AFAIK this only applies within Singapore (not sure if this applies to visiting devices) for apps requesting certain permissions (RECEIVE_SMS, READ_SMS, BIND_NOTIFICATIONS, and accessibility) downloaded outside of app stores (F-Droid is fine) and opened directly on the device (adb install is fine).
You can probably bypass the restriction by just disabling Play Protect if you don't want Google to tell you what you can and cannot install, but I'm not in Singapore so I can't confirm if that will work or not. That said, Google has made it impossible to disable Play Protect while on a call, that's probably a smart move.
> In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.
Also, people in Singapore seem to be particularly vulnerable to scams:
> Pang is just one of tens of thousands of Singaporeans to fall foul of scams last year, who lost a total of S$1.1bn, according to police, a 70 per cent increase on the previous year. The true figure could be even higher, according to the Global Anti-Scam Alliance, which estimates that more than two-thirds of Singaporean victims did not report their experience.
> This is a small part of a global criminal enterprise worth an estimated $1tn, but Singaporeans, affluent, digitally advanced and compliant, are particularly vulnerable to these scams. As one person involved in the recovery of assets put it: “They are rich and naive”.
This is blaming the victim, and I'm not having it.
The problem has been that BankCorp are all forcing us into online pathways because it's cheaper for BankCorp. Of course, they don't put good security on the pathways because that would dramatically increase the customer support cost for BankCorp. Getting scammed is "just sucks to be you" because that costs LittlePlebian.
The "solution" is that liability for these kinds of scams need to be on BankCorp, period. LittlePlebian simply cannot be expected to protect themselves from every professional scammer in the universe beyond very basic measures. Bitcoin people regularly get scammed and they are supposedly more "sophisticated" than the average bear. Nobody less sophisticated stands a chance against the professionals.
Worth noting - was that before or after Google started getting painful decisions in court battles on the App Store thing?
Because this is not going to be super positive for them on that front.
> victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads.
I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers, especially when users have gotten habituated to ignoring incessant safety warnings caused by attempts to protect users.
I also keep wondering how safe the Play store is from this stuff. The very existence of obscenely detailed public GPS datasets about Android users show that even "official store" apps are somewhat malicious.
I don't see a real solution besides giving a smart and friendly 3rd party admin rights over the devices of susceptible users.
> I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers
Convert to a one-time escape hatch unlock via a random-question quiz hosted by Google that assesses security and computing knowledge?
If the intent is to prevent the dumbest users from doing something, then a good place to start would be an assessment to determine if a user is actually dumb or not.
It's oxymoronic to attempt cover-all methods that encompass both (a) advanced users who do want to sideload & (b) people who will type in anything the internet tells them will make a cracked app work.
It's also unclear why this post even exists, except as simple marketing FUD.
> Powered by PureOS, a Debian-based Linux operating system, the Librem 5 and Liberty Phones
Can their devices run APKs? The only Linux distro I know of that does is Sailfish, whose weird licensing model makes it really hard to take advantage of unless you have an obscure, obsolete phone and flash it with the image they sell.
To their credit, Purism has invested more into touch Linux with Phosh than most others in the space have, but Linux on a touchscreen is still a befuddlingly garbage experience.
Unless their experience is impacted by the features they're writing about (which it doesn't sound like it is), this post is just trying to make its mainstream alternative sound bad in the hopes that someone buys their crap instead.
Purism devices can run Android APKs via Waydroid. I don't think this Google policy materially affects that, though, so I'm also mystified why they bothered writing this article.
> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers.
There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
I don’t see the full details but this implies that it’s still possible for advanced users to side load whatever they want. They don’t want to make it easy for the average user to start sideloading apps that access SMS permissions or accessibility controls.
If it takes a few extra steps for the advanced user to sideload these apps that’s not really a big infringement on freedom like this purism PR piece is trying to imply. Unfortunately sideloaded apps are a problematic scam avenue for low-tech users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
I think you're dismissing legitimate concerns without fully understanding them, because through the right lens you realize how this can be anticompetitive in the mass market.
Even if some technically inclined folk can install what they want, the masses will stay in the walled garden so that Google can get their cut and exert ideological control. Even now, both Google and Apple engage in practices across their product that are designed to scare people away from third party applications. From Google's terminology when describing Google in banners as "a more secure browser" etc, to Apple requiring a secret incantation in order to run unsigned apps.
All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
The comment you're responding to includes the line:
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Your comment seems to disregard it and instead lay this entirely at Google's feet as if they're seeking anti-competitive behavior - but if this was driven by a government, does Google really deserve all the blame?
(Note that I am explicitly not endorsing the move. I think sideloading should be left mostly untouched.)
> All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
I agree with you. However, the impact of scams should not be underestimated either.
> There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
Only certain permissions actually matter. That's one of three.
But "only in singapore so far" is not reassuring.
And "downloaded via certain paths"? Browsers and file managers are the normal ways to put files onto a phone. That doesn't reassure me at all.
Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading". That said, it's clearly a balancing act between protecting people from installing malware but allowing them to intentionally install things they really do want to install, regardless of what permissions they need.
Every time the technical sophistication required to install apps from anywhere but Google's store (I don't love the term "sideloading" since it kind of denormalizes the act) is increased, the chances anyone will put in the effort to distribute apps any other way goes down. It also means apps Google doesn't want in its store are less likely to get made; I'd really like to see something that prioritizes notifications for me, for example, and I think that's against Google's rules.
I'm sure making it harder to obtain software outside a first-party app store provides some protection to some users from scams, but I really don't want that to be the answer. I don't claim to have a good one myself.
They don't, and they don't even block F-Droid. You can also just disable Play Protect (though Google won't let you while you're on a call, probably a smart move). According to the Singapore police, scammers also have victims download VPNs of Google Play to work around the regional restrictions.
I don't think the restrictions are doing much for victims. I assume Google was pressured into doing this by the authorities, or may be doing this to get in a good spot politically.
requiring a user to own a PC in order to sideload apps (with adb) would, in fact, count as blocking sideloading, albeit partially. so i don't think that's the right limit
> There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
Those "certain paths" include "file managers"; how exactly would you sideload an app without providing the file?
>There are a lot of qualifiers on this: Only in Singapore,
We had a big client from Singapore who only agreed to buy our SaaS subscription after we integrated SingPass (Singapore's national digital identity system) for user login.
When I read "Singapore" in the OP I immediately remembered about it.
The client is not with us anymore, but we still have this thing somewhere in the codebase :)
It will always be possible to side-load apps on Android if you really want. It is one big strength of Android. There are many Android's no-internet deployments in the wild that rely on this feature.
I've got to say, some of the comments here are pretty funny.
> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
There was some Ubuntu (or Linux) forum where I had asked a question and I wanted an app or something (I can't recall now) which was easier to use and do repeatedly. Most of the people were replying with stuff like "why can't you just do <something that involves lots of CLI and more than an hour ro so>" or on the lines of it.
I, someone extremely new to Linux (hell, new to computers), was bewildered. Then a commenter replied with something that helped me and exactly what I needed. He added a note directed towards others which went something like - the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
> the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
This definitely happened with Arch. For some reason they killed the noob guide (which I helped maintain). It was a great guide that helped people go from noob to kinda knowing linux.
You can't have wizards without first having noobs.
Why gatekeep people from enjoying the same thing you enjoy?
Well, I guess all that gave us EndeavourOS and Manjaro. But still, we need more places for people to learn that nitty gritty stuff.
Hell, I'd love to learn more about the hardware hacking the OP is talking about. Love to learn about those GPU hardware modifications people do. I know it's hacker news, but I'd actually love to learn about that hacker stuff. If these companies are going to continue to fight this hard to prevent us from owning the things we buy, it sounds like an important thing to learn. Or else we're soon going to have robot butlers that are just sending lidar maps and high resolution photos of our homes back to these companies. We don't need elitest pricks, we need wizards teaching noobs
Yet telling someone to open regedit, find some deeply-buried branch, create a new binary key, rename it to SetFocusRefreshTimeout and set its value to 0xFFFF is... desktop usability.
>the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
Don't believe that for a second. Industry de-facto standards are a result of power dynamics, and the actual users of the thing wield orders of magnitude less power than they project. If a corporation like MS or Google wanted Linux desktop to happen, no amount of gatekeepers could actually hold the gates.
The reason why Windows is the de-facto standard is because Microsoft put a lot of behind-the-scenes work into making it a de-facto standard. I am meaning them sabotaging everything else, treating the status quo with the famous EEE, many business deals with governments to use it, put it in school curricula, having manufacturers preinstall it to PCs, and bend every piece of connected tech to Windows' direction - hardware drivers, computer games, specialty software, even the internet.
That is how Windows got its desktop users, and how Linux and others didn't really.
> Most of the people were replying with stuff like "why can't you just do <something that involves lots of CLI and more than an hour ro so>" or on the lines of it.
More than an hour? That's very strange, enough that I wonder if you had the right impression of things.
Usually the reason to go with command line is that even though it might be bewildering to look at, slamming in the command only takes a moment and you don't need to do any button-hunting.
It's a tradeoff, is what I'm saying. But you seem to be describing a situation where it's significantly worse in every way. Why would a bunch of people all be on that bad plan?
That may be. But the CLI guys have had the last laugh, no? An LLM can work through a terminal with decades of stability much better than it can poke around constantly changing product UIs.
What's needed is a Dropbox analogue for Linux -- something that doesn't do anything that isn't already possible, but that makes things that are possible accessible to non-specialists.
It looked like SteamOS was going to be a contender, but apparently not.
One reason that people often overlook is that it's much easier (and much less error prone for the user) to give an instruction that uses the cli instead of a GUI tool, e.g. if someone would ask how to add a new user who's in the usb group on Linux, I would always tell the person `adduser --ingroup usb [username] ` instead of giving the GUI instructions which are longer and depend on what desktop the person uses.
People in general are very bad at knowing what the average experience is. We almost all have a predisposition to perceive our experience as being approximately normal, or if not, not too far away from normal. This is especially exaggerated anywhere experts of a domain congregate. They adjust to a significantly biased frame of reference. And that results in opinions that don't fall anywhere within the galaxy of what's reasonable for the vast majority of users of a given thing.
Do ordinary people side load at all? Assuming most people use the phone to do something else, and not for the sake of using the phone, after you get the apps you want/need, ordinary people are likely to just do the same thing/consume the same apps over and over.
If I haven't prohibited him, I am pretty sure my 11 years old son would have installed dozens of pirated games and apps of dubious provenance on his phone.
But I am pretty sure that like any other teenagers since the beginning of time he obeys me, and has only rooted his phone for educational purposes.
A lot of my non-techy friends have a sideloaded copy of spotify/youtube to get premium features for free. I think they just blindly follow some guide they find on tiktok.
I installed fdroid on a friends phone and they use it install newpipe and keep it up to date, without having a tech savy friend around to download the apk relase from github.
A lot of Chinese apps still do. Mostly cause I guess they don't allow Google play store in China (? I think it's blocked, can't quite remember for sure)
Yes, usually when somebody calls them, pretends to be from the security department of their bank, and asks them to install an app to "catch the hacker who just stole $2000 from your account in the act."
In countries where Android is popular (not the US), this is an extremely common scam vector.
And, worse, it isn't even true, right? As Google keeps adding more and more DRM tech to Android, along with APIs that let apps ensure they are running on "legitimate" software, installing GrapheneOS isn't even a viable option going forward unless you are effectively exiting the entire ecosystem anyway.
Apps have to choose to block using a non-stock OS and only a tiny minority of them do it. GrapheneOS bypasses it for many of them and we intend to get it fully resolved. Regulatory action is in progress for this in Europe already and it will be solved. GrapheneOS users can currently use nearly all Android apps with the exception of a subset of banking/financial apps and a tiny number of other apps. Google trying to crack down further will greatly increase the already incoming consequences in multiple countries for the existing Play Integrity API.
Making it difficult for ordinary people to sideload apps that access their SMS or accessibility features (e.g. screen recording, controlling the phone) is the point.
I think what people on HN really forget is that the average person isn’t equipped to tell the difference between a legit source sideloaded app or a Trojan horse app that some TikTok video instructed them to install.
> Making it difficult for ordinary people to sideload apps that access their SMS or accessibility features (e.g. screen recording, controlling the phone) is the point.
I wonder if they could solve that with delays. E.g. you can sideload, but the process is deliberately delayed to take two full days and require carefully reading warning screens and correctly answering questions about the warnings, then getting time to think, multiple times.
Google changing defaults is a permanent change for some large percentage of their userbase. A subset of those can still figure out how to download and run an APK file but have no further recourse against monopolistic behavior.
Maybe those people do need to be protected from scams. Social engineers have complete control over the user, so any control given to the user is owned by the scammer. Seems like the same problem as pig butchering, a technology or process solution can't save someone too stupid to save.
Thinking about less controversial options for Google, they could track if any side-loaded apps have the dangerous permissions, and provide a global true/false status to other apps that request it. So Wallet / whatever would disable features if any "outside" apps were in a position to exploit the user. And Android could offer a button that cleans up the "problem" apps, setting the global status back to false.
And official Android-based OS bring advantages too. For example, Samsung has lot of proprietary and useful features, and GrapheneOS you cannot use Google Pay (one major feature of a phone).
The primary reason why I haven't bought a Pixel and switched to GrapheneOS is because Samsung's OneUI is just so far ahead of the curve. They innovate new software features years before anyone else does.
That being said, it is a reasonable compromise that, as long as people know that beforehand, losing Google Pay as the price to loosen Google's grip on your data, location and preferences is an acceptable one [price].
"Ordinary people" aren't sideloading apps one way or another. In fact this will help 99% of them, since for them sideloading is mostly used for malware and phishing.
And who's going to put GrapheneOS on an ordinary person's phone in the first place?
The Web installer [0] is not really approachable to a normal Android user. The instructions are dense, loaded up with warnings about dozens of edge cases that are discussed in jargon that would intimidate even relatively tech-savvy users:
What's USB passthrough? Did I install my browser through Flatpak or Snap? How would I know? Did I need to understand the paragraph explaining in detail how carrier models lock users in? There's a bunch of stuff in there about Linux... do I need Linux? What's a sha256 hash and do I need to care?
It's not that this is impossible for non-IT-folks to grasp, but there's no chance that my parents are installing this on their phone.
I am legitimately glad for devs of graphene os and for it graphene working in your case but it is not functional if a user needs banking orr streaming apps, or any number of other impacted apps such as mcdonald's or pokemon go.... that is after installing the optional play services, reducing the privacy benefits of graphene.
I own no firsthand experience but read many users require app 2FA to make card payments.
The solution must be social-legislative. The London smog and terrifying auto deaths at 30 KPH were solved but not by niche enthusiast projects.
GrapheneOS is sold preinstalled on devices. People do not have to install it themselves. It's also far easier to install than a desktop OS via https://grapheneos.org/install/web.
The post from Purism is highly inaccurate and is inventing issues which are not real issues along with presenting a product which massive reduces security and app compatibility as somehow solving those things. Dropping mainstream app compatibility and support for the main open source app ecosystem entirely hardly solves a tiny number of apps enforcing using the stock OS.
They ordinary people would be the ones that need this level of protection, since a scammer would talk them into sideloading malware if the device permits it.
It's important to note that the infamous Dropbox comment was not just misguided. It was wrong.
The proof is that multiple competitor products have been launched since, and all of them have had sync issues at some point, with different degrees of severity ranging from sync delays, through data conflicts, up to loss of data in all synced devices. To this day, I still trust Dropbox more than its competition. This includes custom rsync scripts.
No, Murena sells devices with /e/OS which is fork of LineageOS which drastically rolls back privacy and security compared to it. LineageOS itself rolls those back compared to the Android Open Source Project but not nearly as much as /e/OS. LineageOS would be a better choice for privacy, security, app compatibility and usability than Purism's product.
GrapheneOS and /e/OS are very different operating systems. GrapheneOS is a hardened OS with massive privacy/security improvements and a far different appropach to mainstream app compatibility. GrapheneOS can be purchased preloaded on devices including from companies like NitroKey, so that is not something that's a difference between them. GrapheneOS is based on AOSP directly, not LineageOS.
https://eylenburg.github.io/android_comparison.htm is a third party comparison between different alternate mobile operating systems. It could include many more privacy/security features but it's a good starting point.
https://grapheneos.org/features provides an overview of what GrapheneOS provides. It doesn't cover all of the features but it covers a lot of them.
/e/OS lags very far behind on shipping Android privacy/security backports, lags a year or more behind on shipping standard privacy/security patches and does not keep the standard Android privacy/security model or features intact. Like LineageOS, /e/OS mainly supports devices without proper non-stock OS support and without firmware/driver patches. For the few devices they support which do provide those updates, they are much worse than LineageOS at shipping them to users. They don't use standard hardware-based security features even when they're made available to an alternate OS. /e/OS is not a safe option because going months or even years without critical browser engine and OS updates is a serious problem. It is not an academic or theoretical issue. They are failing to patch critical issues and some of those are known to be exploited in the wild.
You can run nearly all Play Store apps on GrapheneOS, but not /e/OS with the much more limited and less secure microG approach. https://bsky.app/profile/grapheneos.org/post/3lamcjfv5r22s explains the difference in approach. Of course, their approach certainly provides dramatically more mobile app compatibility than using the desktop Linux stack on mobile as is being proposed in the original post.
I am the first to be on the "I own my phone let me do whatever the heck I want with it" but recently something hit me.
DJI forces you to side load their app for their Air Units and Drones. And this is scary.
It looks like the rule they violate for the play store is that their app can self modify.
Let that sink in ... Any tension or whatever political bull crap happens and you have a state controlled malware on your device that can do anything it wants with your drone.
Millions of people installed this without really understanding what could be the consequences...
I find it interesting that all the things Apple did from the start in the name of security, Google is slowly needing to do over time in the name of security. Meanwhile, various parties (the EU being the big one) are pushing to have Apple role back some of these controls.
This is why "do whatever the heck I want with it" ought to apply to software, not just hardware. This is one thing I think Richard Stallman got right, all the way back in 1988:
> the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.
We're a long way from that ideal today. Software controls us all the time. Usually that just leads to anti-consumer annoyances like lock screen ads or DLC seat heaters. But when the one controlling the software that controls you is a communist government...
Not sure what the short term practical solution to this is though.
The difference is, in theory if DJI were discovered to be doing something malicious, it could be taken down from the Play Store. If 0% of its current users were side loading the application, that means 100% of their users would be unable to install the app the normal way, and there would be substantial friction to migrate them to sideloading (a google of "install dji app" would probably return a bunch of news articles about whatever the problem was before dji's install instructions).
By making it "normal" to install the app via sideloading, there's little Google could do in the event of malicious app behaviour, and the majority of users would not find out about it (at least, not immediately).
I don't know why you're getting downvoted when its very possibly true.
Just one month ago they found intentionally embedded Kill Switches in chinese provided solar panels [0][1].
Not even complex apps require capabilities of such self-modification, the fact that a DJI drone app, requires such capabilities, is quite suspicious especially as they are heavily involved in PLA Drone Warfare R&D and Capacity building.
The sideloading restriction is easily solved by installing GrapheneOS, which has all the security benefits of Google's Android on Pixel.
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
The issue is even bigger. Even when using Play Store on GrapheneOS with a locked bootloader (which is the recommended configuration by the GrapheneOS project), Google refuses to let apps use the hardware attestation support in the Play Integrity API [1], which blocks certain banking apps, Google Wallet, etc.
It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
> It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
A huge problem with Graphene is the incredibly small number of supported devices. We need something that isn't as reliant on specific hardware, and while that would mean some security features are not supported it would still be better than most other options by far.
Unfortunately, Google's Pixel devices have been the only ones with hardware that meets all of the project's stringent security requirements, including a secure hardware enclave and multiyear commitments from the vendor to firmware security updates (I think 7 years of updates now for the newest Pixels). Those seem to be the big two things that no other Android vendor achieves together.
The GrapheneOS devs are serious about security, probably more focused on it than 99% of end users. That they manage to release a project with the high level of usability that GrapheneOS achieves is impressive, even if it isn't as convenient to the end user as stock Android. Ultimately, nothing will ever be as convenient to the end user as stock Android or iOS, but that's not the point of the project.
Yes, but vanishingly few apps actually use that, rather than Google Play Integrity. As a result, in general it is fair to say that Android apps that require hardware attestation will not run on GrapheneOS. I say this as a satisfied GrapheneOS user.
Time to get serious about contributing to and using projects like https://postmarketos.org! We can continue to fork Android every release, but that's just re-arranging deck chairs on the titanic without upstream driver support.
A person from Singapore here. In practice, this changes nothing (from the news standpoint). The most critical applications are already integrated with Play Integrity API. Singpass (ID system) is 100% unavoidable for every long-term visitor and has strict Play Integrity integration (but attacker can select SMS flow and nullify the protection). Banks and all financial organizations require Singpass too, also use Play Integrity in most cases. The biggest bank DBS has extra checks, like "if there is an .apk in Downloads directory, then device is considered as compromised" (and they recently disabled SMS bypass). The most funny case that a similar protection is used in McDonald's app (again, maybe enforced only in specific countries): have something sus on your phone -- no burgers for you! They also have extra checks (i. e. device passes "strong integrity test", but app refuses to work).
Another note: this obviously does not prevent people from having multiple phones, feel free to buy an extra phone and install LineageOS/Gentoo/whatever you want.
The way this is designed appears to be entirely intentional and sensible. Yes, you can still install malware using ADB. It's just harder. That seems really sensible. It's a speed bump, but not a prohibition.
I also haven't seen any specific examples of software that's frequently sideloaded that would be unjustly discriminated against.
> [blocking apps] requesting sensitive permissions such as SMS access or accessibility services
These are the permissions most used to impersonate a user. SMS access lets an app log into every service you use and get OTP codes. Accessibility tools lets the app open your banking apps etc. whilst you're sleeping.
Singapore has big issues with identity 'trading' - and there are big signs saying things like "if a stranger offers to buy your phone number from you, and you accept, we will send you to prison for 5 years". Same with bank accounts, credit cards, etc.
Basically, if something is tied to your identity, and you let someone else use it for crime, then they're gonna punish you heavily.
This will impact the blind community in a pretty serious way.
In countries where Android is popular and iPhones are expensive, Commentary (Jieshuo) screen reader is a popular and arguably much better alternative to TalkBack, the built-in Android screen reader. Because it's a Chinese app and there's no major conglomerate behind it, it's not on the Play Store.
Because it needs to be able to read all screen contents and drive the entire system UI (that's literally what a screen reader is for), the permissions it requests are quite intrusive. Blocking it from accessing sensitive apps would entirely defeat its purpose, after all, if you need a screen reader in the first place, one that doesn't work in banking apps will be pretty useless to you.
Googlers will probably point to Webaim[1] and say that nobody uses the app so it's not a problem, entirely forgetting that Webaim is mostly filled out by well-off English speakers. If you look at data sources that better represent the global population at large, like the Yandex user survey, you will see something very different.
The flexibility afforded by sideloading, which allows that that an Android phone is still for the most part a pocket-sized computer that can operate in a mode not intended by its creators (as opposed to a restricted consumption appliance like the iPhone) is what has kept me on the platform for 16 years and counting. If they take that away, then I really don't see a compelling difference between the two platforms.
Android has been getting markedly more flaky for me ON MULTIPLE GOOGLE PIXEL DEVICES since 2018. My current Pixel 8a on Android 15 regularly has the underlying UI controls (separate from the launcher) crash and force me to restart if I want to use the app overview switcher since day 1. I also have no app overview button in the stock Android calculator since Android 14, the shipped OS, so if I want to switch between a calculation and another app I must first return to the home screen. Wasn't like this in previous releases! Furthermore, the day/date is routinely cut off in the statusbar and its pulldown. This product passed multiple reviews and 2 major OS releases with these (and many other) obvious and irritating bugs and shows no signs of improvement. If they left these holes in the surface, I can only imagine what's underneath. It's ridiculous, but I guess we're cranking out complexity at a rate that exceeds our ability to manage it (or our ability to manufacture new fucks at a rate exceeding their consumption).
If Purism is shopping for new users, all they would eventually need to do is not get worse at a rate as fast as Android, or more expensive at a rate as fast as iOS devices. Based on what I've seen from them so far...they're not at that point yet: meager specifications, high prices. I will continue to cling to my Android device, but I'll cheer them on from the sidelines.
I didn't know apple supported rooted iphones (I do not keep up with apple). Does apple at least provide a warning about invalidating warranties or whatever?
Been there, done that. It breaks too many things, prevents OTA updates, and some apps just won't run if they detect you've screwed with iOS. I ended up putting my iPad Pro and iPhone (which I have but only use when I need something they offer exclusively) back on official firmware.
The Google input method on my phone is patched by myself. So is the calculator, and many other everyday apps. I cannot imagine owning an Android phone without the ability of sideloading. Maybe I will consider rooting my phone and void my warranty on the first day with my every future Android phone.
Let's not adopt the newspeak of the megacorps here. The actual headline is,
"Google Restricts Android Application Installation–What It Means for User Autonomy and Freedom"
The idea that you're not allowed to install any application without it coming directly from $megacorp is the new wierd thing. The idea of installing applications yourself on your computer is well established and normal.
"Sideloading" is a dangerous word that implicitly gives up freedoms. It should not be used.
Actually in computers, there are also „safeward“ criping in…
It is imperative to avoid the term. It is just installing sw in the device you pay and own. I do not want any big-(brother)-tech protecting me. At most I would find ok if there is a config option, so I can set it to my parents, but no more than that.
yeah lets create new language for the average computer user already fatigued by the garbage being produced by the entire computer industry, this will be the only thing that works!!!! haha u guyz
reminds me of talking with libertarians (I forget whether big L or little l but whatever), before you can even engage then in discussions you have to learn their terminology, "taxes" is not a word, its "theft". being a regular citizen is "enslavement."
One mental strategy I like when debating an issue is to see how my argument looks using normal terms. Heck if I have spare time and am bored, I'll even reframe arguments in my debate partners terms if they're one of "those" but thats just something done for amusement, like trying to rewrite linux in brainfuck, in theory its possible but its not how you normally want to do things.
Will this affect alternative app stores like F-droid or is it only about downloading and installing an APK with a web browser?
An example of "normal" users that side load (through F-droid or direct APK) is most Ingress players. While Ingress itself is in the playstore most people use the "companion" intel app called IITC which isn't in the playstore as it's technically against the ToS.
You also can't turn off Play Protect if you've enabled Advanced Protection on your account (which also enforces a range of other security measures) but that's fully opt-in and hasn't even been availble to the wide public for all that long.
Can anyone using a Librem 5 as their daily phone report back as to how well it works. Specifically, how reliable are the most basic, and crucial SMS and calling functions? How's battery life?
I had a Pinephone a couple of years ago and receiving phone calls wasn't very reliable.
That change is not for the benefit of the end user; it's for app developers with an adversarial relationship to their users who want to trust the client not to do anything unprofitable.
This would have been a great time to explain how Purism protects users from malware better than Google while giving users more freedom, instead of just repeating the word “security”. If, in fact, that is the case.
How the hell does this get upvoted? This is major FUD by an Android "competitor". First of all, it just introduces an addition level of security, at the request of the government of Singapore. Second, it's a year and a half old. Third, it obviously hasn't affected side loading in other parts of the world 1.5 years later. The other restriction, allowing app makers to restrict side loading, is to combat piracy and it's again, up to the app makers themselves.
Garbage article. Also embarrassing so many fell for it.
This development clearly shows the direction of Android development officially chosen by Google. It doesn't matter when it happened or where. It's just another checkpoint on the way to not owning your device that knows everything about you and has access to practically all your secrets. People saying "Android is still better than Apple" will not be right for long. This "competitor" offers a rare opportunity to support the escape path from the dystopia using free software. Sent from my Librem 5.
It would be great to have more devices running PureOS available, especially a bit smaller ones than current generation "phablets". Where did all 4" devices gone?
I like Purism as an idea but, lord, is their marketing annoying. Between FUD like this and regular emails inviting me to become some kind of investor (if I search my inbox for "purism investor" I get dozens of results), I've begun tuning them out.
Sigh, same. I am clearly a 'believer', because I keep trying various alternatives and am disappointed that they come up short. And now that work started to effectively require phone to log in ( remote mostly ), I am genuinely considering apple as my next move. And I dislike apple a fair bit.
As I’ve mentioned here before, sideloading is a genuine security concern, not merely an excuse for Apple to exert control. There is a never-ending stream of people losing their life savings. It happens on Android and not iOS because Android allows sideloading and iOS doesn’t. There is a very real human cost to this.
> Police warn new Android malware scam can factory reset phones; over S$10 million lost in first half of 2023
> There have been more than 750 cases of victims downloading the malware into their phones in the first half of 2023, with losses of at least S$10 million (US$7.3 million).
> 74-year-old man loses $70k after downloading third-party app to buy Peking duck
> “I couldn’t believe the news. I thought: Why am I so stupid? I was so angry at myself for being cheated of my life savings. My family is frustrated and I ended up quarrelling with my wife,” said Mr Loh, who has three children.
> Singapore Android users to be blocked from installing certain unverified apps as part of anti-scam trial
> "Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources," it added.
> Android users in Singapore tried to install unverified apps nearly 900,000 times in past 6 months
> These attempts were blocked by a security feature rolled out by Google six months ago as part of a trial to better protect users against malware scams, which led to at least S$34.1 million (US$25.8 million) in losses last year with about 1,900 cases reported.
Maybe just the ones that could be used to send all your money to scammers from your bank account or crypto wallet?
Computers are cheap these days. You can buy a Raspberry Pi to hack on and use something else for your money. If you like hacking on smart phones, carrying more than one phone is an option. You don’t need root access on every device you own.
We should implement mechanisms that make it hard and obvious to do unsafe things and easy to do safe things, in all kinds of computers; even as an expert user, I don’t want to have to think about my text editor’s color scheme being able to access my bank. Yes, this necessarily involves a barrier to installing apps with certain privileges, and it should be high enough in software targeted at non-expert users to provide them with protection against scams. No, we obviously shouldn’t make it illegal for a user to do what they want, and nobody has even come close to proposing that here. That’s a straw man.
I'm tired of this crap where companies constantly restrict my freedom in the name of security.. the same thing happened to Chromium, where Google decided that MV2 was "insecure" so with MV3 we alsi lost the webRequestBlocking api which had nothing to do with that..
Hey, listen, I don't fall for these obvious scams and I even rarely install apps/extensions, but when I do, I know what I'm doing.
There should be a giant "OPT OUT" button (you press it, you're responsible for it) so I'd not be bothered ever again.
Outside the app store, Android 15 on Google Pixels supports Debian Linux "Terminal" pKVM VM with access to Debian Arm packages. It doesn't yet support accelerated (v)GPU graphics, in development for Android and shipped on some Chromebooks.
the only security paradigm that is 100% foolproof is to assume breach. Taking away any number of users freedoms, big or small, does not change that.
Old computers, before sandboxing and Windows defender and real-time protection, were more secure, because people were less likely to plug their bank account information, social security number, birth date, and home address into them.
At a certain point we have got to level with the idea that a smartphone is no longer a general purpose computer in your pocket. It's more like a cyber passport. It knows everything about you and authenticates formal activities.
Sure, but by the same logic old roads were safer because we used horses on them instead of cars and a horse won't generally plow into the oncoming lane if you fall asleep at the reigns.
It feels like this analysis really downplays some advantages making sandboxes and Windows defender and realtime protection got us in the average case (even if in the edge case someone can get hurt).
> Old computers, before sandboxing and Windows defender and real-time protection, were more secure, because people were less likely to plug their bank account information, social security number, birth date, and home address into them.
So they weren’t actually more secure – they were less secure and less useful (setting aside the questionable historical accuracy of where popular online banking sits in the timeline relative to OS security measures in that claim). Maybe if we relax the made up constraint that a change must create 100% foolproof security, we can have a more nuanced discussion about ways to improve security.
And how is it supposed to work in China, where the Google Play Store is blocked and sideloading is very common to install apps on Android phones? Looks like Google plans to throw its Chinese users under the bus.
As long as AOSP and its various flavors continue to be viable alternatives, Android is still better than Apple. If you run Lineage or Graphene, I'm sure you can still "sideload" just fine.
Google works pretty hard (e.g. with SafetyNet/Play Integrity) to ensure those are only viable alternatives for people with a very high level of technical sophistication and tolerance for hassle.
I tried graphene, and came to the conclusion that it’s not a viable alternative to iOS.
1) Apps like uber, lyft, ev charging and parkmobile would crash with null pointer exceptions some weeks but not others, so for the use cases that force me to carry a phone, it doesn’t work.
2) There isn’t a modern e2e sync ecosystem, and backup is completely broken.
3) The camera sort of worked out of the box (pixel pro 6), but to get all the modes, I had to install sandboxed google play services, which halved the standby battery life.
I would say it has improved substantially in the past years
To your items, and my experience on Pixels 7, 9, and 9a running GrapheneOS regularly for the last two years:
1. I use Uber and Lyft semi-regularly (disabled when not actively using) and don't recall experiencing any crashes. Can't speak to ev or parking apps.
2. It may not meet your definition of modern, but I am very happy with Syncthing Fork on phone alongside Syncthing on linux laptop and desktop (where I run restic nightly backups.) It takes some effort to set up compared to handing the keys to the big corps, I will give you that. I'm still unsatisfied with GrapheneOS backups, but mainly because I want them written to storage where my syncing can send them along, and be able to flash a new phone as if it were a regular drive. But that's maybe asking a lot on phone hardware?
3. Pixel Camera app I pull down from Aurora Store, decline Network permission, and takes photos seamlessly even without Play services. It won't let you actually view photos in app without the Google Photos app which is a bummer. I've taken to using Files to view them, which is cumbersome. Maybe I should just install Photos and decline network.
Not entirely - the article doesn’t explain it well, but from what I understand, one of the new features allows developers to prevent apps not installed via Google Play from using the device enclave.
Meaning if you want to use say, a financial app while on Lineage or Graphene, you are SoL if the developer decides to enable that feature.
I don't really understand why all sideloads are put into same category. Because the APK must be signed, and e.g. you could easily verify Facebook/Microsoft/bigcompany signatures.
Do these restrictions require the phone to support Play Services and the Play Store? I'd imagine on a non-Play-Store phone this still won't be a thing, yeah?
> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers. The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
This is a reasonable restriction and I am surprised this restriction is coming now and not ten years ago.
Sideloading must be limited to tech savvy users only who know what they are doing.
I don't think "common sense" is an actual person haha
I'm not picking sides, but I try to help myself understand things by visiting both sides of the arguments and there is clearly a side interested in cutting down on fraud, just as there is a side promoting freedom in their computing. Limiting sideloading seems a sort of pragmatic move, and leaving the possibility of sideloading open seems to be likewise a pragmatic move, especially if there are guardrails and warning signs everywhere, we do this in society when faced with hazardous situations.
I am very open to counterpoints here, at least if I can read them before they get too greyed out!
Hate the $megacorps too, soPurism sounded like a good idea. But half the links on their site are broken. It makes them look like a scammer unfortunately.
I am on Google ecosystem since the original T-Mobile G1 - now at Pixel 9 Pro XL. The moment this is rolled out, I am getting iPhones for me and family.
You wouldn't have this problem with a stock OS Android device either.
It's worth noting that you're using an insecure end-of-life device and are missing a large number of High and Critical severity privacy/security patches including ones being exploited in the wild. Due to the device being end-of-life, you don't have firmware/driver patches, which are not being provided by your OS despite it continuing to support it. You're also missing important non-device-related OS patches due to /e/OS lagging behind and not shipping them properly.
You should really replace the device if you care at all about privacy and security. The 3 years of support for the Pixel 5 was not adequate for a significant portion of users. The past 2 generations of Pixels have 7 years of support from launch, which should be enough for most people.
/e/OS also doesn't ship proper signed production releases and doesn't keep the standard privacy/security model or features intact. It greatly reduces privacy and security compared to LineageOS which reduces them compared to the Android Open Source Project.
Purism's Librem 5 is definitely not the answer. It had dramatically worse hardware, firmware and software security than Pixels or iPhones from day one along with not providing high importance firmware updates to users. Presenting it as the answer to minor app compatibility issues also makes little sense since throwing out compatibility with most open source mobile apps and nearly all mainstream apps hardly resolves a subset of banking/financial apps and a tiny number of other apps banning using a non-stock OS.
I enjoy Android is because of its relatively nonrestrictive nature. It trusts that I know what I'm doing. The highly locked down nature of iOS is a reason why I will never buy one of their devices. Google will drive me further away from their services (and into GrapheneOS, which has "no" Google hooks) with moves like this.
From the article, I presume this is being done in the name of "cyber security" (least common denominator strikes again.) In newer versions of Android, a few warnings/confirmations are shown prior to sideloading an app. I think the best solution here is to gate-keep sideloading behind Developer Mode. Enabling Developer Mode, then enabling side loading, would be complex enough to stop brain dead drive-by side loading from occurring. And (mostly) only people that know what they're doing enable Developer Mode.
> This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers).
It probably hasn't since they started doing this last year, but once scammers find out you can publish your own malware F-Droid repo, they might.
The inexorable process of using security as a pretext to enshittify your platform carries on. I don't believe there is a meaningful difference between Google and Apple anymore.
>These policies reinforce Google’s control over Android’s ecosystem under the guise of security but have sparked renewed concern over digital autonomy, innovation suppression, and user rights.
Ahhh yes. You want some of the action apple is getting from EU commission don't you?
Talking about the api-s that discriminate between playstore and side loaded aps. Which is not clear if are Singapore only
You are totally right, except you forgot to mention how for one of them the main customers are hardware buyers and the other's main customers are advertisers
as long as I can continue to pirate android apps. one thing I hate about apple is that I have to pay for everything. annoying. information needs to be free as in no payment. the great thing about android is that it's so easy to find the APKs for any app, and unlock paid purchases and what not.
luckily for me and other others who are sailing is that you cannot keep sideloading without enabling pirating as well.
the rich techies can downvotes if they want but I and others in India don't have money to pay for your silly todo apps. ha ha.
Well they can, but isn't debian and freebsd on mobile here now? I know they are rough around the edges, but who still cares about Android or iOS in the long run? If I can run my mobile device with root access using debian or freebsd, why still bother with Google and Apple?
What a weird thing to write a blog post about now. Did someone forget to hit publish on this back when it was written? The programme in question, announced a year and four months ago: https://security.googleblog.com/2024/02/piloting-new-ways-to...
AFAIK this only applies within Singapore (not sure if this applies to visiting devices) for apps requesting certain permissions (RECEIVE_SMS, READ_SMS, BIND_NOTIFICATIONS, and accessibility) downloaded outside of app stores (F-Droid is fine) and opened directly on the device (adb install is fine).
You can probably bypass the restriction by just disabling Play Protect if you don't want Google to tell you what you can and cannot install, but I'm not in Singapore so I can't confirm if that will work or not. That said, Google has made it impossible to disable Play Protect while on a call, that's probably a smart move.
Based on this article from the Singapore police, the approach doesn't seem to have helped much: https://www.police.gov.sg/media-room/news/20250417_police_ad...
> In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.
Also, people in Singapore seem to be particularly vulnerable to scams:
> Pang is just one of tens of thousands of Singaporeans to fall foul of scams last year, who lost a total of S$1.1bn, according to police, a 70 per cent increase on the previous year. The true figure could be even higher, according to the Global Anti-Scam Alliance, which estimates that more than two-thirds of Singaporean victims did not report their experience.
> This is a small part of a global criminal enterprise worth an estimated $1tn, but Singaporeans, affluent, digitally advanced and compliant, are particularly vulnerable to these scams. As one person involved in the recovery of assets put it: “They are rich and naive”.
https://archive.is/fCmW1
> “They are rich and naive”.
This is blaming the victim, and I'm not having it.
The problem has been that BankCorp are all forcing us into online pathways because it's cheaper for BankCorp. Of course, they don't put good security on the pathways because that would dramatically increase the customer support cost for BankCorp. Getting scammed is "just sucks to be you" because that costs LittlePlebian.
The "solution" is that liability for these kinds of scams need to be on BankCorp, period. LittlePlebian simply cannot be expected to protect themselves from every professional scammer in the universe beyond very basic measures. Bitcoin people regularly get scammed and they are supposedly more "sophisticated" than the average bear. Nobody less sophisticated stands a chance against the professionals.
Worth noting - was that before or after Google started getting painful decisions in court battles on the App Store thing?
Because this is not going to be super positive for them on that front.
> victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads.
I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers, especially when users have gotten habituated to ignoring incessant safety warnings caused by attempts to protect users.
I also keep wondering how safe the Play store is from this stuff. The very existence of obscenely detailed public GPS datasets about Android users show that even "official store" apps are somewhat malicious.
I don't see a real solution besides giving a smart and friendly 3rd party admin rights over the devices of susceptible users.
> I feel like there's only so much a company can do when it comes to balancing protecting users from themselves vs allowing users free rights over their own computers
Convert to a one-time escape hatch unlock via a random-question quiz hosted by Google that assesses security and computing knowledge?
If the intent is to prevent the dumbest users from doing something, then a good place to start would be an assessment to determine if a user is actually dumb or not.
It's oxymoronic to attempt cover-all methods that encompass both (a) advanced users who do want to sideload & (b) people who will type in anything the internet tells them will make a cracked app work.
1 reply →
It's also unclear why this post even exists, except as simple marketing FUD.
> Powered by PureOS, a Debian-based Linux operating system, the Librem 5 and Liberty Phones
Can their devices run APKs? The only Linux distro I know of that does is Sailfish, whose weird licensing model makes it really hard to take advantage of unless you have an obscure, obsolete phone and flash it with the image they sell.
To their credit, Purism has invested more into touch Linux with Phosh than most others in the space have, but Linux on a touchscreen is still a befuddlingly garbage experience.
Unless their experience is impacted by the features they're writing about (which it doesn't sound like it is), this post is just trying to make its mainstream alternative sound bad in the hopes that someone buys their crap instead.
Purism devices can run Android APKs via Waydroid. I don't think this Google policy materially affects that, though, so I'm also mystified why they bothered writing this article.
> but Linux on a touchscreen is still a befuddlingly garbage experience.
It's definitely worse than an iPhone, but you're greatly exaggerating. Sent from my Librem 5.
Thanks for the context!
This is a few paragraphs of fluff and then an ad for Purism.
Obviously, from the upvotes, people are worried about the direction of Android development and are interested in the alternative.
Obviously, from the upvotes, people only read the title.
The article is a blatant clickbait not written in good faith, and not painting the whole picture. Obviously
1 reply →
I immediately mentally discarded everything I read once I realized it's an ad. Can we please get a better link @dang.
Is this not from 2024?
https://techcrunch.com/2024/02/07/google-starts-blocking-use...
> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers.
There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
I don’t see the full details but this implies that it’s still possible for advanced users to side load whatever they want. They don’t want to make it easy for the average user to start sideloading apps that access SMS permissions or accessibility controls.
If it takes a few extra steps for the advanced user to sideload these apps that’s not really a big infringement on freedom like this purism PR piece is trying to imply. Unfortunately sideloaded apps are a problematic scam avenue for low-tech users.
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
This explains why it’s only in Singapore for now.
I think you're dismissing legitimate concerns without fully understanding them, because through the right lens you realize how this can be anticompetitive in the mass market.
Even if some technically inclined folk can install what they want, the masses will stay in the walled garden so that Google can get their cut and exert ideological control. Even now, both Google and Apple engage in practices across their product that are designed to scare people away from third party applications. From Google's terminology when describing Google in banners as "a more secure browser" etc, to Apple requiring a secret incantation in order to run unsigned apps.
All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
The comment you're responding to includes the line:
> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Your comment seems to disregard it and instead lay this entirely at Google's feet as if they're seeking anti-competitive behavior - but if this was driven by a government, does Google really deserve all the blame?
(Note that I am explicitly not endorsing the move. I think sideloading should be left mostly untouched.)
9 replies →
The masses will always stay in the walled garden. It's where they want to be and they don't even realize there are walls. It is just what is for them.
14 replies →
> All of this kind of mind control bullshit should be eradicated via regulation. Companies should not have a license to be deceptive towards their users.
I agree with you. However, the impact of scams should not be underestimated either.
7 replies →
> There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
Only certain permissions actually matter. That's one of three.
But "only in singapore so far" is not reassuring.
And "downloaded via certain paths"? Browsers and file managers are the normal ways to put files onto a phone. That doesn't reassure me at all.
Browsers and file managers are absolutely not the "normal ways" to put apps in a phone however.
1 reply →
Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading". That said, it's clearly a balancing act between protecting people from installing malware but allowing them to intentionally install things they really do want to install, regardless of what permissions they need.
Every time the technical sophistication required to install apps from anywhere but Google's store (I don't love the term "sideloading" since it kind of denormalizes the act) is increased, the chances anyone will put in the effort to distribute apps any other way goes down. It also means apps Google doesn't want in its store are less likely to get made; I'd really like to see something that prioritizes notifications for me, for example, and I think that's against Google's rules.
I'm sure making it harder to obtain software outside a first-party app store provides some protection to some users from scams, but I really don't want that to be the answer. I don't claim to have a good one myself.
They don't, and they don't even block F-Droid. You can also just disable Play Protect (though Google won't let you while you're on a call, probably a smart move). According to the Singapore police, scammers also have victims download VPNs of Google Play to work around the regional restrictions.
I don't think the restrictions are doing much for victims. I assume Google was pressured into doing this by the authorities, or may be doing this to get in a good spot politically.
requiring a user to own a PC in order to sideload apps (with adb) would, in fact, count as blocking sideloading, albeit partially. so i don't think that's the right limit
1 reply →
Yeah, just like you can sideload on iPhone by desoldering the flash, decrypting it, and modifying the OS.
Just because something is technically possible does not make it a solution
1 reply →
Once it's normalized it's just one more step to block everything. No thanks.
> There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.
Those "certain paths" include "file managers"; how exactly would you sideload an app without providing the file?
>There are a lot of qualifiers on this: Only in Singapore,
We had a big client from Singapore who only agreed to buy our SaaS subscription after we integrated SingPass (Singapore's national digital identity system) for user login.
When I read "Singapore" in the OP I immediately remembered about it.
The client is not with us anymore, but we still have this thing somewhere in the codebase :)
Boiling the frog though... Obviously they're not going to roll it out all in one go.
They can still add more locations later.
I would prefer if Google moved in the direction of giving apps fake permissions. Otherwise the scammers will just move onto another layer.
It will always be possible to side-load apps on Android if you really want. It is one big strength of Android. There are many Android's no-internet deployments in the wild that rely on this feature.
I've got to say, some of the comments here are pretty funny.
> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
There was some Ubuntu (or Linux) forum where I had asked a question and I wanted an app or something (I can't recall now) which was easier to use and do repeatedly. Most of the people were replying with stuff like "why can't you just do <something that involves lots of CLI and more than an hour ro so>" or on the lines of it.
I, someone extremely new to Linux (hell, new to computers), was bewildered. Then a commenter replied with something that helped me and exactly what I needed. He added a note directed towards others which went something like - the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
This definitely happened with Arch. For some reason they killed the noob guide (which I helped maintain). It was a great guide that helped people go from noob to kinda knowing linux.
You can't have wizards without first having noobs.
Why gatekeep people from enjoying the same thing you enjoy?
Well, I guess all that gave us EndeavourOS and Manjaro. But still, we need more places for people to learn that nitty gritty stuff.
Hell, I'd love to learn more about the hardware hacking the OP is talking about. Love to learn about those GPU hardware modifications people do. I know it's hacker news, but I'd actually love to learn about that hacker stuff. If these companies are going to continue to fight this hard to prevent us from owning the things we buy, it sounds like an important thing to learn. Or else we're soon going to have robot butlers that are just sending lidar maps and high resolution photos of our homes back to these companies. We don't need elitest pricks, we need wizards teaching noobs
30 replies →
Yet telling someone to open regedit, find some deeply-buried branch, create a new binary key, rename it to SetFocusRefreshTimeout and set its value to 0xFFFF is... desktop usability.
6 replies →
>the battle for Linux as THE desktop OS was sabotaged by its most ardent practitioners.
Don't believe that for a second. Industry de-facto standards are a result of power dynamics, and the actual users of the thing wield orders of magnitude less power than they project. If a corporation like MS or Google wanted Linux desktop to happen, no amount of gatekeepers could actually hold the gates.
The reason why Windows is the de-facto standard is because Microsoft put a lot of behind-the-scenes work into making it a de-facto standard. I am meaning them sabotaging everything else, treating the status quo with the famous EEE, many business deals with governments to use it, put it in school curricula, having manufacturers preinstall it to PCs, and bend every piece of connected tech to Windows' direction - hardware drivers, computer games, specialty software, even the internet.
That is how Windows got its desktop users, and how Linux and others didn't really.
> Most of the people were replying with stuff like "why can't you just do <something that involves lots of CLI and more than an hour ro so>" or on the lines of it.
More than an hour? That's very strange, enough that I wonder if you had the right impression of things.
Usually the reason to go with command line is that even though it might be bewildering to look at, slamming in the command only takes a moment and you don't need to do any button-hunting.
It's a tradeoff, is what I'm saying. But you seem to be describing a situation where it's significantly worse in every way. Why would a bunch of people all be on that bad plan?
2 replies →
That may be. But the CLI guys have had the last laugh, no? An LLM can work through a terminal with decades of stability much better than it can poke around constantly changing product UIs.
What's needed is a Dropbox analogue for Linux -- something that doesn't do anything that isn't already possible, but that makes things that are possible accessible to non-specialists.
It looked like SteamOS was going to be a contender, but apparently not.
3 replies →
One reason that people often overlook is that it's much easier (and much less error prone for the user) to give an instruction that uses the cli instead of a GUI tool, e.g. if someone would ask how to add a new user who's in the usb group on Linux, I would always tell the person `adduser --ingroup usb [username] ` instead of giving the GUI instructions which are longer and depend on what desktop the person uses.
1 reply →
It once took me a few hours to get a printer working on Ubuntu, never again.
2 replies →
"... and just recompile the kernel!"
People in general are very bad at knowing what the average experience is. We almost all have a predisposition to perceive our experience as being approximately normal, or if not, not too far away from normal. This is especially exaggerated anywhere experts of a domain congregate. They adjust to a significantly biased frame of reference. And that results in opinions that don't fall anywhere within the galaxy of what's reasonable for the vast majority of users of a given thing.
[dead]
Do ordinary people side load at all? Assuming most people use the phone to do something else, and not for the sake of using the phone, after you get the apps you want/need, ordinary people are likely to just do the same thing/consume the same apps over and over.
Yes, my health relies on it.
I sideload a glucose monitor app that's not available through Playstore (it's FOSS and health is a tricky area with liability).
It's a fantastic app and the ability to sideload it is a major reason I use Android over iOS.
I also sideload a patched app of the Dexcom glucose reader OEM's shitty app to allow the data to be read by the better (sideload) FOSS app.
https://github.com/NightscoutFoundation/xDrip
https://www.patreon.com/byod/about?
Ok I'm not an ordinary person, I guess, but if I was I'd still use those apps and I know people who are ordinary and do so.
If I haven't prohibited him, I am pretty sure my 11 years old son would have installed dozens of pirated games and apps of dubious provenance on his phone.
But I am pretty sure that like any other teenagers since the beginning of time he obeys me, and has only rooted his phone for educational purposes.
His friends, though, I am not so sure.
1 reply →
Yes. We download an apk file. And then install it after it giving it permission that it is ok to install unverified apks.
Some of the more savvy ordinary people even export apps as apk for other phones.
A lot of my non-techy friends have a sideloaded copy of spotify/youtube to get premium features for free. I think they just blindly follow some guide they find on tiktok.
4 replies →
I installed fdroid on a friends phone and they use it install newpipe and keep it up to date, without having a tech savy friend around to download the apk relase from github.
They "sideload" apps on desktop, which we usually call "installing software". They would probably do it on a phone, too.
3 replies →
I believe that the official DJI app required side loading on Android. Not sure if it still does.
Majority of users don't sideload any apps according to:
https://zimperium.com/blog/the-hidden-risks-of-sideloading-a...
2 replies →
A lot of Chinese apps still do. Mostly cause I guess they don't allow Google play store in China (? I think it's blocked, can't quite remember for sure)
> Do ordinary people side load at all?
Yes, usually when somebody calls them, pretends to be from the security department of their bank, and asks them to install an app to "catch the hacker who just stole $2000 from your account in the act."
In countries where Android is popular (not the US), this is an extremely common scam vector.
1 reply →
Everyone should side load the epic games, just to stick it to the MAN/Google
2 replies →
I've only side loaded my own app through Android Studio
edit: which I'm not even sure if that counts as side loading
1 reply →
[dead]
And, worse, it isn't even true, right? As Google keeps adding more and more DRM tech to Android, along with APIs that let apps ensure they are running on "legitimate" software, installing GrapheneOS isn't even a viable option going forward unless you are effectively exiting the entire ecosystem anyway.
Apps have to choose to block using a non-stock OS and only a tiny minority of them do it. GrapheneOS bypasses it for many of them and we intend to get it fully resolved. Regulatory action is in progress for this in Europe already and it will be solved. GrapheneOS users can currently use nearly all Android apps with the exception of a subset of banking/financial apps and a tiny number of other apps. Google trying to crack down further will greatly increase the already incoming consequences in multiple countries for the existing Play Integrity API.
1 reply →
Making it difficult for ordinary people to sideload apps that access their SMS or accessibility features (e.g. screen recording, controlling the phone) is the point.
I think what people on HN really forget is that the average person isn’t equipped to tell the difference between a legit source sideloaded app or a Trojan horse app that some TikTok video instructed them to install.
> Making it difficult for ordinary people to sideload apps that access their SMS or accessibility features (e.g. screen recording, controlling the phone) is the point.
I wonder if they could solve that with delays. E.g. you can sideload, but the process is deliberately delayed to take two full days and require carefully reading warning screens and correctly answering questions about the warnings, then getting time to think, multiple times.
Replying to everyone:
Google changing defaults is a permanent change for some large percentage of their userbase. A subset of those can still figure out how to download and run an APK file but have no further recourse against monopolistic behavior.
Maybe those people do need to be protected from scams. Social engineers have complete control over the user, so any control given to the user is owned by the scammer. Seems like the same problem as pig butchering, a technology or process solution can't save someone too stupid to save.
Thinking about less controversial options for Google, they could track if any side-loaded apps have the dangerous permissions, and provide a global true/false status to other apps that request it. So Wallet / whatever would disable features if any "outside" apps were in a position to exploit the user. And Android could offer a button that cleans up the "problem" apps, setting the global status back to false.
And official Android-based OS bring advantages too. For example, Samsung has lot of proprietary and useful features, and GrapheneOS you cannot use Google Pay (one major feature of a phone).
The primary reason why I haven't bought a Pixel and switched to GrapheneOS is because Samsung's OneUI is just so far ahead of the curve. They innovate new software features years before anyone else does.
6 replies →
Yes, you are right [regarding Google Pay].
That being said, it is a reasonable compromise that, as long as people know that beforehand, losing Google Pay as the price to loosen Google's grip on your data, location and preferences is an acceptable one [price].
> GrapheneOS you cannot use Google Pay (one major feature of a phone)
News to me. Edit: I misread parent comment.
3 replies →
> Not to pick on these folks but it's like we on HN have forgotten
The linked article is literally an ad for Librem phones though?
Fortunately the overlap between people that distrust centralization and those who have higher aptitude for overcoming is synergistic.
"Ordinary people" aren't sideloading apps one way or another. In fact this will help 99% of them, since for them sideloading is mostly used for malware and phishing.
GrapheneOS is totally normie friendly.
When we last got new phones I put GrapheneOS on mine and my partners, I never subsequently had to play tech support on hers.
And who's going to put GrapheneOS on an ordinary person's phone in the first place?
The Web installer [0] is not really approachable to a normal Android user. The instructions are dense, loaded up with warnings about dozens of edge cases that are discussed in jargon that would intimidate even relatively tech-savvy users:
What's USB passthrough? Did I install my browser through Flatpak or Snap? How would I know? Did I need to understand the paragraph explaining in detail how carrier models lock users in? There's a bunch of stuff in there about Linux... do I need Linux? What's a sha256 hash and do I need to care?
It's not that this is impossible for non-IT-folks to grasp, but there's no chance that my parents are installing this on their phone.
[0] https://grapheneos.org/install/web
7 replies →
I am legitimately glad for devs of graphene os and for it graphene working in your case but it is not functional if a user needs banking orr streaming apps, or any number of other impacted apps such as mcdonald's or pokemon go.... that is after installing the optional play services, reducing the privacy benefits of graphene.
I own no firsthand experience but read many users require app 2FA to make card payments.
The solution must be social-legislative. The London smog and terrifying auto deaths at 30 KPH were solved but not by niche enthusiast projects.
3 replies →
GrapheneOS is sold preinstalled on devices. People do not have to install it themselves. It's also far easier to install than a desktop OS via https://grapheneos.org/install/web.
The post from Purism is highly inaccurate and is inventing issues which are not real issues along with presenting a product which massive reduces security and app compatibility as somehow solving those things. Dropping mainstream app compatibility and support for the main open source app ecosystem entirely hardly solves a tiny number of apps enforcing using the stock OS.
They ordinary people would be the ones that need this level of protection, since a scammer would talk them into sideloading malware if the device permits it.
I mean, this website is also home to the famous Dropbox comment, so it is to be expected.
What comment?
1 reply →
oh come on please it's easy just /etc/init.apt-get/frob-set-conf --arc=0 - +/lib/syn.${SETDCONPATH}.so.4.2 even my grandma can do that
[flagged]
It's important to note that the infamous Dropbox comment was not just misguided. It was wrong.
The proof is that multiple competitor products have been launched since, and all of them have had sync issues at some point, with different degrees of severity ranging from sync delays, through data conflicts, up to loss of data in all synced devices. To this day, I still trust Dropbox more than its competition. This includes custom rsync scripts.
Damn i didn't realize HN or DropBox was even around back then. I would've been in high school.
And in another year or two there are going to be people younger than this comment entering the workforce...
[flagged]
Murena has a preloaded fork.
Easy
No, Murena sells devices with /e/OS which is fork of LineageOS which drastically rolls back privacy and security compared to it. LineageOS itself rolls those back compared to the Android Open Source Project but not nearly as much as /e/OS. LineageOS would be a better choice for privacy, security, app compatibility and usability than Purism's product.
GrapheneOS and /e/OS are very different operating systems. GrapheneOS is a hardened OS with massive privacy/security improvements and a far different appropach to mainstream app compatibility. GrapheneOS can be purchased preloaded on devices including from companies like NitroKey, so that is not something that's a difference between them. GrapheneOS is based on AOSP directly, not LineageOS.
https://eylenburg.github.io/android_comparison.htm is a third party comparison between different alternate mobile operating systems. It could include many more privacy/security features but it's a good starting point.
https://grapheneos.org/features provides an overview of what GrapheneOS provides. It doesn't cover all of the features but it covers a lot of them.
/e/OS lags very far behind on shipping Android privacy/security backports, lags a year or more behind on shipping standard privacy/security patches and does not keep the standard Android privacy/security model or features intact. Like LineageOS, /e/OS mainly supports devices without proper non-stock OS support and without firmware/driver patches. For the few devices they support which do provide those updates, they are much worse than LineageOS at shipping them to users. They don't use standard hardware-based security features even when they're made available to an alternate OS. /e/OS is not a safe option because going months or even years without critical browser engine and OS updates is a serious problem. It is not an academic or theoretical issue. They are failing to patch critical issues and some of those are known to be exploited in the wild.
You can run nearly all Play Store apps on GrapheneOS, but not /e/OS with the much more limited and less secure microG approach. https://bsky.app/profile/grapheneos.org/post/3lamcjfv5r22s explains the difference in approach. Of course, their approach certainly provides dramatically more mobile app compatibility than using the desktop Linux stack on mobile as is being proposed in the original post.
Ok, now try sending RCS messages?
1 reply →
I am the first to be on the "I own my phone let me do whatever the heck I want with it" but recently something hit me.
DJI forces you to side load their app for their Air Units and Drones. And this is scary. It looks like the rule they violate for the play store is that their app can self modify.
Let that sink in ... Any tension or whatever political bull crap happens and you have a state controlled malware on your device that can do anything it wants with your drone.
Millions of people installed this without really understanding what could be the consequences...
The solution to this is better controls over what the DJI apps can actually do, not having Google pretend to check all apps for malicious code.
Google clearly knows this. IMO the motivation here is obvious, and it isn't security.
I find it interesting that all the things Apple did from the start in the name of security, Google is slowly needing to do over time in the name of security. Meanwhile, various parties (the EU being the big one) are pushing to have Apple role back some of these controls.
2 replies →
This is why "do whatever the heck I want with it" ought to apply to software, not just hardware. This is one thing I think Richard Stallman got right, all the way back in 1988:
> the freedom to change a program, so that you can control it instead of it controlling you; for this, the source code must be made available to you.
We're a long way from that ideal today. Software controls us all the time. Usually that just leads to anti-consumer annoyances like lock screen ads or DLC seat heaters. But when the one controlling the software that controls you is a communist government...
Not sure what the short term practical solution to this is though.
Nations already work with tech giants to get this in via OEMs. Blocking side loading only prevents hackers from disabling this malware.
self-modification doesn't imply much when you can embed v8 in your app, which they take no issue with at all
The difference is, in theory if DJI were discovered to be doing something malicious, it could be taken down from the Play Store. If 0% of its current users were side loading the application, that means 100% of their users would be unable to install the app the normal way, and there would be substantial friction to migrate them to sideloading (a google of "install dji app" would probably return a bunch of news articles about whatever the problem was before dji's install instructions).
By making it "normal" to install the app via sideloading, there's little Google could do in the event of malicious app behaviour, and the majority of users would not find out about it (at least, not immediately).
The difference is that V8 is sandboxed.
2 replies →
I don't know why you're getting downvoted when its very possibly true.
Just one month ago they found intentionally embedded Kill Switches in chinese provided solar panels [0][1].
Not even complex apps require capabilities of such self-modification, the fact that a DJI drone app, requires such capabilities, is quite suspicious especially as they are heavily involved in PLA Drone Warfare R&D and Capacity building.
[0](https://www.reuters.com/sustainability/climate-energy/ghost-...)
[1](https://www.rickscott.senate.gov/2025/6/sens-rick-scott-mars...)
The sideloading restriction is easily solved by installing GrapheneOS, which has all the security benefits of Google's Android on Pixel.
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
The issue is even bigger. Even when using Play Store on GrapheneOS with a locked bootloader (which is the recommended configuration by the GrapheneOS project), Google refuses to let apps use the hardware attestation support in the Play Integrity API [1], which blocks certain banking apps, Google Wallet, etc.
It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
Time to block the Facebook/Instagram apps then, given https://localmess.github.io ?
[1] https://grapheneos.social/@GrapheneOS/112878070618462132
> It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.
That's because it's about control, not safety.
A huge problem with Graphene is the incredibly small number of supported devices. We need something that isn't as reliant on specific hardware, and while that would mean some security features are not supported it would still be better than most other options by far.
Unfortunately, Google's Pixel devices have been the only ones with hardware that meets all of the project's stringent security requirements, including a secure hardware enclave and multiyear commitments from the vendor to firmware security updates (I think 7 years of updates now for the newest Pixels). Those seem to be the big two things that no other Android vendor achieves together.
The GrapheneOS devs are serious about security, probably more focused on it than 99% of end users. That they manage to release a project with the high level of usability that GrapheneOS achieves is impressive, even if it isn't as convenient to the end user as stock Android. Ultimately, nothing will ever be as convenient to the end user as stock Android or iOS, but that's not the point of the project.
9 replies →
You need secure hardware to have secure software.
1 reply →
Android's key attestation API is supported on GrapheneOS that apps can integrate with.
https://grapheneos.org/articles/attestation-compatibility-gu...
Yes, but vanishingly few apps actually use that, rather than Google Play Integrity. As a result, in general it is fair to say that Android apps that require hardware attestation will not run on GrapheneOS. I say this as a satisfied GrapheneOS user.
1 reply →
Apps can use that API... and they never will.
> solved by installing GrapheneOS
See replies to this: https://news.ycombinator.com/item?id=32496220
Time to get serious about contributing to and using projects like https://postmarketos.org! We can continue to fork Android every release, but that's just re-arranging deck chairs on the titanic without upstream driver support.
Or PureOS mentioned in TFA.
A person from Singapore here. In practice, this changes nothing (from the news standpoint). The most critical applications are already integrated with Play Integrity API. Singpass (ID system) is 100% unavoidable for every long-term visitor and has strict Play Integrity integration (but attacker can select SMS flow and nullify the protection). Banks and all financial organizations require Singpass too, also use Play Integrity in most cases. The biggest bank DBS has extra checks, like "if there is an .apk in Downloads directory, then device is considered as compromised" (and they recently disabled SMS bypass). The most funny case that a similar protection is used in McDonald's app (again, maybe enforced only in specific countries): have something sus on your phone -- no burgers for you! They also have extra checks (i. e. device passes "strong integrity test", but app refuses to work).
Another note: this obviously does not prevent people from having multiple phones, feel free to buy an extra phone and install LineageOS/Gentoo/whatever you want.
The way this is designed appears to be entirely intentional and sensible. Yes, you can still install malware using ADB. It's just harder. That seems really sensible. It's a speed bump, but not a prohibition.
I also haven't seen any specific examples of software that's frequently sideloaded that would be unjustly discriminated against.
Alternative app stores. See Epic v. Google.
I’m an Apple user, but above all I value choice. Isn’t the point of Android that it’s an open ecosystem?
ADB is arguably worse than what Apple did in the EU for sideloading to abide court orders, and Apple was lambasted.
I'm not a user of them so I can't tell you much about them or if they're all lame, but there are third-party app stores in the Google Play store.
Are there high quality or especially useful apps stores that are not in the Play store.
> [blocking apps] requesting sensitive permissions such as SMS access or accessibility services
These are the permissions most used to impersonate a user. SMS access lets an app log into every service you use and get OTP codes. Accessibility tools lets the app open your banking apps etc. whilst you're sleeping.
Singapore has big issues with identity 'trading' - and there are big signs saying things like "if a stranger offers to buy your phone number from you, and you accept, we will send you to prison for 5 years". Same with bank accounts, credit cards, etc.
Basically, if something is tied to your identity, and you let someone else use it for crime, then they're gonna punish you heavily.
This will impact the blind community in a pretty serious way.
In countries where Android is popular and iPhones are expensive, Commentary (Jieshuo) screen reader is a popular and arguably much better alternative to TalkBack, the built-in Android screen reader. Because it's a Chinese app and there's no major conglomerate behind it, it's not on the Play Store.
Because it needs to be able to read all screen contents and drive the entire system UI (that's literally what a screen reader is for), the permissions it requests are quite intrusive. Blocking it from accessing sensitive apps would entirely defeat its purpose, after all, if you need a screen reader in the first place, one that doesn't work in banking apps will be pretty useless to you.
Googlers will probably point to Webaim[1] and say that nobody uses the app so it's not a problem, entirely forgetting that Webaim is mostly filled out by well-off English speakers. If you look at data sources that better represent the global population at large, like the Yandex user survey, you will see something very different.
[1] https://webaim.org/projects/screenreadersurvey10/
The flexibility afforded by sideloading, which allows that that an Android phone is still for the most part a pocket-sized computer that can operate in a mode not intended by its creators (as opposed to a restricted consumption appliance like the iPhone) is what has kept me on the platform for 16 years and counting. If they take that away, then I really don't see a compelling difference between the two platforms.
Android has been getting markedly more flaky for me ON MULTIPLE GOOGLE PIXEL DEVICES since 2018. My current Pixel 8a on Android 15 regularly has the underlying UI controls (separate from the launcher) crash and force me to restart if I want to use the app overview switcher since day 1. I also have no app overview button in the stock Android calculator since Android 14, the shipped OS, so if I want to switch between a calculation and another app I must first return to the home screen. Wasn't like this in previous releases! Furthermore, the day/date is routinely cut off in the statusbar and its pulldown. This product passed multiple reviews and 2 major OS releases with these (and many other) obvious and irritating bugs and shows no signs of improvement. If they left these holes in the surface, I can only imagine what's underneath. It's ridiculous, but I guess we're cranking out complexity at a rate that exceeds our ability to manage it (or our ability to manufacture new fucks at a rate exceeding their consumption).
If Purism is shopping for new users, all they would eventually need to do is not get worse at a rate as fast as Android, or more expensive at a rate as fast as iOS devices. Based on what I've seen from them so far...they're not at that point yet: meager specifications, high prices. I will continue to cling to my Android device, but I'll cheer them on from the sidelines.
> as opposed to a restricted consumption appliance like the iPhone
You can root iphones
I didn't know apple supported rooted iphones (I do not keep up with apple). Does apple at least provide a warning about invalidating warranties or whatever?
1 reply →
Been there, done that. It breaks too many things, prevents OTA updates, and some apps just won't run if they detect you've screwed with iOS. I ended up putting my iPad Pro and iPhone (which I have but only use when I need something they offer exclusively) back on official firmware.
The Google input method on my phone is patched by myself. So is the calculator, and many other everyday apps. I cannot imagine owning an Android phone without the ability of sideloading. Maybe I will consider rooting my phone and void my warranty on the first day with my every future Android phone.
The way this is worded suggests that installing using alternate appstores (that set the installer metatadata) will still work.
Also it's not clear what exactly it means. Does it have a dialog you can click through like play protect, does adb install still work, etc.
Let's not adopt the newspeak of the megacorps here. The actual headline is,
"Google Restricts Android Application Installation–What It Means for User Autonomy and Freedom"
The idea that you're not allowed to install any application without it coming directly from $megacorp is the new wierd thing. The idea of installing applications yourself on your computer is well established and normal.
"Sideloading" is a dangerous word that implicitly gives up freedoms. It should not be used.
Actually in computers, there are also „safeward“ criping in… It is imperative to avoid the term. It is just installing sw in the device you pay and own. I do not want any big-(brother)-tech protecting me. At most I would find ok if there is a config option, so I can set it to my parents, but no more than that.
Agreed, if we argue in their language we have already lost the debate.
I could never believe how that word acquired widespread usage
yeah lets create new language for the average computer user already fatigued by the garbage being produced by the entire computer industry, this will be the only thing that works!!!! haha u guyz
reminds me of talking with libertarians (I forget whether big L or little l but whatever), before you can even engage then in discussions you have to learn their terminology, "taxes" is not a word, its "theft". being a regular citizen is "enslavement."
One mental strategy I like when debating an issue is to see how my argument looks using normal terms. Heck if I have spare time and am bored, I'll even reframe arguments in my debate partners terms if they're one of "those" but thats just something done for amusement, like trying to rewrite linux in brainfuck, in theory its possible but its not how you normally want to do things.
Good take
Will this affect alternative app stores like F-droid or is it only about downloading and installing an APK with a web browser?
An example of "normal" users that side load (through F-droid or direct APK) is most Ingress players. While Ingress itself is in the playstore most people use the "companion" intel app called IITC which isn't in the playstore as it's technically against the ToS.
I can't find sources to this one sided article nor can I find anything recent when searching for it
The change itself isn't recent: https://security.googleblog.com/2024/02/piloting-new-ways-to...
A few months ago they improved their security somewhat by not letting you disable Play Protect while on the phone: https://9to5google.com/2025/01/29/google-play-protect-calls/
You also can't turn off Play Protect if you've enabled Advanced Protection on your account (which also enforces a range of other security measures) but that's fully opt-in and hasn't even been availble to the wide public for all that long.
Can anyone using a Librem 5 as their daily phone report back as to how well it works. Specifically, how reliable are the most basic, and crucial SMS and calling functions? How's battery life?
I had a Pinephone a couple of years ago and receiving phone calls wasn't very reliable.
Librem 5 is my daily driver, buy I'll just give links to good, extensive reviews:
https://forums.puri.sm/t/nine-months-librem-5-as-my-only-pho...
https://forums.puri.sm/t/a-l5-review-1-week-to-my-ready-to-s...
Tl;dr: calls and texts work fine, battery life is not as good as Android/Apple but usable. Also you can replace the battery on the go.
> In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded
How about Google focuses on proper sandboxing and permissions models? With those in place where an app comes from should not be a concern.
That change is not for the benefit of the end user; it's for app developers with an adversarial relationship to their users who want to trust the client not to do anything unprofitable.
(And probably game anti-cheat)
This would have been a great time to explain how Purism protects users from malware better than Google while giving users more freedom, instead of just repeating the word “security”. If, in fact, that is the case.
Here you go: https://source.puri.sm/Librem5/community-wiki/-/wikis/Freque...
How the hell does this get upvoted? This is major FUD by an Android "competitor". First of all, it just introduces an addition level of security, at the request of the government of Singapore. Second, it's a year and a half old. Third, it obviously hasn't affected side loading in other parts of the world 1.5 years later. The other restriction, allowing app makers to restrict side loading, is to combat piracy and it's again, up to the app makers themselves.
Garbage article. Also embarrassing so many fell for it.
This development clearly shows the direction of Android development officially chosen by Google. It doesn't matter when it happened or where. It's just another checkpoint on the way to not owning your device that knows everything about you and has access to practically all your secrets. People saying "Android is still better than Apple" will not be right for long. This "competitor" offers a rare opportunity to support the escape path from the dystopia using free software. Sent from my Librem 5.
It would be great to have more devices running PureOS available, especially a bit smaller ones than current generation "phablets". Where did all 4" devices gone?
Is it forking time? It feels like it's forking time.
Seriously, just restrict it to signed applications unless debugging mode is active. With explicit permission from the user.
> Is it forking time?
/e/OS already exists and can even be bought preinstalled on Fairphone.
I like Purism as an idea but, lord, is their marketing annoying. Between FUD like this and regular emails inviting me to become some kind of investor (if I search my inbox for "purism investor" I get dozens of results), I've begun tuning them out.
Sigh, same. I am clearly a 'believer', because I keep trying various alternatives and am disappointed that they come up short. And now that work started to effectively require phone to log in ( remote mostly ), I am genuinely considering apple as my next move. And I dislike apple a fair bit.
To me this is ironic as Singapore Government own lottery and sports betting app has to be side loaded as Google play does not allow gambling apps.
That's odd because the UK has a lottery and it's app is in Google Play.
does it have sports betting as well?
1 reply →
Smartphones are just trash.. Totally stupid human interface design + the worst OSes imaginable.
I've totally gotten into modern AI, cus its actually useful, but I've always been a "luddite" re. smartphones. I've always thought they suck.
Smartphone = a computer that's shitty and dumb enough to be popular.
this is literally just an advertisement.
Your comment is literally a repetition of another one here: https://news.ycombinator.com/item?id=44193459
As I’ve mentioned here before, sideloading is a genuine security concern, not merely an excuse for Apple to exert control. There is a never-ending stream of people losing their life savings. It happens on Android and not iOS because Android allows sideloading and iOS doesn’t. There is a very real human cost to this.
> Police warn new Android malware scam can factory reset phones; over S$10 million lost in first half of 2023
> There have been more than 750 cases of victims downloading the malware into their phones in the first half of 2023, with losses of at least S$10 million (US$7.3 million).
— https://www.channelnewsasia.com/singapore/android-malware-sc...
> DBS, UOB become latest banks to restrict access if unverified apps are found on customers' phones
> They are the latest banks in Singapore to do so – after OCBC and Citibank – amid a spate of malware scams targeting users of Android devices.
— https://www.channelnewsasia.com/singapore/dbs-uob-anti-scam-...
> 74-year-old man loses $70k after downloading third-party app to buy Peking duck
> “I couldn’t believe the news. I thought: Why am I so stupid? I was so angry at myself for being cheated of my life savings. My family is frustrated and I ended up quarrelling with my wife,” said Mr Loh, who has three children.
— https://www.straitstimes.com/singapore/74-year-old-man-loses...
> Singapore Android users to be blocked from installing certain unverified apps as part of anti-scam trial
> "Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources," it added.
— https://www.channelnewsasia.com/business/anduril-secures-305...
> CNA Explains: Are Android devices more prone to malware and how do you protect yourself from scams?
> Why are scammers more likely to target Android users? How do you spot a fake app and what should you do if your device is infected by malware?
— https://www.channelnewsasia.com/singapore/android-malware-sc...
> Nearly 2,000 victims fell for Android malware scams, at least S$34.1 million lost in 2023
> In 2023, about 1,899 cases of Android malware scams were reported in Singapore. The average amount lost was about S$17,960.
— https://www.channelnewsasia.com/singapore/android-malware-sc...
> Android users in Singapore tried to install unverified apps nearly 900,000 times in past 6 months
> These attempts were blocked by a security feature rolled out by Google six months ago as part of a trial to better protect users against malware scams, which led to at least S$34.1 million (US$25.8 million) in losses last year with about 1,900 cases reported.
— https://www.channelnewsasia.com/singapore/android-users-inst...
Shouldn't we block "sideloading" to all other kinds of computers as well, then, and make it illegal?
Maybe just the ones that could be used to send all your money to scammers from your bank account or crypto wallet?
Computers are cheap these days. You can buy a Raspberry Pi to hack on and use something else for your money. If you like hacking on smart phones, carrying more than one phone is an option. You don’t need root access on every device you own.
2 replies →
We should implement mechanisms that make it hard and obvious to do unsafe things and easy to do safe things, in all kinds of computers; even as an expert user, I don’t want to have to think about my text editor’s color scheme being able to access my bank. Yes, this necessarily involves a barrier to installing apps with certain privileges, and it should be high enough in software targeted at non-expert users to provide them with protection against scams. No, we obviously shouldn’t make it illegal for a user to do what they want, and nobody has even come close to proposing that here. That’s a straw man.
I'm tired of this crap where companies constantly restrict my freedom in the name of security.. the same thing happened to Chromium, where Google decided that MV2 was "insecure" so with MV3 we alsi lost the webRequestBlocking api which had nothing to do with that..
Hey, listen, I don't fall for these obvious scams and I even rarely install apps/extensions, but when I do, I know what I'm doing.
There should be a giant "OPT OUT" button (you press it, you're responsible for it) so I'd not be bothered ever again.
The fact that MV3 retained webRequest while removing webRequestBlocking should tell you everything you need to know about their motivations.
Outside the app store, Android 15 on Google Pixels supports Debian Linux "Terminal" pKVM VM with access to Debian Arm packages. It doesn't yet support accelerated (v)GPU graphics, in development for Android and shipped on some Chromebooks.
the only security paradigm that is 100% foolproof is to assume breach. Taking away any number of users freedoms, big or small, does not change that.
Old computers, before sandboxing and Windows defender and real-time protection, were more secure, because people were less likely to plug their bank account information, social security number, birth date, and home address into them.
At a certain point we have got to level with the idea that a smartphone is no longer a general purpose computer in your pocket. It's more like a cyber passport. It knows everything about you and authenticates formal activities.
Sure, but by the same logic old roads were safer because we used horses on them instead of cars and a horse won't generally plow into the oncoming lane if you fall asleep at the reigns.
It feels like this analysis really downplays some advantages making sandboxes and Windows defender and realtime protection got us in the average case (even if in the edge case someone can get hurt).
> Old computers, before sandboxing and Windows defender and real-time protection, were more secure, because people were less likely to plug their bank account information, social security number, birth date, and home address into them.
So they weren’t actually more secure – they were less secure and less useful (setting aside the questionable historical accuracy of where popular online banking sits in the timeline relative to OS security measures in that claim). Maybe if we relax the made up constraint that a change must create 100% foolproof security, we can have a more nuanced discussion about ways to improve security.
And how is it supposed to work in China, where the Google Play Store is blocked and sideloading is very common to install apps on Android phones? Looks like Google plans to throw its Chinese users under the bus.
What Chinese users? Google pulled out of China like a decade ago when they insisted that Google censor search results.
How does this work for iOS devices? Sideloading on those through sketchy workarounds is a PITA.
As long as AOSP and its various flavors continue to be viable alternatives, Android is still better than Apple. If you run Lineage or Graphene, I'm sure you can still "sideload" just fine.
Google works pretty hard (e.g. with SafetyNet/Play Integrity) to ensure those are only viable alternatives for people with a very high level of technical sophistication and tolerance for hassle.
I tried graphene, and came to the conclusion that it’s not a viable alternative to iOS.
1) Apps like uber, lyft, ev charging and parkmobile would crash with null pointer exceptions some weeks but not others, so for the use cases that force me to carry a phone, it doesn’t work.
2) There isn’t a modern e2e sync ecosystem, and backup is completely broken.
3) The camera sort of worked out of the box (pixel pro 6), but to get all the modes, I had to install sandboxed google play services, which halved the standby battery life.
Has this changed in the last 3-4 years?
I would say it has improved substantially in the past years
To your items, and my experience on Pixels 7, 9, and 9a running GrapheneOS regularly for the last two years:
1. I use Uber and Lyft semi-regularly (disabled when not actively using) and don't recall experiencing any crashes. Can't speak to ev or parking apps.
2. It may not meet your definition of modern, but I am very happy with Syncthing Fork on phone alongside Syncthing on linux laptop and desktop (where I run restic nightly backups.) It takes some effort to set up compared to handing the keys to the big corps, I will give you that. I'm still unsatisfied with GrapheneOS backups, but mainly because I want them written to storage where my syncing can send them along, and be able to flash a new phone as if it were a regular drive. But that's maybe asking a lot on phone hardware?
3. Pixel Camera app I pull down from Aurora Store, decline Network permission, and takes photos seamlessly even without Play services. It won't let you actually view photos in app without the Google Photos app which is a bummer. I've taken to using Files to view them, which is cumbersome. Maybe I should just install Photos and decline network.
3 replies →
[dead]
Not entirely - the article doesn’t explain it well, but from what I understand, one of the new features allows developers to prevent apps not installed via Google Play from using the device enclave.
Meaning if you want to use say, a financial app while on Lineage or Graphene, you are SoL if the developer decides to enable that feature.
[dead]
I don't really understand why all sideloads are put into same category. Because the APK must be signed, and e.g. you could easily verify Facebook/Microsoft/bigcompany signatures.
I don't want a world where people can only sideload apps from big companies like Facebook and Microsoft.
I think what’s being suggested is that you could install any app but verify if it’s legit via the signature.
2 replies →
It's OK if it's not Apple doing it———Someone, probably.
Do these restrictions require the phone to support Play Services and the Play Store? I'd imagine on a non-Play-Store phone this still won't be a thing, yeah?
> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers. The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.
This is a reasonable restriction and I am surprised this restriction is coming now and not ten years ago.
Sideloading must be limited to tech savvy users only who know what they are doing.
> Sideloading must be limited to tech savvy users only who know what they are doing.
Who says so?
I don't think "common sense" is an actual person haha
I'm not picking sides, but I try to help myself understand things by visiting both sides of the arguments and there is clearly a side interested in cutting down on fraud, just as there is a side promoting freedom in their computing. Limiting sideloading seems a sort of pragmatic move, and leaving the possibility of sideloading open seems to be likewise a pragmatic move, especially if there are guardrails and warning signs everywhere, we do this in society when faced with hazardous situations.
I am very open to counterpoints here, at least if I can read them before they get too greyed out!
Hate the $megacorps too, soPurism sounded like a good idea. But half the links on their site are broken. It makes them look like a scammer unfortunately.
There are many people happily using their devices. Sent from my Librem 5.
I am on Google ecosystem since the original T-Mobile G1 - now at Pixel 9 Pro XL. The moment this is rolled out, I am getting iPhones for me and family.
Where side loading is easier?
How about getting a linux phone? (or a dumbphone + a linux portable device)
As long as AOSP - or /e/ in my case - doesn't go down this road I'm ok with it.
Are you finding advantages with /e/ over Lineage?
I'm pretty sure my degoogled Murena /e/ OS pixel 5 won't have this problem.
You wouldn't have this problem with a stock OS Android device either.
It's worth noting that you're using an insecure end-of-life device and are missing a large number of High and Critical severity privacy/security patches including ones being exploited in the wild. Due to the device being end-of-life, you don't have firmware/driver patches, which are not being provided by your OS despite it continuing to support it. You're also missing important non-device-related OS patches due to /e/OS lagging behind and not shipping them properly.
You should really replace the device if you care at all about privacy and security. The 3 years of support for the Pixel 5 was not adequate for a significant portion of users. The past 2 generations of Pixels have 7 years of support from launch, which should be enough for most people.
/e/OS also doesn't ship proper signed production releases and doesn't keep the standard privacy/security model or features intact. It greatly reduces privacy and security compared to LineageOS which reduces them compared to the Android Open Source Project.
Purism's Librem 5 is definitely not the answer. It had dramatically worse hardware, firmware and software security than Pixels or iPhones from day one along with not providing high importance firmware updates to users. Presenting it as the answer to minor app compatibility issues also makes little sense since throwing out compatibility with most open source mobile apps and nearly all mainstream apps hardly resolves a subset of banking/financial apps and a tiny number of other apps banning using a non-stock OS.
Until it becomes too hard to fork and support the Google OS.
EU regulators to the rescue!
It seems to me this was inevitable.
Google could do this, and it's in their interest.
It happened.
I enjoy Android is because of its relatively nonrestrictive nature. It trusts that I know what I'm doing. The highly locked down nature of iOS is a reason why I will never buy one of their devices. Google will drive me further away from their services (and into GrapheneOS, which has "no" Google hooks) with moves like this.
From the article, I presume this is being done in the name of "cyber security" (least common denominator strikes again.) In newer versions of Android, a few warnings/confirmations are shown prior to sideloading an app. I think the best solution here is to gate-keep sideloading behind Developer Mode. Enabling Developer Mode, then enabling side loading, would be complex enough to stop brain dead drive-by side loading from occurring. And (mostly) only people that know what they're doing enable Developer Mode.
My Motorola Razr 3 doesn't have this problem.
Ignoring the Purism ad, does this break F-Droid?
According to Google:
> This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive permissions frequently abused for financial fraud when the user attempts to install the app from an Internet-sideloading source (web browsers, messaging apps or file managers).
It probably hasn't since they started doing this last year, but once scammers find out you can publish your own malware F-Droid repo, they might.
Fully open source malware via f-droid's automated builds. That's some popcorn.
The inexorable process of using security as a pretext to enshittify your platform carries on. I don't believe there is a meaningful difference between Google and Apple anymore.
>These policies reinforce Google’s control over Android’s ecosystem under the guise of security but have sparked renewed concern over digital autonomy, innovation suppression, and user rights.
Ahhh yes. You want some of the action apple is getting from EU commission don't you?
Talking about the api-s that discriminate between playstore and side loaded aps. Which is not clear if are Singapore only
there has never been Autonomy and Freedom, not from google, ever.
I have never ever used a fully loaded android phone with all the spying, surveillance apps and play services, amazon, facecrook, whatshit, running.
why on earth do muppets insist that they cannot live a life without google and the rest.
I have installed the latest AOSP on all my phones, including family aand friends.
I currently have a motorola edge 20 pro with android 15 installed. and my very old oneplus 5T also has android 15 installed.
all my family and friends have either lineage or E/os installed.
I dont see the problem here. I hear no complaints.
fool me once, More fool anyone who thinks google, facecrook and whatshit is their friend.
Autonomy for me, MEANS, self regulation. this is severely absent in the lives of the modern human being.
This is an ad
[dead]
[dead]
[dead]
[dead]
[flagged]
False dichotomy. They're both perfectly capable of doing things that are potentially detrimental to consumers but good for bottom line.
You are totally right, except you forgot to mention how for one of them the main customers are hardware buyers and the other's main customers are advertisers
[flagged]
After all these years, and they are still following Apple's playbook. Sad.
as long as I can continue to pirate android apps. one thing I hate about apple is that I have to pay for everything. annoying. information needs to be free as in no payment. the great thing about android is that it's so easy to find the APKs for any app, and unlock paid purchases and what not.
luckily for me and other others who are sailing is that you cannot keep sideloading without enabling pirating as well.
the rich techies can downvotes if they want but I and others in India don't have money to pay for your silly todo apps. ha ha.
The smartphone app ecosystem is a net loss for most users sideloading or not.
Google should not be allowed to own Android, it gives them too much control.
Well they can, but isn't debian and freebsd on mobile here now? I know they are rough around the edges, but who still cares about Android or iOS in the long run? If I can run my mobile device with root access using debian or freebsd, why still bother with Google and Apple?
Which devices are you talking about? Do they have cameras, modems, NFC? And you're not talking about running these systems on top of android, right?
2 replies →
A healthy competitor that grandma could use would change the world. Your alternatives are not there yet, and probably won't ever be.
3 replies →
Decides who ?
Antitrust laws.