1. Forum
  2. USENET
  3. comp.sys.mac.advocacy

  • Re: Tutorial: Build your first Android APK on Windows from Github WhisperIME source code

    From Marion@marion@facts.com to alt.comp.os.windows-10,comp.mobile.android,alt.comp.os.windows-11,comp.sys.mac.advocacy on Wed Aug 27 00:31:34 2025
    From Newsgroup: comp.sys.mac.advocacy

    On Tue, 26 Aug 2025 14:35:42 +0200, R.Wieser wrote :


    At the moment attackers can you just build their own malware APKs for
    Android free and and lure people into downloading them. That's one of
    the reasons why Android is often considered very insecure.

    Bullshit. You can download anything you want on Windows as well as Linux, and neither has been called insecure for it.

    I will agree with anyone who makes a sensible comparison, where I have to agree that the fact you can download any app on most operating systems, doesn't inherently make them so insecure that it has to be locked up so
    that only Google or Microsoft or Canonical or RedHat can allow installs.

    Google is doing this, rather obviously, to copy the Apple model of CONTROL.
    As Rudy showed, it's a brazen lie that this is being done for "security".

    It has nothing to do with security.
    It's about control.

    The reason Android is quite insecure is that you have no methods to check what a certain app is doing, meaning that if an app misbehaves you have no way to detect it. Also, the current permissions are crude, only giving all-or-nothing choices. :-(

    We could argue Android has "more malware" than does iOS, but we already
    know iOS is vastly more exploited than Android so other metrics apply.
    <https://www.cisa.gov/known-exploited-vulnerabilities-catalog>

    We know that Apple has never tested much of their iOS code, so, again,
    other metrics apply when we look, at Apple's lies about their control.
    <https://cyberscoop.com/iphone-hack-google-project-zero/>

    The fact Apple controls iOS so rigidly doesn't gain anyone any more
    security since iOS is far less secure than Android - but it does gain Apple profits. Big profits. The biggest in the world kind of profits.

    It's about control.
    Not security.

    It's bad news that Google is following Apple's lead, as not only does it
    make it harder to compile an APK from source, but it makes Android closer
    to the locked-down iOS model which is the main reason iOS can't do half of what Android does.

    Conversely, there is only one thing iOS can do that Android can't do.

    That functionality curve crossover at exact 1 item is that lopsided simply because Apple has locked down control over iOS such that it is basically a dumb terminal that can't do anything useful w/o logging into Apple servers.

    Let's hope Google stops following Apple's control lead which causes a loss
    of functionality without even a single uptick in security as iOS is far
    more insecure than Android on almost all metrics (other than on malware).

    If you don't like this - create or use your own Android-Custom-ROM
    which does not include this check.

    Or find yourself a custom version of Android which, besides leaving it upto the user to choose where he gets his apps from, also contains better protections against mal-behaving apps in general. Like the signed apps from its app-store which, for one reason or another, still contain malware.

    The problem is that many of us have Android phones which can't be rooted.
    Up until now, we could choose where to get our apps from.

    But with this new change, we can't.

    I can already see how compiling an APK will require a Google verification.
    Does anyone have any idea what this will do to third-party repos?


    The custom ROM I'm running gives me the option to disallow an apps acces to the internet, as well as restricting the apps access to storage to its own folders - and, if wanted by the user, *read-only* access to (some) others.

    Its not everything, but its much more than Googles Android offers me.

    It's good that you have a custom ROM, and I'm envious that you do.
    Some of us have USA Samsung's whose boot loader is not known to be
    unlockable, so we're stuck on simply debloating Android as best we can.

    One option for us in the regard of what you just noted is "NetGuard",
    which, again, is functionality never found on iOS because Apple has locked
    up iOS so badly that it can't do half of what Android does as a direct
    result.

    I'm not sure why anyone buys an iPhone as it's a toy that can't do much,
    but my worry here is that Android is following Apple's lead in removing all the functionality we loved about Android (& still love in Windows & Linux).

    I think that Googles Android needs to be carefull: a move like this one, forcing users to only use its ecosystem (hardware, OS, apps), might easily be considered an attempt to create a monopoly. And even under the current administration of the US of A that won't end well..

    I agree with any sensible viewpoint, where this seems to be Google
    following Apple's model of control for the sake of control. Not for
    security.

    Note that Apple's iOS is far more insecure than Android is, but the reasons are complex (e.g., Apple hasn't tested much of its own code for one!), so
    the fact both Google & Apple "say" it's for security, is a brazen lie.
    <https://googleprojectzero.blogspot.com/2019/08/a-very-deep-dive-into-ios-exploit.html>

    It's not about security.
    It's about control.
    --- Synchronet 3.21a-Linux NewsLink 1.2