Does anyone here actually support Google’s Developer Verification?

I don’t. I’ve put a warning about it in my repo because I’m against policies like sideloading restrictions, forced ID verification.

Curious what other devs here think. Is Play Store still worth the hassle?

    • TrickDacy@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      51 minutes ago

      You do, actually.

      I have over 2 decades of background in hardcore IT-Sec, i know my stuff. And you? What is your qualification, where are your sources?

      This translates to anyone who isn’t you to:

      I know a lot, you know very little. Trust me, not you.

      And again if you’re going to make this 80% claim and then say you sourced it, don’t link shit that’s sort of related but in no way backing up that claim. No one here is saying malware isn’t a problem. You’re getting downvoted for making specific claims which are absurd.

      • vapeloki@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        41 minutes ago

        That is a general issue of online debates.

        I can not squash 20 years of daily learning into a comment.

        I can point you to sources where you can verify it our self. Social engineering studies, blog post about campaigns from other researchers.

        Placing m credentials there is my kind of saying “I have insight, ask”, but how do you think should something like this communicated.

        We have a highly sensitive topic, with a lot of obsolete or just misinformation.

        It is a highly complex topic that can not be simply understood by most persons, but social media opens a place for debate anyways.

        There are many other examples for this happening and it is bad. Very bad.

        Another example Google wants to get rid of third party cookies. Instead they want to to adspace action on your local system. In our browser, protected. But bad, because Google. Firefox could implement the same API on better, but no, bad because Google.

        Google is not the good guy. But just throwing out every fucking Idea because Google Had it (or was forced into it, allowing sideloading again was because of pressure) is just not what we need

        • TrickDacy@lemmy.world
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          13 minutes ago

          This is so much beating around the bush. Somehow you’ve managed to ignore the 15 times I’ve pointed it out: most users do not install apks. That’s all. You claimed they did and I said that was dumb. So anything else is just a distraction from the point I was trying to make. Google is pretty shitty but you might have a point that not everything they do is shitty… But that’s not what the conversation started as. And I don’t really care to change the subject at this point.

          • vapeloki@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            6 minutes ago

            How do you now that?

            Again, the ability to install a completely unverified APK is used in real, successful, attacks.

            The user DOES NOT KNOW WHAT HE IS DOING! That is the entire point!

            If users would know what this is and understand, maybe it would be less if a risk.