Recently Google decided that in the future for an app to be installable on an Android device, the developer of this app needs to be ID’d and registered at Google. They claim this is in order to “to better protect users”. However, I think, this is a move to get more control over the Android ecosystem, and the data they can collect with it. If anyone who wants to develop an app for Android devices has to be registered with Google, this puts all the power of who to allow distributing an app to Google.
Furthermore F-Droid shows, that safe app stores can exist without registration, neither of users nor of developers. There is zero malware or spyware on the F-Droid store. What there is on F-Droid is thousands of beautiful, useful and, most importantly, safe apps. And this entire ecosystem is at risk, because Google wants to gain more control over its users and over the Android operating system.
Yes absolutely. In fact, you’ve touched on the very issue that people don’t understand with Google - the likelihood of the risk.
Most people think that because the consequence of Google getting your data is low, it’s a lesser risk than a hacker getting into your device (very high consequence). But likelihood is just as important with risk. It’s very unlikely a competent hacker will attack your device (moreso with good practice on your part), so the risk is still low even though the severity is high. But it is an absolute certainty that Google will get your data - so even though the severity is low the risk is still significant, and arguably Google present a more significant risk than a hacker.
I’m not advocating using Google over F-Droid, or that Google’s change here is good, or even lawful. This is a textbook anti-trust type case that the EU prosecuted against in the past. However, unfortunately governments seem gung-ho for this to happen this time around.
All I’m saying is that if F-Droid want to tout the security of their service, they probably shouldn’t leave the door open for attackers to use their app as a vector for attacking devices. Their response to this wasn’t strong enough to justify their implied claim that they are at the forefront of security. They’re much better than Google, sure, but they should be trying harder if they want to lead.
On the contrary - it’s not Google getting one’s data that is to be avoided. They are a law abiding (if law bending) entity.
The issue is there are apps on the store that takes data for third parties, who then proceed to sell that data to threat actors who have a phone number and a user profile (great for scam calls).
The adverts within apps can also be predatory - preying on gambling addiction (I know this for a fact, I worked in the gambling industry), loneliness (AI partner boom), and inexperience (oh god the crypto scams…).
There is a greater probability of issues, but the severity is underplayed if examined without a psychological lense. When this is taken into account - the playstore offers a greater probability of lesser harm, and an equal (or greater) probability of severe harm.
The issue is that Google considers them getting your data as more important than allowing you to evade the data collection of third parties that pay them.
The issue is Google’s profiteering.
Agreed!