (restricting what I can install on my own device, including via dark patterns, or telling me that I'm not allowed to grant apps additional permissions).
> For instance, should you be able to text message one million people at a time? You might want to, but Android doesn't offer that feature.
There's a difference between not implementing something, and actively blocking it. While we're at it, making it harder to programmatically send SMS is another regression that I dislike.
> Do you want to install spyware on your girlfriends phone? Maybe that's your idea of complete freedom, but the fact that Google makes it harder, is a good thing, not a bad thing.
Obviously someone else installing things on your phone is bad; you can't object to the owner controlling a device by talking about other people controlling it.
> If you don't like their choices, you should be able to install other software you do like. There should be completely free options that people can choose if they desire. But the majority of people just want a working phone, that someone like Google is taking great pains to make work safely and reliably.
Okay, then we agree, right? I should be able to install other software I like - eg. F-Droid - without Google getting in my way? No artificial hurdles, no dark patterns, no difficulty that they wouldn't impose on Google Play? After all, F-Droid has less malware, so in the name of safety the thing they should be putting warning labels on is the Google Play.
There are legitimate concerns being addressed by these feature restrictions.
So you draw the line between the bootloader and the OS. Other people draw the line between the OS and applications. Most (nearly all) people can't write either, so for them it is just part of the device.
> you don't get to tell them how theirs should operate.
I paid for it, and I allow it to be legal in the jurisdiction I (partly) control. So it is not only theirs anymore.
IMO the way this should work is that Google can make their software however they want provided they don't do anything to stop me from changing it to work the way I want.
Unfortunately, they've already done a lot of things to stop me from changing it to work the way I want. SafetyNet, locked bootloaders, closed-source system apps, and now they're (maybe) trying to layer "you can't install apps we don't approve of" on top of that.
That's exactly how it is. You're free to get your soldering iron out, or your debugger and reverse engineer anything you want. I don't mean to argue unfairly, but all we're talking about here is the relative ease with which you can do what you want to do. How easy do they have to make it?
As for their software, as delivered, there are literally an infinite number of ways that it stops you from changing it. Maybe you want everything in Pig Latin, or a language you made up yourself. Do they have to design around this desire? Do they have to make this easy to do?
I don't think the distinction exists the way you're trying to describe. If I should be allowed to install any software I want, surely that includes any .apk I want? Conversely, someone could make the exact claim one step down the chain and argue that you don't get to tell them how their firmware should work and if you want to install your own OS you should just go buy a fab, make your own chips, write your own firmware, and make your own phone. And that's absurd, because users should be allowed to run their own software without being forced to ditch the rest of the stack for no reason.
And the argument is the same lower down the stack. You shouldn't be able to tell someone how to design their firmware.
The only problem is where the law prohibits us from trying to undo these restrictions, or make modifications ourselves. It's government that restricts us, and we should focus our efforts there.
> And the argument is the same lower down the stack. You shouldn't be able to tell someone how to design their firmware.
Earlier, you claimed,
> They should be able to install any software they want.
but it sounds like actually you only mean that users should be allowed to futilely attempt it, not that there should actually be allowed to run software at will. If the firmware only allows running a signed OS, and that OS only allows running approved apps, then the user is not able to install any software they want.
Google killed every other competition via dumping and shady business practices. Sure, you can go to iOS, but that is even more closed and restrictive, not to mention the devices are overpriced.
You paid for it but Google still has the control. I understand that you prefers things to be different (as do I) but the reality is that we don’t have control over devices we paid for.
The law. The contract. The money I paid.
> the reality is that we don’t have control over devices we paid for
So, the reality is that a company is exerting ownership rights on things they don't own. If that is exclusive, then that is called theft.
You answered the question here:
> You paid for it
If you paid for hardware, legally that makes it yours.
> Google still has the control
Therein lies the problem. Google should not exercise such control over devices which are yours, not theirs.
I remember when big sites started having to put big banners in your browser console warning you that if you weren't a dev and someone told you to paste something there, you had been scammed, and not to do it. They had to do that because the average Facebook user could be tricked very easily by promises of free FarmVille items or the opportunity to hack someone else's account, and those are fairly low stakes bait. Now people bank with real money on their phones.
Anything else won't do.
That describes the current (and long-established) behavior. App installation is only from Google's store by default and the user has to manually enable each additional source on a screen with scare text.
I've lived through them locking down a11y settings "to resist coercion, ensuring that users aren't tricked into bypassing these safety checks while under pressure from a scammer", and it's a nightmare. It's not just some scare text, it's a convoluted process that explicitly prevents you from just opening the settings and allowing access. I'm not giving them the benefit of the doubt; after they actually show what their supposed solution is we can discuss it, but precedent is against them.
> Seems reasonable?
No. As I said before, any solution that disadvantages F-Droid compared to the less trustworthy Google Play is a problem.
Even that is a step too far in the wrong direction. Doesn't matter if it's free, or whatever, simply requiring an account at all to create and run software on your own device (or make it available to others) is wrong.
There exists no freedom when you are required to verify your identity, or even just provide any personal information whatsoever, to a company to run software on your device that you own.