Google’s only providing the option, it’s up to individual devs to enable it on their app. If the app developer has chosen to block sideloading, then they probably have a reason for going out of their way to do so. Whatever you find that reason to be should inform your decision whether or not to continue using their app.
Their reasons mean nothing. It’s my device. I shouldn’t have to worry about an application installed on my device being policed because the developer got a hair up their ass about people downgrading.
The phrase “more secure” is becoming meaningless as it keeps being used as a blanket excuse for literally every user hostile change.
yeah take it up with a blackholed email address, while being locked away from public transport and a lot of otherbasic services that’s literally needed for life, for saying hard no to literal malware on my phone? I think you’re a little backwards.
Explain to me what would be the good reasons McDonald’s has to block their app from running on a rooted device because it doesn’t pass SafetyNet or whatever Google is calling it now
It’s the same system, it’s all part of play integrity. And that also applies to this bullshit, why does McDonald’s care if I didn’t install their app from the play store?
Oh I don’t know if mcdonald’s specifically does this, I’ve never used the app, I just used it as an example because that’s what the guy above was talking about as well.
IIRC they did coupons exclusively in their app a few years ago where I lived (haven’t checked since), and they hiked the price of everything, so if you don’t install the app, you get a 20% surcharge in effect.
That goes for every single shitty chain store as well.
If I had to guess, I’d assume it’s because there’s a payment system in their app and they don’t want people monkeying around with it and stealing food.
McDonald’s was just an example, the point is most apps don’t need to do that at all.
I do happen to know how payment systems like that work, and thankfully those are all cloud-based, the only thing the app does is start transactions and check with the server if they’re paid. If they implemented it well, as I suspect a big corpo like McDonald’s probably would, their own order screen also checks server-side if orders are paid. Not much you can do from the app side to mess with that.
the only thing the app does is start transactions and check with the server if they’re paid
Yeah, but the whole PCI DSS thing means that the app must still be secured. That doesn’t necessarily mean that it has to be tied to Google Play, but explain it to them.
What if I sideload purely to downgrade a bugged app? Just seems like yet another kick in the teeth by Google.
I thought you could not downgrade non-debuggable apps?
But you can uninstall them and install a lower version
You can always uninstall and install an older apk.
without uninstalling. that had a reason, safety, as apps are often not prepared to handle their “future” (relatively) config files and data formats
Google’s only providing the option, it’s up to individual devs to enable it on their app. If the app developer has chosen to block sideloading, then they probably have a reason for going out of their way to do so. Whatever you find that reason to be should inform your decision whether or not to continue using their app.
Their reasons mean nothing. It’s my device. I shouldn’t have to worry about an application installed on my device being policed because the developer got a hair up their ass about people downgrading.
The phrase “more secure” is becoming meaningless as it keeps being used as a blanket excuse for literally every user hostile change.
Sure, it’s your device. But it’s their app. Ultimately, it’s the developer’s call to make. You don’t have to use their app.
unless you are forced to use it, by government, employer, or such
Well then you know where to install it from.
from google play? on my degoogled phone?
Sounds like the app developer does not want to support you as a user. You should take it up with devs that do this if that’s a concern.
yeah take it up with a blackholed email address, while being locked away from public transport and a lot of otherbasic services that’s literally needed for life, for saying hard no to literal malware on my phone? I think you’re a little backwards.
Sounds like you’re using a phone that doesn’t meet the requirements specified by your employer. Might I suggest asking them for a company phone?
my employers have never specified any requirements for my phone, sorry but wtf is that?
We can still use their app with a little help from my reverse engineering tools.
Hopefully they don’t do online attestation
Cool, sounds like it ain’t a problem for you then. As I imagine it’s not a problem for most people.
Explain to me what would be the good reasons McDonald’s has to block their app from running on a rooted device because it doesn’t pass SafetyNet or whatever Google is calling it now
Because it is spyware?
Why would I explain something that has nothing to do with this discussion? This has nothing to do with rooted devices.
It’s the same system, it’s all part of play integrity. And that also applies to this bullshit, why does McDonald’s care if I didn’t install their app from the play store?
Can’t you use the website instead? Is the MCDonalds app necessary for orders? I use hermit to sandbox webapps for services which do not require a app.
Oh I don’t know if mcdonald’s specifically does this, I’ve never used the app, I just used it as an example because that’s what the guy above was talking about as well.
IIRC they did coupons exclusively in their app a few years ago where I lived (haven’t checked since), and they hiked the price of everything, so if you don’t install the app, you get a 20% surcharge in effect.
That goes for every single shitty chain store as well.
Why should I know? I’m not a McDeveloper.
If I had to guess, I’d assume it’s because there’s a payment system in their app and they don’t want people monkeying around with it and stealing food.
McDonald’s was just an example, the point is most apps don’t need to do that at all.
I do happen to know how payment systems like that work, and thankfully those are all cloud-based, the only thing the app does is start transactions and check with the server if they’re paid. If they implemented it well, as I suspect a big corpo like McDonald’s probably would, their own order screen also checks server-side if orders are paid. Not much you can do from the app side to mess with that.
Yeah, but the whole PCI DSS thing means that the app must still be secured. That doesn’t necessarily mean that it has to be tied to Google Play, but explain it to them.
Afaik that only applies if the app is processing payments, which in this case it shouldnt be.
Removed by mod