this post was submitted on 19 Mar 2026
206 points (97.2% liked)

Technology

82830 readers
4029 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
206
Did we win? Google to continue to allow side loading (liliputing.com)
submitted 5 hours ago* (last edited 5 hours ago) by Mynameisallen@lemmy.zip to c/technology@lemmy.world
70 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] invertedspear@lemmy.zip 4 points 3 hours ago (2 children)

Counterpoint: my software allows you to access your banking needs. I’m financially on the hook if fraud occurs. Fraud occurs because your favorite “slap the monkey” game also installs a keylogger and network monitor. So I don’t allow my software to work if you have that installed.

I think you’re right that companies should not be able to tell you what software you can run, but users also can’t be trusted to keep their devices safe.

A lot of network, banking, and telephony protocols historically rely on trusting that there are no bad actors in the chain. Technology has added more links to the chain increasing the opportunities for bad actors to tap into it.

It’s a situation that needs better fixes. Maybe we just need to hand the current internet over to the bots and start a new one with security and privacy built in from the ground up.

[–] OrganicMustard@lemmy.world 3 points 33 minutes ago (1 children)

Android runs apps sandboxed, so no app can access what you write in another like your banking app, or the unencrypted packages it sends.

[–] Pika@sh.itjust.works 1 points 5 minutes ago* (last edited 1 minute ago)

Yea the argument stated works better for rooted environments than rootless environments or sideloading.

In a non-root scenario, you would need to specify a few permissions to give a keylogger that amount of access. I think that a big issue is people not understanding that there is a difference between a rooted device or root installed app, and a sideloaded application.

Just because you have a non-google device or a rooted device != you have a compromised device. Applications aren't going to magically install running as root, every rom worth their salt keeps it a clear isolation between the layers, and some roms don't even allow you to use the root environment after installing it.

In your standard google phone install? A keylogger wouldn't be able to be installed without enabling an accessibility permission. It's not like you can just "oops I just sideloaded a keylogger haha silly me" like described.

[–] kkj@lemmy.dbzer0.com 2 points 1 hour ago

You're liable if someone shares their credentials? Even if they did it accidentally by installing a keylogger, that seems like user error.