Glad to see Google come to their senses on this. Disabling it entirely would have basically guaranteed an exodus of power users over to iOS. If your only choices are walled gardens, you might as well pick the easiest, prettiest one.

If adb is unrestricted and can work with the Linux command shell (something I seem to remember I had read about before; you will need to enable the developer mode to use it), which is aparently a separate system but runs on the same device, although if it has the ability to communicate with the main Android system using adb (which it might be reasonable to require that to be explicitly enabled with another setting, for additional security in case you do not use adb), then this would help since you do not require another computer that would be compatible with adb in order to do it.

However, I think there are other things they should do as well (in addition to the other things) if they want to improve the safety, such as looking at the apps in Google Play to check that they are not malware (since apparently some are; however, it says they do have some safeguards, so hopefully that would help), and to make the permission system to work better (e.g. to make it clear that it can intercept notificatinos; there are legitimate reasons to do this but it should require an explicit permission setting to make this clear).

Southeast Asian scammers - they could've directly said from India/Pakistan.

The Tyranny of the Marginal User strikes again.

> When the user logs into their real banking app, the malware captures their two-factor authentication codes

That seems like a severe security bug in Android APIs or sandboxing or something else.

> bad actors can spin up new harmful apps instantly

Why are harmful apps possible at all?

so still distributing with f-droid is messed up? i now have to pay a fee to develop an open-source app via f-droid to everyone?

this is a misleading title. they only allow side-loading unverified apps only on fewer devices.

"We have realised that boiling the frog this fast will result in it jumping out of the water. Therefore we have slowed down, but remain steadfastly devoted to seeing this frog boiled"

This is great news to me. I'm going to celebrate it. As evil as everyone thinks they are, they did the right thing here. Thanks google.

"Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified. We are designing this flow specifically to resist coercion, ensuring that users aren't tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months."

So they haven't actually changed anything yet, but they say that they will "in the coming months."