> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
Google changing defaults is a permanent change for some large percentage of their userbase. A subset of those can still figure out how to download and run an APK file but have no further recourse against monopolistic behavior.
Maybe those people do need to be protected from scams. Social engineers have complete control over the user, so any control given to the user is owned by the scammer. Seems like the same problem as pig butchering, a technology or process solution can't save someone too stupid to save.
Thinking about less controversial options for Google, they could track if any side-loaded apps have the dangerous permissions, and provide a global true/false status to other apps that request it. So Wallet / whatever would disable features if any "outside" apps were in a position to exploit the user. And Android could offer a button that cleans up the "problem" apps, setting the global status back to false.