> I don’t know where this fascination with getting everyone to download your app comes from.
I do. I once read that app users are seven times more profitable than web users on average.
That number isn't current, and I don't know if it was ever broadly correct, but it's obvious that an installed app provides more opportunities to try to get the user to do something profitable, and it's harder to block ads in native apps. I would be surprised if convincing a user to install a native app doesn't reliably increase profits by a large amount for most kinds of business.
What do scams have to do with having developer options enabled?
This isn't a rhetorical question. There's no big red warning on the developer options screen saying it's dangerous. I haven't heard about real-world attacks leveraging developer settings. I suppose granting USB debug to an infected PC is dangerous, but if you're in that situation, you're already pwned.
Android is attempting to discourage good / regular users from sideloading apps, rooting their phone, etc.
Android wants good / regular users to pass things like Play Integrity with the strongest verdicts.
This helps app distributors to separate regular good users from custom clients, API scripting etc that is often used to coordinate scamming, create bots, etc. If an app developer can just toss anyone who doesn't pass Play Integrity checks in the trash, they can increase friction for malicious developers.
I don't think Google should be changing Android this way at all, and fear that it will later be used for evil. That said, I thought of an improvement:
Allow a toggle with no waiting period during initial device setup. The user is almost certainly not being guided by a scammer when they're first setting up their device, so this addresses the concern Google claims is driving the verification requirement. I'll be pretty angry if I have to wait a day to install F-Droid and finish setting up a new phone.
Evil, for the record would mean blocking developers of things that do not act against the user's wishes, but might offend governments or interfere with Google's business model, like the article's example of an alternative YouTube client that bypasses Google’s ads. Youtube is within its rights to try to block such clients, but preventing my device from installing them when that's what I want to do is itself a malicious act.
> Allow a toggle with no waiting period during initial device setup
I like this idea in principle but I think it could become a workaround that the same malicious entities would be willing to exploit, by just coercing their victims to "reset" their phones to access that toggle.
Isn't app data, photos etc. usually synced with the Google account? Besides, Google claims that the scammers are using social engineering to create a feeling of panic and urgency, so I think the victim would be willing to reset and log in to the accounts again in such a frame of mind.
I'm sure there's a hypothetical scenario where someone successfully runs a scam that way, but there's also a hypothetical scenario where a 24 hour wait doesn't succeed at interrupting the scam.
None of this is stopping a malicious entity. We keep trying to use tech (poorly thought out tech at that) to solve issues of social engineering. And no one is asking for a solution, either; it's being jammed in for control.
Such a silly statement. Of course tech can solve social engineering problem, we do so every day startign from UX design. This is a good solution to killing urgency.
Ux is made for humans. Humans can learn to exploit UX. This is as useless a battle as fighting piracy: you will destroy your product before you solve the problem.
I'm not convinced the author cares very much about this. He bought an iPhone. Based on his other blog posts, he knew what he was buying and what the alternatives are.
An Android phone, even with a stock OS would get him more of the capabilities one would expect from a desktop PC, but he chose an iPhone. Some Android phones let the user unlock the bootloader easily and gain root, but he chose an iPhone. With an unlocked bootloader and a well-supported device, it's possible to install a third-party Android distribution with even more freedom, but he chose an iPhone.
Maybe he likes the iOS UX or app selection better, but if that's the deciding factor then I don't think using the phone as a Real Computer (tm) is really all that important to him.
But you know it's important because of the italics.
As long as it's understood as an opinion piece it's tolerable despite – as you note – the “revealed preference”.
## Appliance Computing:
Take "consoles" for instance. I got tired of building gaming PCs, and after another long day of making computers work, enjoy turning on an Xbox Series X and just doing what the box is there for, much as I appreciate the glass slab in my pocket just doing what it is there for, every single time, without fail, for nearly 2 decades now.
I enjoy a TRMNL (https://trmnl.com/) or Arduino as much as the next person, but don't need my PDA-phone to be a general purpose computing device.
## Mobile Computing:
On the contrary, for both business office work and content creation, and leisure travel logistics and media creation, an iPad Pro with keyboard and trackpad would generally be preferable to a Macbook Pro or Air or Neo if people spent the couple weeks necessary to get used to the different computing paradigm.
Once that sinks in, you may find carrying an iPhone, folding bluetooth keyboard with multi-touch pad, and a Switch 2 USB-C + PowerDelivery + HDMI cable means you can field work on any 4K hotel TV or AirBnB monitor:
But that's better suited for media. iPad Pro + 5G chip + keyboard w/ trackpad is your dual monitor work bet w/ this same cable.
Btw, the point of this particular cable is that power is probably near the TV where the HDMI end goes, with the USB-C where you and your phone or iPad are.
No they wouldn't. We don't have to speculate about that; Android already has a toggle to allow direct installation of apps, and most people don't turn it on.
Many Android devices allow unlocking the bootloader and gaining root or installing an alternate OS without exploits, and there are quite a few third-party Android builds for supported devices. The process is not beyond what a person of average intelligence and modest computer skills could pull off with some patience and a video guide. Only a handful of tech nerds actually do it.
Perhaps we're making different assumptions, but a process that "is not beyond what a person of average intelligence and modest computer skills could pull off with some patience and a video guide" sounds quite a bit more complex than a mere Unlock option in iPhone settings. Also, the results are different too. The process you've described results in an Android desktop, whereas the proposed iphone unlock process would result in a full macOS desktop, which sounds (to me at least) much more desirable to have.
I stand by my speculation that if it were possible to do that on an iphone, it'd definitely be something loads of people would do, including a large amount of people who shouldn't open their device that way but do just because they watched someone on social media telling them to.
> Even today there’s a culture of downloading Android builds from long forum threads on XDA developers
I did that this month. I wouldn't do that for a device I use for anything sensitive, but I have a niche use case for my old Nexus 5, and it needed to be running at least Android 8.
Be sure to give apps that behave that way one-star reviews.
I just tested Waymo and my usual solution of Magisk Play Integrity Fix was insufficient, suggesting hardware-backed attestation. This is the kind of crap Microsoft was doing that inspired Google to put "don't be evil" in its mission statement. We all know how that went.
If your goal is to boycott Google, you're probably not trying to use Waymo. My suggestion was only about punishing the use of remote attestation in the small way most of us can.
Unless you're actually a spy, there's no reason to do this. Just use your secure solution all the time with those conversation partners who are willing to use it.
Unless you're actually a spy, there's no reason to do this. Just use your secure solution all the time with those conversation partners who are willing to use it.
Fundamentally I agree with you but people will stay on the platforms where their friends are. To change that the platform would have to do something really bad such as forcing age checks and even then I think many will just put up with it to stay connected to their friends.
They don't understand anything, but they sure can repeat a pattern.
I'm using Claude Code to work on something involving a declarative UI DSL that wraps a very imperative API. Its first pass at adding a new component required imperative management of that component's state. Without that implementation in context, I told Claude the imperative pattern "sucks" and asked for an improvement just to see how far that would get me.
A human developer familiar with the codebase would easily understand the problem and add some basic state management to the DSL's support for that component. I won't pretend Claude understood, but it matched the pattern and generated the result I wanted.
This does suggest to me that a language spec and a handful of samples is enough to get it to produce useful results.
I do. I once read that app users are seven times more profitable than web users on average.
That number isn't current, and I don't know if it was ever broadly correct, but it's obvious that an installed app provides more opportunities to try to get the user to do something profitable, and it's harder to block ads in native apps. I would be surprised if convincing a user to install a native app doesn't reliably increase profits by a large amount for most kinds of business.
reply