If Apple announced that they were going to allow installing apps like how you can install APKs you will have a whole group of people on here arguing against it because they want Apple to have control over everything. You could have seen those people in action on the Epic v. Apple and Digital Markets Act discussions.
I.N.S.T.A.L.L.I.N.G S.O.F.T.W.A.R.E
Every non-stock app on my phone was installed from an APK directly downloaded from the manufacturer or open source developer's site / Github releases. I've never had a Google Play account and have never used any Android "app store".
The biggest pain was having to manually logon the couple of sites I allow to keep persistent cookies since device owners aren't allowed to just import/export cookies from mobile Chrome.
It has been a very nice experience. I appreciate the feeling of sovereignty and ownership of my device (even though it does have a locked bootloader and I don't actually have root).
Of course Google would take this away. >sigh<
2%, according to the keepandroidopen.org poll[^1]
[^1] https://techhub.social/@keepandroidopen/116251892296272830
Android isn't open source for a while. They started by pushing device certification which crippled any abilities of OEMs to make a better framework. Then they took many of the opensource packages out of android and redistributed as applications that they controlled via play services.
Then they made it harder to publish packages and created tons of rules that they can arbitrarily decide to cut ties with you or remove your remuneration.
What they are effectively doing now is to remove any ability of individual developers to push applications. Some will say the costs ain't that high, but (1) maybe not in USD dollars for Americans and (2) both Google and Apple will push those numbers way up high soon.
Even if that is not the case, if you don't agree with anything and you decide to have your own version of your family wiki, messenger or anything, they will be able to tell the authorities about it.
This is insane....
Just to drive the point home. Not that you would do this but you _could_ even implement such a system fully anonymously - with uploads via tor and payments via XMR - and it should still work just as well.
Add in a third even more expensive tier for those providing source code to the auditor where google verifies a signed deterministic build the same way fdroid does. Now clearly mark the three different tiers in the app store.
And if they went this route the next logical step for highly sensitive stuff like banking and password management would be a fourth licensed and bonded tier where a verified individual located in a friendly country took on liability for any fraud or other malpractice. That tier would be the equivalent to the situation for civil engineers.
Instead we're stuck in a reality where I don't trust sourcing password managers (among other things) from the play store. Those only ever come from fdroid for me - you know, an actually secure model for how to do app distribution and verify builds.
Bold of you assuming they're doing for users. It's fear-mongering at its finest - using the threat of security to install more control that has little to no protection against the said threats.
Now you might say it's going to raise the bar for the scammers, but nobody is going to be spending time on writing scam or malware for a few bucks. When the reward is high, they can just pay out already verified developers to distribute their builds under their accounts, or just find a workaround (fake ids?) which could be still way cheaper than the potential revenue potential of a successful attack. It's just an inconvenience that didn't existed before.
This is just a policy directly targeting the legit developers distributing apps to work around some of the platform's limitations (ie. uncrappifying youtube). They were previously free to share the workarounds they've developed for themselves since it was just as easy as sharing your APK. Now with added threat of losing your developer account and probably being perma-banned from google, those devs are less likely to continue distributing their workarounds.
Different judge you say? You're right. But when Google in their appeal asked the judge why the app store isn't a monopoly, the judge told Google with a straight face
"You can't be anti-competitive if you have no competitors."
Google took note.
Anyway in this case it's nothing more than a thinly veiled excuse to justify making ecosystem changes that are in their favor. They aren't acting in good faith.
They do. They absolutely do. Where have you been in the last 20 years? Windows has had a reputation as an unsafe ecosystem for decades. Even amongst non-tech people. And even with the various exploits the biggest source of viruses on windows was always that, lacking a proper channel to distribute applications, they had trained their users to double click any .exe on the internet and the next>next>next in whatever installer. I don't agree with the tightening of developer account requirements, but this argument doesn't hold at all.
Companies shouldn't wait to solve issues like this - they should be proactively helping their most vulnerable users. That is the "do no evil" motto.
I don't know enough to say whether this method is the right approach however.
Unless you built your house yourself, you should expect the construction company to be responsible for verifying the identities of anyone entering your house. Asking for a passport and a one time payment, just in case the person who rings the bell may not be a friend.
That should be proactively helping you in case you're a vulnerable homeowner. Not checking in on every visitor would be evil, no?
I can't think of a better approach.
But we, owners, collectively choose that. We choose the security company, we pay then, we can vote them out. Most importantly: the construction company has zero say in this.
Also, no one actually check the IDs of my friends, and they don't have to pay the construction company when they first come.
I give the codes, they ring, I open. I hire a company to monitor the building but I can kick then out any day.
I own the place, you see?
That doesn't necessarily preclude helping the user to notice when they're doing something dangerous, but a waiting period before the computer becomes general-purpose seems pretty extreme.
The idea isn't to protect the power users or average users. It's to protect the most vulnerable. Android is for everyone. Us power users will have a minor speed bump, but we can deal.