You cannot (generally) install and run apps that aren't (recently) notarized, though. They do owe the service inasmuch as they require it for installing and running apps.

Yeah, the OS preinstalled on the phone functions that way. But this is not in opposition to your ownership of the physical device. You can do still do whatever you want with the phone. Grab a hot plate and pull off the NAND, chuck the whole thing in a blender, anything -- knock yourself out.

By analogy, if food was sold with poison in it, "hey man, you bought it, just remove it if you don't like it. not a chemist? crack a book buddy". And now imagine you had no means of producing your own food and all food sold contained poison.

If unlocking an iPhone and running e.g. AOSP on it were feasible, people would be doing it. And you know that. Your argument is disingenuous.

Food with poison in it is both criminally and civilly illegal, and it puts peoples lives in danger.

Equating something like this to closed source software is why some people don’t take FOSS seriously.

You might think I was being facetious, but I’m being completely serious: the only way for FOSS to compete is by producing good products and bringing them to market. If FOSS advocates keep trying to fight some software licensing culture war instead of producing good technology, they’re not going to change anyone’s mind. 99.999% of people do not give two shits about a software license, they just want to use a damn phone.

It was an analogy. You're moving the goalposts and ignored the latter point.

And I'm not a foss advocate, I just want to be able to run software of my choosing and without spyware, as has been the case since the advent of personal computing.

As a side note, legality seems irrelevant to your position. What if a world government mandated optional sideloading + unlocking? Wouldn't you then argue against that law?

I know it’s an analogy. I just think it was a bad one. The desire for nerds to run unusual software on their phone is not really a life or death situation. I think it’s important to remember that in context, the number of us who care about this issue rounds to about zero. Most people using a phone don’t care.

I also want to run the software of my choosing. But there’s not a single phone you can completely do that with. Some of this is due to design decisions, some of it is due to corporate lock-in, and some of it is due to regulatory requirements.

I wouldn’t be against a law requiring side loading and unlocking, I would be in favor of it. This only addresses part of the software on a phone, though. There’s a lot of software on a phone beyond user space applications.

But I do think it would be reasonable to put some hurdles to make it difficult to do. There are completely valid reasons to protect the average user from being scammed by malicious software.

It sounds like we largely agree, then, so I'm not sure what you were arguing in the first place. That because the companies are legally able to do this and that [hardware-based] jailbreaking is possible in theory, it can't be opposed?

To your other point, firmware is another battle entirely and currently has less practical value.

Yet it happens all the time. More than half of Android phones are infected. So again, a poor argument for security. If anything, by opening it up, we (the collective nerds) could help harden it. Protect it. Improve it.

Not very "carbon friendly". But the recycler they mention will probably kindly ship it do a foreign landfill.

The malware excuse is just a palatable false pretense. "We have to protect granny!" Of course, she is getting fleeced by plain scam calls, not somehow sideloading apks onto her idevice, but the truth doesn't help advance their narrative.

Granny can get scammed using Anydesk, available on Google Play.

Imagine that metaphorical granny that in an instant catches fire and turns into ash if the governments and large corporations don't have complete control over our lives.

What a lovely granny that totally exists.

I suspect it's not grandma getting scammed by APKs, but people installing cracked versions of spotify/youtube/paid games.

You are approaching as is the malicious developer was trying to add useful features for the users.

But in practice, these “apps that lookalike popular apps” are not intended to just be adware-less versions of the popular apps. They are frequently “hide the ads, inject the malware with more permissions” Trojan horses.

I think there is likely a dual motive from Google where they both want to stop malware _and_ stop people blocking youtube ads. The malware problem is real though.

Yes but using a real problem as a vehicle for increased control and permission is, in it of itself, a Trojan horse.

Google is doing the same thing the fake apps are doing. Real problem: bad ads. Solution: cracked app. Trojan: too many permissions, steals data.

Google: problem: bad apps. Solution: advanced Google DRM. Trojan: too many permissions, steals data.

They mean apps like SmartTube, Vanced, Instander, Spotify Premium Mod which block ads or grant other premium features for free.

no, cracked as in the ad-free premium versions, without paying for them

Those "cracked" versions often require extra permissions.

My favorite was a local "discover which on your contacts is on the leaked Covid quarantine list[1]" scam app. It claimed that the extra permission dialogs are just fearmongering by Google, who is in cahoots with big pharma, and wants covid to spread to sell more medications.

[1] In fact, no such leak has ever taken place, its existence was just part of the setup for the scam.

My mother in law is constantly worried by some Google Ads in random apps that her phone is hacked...

Did she ever get anything side loaded like that? I have downloaded malware by mistake before. Not once were they allowed to proceed with installation. The only way I got anything side loaded was if I installed the first one (which is always Fdroid) deliberately via ADB after I enabled the developer mode.

No, her phone is clean. The point is GAds quite often are of questionable quality with bullshit scaring unaware people. But then as a solution G worry of grannies being tricked into installing APKs so they turn into gatekeepers of side loading completely for everyone - absurd.

Cell carriers will just start requiring the attestation as well. And eventually, even an internet connection will - wifi routers will have to attest to ISP equipment, etc.

The final phase is "AI" monitoring everything you do on your devices. Eventually it won't just be passive, either, but likely active: able to change books you read and audio you listen to on-the-fly without your consent. It will be argued that this ok because the program is "objective".

At this point, I would stop using commercial cell carriers and ISP-provided equipment altogether, even if that means setting up mesh networks with an underground community. User control or bust.

Will you elaborate?

Yes. This was clearly the reason for the ban in the first place.

Websites tend to have more ads and tracking than native apps, and they're still getting your ip address.

The cookie banners are an example of malicious compliance.

It is probably more that Kotlin's order breaks with the most common ordering, and at the cost of more characters. Not to mention the needless variation that has come along with it (e.g. : vs ->)

Having the identifier first makes it easier to parse unambiguously; the C syntax has been historically criticized for not being context-free because of stuff like "A * B" being impossible to parse correctly without knowing whether A is a type or not. While Java doesn't have the equivalent problem, Kotlin keeps its options open wrt future syntactic extensions for type names.

Identifier-first can also be a lot more readable when gnarly (and thus lengthy) types are involved, since you don't have to scan the line to find it. It makes for neater-looking code with multiple declarations one after another, too.

As far as commonality, both syntaxes are very common, and have been so historically as well (roughly speaking, C vs Pascal syntax families). It should also be noted that most new languages go for identifier-first, so if anything, it's more future-proof in this sense.

It is common in term of frequency of new languages using it, perhaps, but not otherwise.

And again, the point is that Kotlin brings along extra characters AND variation. What's next, `fnctn myFunction(x : Int)~ Int { /* code */ }`?

Why? Just to be quirky? To avoid some hypothetical lawsuit?

There are plenty of old languages using it. Pascal/Delphi, Ada etc. That's where the current crop of languages got that syntax from, it's not like it came out of the blue all of a sudden.

And I already explained the reasoning. No, it's not to avoid the lawsuit, it's because many people genuinely find it more readable for various reasons. Which is why it keeps showing up in all kinds of languages that are otherwise wildly different syntactically.

Yes, there are older languages using Pascal style declaration, but any of C,C++,Java dwarf it in terms of popularity and general exposure (thus my use of the term "common").

And again, in the latter part I'm talking about Kotlin's use of 'fun' and ':'.

Arrow is a lambda, just like in Java.

I'm referring to the burden when changing languages. Swift and Rust use -> for the return type.

And C++, C#, and JS use arrow for lambdas, so there's precedent for both.

My comment had nothing to do with lambdas. The point is that Kotlin uses fun and : instead of fn/func and ->, which is a needless and tedious break with other modern languages using Pascal-style function declaration.

Using val instead of let is similarly off-putting.