Upload it to the cloud and make it someone else’s problem to deal with keeping up with the physical medium changes. Then your descendants only have to worry about figuring out how to deal with an outdated file format they can no longer open… and even when they can finally open it, it’d be super low quality… just like how we have to squint really hard at videos from VCDs now days.

API are secure only if you can secure the authentication details. A modified app (be it as something modified and distributed on a unsanctioned channel, or custom injected by another malicious actor/app) can easily siphon out your authentication tokens to a third party unbeknownst to you the user. However, if the app verifies it came from the approved source and have not been tempered with, then it is much easier to lean on ASLR and other OS level security to make it harder to extract the authentication info.

Multiplayer game operators have obligation to curb modified clients so their actual paying clients have a levelled playing field. By ensuring their apps are only distributed via approved channels and unmodified by malicious players, this improves their odds at warding off cheaters creating a bad time for those that actually pay them to play fairly.

These are just simple cases where this kind of security is beneficial. I am glad Android is finally catching up in this regard.

This is Lemmy. If you’re not advocating for FOSS, or piracy to spite the corporations, you’re gonna get downvoted. I don’t care. We need better security standards whether these kids like it or not.

App developers need ways to know the app has not been modified in unsanctioned manner, glad to see Android finally catching up on security with integrity checks.

It was not an EU thing, it was a China thing.

It’s quite obvious as well looking back at it; if course China will mandate one of the weakest protocol with no end to end encryption.

Avoid RCS like the plague and use something more secure!

No, they’re mostly correct; basically no one except Android users in the USA cares. Everywhere else has it figured out with third party messaging platforms that’s geographically favored, and Apple users in USA will continue to use the superior iMessage protocol with each other. Only the Android users in USA are left out from sending/receiving messaging, so they’re salivating over the update like it’s the best thing since sliced bread.

RCS is janky, inconsistent, and carrier dependent. Can’t wait for Android users in the USA to join the better rest of the world. Until GSM consortium mandates end to end encryption and force all carriers to adopt certain version of consistent minimum, RCS is and will continue to be a garbage inferior protocol that should be avoided like the plague.

Not entirely true… the American Android users care about it; Apple users will still default to the superior iMessage as opposed to the inconsistent carrier dependant RCS; rest of the world will use geo-preferred third party messaging app that also offer consistent experience between carriers.

“Buy your mom an iPhone” people.

I know I have some hearing loss; Mimi hearing test confirmed degrading further over the years. But I’m okay with waiting til 3rd gen Pro come out before I upgrade from the first gen Pro.

You’re going to find that the appetite for un-targeted advertising to be much lower than that of targeted. The ROI for un-targeted blast is much lower than a smaller more focused targeted campaign.

As such, you’ll either see even more ads on the same content (in order to obtain similar level of revenue for the publisher), or, as the other user suggested, free ad supported service be a thing of the past.

Neither of which are good for the mass audience. People already aren’t willing to pay $1 to remove ads on most free ad supported apps, you’re going to find small businesses collapse left right and centre as result of the change.

In the old days, it used to be a problem because everyone just connect their windows 98 desktop with all their services directly exposed to the internet because they’re using dial up internet without the concept of a gateway that prevents internet from accessing internal resources. Now days, you’re most likely behind your ISP router that doesn’t forward ports by default, and you’re only exposing the things you’d actually want to expose.

For things you’d actually want to expose, having a service on the default port is fine, and reduces the chances of other systems interacting with it failing because they’d expect it on the default port. Moving them to a different port is just security through obscurity, and honestly doesn’t add too much value. You can port scan the entire public IPv4 space fairly quickly fairly cheaply. In fact, it is most likely that it’s already been mapped:

https://www.shodan.io/host/<your-ip-here>

Keeping the service up-to-date regularly and applying best practices around it would be much more important and beneficial. For SSH, make sure you’re using key based authentication, and have password based authentication disabled; add fail2ban to automatically ban those trying to brute force. For Minecraft, online mode and white listed only unless you’re running a public one for everyone.