Comment by lukevp
10 days ago
So this is saying you have to have an Android developer account and sign the app with your identity… so a one-time $25 cost and that’s it? You can still distribute and sideload apps as long as you sign them.
Microsoft does this for Windows apps if you don’t want scary warnings popping up everywhere. Apple doesn’t even let you sideload at all for iOS and for macOS they do the forced trash malware thing unless you run commands to allow the app in the terminal.
Am I missing how this is different from what we already have on most platforms? Is it because you can’t force it to install the apps? Is there not a developer mode that lets you install unsigned apps, or a way to root the device to install apps?
The fact that other platforms do something similar is not an excuse, and this is more restrictive than both windows and macOS, even if technically less restrictive than iOS.
(The fact that all those platforms still have malware, as well as the officially sanctioned google store, should also inform you about how effective this measure is for its stated goal)
> Am I missing how this is different from what we already have on most platforms?
Most? The only platform that is like that is ios.
On linux, in any form, I can run what I want.
On a mac I can run what I want.
On windows I can run what I want.
Obviously on BSDs, Illumos, etc, I can run what I want.
On android up to now, I can run what I want.
The one and sole exception where I don't really own the device and can't run what I want it ios (therefore I don't own anything that uses ios). And now google wants to join that evil club.
Have you used windows 11 and macOS 26? They both have malware scanning and throw up alerts or scary dialogs that you have to do cli commands or workarounds to launch unknown apps. I don’t see this as much different than Android requiring you to either root or enable developer options.
I understand this is a controversial position and I’m not in favor of this change, I just want to understand where the real differences are in an impartial way.
Of course Linux is an exception but it is also not widely used by consumers like Android and the other OSes I listed are.
I'd be fine with a warning. You can just dismiss it and continue doing your thing.
It is a bit more convoluted in macOS now but still something quick.
What Google is saying is that I need to install adb, search for a cable, connect it and _then_ run the cli command. It is very different, not even close.
1 reply →
No problem running what I want on mac. I've never had a mac app store account, I find the idea repulsive so I don't. I download what I want and use it.
I don't use windows but my kid has a gaming rig which has windows and I know we download various programs on that and use them, no problem.
The whole point of a personal computer is you install and run whatever you want on it.
I used to think a phone is just a phone so who cares, but nowadays the phone is the personal computer for a lot of people, so that same freedom is vitally important.
I'm guessing Windows gets a pass because you can still fairly easily bypass the signature check - it's effectively a warning rather than a hard block. It sounds like for (mainstream) Android, the only workaround will be to plug it into a PC and use adb there to install an unsigned app, which is considerably harder. Installing a custom ROM will presumably get around it too, but that's tough, and various government and banking apps etc tend to refuse to run because of attestation.
Apple is of course locked down, but that's not news. The anger is because Android was the better option on this dimension.
Is rooting the same as a custom rom nowadays? And enabling developer options won’t allow installation of unsigned apps either?
They could add a developer option to bypass the new restriction, but as far as I know they haven't said they'll do that, and I don't see any reason why they would. The adb bypass is probably good enough for actual developers.
Apps can certainly detect if a phone is rooted and refuse to work, like with a custom ROM. It's up to the developer what they care about, but this is not unusual. There are ways to try to trick the check into passing, but it sounds like the kind of thing that might break on any update.
No. That other people are doing bad things doesn't make it okay. It's like going to have to ask the government who I can buy stuff from. I am free to give my money to whoever and whenever I want in exchange for what I want to put in my house. None of your damn business. And none of google or the house makers business either
The test is can you say, "thank you for telling me this app isn't signed, install it anyway." And with this system you can't.
It's not about the $25. It's about Google centralizing control. If they don't like your app, oops, no verification for you.
Goodbye NewPipe. Goodbye anything that doesn't align with Google's capitalist interest or American imperial interest.
But they don’t verify each app in this case, just the developer… you get verified before you even tell them what type of app you have.
Sure, it’s possible they could retroactively ban your app, but they could do that without signing too. Just ban com.anonymous.newpipe or whatever the package name is. The signing doesn’t really change this.