HackerLangs
TopNewTrendsCommentsPastAskShowJobs

rom1v

no profile record

Submissions

What we talk about when we talk about sideloading

f-droid.org
1,516 points·by rom1v·há 9 meses·629 comments

Answering questions about Android developer verification

android-developers.googleblog.com
109 points·by rom1v·há 9 meses·122 comments

comments

rom1v
·há 14 dias·discuss
A similar question I asked a few years ago: https://physics.stackexchange.com/questions/740056/how-much-...
rom1v
·há 22 dias·discuss
> The difference in the code is exactly one word: value.

What is unclear to me is why the decision to use a Point instance as a value or as a reference is made in the class definition rather than by the caller.

> Point[] point = new Point[10];

For the same class, I might need an array of values in one place and an array of references elsewhere within the same codebase.
rom1v
·mês passado·discuss
Related to the discussion: "A fork() in the road": https://www.microsoft.com/en-us/research/wp-content/uploads/...

> ABSTRACT

> The received wisdom suggests that Unix’s unusual combination of fork() and exec() for process creation was an inspired design. In this paper, we argue that fork was a clever hack for machines and programs of the 1970s that has long outlived its usefulness and is now a liability. We catalog the ways in which fork is a terrible abstraction for the modern programmer to use, describe how it compromises OS implementations, and propose alternatives.

> As the designers and implementers of operating systems, we should acknowledge that fork’s continued existence as a first-class OS primitive holds back systems research, and deprecate it. As educators, we should teach fork as a historical artifact, and not the first process creation mechanism students encounter.
rom1v
·há 2 meses·discuss
A concrete example of undefined behavior caused by an unaligned pointer: https://pzemtsov.github.io/2016/11/06/bug-story-alignment-on...
rom1v
·há 2 meses·discuss
--keep-active ;)
rom1v
·há 2 meses·discuss
Please post a link to the issue.
rom1v
·há 8 meses·discuss
I want to be able to install apps from alternative app stores like F-Droid and receive automatic updates, without requiring Google's authorization for app publication.

Manually installing an app via adb must, of course, be permitted. But that is not sufficient.

> Keeping users safe on Android is our top priority.

Google's mandatory verification is not about security, but about control (they want to forbid apps like ReVanced that could reduce their advertising revenue).

When SimpleMobileTools was sold to a shady company (https://news.ycombinator.com/item?id=38505229), the new owner was able to push any user-hostile changes they wanted to all users who had installed the original app through Google Play (that's the very reason why the initial app could be sold in the first place, to exploit a large, preexisting user base that had the initial version installed).

That was not the case on F-Droid, which blocked the new user-hostile version and recommended the open source fork (Fossify Apps). (see also this comment: https://news.ycombinator.com/item?id=45410805)
rom1v
·há 9 meses·discuss
Are the years intended to be read in octal?
rom1v
·há 9 meses·discuss
> One of the most important themes we hear from the developer community is the need for more lead time to adapt to changes

No, it's not.
rom1v
·há 10 meses·discuss
Why do I always invert the Y-axis but never the X-axis?
rom1v
·há 11 meses·discuss
I feel that Rust increases security by avoiding a whole class of bugs (thanks to memory safety), but decreases security by making supply chain attacks easier (due to the large number of transitive dependencies required even for simple projects).
rom1v
·há 2 anos·discuss
Btw, this is not the only project providing a source tarball different from the git repo, for example libusb also does this (and probably others):

- https://github.com/libusb/libusb/issues/1468#issuecomment-19...

- https://github.com/orgs/community/discussions/6003