The part in the flow where you select between allowing app installs for 7 days or forever is a glimpse into the future. That toggle shows the thought process that's going on at Google.
I can bet that a few versions down the line, the "Not recommended" option of allowing installs indefinitely will become so not recommended that they'll remove it outright. Then shrink the 7 day window to 3 days or less. Or only give users one allowed attempt at installing an app, after which it's another 24 hour waiting period for you. Then ask the user to verify themselves as a developer if they want to install whatever they want. Whatever helps them turn people away from alternatives and shrink the odds of someone dislodging their monopoly, they will do. Anything to drive people to Google Play only.
They removed the option for Safari some time in the last two years; here's how it looked in 2024: https://imgur.com/1iBVFfc
And the cherry on top of dark UX patterns: an unchecked toggle rests at the bottom. "Ask me which app to use every time." You cannot stop getting these.
The darkest UX pattern I have ever hit is trying to cancel Google Workspace; whereby they disable the scrollbar on the page so you cannot actually get to the cancel button.
I was so mad when they removed the fourth option. I can't remember which one was which, but one meant "open in a webview inside this app" and the other was "open in a new tab in your default browser". It was still terrible UX but I liked at least having that choice.
I hate this pop-up so much. I don’t even have Chrome installed on my phone. How about open up on the only browser I have installed…
This kind of thing should be illegal. The default browser is the default for a reason, to avoid this kind of stuff.
I think I’ve reported this as a bug to Google a couple times, in a couple different apps… as they do it in their other apps too.
The only thing that bothers me more are the, “sign-in with Google”, prompts on 90% of websites now. How about just giving the option to login with Google if so choose to login, and not spam it on every website just for visiting?
Google really has made the internet and worse place in so many ways.
An annoying extension of this is opening a Google maps link on mobile. It always prompts to open Google Maps (the app) no matter what. If you click no, its bugs the fuck out and opens an App Store link. If you click yes, even if you have Google Maps installed, it bugs the fuck out and opens an app store link. In neither case will it properly show the location on a first attempt. It's been like this for years. I'd ask what they're thinking when they came up with this, but I remain unconvinced that any such activity happens inside any Google offices today.
If you use iPhone, you can use iOS Mail app (and with iCloud mail) if you really care.
Apple dark UX pattern is that there always has badges on Settings app if you do not subscribe to iCloud even if you have manual backup. You cannot dismiss it.
I don't understand why people don't use alternative mail clients to avoid that? Is the Gmail app the only one that is good enough? If so, and if it is essential to you, just go with the bundle (Gmail, Chrome, etc). (FWIW, I left gmail entirely, I pay for my email provider)
the YouTube app does the same. Infuriating. I don't have Chrome installed and it doesn't list the only third party browser I _do_ have installed: Orion
Merely regulating them isn't enough. The world needs to start enforcing antitrust laws. If we don't break up all these big tech companies, our future will be a technofeudalist cyberpunk dystopia.
I'm probably out of the loop, but last I checked, to put an app somewhere that's not the official App Store, they required you to pay their hefty fee for putting it in the App Store (even if you weren't going to do that), _and_ an additional Core Technology Fee.
(And if that's still accurate, one thing I don't get is how that isn't also anti-competitive.)
Fast forward, and a few years from now, developers will have to sign their app with some EU bureau, otherwise it won't install anywhere. It's a choice about from whom come the restrictions. I don't like how much EU mandates and regulates hardware and software. It is about 20% helpful and 80% garbage regulations so far.
> "That's just FURTHER PROOF that you're secretly trying to destroy my phone."
What a ridiculous strawman. I outlined a specific issue with what they introduced. To make it even more clear - the new flow Google created would work just the same with just the 24 hour delay, but the way how they introduced the "For how long should you be able to install apps?" question comes out of left field and suddenly makes you think about timing. Why would they ask you that? After all, you jumped through a sufficient number of hoops for Google, they probably estimated that anyone who has gone that far out of their way should know what they're doing. So why ask a developer or power user about the duration when this feature works? The very unsubtle hint here is that the question is asked because soon enough, 'Forever' will not be an option anymore. It's a very common tactic - restrictions start light, and then are ratcheted up into a nagging reminder that works to dissuade everyone but the most dedicated.
> You understand there's a real goal being pursued here, right? Suppose Google is dealing in good faith.
I do. But why are you so implicitly adamant that the only goals here are good, noble, moral goals? Google will do everything in its interests, regardless of how good or bad it is for people. Decreasing the vectors of attack on their platform is profitable for them, and it also coincides with the public interest of not getting hacked. But ensuring that other brands, OEMs or developers can't interfere with them building an app distribution monopoly is also good for them. Being the sole arbiters of what goes on the devices that have now become mandatory for participating in society is extremely good for them. Do you think they're only pursuing the first one of the three?
> How should they solve it differently?
You're not going to like the answer, but there's no clean, perfect solution that balances everyone's interests. Companies are pushing the safety angle in pursuit of the three interests I listed above. You can see just how much it ramped up in the last few years, even though we've been living under this status quo for decades. But it's not as simple as turning devices into grandma-phones with approved functionality only, because both extremes have big drawbacks. If you have 90s-style insecure fully-privileged computing for everyone, that's a path towards extremely unsafe and vulnerable systems, worked on by people who don't know what they're doing. If you have full lock-down, you're awarding current market leaders with an endless reign of power by insulating them from competition and giving them more control over users. The way we were doing things before this crackdown was striking a good balance of keeping most grandmas out while not choking the abilities of the hobbyists or third-party app distributors too much. If you want an alternative, an ADB flag that you have to change once through a command prompt would've been good too.
Do you think regular desktop computer should be locked down like this too? Scammers can also tell people to run Windows programs. Should that be banned too?
I'm fine with an opt-in lock-down feature so people can do it for their parents/grandparents/children.
Also, just let people get used to it. People will get burned, then tell their friends and they will then know not to simply follow what a stranger guides them to do over the phone. Maybe they will actually have second thoughts about what personal data they enter on their phone and when and where and who it may be sent to.
Same as with emails telling you to buy gift cards at the gas station. Should the clerk tell people to come back tomorrow if they want to buy a gift card, just in case they are being "guided" by a Nigerian prince scammer?
Let's say I'm sitting outside of your office with a bazooka and boxes of high explosives. You ask my why, and I say, "someone might try to rob this office." You say, "somehow, that does not persuade me that a stranger should loiter outside of my workplace with a massive stockpile of ordinance." I reply, "what's your solution to combat robberies?"
Would you support Microsoft doing the same thing to Windows?
These are general purpose computing devices. It's sure taking a long time, but Cory Doctorow's talk on the war on general purpose computing is sure starting to become a depressing reality: https://www.youtube.com/watch?v=HUEvRyemKSg
All apps should be open source and subject to verification by nonprofit repositories like F-Droid which have scary warnings on software that does undesirable things. For-profit appstores like Google and Apple that allow closed source software are too friendly to scams and malware.
Not the parent or agreeing/disagreeing with them, but to your question: if you get creative, there are a lot of things you could do, some more unorthodox than others.
Tongue-in-cheek example, just to get the point across: instead of calling it Developer Mode, call it "Scam mode (dangerous)". Require pressing a button that says "Someone might be scamming me right now." Then require the user to type (not paste) in a long sentence like "STOP! DO NOT CONTINUE IF SOMEONE IS TELLING YOU TO DO THIS! THIS IS A SCAM!"... you get the idea. Maybe ask them to type in some Linux command with special symbols to find the contents of some file with a random name. Then require a reboot for good measure and maybe require typing in another bit of text like "If a stranger told me to do this, it's a scam." Basically, make it as ridiculous and obnoxious as possible so that the message gets across loud and clear to anybody who doesn't know what they're doing.
If I proposed putting mandatory cameras in all homes and you objected, would it then be fair for me to demand that you justify your position by proposing a better alternative to combat domestic violence?
Locking down computing is just fundamentally wrong and leads to an unfree society.
The choice is not between "individuals are on their own against scammers" and "users are locked into Google vetting their phone". Users should be able to choose another organisation to do the vetting. They bought a phone, they didn't sell their life to Google.
Enable unknown sources in developer options, have the user type out in order to proceed "If I am typing this and don't know what I am doing, I am likely being scammed".
I suppose you could make the cooldown apply to the actual installed app. Like... when it's first installed it won't work for 24 hours and the clock doesn't start until you reboot. And then on boot it scares you again before starting the clock. And then "scares" you again after the cooldown.
Force the phones to be open so I can install my own OS on them.
Then Google can do whatever they want with their OS and I can do what I need with mine. You might actually get phone OS competition. This is what the walled garden is actually meant to prevent.
China just executed couple of them that operated in Myanmar. Since we are hurling towards the bad parts in their dystopia anyway, why not also get the good ones?
Like the ones constantly advertising across Google's plethora of platforms without any repercussions or possibility of recourse with Google? For my safety, of course.
You can’t feasibly protect someone that believes the person on the phone is their family member or the chief of police.
This kind of thing has to be verified like how they try drugs. Just randomly doing things will surely be useless, similar to how randomly optimizing parts of a program is generally worthless.
Are scammers using sideloaded apps when they can use whatever remote connexion the apps in the store allow ?
I think a big warning in red "Warning :If you don't personally know the person asking you to install this app, you are getting scammed. No legitimate business or Institution will ask you to install this app"
As if Google Play itself isn't a cesspool full of scammers, or Google ads, or Youtube. As long as Google get their cut they don't give a shit about scams. For a reality check, turn off your adblockers and you'll see how much Google profits from scams. Any solution to scamming can't involve Google, since they long have been a willing tool for scammers.
Pretending that this is about anything but Google's greed is giving them far too much credit.
But this has nothing to do with combating scammers in the first place, have you never used the play store before? It's overwhelmingly scam apps with the most intrusive ad/tracking shit imaginable. There are scammers openly buying sponsored search results for names of popular apps so their malicious app with similar name appears as the first result.
is is the shit people are exposed to when they go through the Play Store. You don't find that on F-droid.
The second thing I'd do to combat scammers is the same thing I'd do to combat child porn and disinformation: educate people. This silly process is a technical answer to a social problem, and those rarely work well.
At this point I'm convinced that there's something deeply wrong with how our society treats technology.
Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution. It's unsustainable in the long run. Also, the last thing this world needs right now is even more centralization of power. Especially around yet another US company.
People who are unwilling to figure out the risks just should not use smartphones and the internet. They should not use internet banking. They should probably not have a bank account at all and just stick to cash. And the society should be able to accommodate such people — which is not that hard, really. Just roll back some of the so-called innovations that happened over the last 15 years. Whether someone uses technology, and how much they do, should be a choice, not a burden.
> People who are unwilling to figure out the risks just should not use smartphones and the internet.
Sounds great in theory, but just today I was reminded how impossible this is when walking back from lunch, I noticed all the parking meters covered with a hood, labelled with instructions on how to pay with the app.
What do you mean by impossible in this case? Can't you just have the coin-operated parking meters back? Where I live, in EU, parking meters even take cards.
EDIT: I guess "just" is doing some heavy-lifting, so I won't argue this further, but "impossible" isn't the word I would use either. The city could revert this decision, definitely if enough people wanted them to (that's... I know, the hardest part). I just agree with the OP that we technically could go back to slightly less-digital society.
I'm reading this discussion, and allow me to give you my two cents. It's not a matter of being impossible, but rather how much the rest of society is willing to pay to maintain such infrastructure (either through higher taxes when dealing with the government, or through more expensive goods/services when dealing with corporations, since companies need to maintain old infrastructure that most people don't use).
For example, I read that Switzerland voted to guarantee the use of physical cash, even enshrining it in the constitution, which clearly points toward preserving older infrastructure. However, if you have cash but no one accepts it, it becomes useless. So it would probably require more—something like requiring businesses and the government to accept that form of payment.
As many things in life, not impossible: but is society willing to pay for that?
This cuts both ways. Since smartphones are becoming such an essential necessity, we should neverever remove the possibility to adjust these devices for our own requirements
Right, and builders now build homes with Ring cameras pre-installed. Surveillance chills aside it's about building rent-seeking into every corner of the economy, and that's a top-down goal of modern capitalism. Requiring a smart-phone to park is just part of it, and it goes back to the parent comment that there is something deeply wrong with how our society treats technology.
To me it proves that Google's steps to lock down phones isn't really about security. To them the scams that happen are acceptable losses. The scammed will still use Android and still click on ads and still let themselves be tracked and marketed to as before. But if Google can use the excuse of security to edge out alternative apps and app stores they will spend plenty of money and time to do it.
This isn't security, it's sealing a hole in the sales funnel.
This has nothing to do with keeping people safe. If it did then power users could continue to install their own software by being given that ability as a developer setting. The fact that some people are gullible enough to go into a hidden setting on their phone and enable that in order to install an app from a random Chinese website is not a good reason to take away everyone's freedom. Consolidation of power is all this is about.
There is immense pressure to stop online scams which are draining old people of their life savings. The whole flow from the article seems entirely based around letting power users install what they want while being able to break the flow of a scammer guiding a clueless person in to installing malware.
It is promising that Google has avoided just turning off sideloading but still put measures in place to protect people.
> Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution.
This isn't about how skilled a person is, it is about tackling social engineering. The article gave the example of someone posing as a relative, it could also be a blackmail scheme, but it could also be the carefully planned takeover of a respected open source project (ahem, xz).
What I am saying is this sort of crime affect anyone. We simply see more of it among the vulnerable because they are the low hanging fruit. Raising the bar will only change who is vulnerable. Society is simply too invested in technology to dissuade criminals. Which is why I don't think this will work, and why I think going nuclear on truly independent developers is going to do more damage than good.
There's quite a gap between this sort of opportunistic scamming that's happening all over the world and targeted multi-year campaigns that probably require the resources of a nation state.
I was always under the impression security was a red herring and the real reason was control. Google wants to own the device and rent it to users with revocable terms the same way SaaS subscription software works. Locking down what can run is a key step in that process
I worked at a bank on the backend for architecture and security.. and I've posted this attestation here before, but the sheer volume of fraud and fraud attempts in the whole network is astonishing. Our device fingerprinting and no-jailbreak-rules weren't even close to an attempt at control. It was defense, based on network volume and hard losses.
Should we ever suffer a significant loss of customer identity data and/or funds, that risk was considered an existential threat for our customers and our institution.
I'm not coming to Google's defense, but fraud is a big, heavy, violent force in critical infrastructure.
And our phones are a compelling surface area for attacks and identity thefts.
What would happen to a normal person's phone when Google decided to revoke their Google account? Will the phone still function? Or is it "just" a matter of creating another Google account?
I “get” technology so I understand how you got here.
But this is the wrong take. I expect to go to a restaurant and not die from the food… and I want nothing to do with the inner workings of the kitchen. I just want to know any restaurant I go into will be safe. Society has made restaurants safe, either because of government pressure or it’s good for business.
How is that not a fair ask for technology, too? We all have things we know well, and then there’s reasons we’re alive that we don’t even know exist because someone took care of it.
It’s unreasonable to only allow people to participate in society once they understand every nuance.
Your analogy doesn't work here. Going to a restaurant is like using an app store. Installing apks is like cooking at home. Nothing stops you from cooking a meal that will get you sick.
Now imagine that every restaurant in your city is owned by one of two megacorporations and they really don't want you to have a microwave at home, let alone a stove. They expect that you will get all your food from them. This is where it's going with apps right now.
You could torture the analogy more and say that this is more like saying "it is possible to make bad food and kill yourself at home, so we require everyone to go to a restaurant."
Because no amount of safeguards put up by the restaurant is going to protect you from getting sick of you decide to empty a bottle of bleach into your meal.
If you want to cook at home, there's no waiting list. There's no popup you have to confirm three times. You buy a stove, which likely lasts you half your life, a fridge, some dishes, pots, pans and so on.
I think it's fine to give people an easy mode. Not everyone cares about cooking (or tech). I just wish companies weren't trying to take the advanced features from the rest of us who do care.
I think it is different for some people because they are passionate and interested in tech.
I'd imagine someone who is passionate about cooking wouldn't be delighted if you cloudn't buy any ingredients in a store.
I see the value in precooked food and black-box working technology. But for me myself, as an enthusiast: I like being able to tinker and control my technology.
So the solution being proposed by multiple companies, is that the restaurant is now responsible to check your age and gender before they bring you something from the kitchen. Also, now you cannot tell the kitchen to use your toaster as some toasters are built to burn the restaurant down or poison the food.
It still doesn't make sense, we need a better plan.
you expect a restaurant to be safe but there is no guarantee that it is. Many people have had food poisoning and I am sure some have died. It is obvious you don't "get" technology at all. You don't even "get" restaurants.
And I expect to be able to open a restauraunt without surrendering my identity and private information to a huge monopolistic company.
And I expect to buy food without that food being sanctioned by a huge, monopolistic company. Especially if said company has shown itself to be completely subservient to an overbearing, increasingly fascist government.
Could the technophobes please just buy different smartphones? If certain people want to opt in to locked down devices, I think that's okay. But please give me a device that lets me do whatever I want. (And still lets me participate in modern society—I can't live with a Linux phone).
Apple's argument for locking down the iPhone but not the Mac has always been some variation of "Mac users are professionals and iPhones are for everyone." Fine! Where can I buy the unrestricted iPhone? As far as I'm concerned, basically every problem could be solved if Apple would put the Security Research Device on an unlisted page of their online store for the general public. Normies won't buy it, and I will.
You can do that, there are custom roms and open source phones. The problem is banks are legally obligated a lot of the time to pay out for fraud and scams. So in response they won't allow you to run their software unless they can verify the compute environment.
We already have that. The market for the "technophobe" (e.g. above average and below levels of security awareness) phone is 100x larger.
That means the people who say "I can evaluate the intricacies and impacts of software authorization" have significantly fewer speciality devices to pick from, and those devices may not be worth developers (or regulators) making carve-outs to support.
> Apple's argument for locking down the iPhone but not the Mac has always been some variation of "Mac users are professionals and iPhones are for everyone."
That argument no longer holds water with the release of the Macbook Neo and the associated Tiktok advertising campaign [1].
> People who are unwilling to figure out the risks just should not use smartphones and the internet.
That train has left the station decades ago. The internet has become an essential part of modern societies. People can't not use the internet (or smartphones), at least if they don't live in the woods.
> People who are unwilling to figure out the risks just should not use smartphones and the internet
People who aren't technically sophisticated should choose the smartphone ecosystem that was designed to offer the safety of a walled garden from the start.
Google sold Android as the ecosystem that gave users the freedom to do anything they like, including shooting themselves in the foot.
Google should not be allowed to fraudulently go back on their promise now that they have driven the other open ecosystems out of the marketplace.
Choosing an iPhone is not sufficient to avoid the risks of technology. The majority of online scams require nothing more than two pre-installed apps: Safari and Phone.
> At this point I'm convinced that there's something deeply wrong with how our society treats technology.
The problem isnt with technology. The problem is with physical ownership versus copyright/trademark/patent ownership in abeyance of physical ownership.
I go to a store and buy a device. I have a receipt showing a legal and good sale. This device isnt mine, even if a receipt says so.
The software (and now theres ALWAYS software) isnt mine and can never be mine. My ownership is degraded because a company can claim that I didn't buy a copy of software, or that its only licensed, or they retain control remotely.
And the situation is even worse if the company claims its a "digital restriction", ala DMCA. Then even my 1st amendment speech rights are abrogated AND my ownership rights are ignored.
It would not be hard to right this sinking ship.
1. Abolish DMCA.
2. Establish that first sale doctrine is priority above copyright/patent/trademark
3. Tax these 'virtual property rights'
4. Have FTC find any remote control of sold goods be considered as fraudulently classified indefinite rental (want to rent? State it as such)
If you think about it for as long as I did, you will find that the moment everything went sideways is when general-purpose computing devices started having their initial bootloader in the mask ROM of the CPU/SoC. Outlaw just that, say, by requiring the first instruction the CPU executes to physically reside in a separate ROM/flash chip, and suddenly, everything is super hackable. But DMCA abolition would certainly be very helpful as well.
People themselves will decide. Same way they decided whether they wanted to buy a computer in the 00s. It's just that those who decide to not have internet banking should not be disadvantaged by the society compared to those who have it.
Are they really though? does the average person really care about side loading? I think we are in an echo chamber. I can't picture any of the people in my life installing things from outside of an app store on their phone. However I realize that's purely anecdotal, it would be nice to see actual statistics on this to have a more informed decision.
When I point out that Apple listened to the Chinese government and removed apps that protestors were using to communicate during the Hong Kong protests, they seem to get it.
If you phrase it as "sideloading" then probably not, since it doesn't sound like something they might want to do, it also sounds difficult and technical. If you phrase it as installing your own software then it might garner some interest from the general populace, as who wouldn't want the option to install their desired software.
It sounds like you're not grasping the meaning of the linguistic construction being used by the person you're quoting. (Or you're being deliberately deceptive about your understanding of their intent. But it's probably just the former. I'm guessing you're ESL.)
"Ruining Android for everyone" ("to try to maybe help some") does not mean, "Android is now ruined for X, for all X." It means, perhaps confusingly, pretty much the opposite.
It means: "There exists some X for which Android is now ruined (because Google is trying to protect Y, for all Y)." (Yes, really. The way the other person phrased it is the right way way to phrase it—or, at least, it's a valid way to phrase it.)
(some) people are starting to understand why cash is so important. It's the neutrality that it provides. The fact that it can't be programmatically limited or censored and you can't be excluded from the economy. Cash is inclusive.
Obviously cash becomes much harder to "use" online and in apps...
Activists and human rights lawyers are constantly getting their bank accounts closed or denied, even UN human rights council members, members of the ICC, journalists, pro-palestine activists or people in the BDS movement, it happens ALL the time now in europe, people have no idea how bad that has become, nobody in mass media is ever reporting on it.
Smartphones and the internet are really useful and convenient. Even if we could make it work, it seems quite rude to say that people should be excluded from it because we can't be bothered to make it safe.
Consider an older technology that became fundamental to much of daily life a century or two ago: writing. After a few millennia where literacy was a specialized skill, we pretty quickly transitioned to a society where it was essential for common activities. Rather than make sure everything had pictures and such to accommodate the illiterate, we tried to make it so that the entire population is literate, and came pretty close to succeeding. There are people who just outright can't read for whatever reason, but they're a very small minority and we aim to accommodate them by giving them assistance so they can get by in a literate world, rather than changing the world so you don't need to be able to read to live a normal life.
Rather than saying that half the population (a low estimate, I believe, for how many people will fall prey to malware in an anything-goes world) should abandon this technology, we should work to make it so they don't have to, with some combination of education and technological measures.
Some people don't want to be taught about some things because they don't care enough about them. I was told a story as a kid about a grandma that didn't want to learn to read and write. It's the same thing here — there are people who don't want a smartphone. They were just fine with an old cell phone that could only call and text, but then the society forced them to buy a smartphone, so they did, but they still don't really want it. It's still a burden to them. It still creates more problems for them than it solves. I know several people like that.
Yellowstone rangers taught us that building an effective anti-bear trash container is impossible because the top 10% of bears are smarter than the bottom 10% of tourists.
They obviously didn't teach us that, because it isn't true. It's trivial to provide a container that can only be opened by following instructions that a human can understand and a bear can't.
That container won't work to stop bears from having access to trash, because tourists have the alternative of just throwing their trash on the ground, but being unwilling to bother using a bear-safe container is a very different thing from being unable to.
open source alternative, at first it's going to suck. but over time it will win. imagine how miserable we would be if all we had was windows and osx. but we have linux. we are now at such crossroads were the choice is android and apple, we need a free alternative. much sooner than most realize the threat to freedom from big corps, govt and others will be so big that we would wish to have a free mobile OS. mobile is now the main computing platform and needs a free big corp alternative. it's true that some big corps would refuse to allow there apps to run on there like a bank, but that's okay! there will be alternatives ...
> Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution.
Those groups of people are Google's paying customers. Google will, of course, defer to the ones who need more help to be safe online over the ones who don't. That's how you create a safe ecosystem.
What's then left as Google's advantage? I'm really not interested in buying myself a cage, but if Google will make me choose between two cages then Apple has nicer one.
My take is quite different. Every device that I use to do internet banking or things of that nature, I'm very happy to delegate security to companies, and consider that already I trust said bank with my finances. If I want a device I "fully control", then I don't expect a bank to trust it, I don't expect to do internet banking on it or other sensitive stuff of that nature. And that's the status quo even with Google implementing this, open-source OSes still exist, just don't expect internet banking to happen on them.
I like this idea. But last time I tried it the customer representative on the other line told me they were sorry but they could not accommodate my request at this time.
I agree. In fact, one of the things I frequently propose is that we disallow the elderly and mentally disabled from using advanced technology without government proctor. In this way we can protect them. Everyone else can choose to turn off their scam protection.
People frequently talk about this with respect to AI and ads and how it’s bad for people to be use these things. I recommend we disallow the internet entirely for classes of people whose minds are not ready for the downsides of the tech.
With your Adderall prescription should come a phone number to sign up to the government proctoring service.
> to try to maybe help some rather technologically-hopeless groups of people
Even if they're the majority?
(Keep in mind that as average lifespan keeps getting longer while birth rates keep going lower, demographics will tend to skew older and older. Already happened in Japan; other developed countries will catch up soon.)
> They should probably not have a bank account at all and just stick to cash.
You know that these (mostly) don't fall into this category of being "hopeless with [modern] technology" because they're cognitively impaired, right?
Mostly, the people who most benefit by these protections, are just people 1. with full lives, who 2. are old enough that when they were first introduced to these kinds of technologies, it came at a time in their life when they already had too much to do and too many other things to think/care about, to have any time left over for adapting their thinking to a "new way of doing things."
This group of people still fully understands, and can make fluent use of, all the older technologies "from back in their day" that they did absorb and adapt to earlier in their lives, back when they had the time/motivation to do so. They can use a bank account; they can make phone calls and understand voicemail; they can print and fax and probably even email things. They can, just barely, use messaging apps. But truly modern inventions like "social media' confound them.
Old bigcorps with low churn rates are literally chock-full of this type of person, because they've worked there since they were young. That's why these companies themselves can sometimes come off as "out of touch", both in their communications and in their decision-making. But those companies don't often collapse from mismanagement. Things still get done just fine. Just using slower, older processes.
Your mistake is taking Google's argument at face value. Protecting users is an outright lie, this is purely about control.
Google doesn't give one single shit if users download malware from the Play Store, but hypothetical malware from third party sources is so much worse that we need to ruin the whole OS? That doesn't pass the sniff test.
Google wants to make sure you can only download malware from developers who give google a cut. They want to control the OS and remove user choice. That's all it is. That's what it's always been about.
"Protecting users" is a pretense and nothing more. Google does not care at all about user safety. They aren't even capable of caring at this point. There are far, far cheaper and more effective ways to actually protect users, and google isn't doing any of them.
I'm assuming good faith and giving them the benefit of the doubt.
Of course it might be that they want more control. In addition to controlling the world's most popular web browser and the world's most popular search engine and the world's most popular online advertising network and the world's most popular online video service.
It's all part of the war on general computing. This dystopian nightmare is coming to desktop operating systems too. See the age verification stuff that's all of a sudden being pushed hard by countries all over the world.
As someone that was going to switch from iPhone to Android/Pixel later this year, at least now I know not to bother anymore, as the locking down of Android won't stop here.
Android has about 2/3 worldwide market share and it hasn't had anything like this before. Many people, myself included, chose it exactly because it allows the installation of modded, pirated, or otherwise non-store-worthy apps.
There two main mobile OS in the space, one moron-proof but limited, the other a bit more permissive, but slightly less secure for it.
The problem is that most apps target only those two, and the second is trying to moron-proof, loosing most of it value to part of its users, while the apps are still locked in.
Not sure how it works in countries that didn't go through 80 years of socialism, but I assume that you're saying that in those countries, your salary is required to go to your bank account and can't be paid in cash. Then you can still pretty much "stick to cash" by withdrawing the whole thing on your payday. But then idk, maybe everyone in those countries is aware of the risks related to keeping their money in a bank, it's just the internet banking that introduces the new ones for them.
You live in a bubble. The roles are inversed. This is "ruining" Android for the 0.001% of power users that install .apk files and improving it for the huge chunk of population that are still getting hit by malicious ads that try to push app installs onto you.
Is this even the reason? If Android phonemakers are simply concerned about tech-illiterate users switching to iPhone, they could sell a locked-down Android phone that requires some know-how to unlock.
'Only the educated elite should be permitted to use technology' is a great take, but unfortunately the peons outvote and outspend you, so their opinions matter more than yours.
I fully agree. Similar to killing bacteria with antibiotics, Attempting to idiot-proof machinery only leads to the creation of idiot-proofing-resistant idiots.
We need to move back to putting users back into full control. Machines (including computers) should ALWAYS respect the input of the user, even if the user is wrong.
If a person shoots themself with a gun as a result of their incompetence, we don't fault the gun manufacturer for not designing the gun to prevent auto-execution. If you can't operate a firearm safely, you shouldn't attempt to operate a firearm.
Similarly, if a person deliberately points their car a solid object and accelerates into it, the actions of the operator shouldn't be the car manufacturer's responsibility. We need to get rid of ESC, ABS, AEB, etc. These features have created a whole slew of drivers who speed headfirst into the back of stationary drivers and expect their car to stop itself. This works right up until a sensor fails and the operator flies through the windshield (usually people like this don't wear seat-belts). If you can't drive, you shouldn't be driving until you rectify your incompetence.
Similarly, phones and computers should respect user input. If a users wants root access to their personal device, they should be able to get root access. If a user runs "rm -rf --no-preserve-root /" as root, the device should oblige and delete everything, since that is what the operator instructed it to do. If you can't be trusted to use a computer, you shouldn't be using a computer until you rectify your incompetence.
The lack of accountability in modern society is disgusting, and it leads to much deeper societal problems when people refuse to better themselves and instead expect the world to shield them from their willful ignorance.
I was with you right up until "We need to get rid of ESC, ABS, AEB, etc.".
That is unreasonable. ABS, ESC, and AEB all exist to interpret what the driver intends. The driver does not intend for their wheels to lock up, that's why ABS exists, nor does the driver intend to skid. You can argue that AEB does not reflect the will of the driver, but it can also be disabled.
No, you have that backwards. A society is judged by how it treats its least able members. Android devices are primarily for mainstream users, not us. Technically adept users are the minority and we can deal with a few hoops to customize our phones the way we like.
It's selfish to advocate against better protections for the least able people in the world just for our own convenience.
This is going to hurt legitimate sideloading way more than actually necessary to reduce scams:
- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?
- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need. This kills the pathway for new users to sideload apps that have similar functionality to those on the Play Store.
The rest -- restarting, confirming you aren't being coached, and per-install warnings -- would be just as effective alone to "protect users," but with those prior two points, it's clear that this is just simply intended to make sideloading so inconvenient that many won't bother or can't (dev mode req.).
>- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?
Hi, I'm the community engagement manager @ Android. It's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.
If you turn off developer options, then to turn off the advanced flow, you would first have to turn developer options back on.
>- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need.
ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
I don't think Google should be changing Android this way at all, and fear that it will later be used for evil. That said, I thought of an improvement:
Allow a toggle with no waiting period during initial device setup. The user is almost certainly not being guided by a scammer when they're first setting up their device, so this addresses the concern Google claims is driving the verification requirement. I'll be pretty angry if I have to wait a day to install F-Droid and finish setting up a new phone.
Evil, for the record would mean blocking developers of things that do not act against the user's wishes, but might offend governments or interfere with Google's business model, like the article's example of an alternative YouTube client that bypasses Google’s ads. Youtube is within its rights to try to block such clients, but preventing my device from installing them when that's what I want to do is itself a malicious act.
> It's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.
Ok, but why is this advertised to applications in the first place? It's quite literally none of their business that developer options are enabled and it's a constant source of pain when some government / banking apps think they're being more "secure" by disallowing this.
> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
Someone is just going to make a nice GUI application for sideloading apks with a single drag-and-drop, so if your idea is that ADB is a way to ensure only "users who know what they're doing" are gonna sideload, you've done nothing. This is all security theatre.
Why do you keep harping on about ADB installs. That's not helpful. It doesn't help me install open source apps from FDroid. It's ridiculous that you think booting up a computer and using ADB is a reasonable workaround. It isn't.
The only reason I run android over iOS is the freedom to install things I want on it. A waiting period is unacceptable as Android has proven that it can't be trusted not to tighten the grip further.
The only reason I use an Android instead of an Apple phone is that I can install two apps off of github. I am actively making a certain number of very quantifiable sacrifices already at this very moment by not stepping into the orchard.
If you go forward with this, I am not coming back. I will never again in my life trust you. And believe me - I still have boycotts on-going 20 years later. Including microsoft. It is surprisingly easy to avoid you "Ubiquitous" companies once you get your mind into it.
Why don’t you create an option to bypass this whole thing permanently on adb then? You can even add your 24h delay.
I’m not convinced this is really to protect users from being hurt by scammers, it is really about protecting the users from doing what hurts your company interests.
At what point will you draw the line between "the user wants to do this because of his/her free will" and "the user wants to do this because someone else told them to"? Where will you stop?
All of this is just a bandaid, so why not stop at the state we are at _right now_, without some kind of 24h-long process to enable sideloading and let people be people? Yes, people make mistakes. But that is not your responsibility, especially if it comes at the cost of freedom. The most secure android device would probably be a brick, but you won't sell these, right?
Please instead take these resources and invest them into the app verification process in the play store. Way too many scams are right under your nose, no need to search in places where people are happy with the status quo.
So... we're just going to move the scam into convincing the end user to run an application on their PC to ADB sideload the Scam App. Got it, simple enough. It's not hard to coach a user into clicking the "no, I'm not being coached" button, too, to guide them towards the ADB enable flow.
Will third party apps like bank apps be able to detect whether advanced mode is enabled or not, like how they currently detect if developer options is enabled?
> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
if that's the case, why would the new flow help reduce fraud and scams? These are meant to be roadblocks, which the ADB bypass will just...you know, by pass it? Why can't the scammer coach the victim to use this instead then?
So give me a way to completely disable this nonsense via ADB.
This is hot garbage. Eliminating third party app stores like F-Droid defeats the whole purpose many of us even bother running Android instead of locked down Apple stuff.
I see the chosen language of "certain unregistered applications" (I suppose company mandated) already hints on the goal of control aspect. I want to deploy apps on my device. They are my apps, it’s my device, and I should not be required to ask for permission to do so.
Do I need to be signed in to Google play to get the sideloading exception turned on? I don't sign in to it because I don't want to have my phone associated with a Google account. But I can't uninstall play completely on the devices I have.
It says something about 'restart your phone and reauthenticate' that's why I'm asking. What do you autenticate?
> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
Um yeah but then do I have to install every update via adb? I want to just use F-Droid.
Every single one of these steps are blatantly an attack on user freedom. The steps to unlocking the bootloader and install a different rom are not nearly as onerous. The only thing I will accept as reasonable, is a complete abandonment of this policy. Google has destroyed all trust I could have in it, and these weaselly worded concessions are based on a bullshit premise.
Thank you so much for clarifying! That is most definitely not as bad as I had feared.
I still feel, though, that having to go ahead and proclaim “I am a developer!” just to enable sideloading is a bit much, as almost certainly the vast majority of sideloaders aren’t developers. Nonetheless, it does keep sideloading as an option, and I do see why, from Google’s perspective, using the already-existing developer mode to gate the feature would be convenient in the short term. Perhaps the announcement should specify this -- I suspect a number of people who read it also noticed the lack of that clarification.
And yes, good point on ADB. That does make this less inconvenient for developers or power users, though doesn’t help non-developers very much.
> - Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?
What apps are those? I've yet to run into any of my banking apps that refuse to run with developer mode enabled. I've seen a few that do that for rooted phones but that's a different story. I've been running android for a decade and a half now with developer mode turned on basically the whole time and never had an app refuse to load because of it.
Philippines' most popular e-wallet app GCash outright closes when the developer mode is enabled with the popup saying that the device has "settings [enabled] that are not secure".
Just summarizing the apps below it seems to mostly be banking/payment and government apps specifically outside the US that break under developer mode and sometimes even accessibility access.
I wonder what makes them less trustful of Android security. AFAIK there are still pretty hard limits to what you can do inside apps you did not create. US companies at least seem comfortable with their security even with Developer or accessibility apps enabled.
The one-day waiting period is so arbitrary. Have they demonstrated any supporting data? We know google loves to flaunt data.
Something like Github's approach of forcing users to type the name of the repo they wish to delete would seem to be more than sufficient to protect technically disinclined users while still allowing technically aware users to do what they please with their own device.
> This is going to hurt legitimate sideloading way more than actually necessary to reduce scams
Isn't that the objective? "Reducing scams" is the same kind of argument as "what about the children"; it's supposed to make you stop thinking about what it means, because the intentions are so good.
This is clearly anticompetitive. Hope regulators will figure out, then we won't have it eg not in the EU. However, Google is also abusing their power to e.g. deinstall apps without any option to decide using 'play protect' and blocks whole alternative stores through 'safe browsing' flags.
I posted this play protect incident about IzzyOnDroid a few days ago, because I was so outraged:
https://news.ycombinator.com/item?id=47409344
You have to wait one day only once, when enabling the feature. I agree that enabling developer mode could be a problem but mostly because it's buried below screens and multiple touches. As a data point, I enabled developer mode on all my devices since 2011 and no banking app complained about it. But it could depend by the different banking systems of our countries.
their goal is to make software installation as painful as possible without being outright impossible : ‘sideloading’ is only ever a euphemism for ‘illegitimate’.
> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on
And you blame Google for this? First of all, banks chose to make apps work this way, not Google. Moreover, they chose this likely due to scams. That proves scamming on android IS an issue that needs some technical solution.
We'll see when this rolls out, but I don't foresee the package manager checking for developer mode when launching "unverified" apps, just when installing them. AFAICT the verification service is only queried on install currently.
Googler here (community engagement for Android) - I looked into the developer options question, and it's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.
If you turn off developer options, then to turn off the advanced flow, you would first have to turn developer options back on.
One of the first things I do when I buy a new Android phone, like day one, is to enable developer mode. I usually use that simply for the ability to speed up animations so the phone feels a bit more snappy. In all the years I've engaged in this behavior, I've never had an application refuse to work. A rooted phone? Yes. Definitely. But just having developer mode enabled, no.
That said, it may be that I've simply been lucky and have an encountered that yet. So I'll be keeping an eye out for it.
Yes, it is really dumb that some of these settings are exposed to all apps with no permission gating [0]. But it will likely always be possible to fingerprint based on enabled developer options because there are preferences which can only be enabled via the developer options UI and (arguably) need to be visible to apps.
Because estimates suggest Americans lose about $119 billion annually to financial scams, which is a not insignificant fraction of our entire military budget, or more than 5% of annual social security expenditures.
As described developer mode is only required at install time. Remains to be seen in the actual implementation, but as described in the post developer mode can be switched off after apps have been side loaded.
I don't know. I've been silently outraged and disappointed by this whole forbidding of unverified apps, but also hopeful it wouldn't affect me much as a user of grapheneos.
But this process seems pretty reasonable to me.
I'd like to think it is due in part to the efforts of F-Droid and others.
Waiting a day, once, to disable this protection doesn't seem like a big deal to me. I'd probably do it once when I got a phone and then forget about it.
I happen to have developer mode enabled right now, for no good reason other than I never disabled last time I needed it. Haven't had any issues with any apps.
I actually think these protections could help mitigate scammers.
It's not directly a big issue for us technical people and our own individual usage. Telling people about F-Droid, NewPipe (& forks) or secuso apps will be a pain. People will find free software / software not approved by Google complicated or suspicious. It is a huge issue, and even for us in the end because it hurts the software we love.
Didn't Google already lose a case over making it hard to install alternative app stores? How is this not going to get them hit again? This is way worse than what Epic sued over.
I wouldn’t be fully optimistic about the one-day waiting period. Almost certain there will be a pop up showing up with: Process failed try again in 23:59:59.
Another take: People are not getting scammed because of side-loading (or not knowing your demographics/biometrics). People are getting scammed because of ignorance & stupidity & lack of common sense. In a way, its just nature running its course. If I'm able to scam you successfully, don't you deserve it at that point? Doesn't matter what we do, if you are scammable, you will get scammed.
Have these companies sent out their people to old age homes to teach old people how to use their tech and how avoid scams? If you lock the system down at max level, scams will just move offline again or find another way. Same if they build backdoors into encryption or make chats data available to gov agents: all illicit comms will just move off the network or find another smarter way. Its just how nature works, we are seeing tech-evolution in realtime.
> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on
Enable dev mode, sideload the apk, then disable dev mode. I'd argue that it is poor security practice to keep developer mode enabled long-term on a phone that is used for everyday activities, such as banking.
It is way past time to build a 'people's phone', funding it through a platform like LiberaPay [1][2] or Open Collective [3][4], with a requirement for the device to be completely open-source.
If we start today, we could have a new phone in 2-3 years. Future generations will thank us.
It's not just phones. There is a concerted movement by massively-moneyed folks to destroy the fabric of open society, so there are a number of different areas that need attention. A coordinated effort across the breadth of society to restore, maintain or improve the foundations of open society.
I think you are 2-4 orders of magnitude off if you think donation could be enough for a project as important as Android where 1 day delay in fixing security issue is just disasterous.
So we don't even have a 'people's battery' to power up this phone. All these phone pouch batteries are proprietary in design. Go ask Framework for their BMS design details and provide links to it if you think I'm joking
An open society is a society where people can freely express ideas, question authority, practice different beliefs, and participate in public life under the protection of laws and individual rights. It is usually marked by free speech, rule of law, pluralism, relatively open debate, and institutions that allow peaceful change.
Open phones are all fine and well, but good luck convincing banking and government applications to work on those (especially in countries where bank login is used to access government services).
A single manufacturer convinced a lot of them to work with Apple phones.
It's definitely doable, but the product has to be appealing to users, which also seems doable as phones already peaked in capability and making a good phone now is more about polish in build + software than being technologically ahead of the competition.
I consider my 2yo mid-range phone a great phone, and with today's politics owning my phone is in the top-3 things I'd like my next phone to improve on, not a better camera, screen, battery, slimmer build nor gimmicky stuff (ok, maybe an IR to replace remotes or LoRa support would be kind of cool)
In my country, government applications are required to be interoperable, use open APIs and work with open formats (XML, PDF, etc.). There should be no problem there. I've already used some FOSS applications to interact with government services.
Banks are required to interoperate using open API in the EU. EU managed to cripple this requirement, by not requiring open api access to regular customers, but only to accredited organizations. There's more work to be done on this front.
> Open phones are all fine and well, but good luck convincing banking and government applications to work on those (especially in countries where bank login is used to access government services).
First phones, then lobbying. As citizens of an open society, government exists to serve us, not the other way around. With enough users, they will have to respond. As I said, there are a number of areas that need attention and a coordinated effort across the breadth of society to restore, maintain and improve the foundations of an open society.
Carry an old used iPhone, powered off with no SIM, and treat it as a black box hardware token that you turn on only for these uses. You can tether it via wifi through your “real” freedom phone.
The forced ID for developers outside the Play store is already killing open source projects you could get on F-Droid. The EU really needs to identify this platform gatekeeping as a threat. As an EU citizen I should not be forced to give government ID to a US company, which can blacklist me without recourse, in order to share apps with other EU citizens on devices we own.
The DSA covers App stores with a large numbers of users - this is about allowing users side load unsigned apps. Afaik there is no requirement to identify the developers of applications that can be installed on a vendors platform (outside the app store). Otherwise Microsoft would require Government ID to compile and email someone an EXE.
Welp, I guess my current Android phone will be my last one.
At least half of the apps I use on a daily basis come from f-droid. This enforced 24-hour wait is simply not acceptable. Android has always been a far inferior overall user experience compared to iPhone. Android's _only_ saving grace was that I could put my own third-party open-source apps on it. There is nothing left keeping me on Android now.
I'll probably get an iPhone next, but I do sincerely hope this hastens progress on a real "Linux phone" for the rest of us. Plasma Mobile (https://plasma-mobile.org) looks very nice indeed. I'll be more than happy to contribute to development and funding.
Switching to an iPhone will put you in an even worse walled garden that respects you even less. Even simple things like setting your default navigation app in iOS are gated behind moving to the EU.
True, but the point is, once you've sucked it up and given up, you may as well get other benefits back in exchange for turning tail. And the iPhone is unfortunately THE primary platform most applications develop for.
Personally, I am willing to just ditch the Android, get an iPhone as a "contact- and banking-only" device, and drag with me some sort of small computer everywhere. I've already dragged a linux retroconsole to a large number of places and have watched videos and listened to music and even edited code through it. May as well do the obvious and call it quits on phones-for-non-phone purposes entirely if phones will be so dedicated to being shitboxes.
If it helps, the 24-hour wait is a one-time process. You do it once, click the toggle to allow installing unregistered apps indefinitely, and then install whatever you want. You can even turn off developer options afterwards, per my understanding, and it won't impact your ability to install unregistered apps.
different strokes i suppose. normally i like being able to use something the same day i buy it
95% of the apps i use are ''side loaded''. that includes a web browser, file browser, all the fossify apps for things like messaging, phone/contacts -- so the phone would be basically be a paperweight until that restriction is removed
That does not help. That is a fundamentally fucking insane limitation that will completely destroy any developer's ability to develop without getting approval from Google. Regardless of my feelings of the annoyance of going through this process myself, 90% of users simply will not go through this process to install apps, killing any potential userbase. Google has no goddamn right to be the sole dictator of who is allowed to develop software for the largest platform in the world, to decide who is allowed to have a career in mobile software development and who is not, and you should be utterly ashamed of yourself for accepting a paycheck to defend this. I hope your shitty company and Apple both get their comeuppance in court for these monopolistic practices, and may we some day get a future where anyone is free to develop software without approval of a central police corp.
If they manage to expand their lineup a bit, that'll be my next phone. Or, if a company makes a phone with GrapheneOS preinstalled, I'm giving them my money.
Fuck Google for doing this, and Play Integrity making me unable to use banks is even worse.
What I'm about to say is probably going to be contraversial: but I think this is (long term) a good thing for opensource/freedom. The whole idea of 'apps' on a device that sits in your pocket and has access to a whole range of personal information was from the start, a bad idea. We have seen countless cases of 'verified apps' from the Playstore which hoover up all your personal data without your consent. I believe Steve Job's original plan for the iPhone was for apps to be web-based. This is good as web browsers run all the potentially dangerous code within a sandbox, with very restricted access to the host system's resources (storage, cameras, etc). Web technology has come a long way and even allows for GPU accelerated content to be used, and it's only getting better.
Phones, by their nature, are always internet connected (obviously there are instances where that isn't the case)...so if 90% of my apps are actually just web apps then that's fine. The opensource aspect of this should be: I build and run my own infrastructure (on cloud servers or my own servers) that serves up the web apps.
Sure, this isn't something that 'normal' people would do...but they aren't side loading apps anyway.
The web is decentralised, as long as we choose it to be. We need to take advantage of this property.
You're missing the point. I only use an Android because it lets me install whatever software I want. If that's no longer an option, then I'll pick based on other criteria, and then the iPhone beats the Android phone every time.
Probably f droid will become an official app store recognized by Google, and then you won't have to go through this flow to install f droid or its apps.
Death, taxes and escalating safety are the only certainities in this tech dominated world. So, be ready for more safety in the next round few months/years down the line. Eventually Android will become as secure as ios. We need a third alternative before that day comes.
It's not a win by any means. I hope that we don't stop making noise.
Google serves ads with known scams and nothing seems done about it.
Yet, they are concerned about this.
It has nothing to do with safety, but everything to do with control.
I remember when Google disabled call recording in Android, so you no longer could record scammers. Thanks to recording I was able to get money back from insurance company that claimed they absolutely didn't sell me this and that over the phone (paid for premium insurance and got basic).
> I remember when Google disabled call recording in Android, so you no longer could record scammers.
Citation needed. My Pixel 7a with the latest updates has settings for call recording in the phone app. Since I never screwed around with it, I'd assume these are the defaults:
Call recording is turned on, with "asks to record calls" set
Automatically delete recordings is "never"
Automatically record calls with non-contacts is off
No specific numbers to automatically record calls are set
There is also a note that you have to agree to their ToS to use it, and I'd also suggest being careful if you live in a jurisdiction that requires two-party consent for recording.
In any case, I'm of the opinion that if F-Droid goes, I'm basically going to treat this as a feature phone and stay away from third-party apps in general aside from "musts" like banking.
I believe that is why "escalating safety" and "secure" were written in italics in the comment. Those are the terms Google would use, not necessarily the truth.
It's a a defeat, albeit a minor one. The defeats will escalate until there's nothing left to lose. "Normies" don't care and the tech people who do care are fewer and further between than you'd think.
I'm generally OK with this, but the 24 hour hang time does seem a bit onerous.
Most of the apps on my phone are installed from F-Droid. I guess the next time I get a new phone I'll have to wait at least 24 hours for it to become useful.
I'm seriously considering Graphene for a next personal device and whatever the cheapest iOS device is for work.
The apps might not be available though. Many developers are simply stopping in the face of Google's invasive policies. I don't blame them. Say goodbye to useful apps like Newpipe.
I'd say some od those apps starting with N and ending with E might... but I'm saying that only because of my intuition... might be the exact reason why Google introduces this policy
This is hopefully an exciting time to consider a Motorola device, since they are partnering with GrapheneOS, but I worry that Google will block Google Play Services on any device that doesn't comply, so this might actually be a demoralizing time to be a GrapheneOS fan, when we watch them worm their stupid walled garden nonsense into the Motorola version of it.
You don't need Google Play at all on GrapheneOS. You have to option of installing a sandboxed version of Google Play, but it isn't installed by default. Google's verification shenanigans are otherwise irrelevant to Graphene, it only applies to apps distributed through the Google store.
The "protective waiting period" of 24h is what kills it. For people like me, who rely more and more every day on OSS apps not necessarily in the Play Store, installing a new phone will mean waiting a full day for almighty Google to allow me to do so. It reminds me of the same annoyance of carrier phone unlocks.
I wonder how this will play out in the phones coming out of the Motorola+GrapheneOS partnership.
I'm genuinely interested in proposals for other ways to differentiate knowledgeable users enabling side loading for reasons like OSS, vs naive users enabling it at the instruction of scammers to install malware.
The one time per device (not per app/install) is annoying, but seems like a reasonable tradeoff between preventing bad installs and allowing legit installs. I can't think of any obviously better ways.
I realise some disagree with the entire premise. I think refusing to accept the reason given doesn't advance the discussion though and I am very interested in what a better experience that is trying to solve the same problems could look like.
If you can get someone to do all these steps, you can get someone to wait 24 hours as well.
We use Android based devices internally with apps which aren't signed. I've had way too much trouble with Google flagging an internal app as problematic and then getting no where with Google "support" when we still used Google play.
The 24 hour wait is especially problematic because we often simply factory reset a device and preload it of there is any form of trouble.
This is just a power grab to lock down the ecosystem more. And ironically this seems to because of the Epic lawsuit. Google is now aligning with the absolute minimum they saw Apple needed to implement.
This was never about safety. It was all about control. Desktop OSes have always allow installing any softwares and the world is still spinning. Not even macos overreach this hard.
There's no solutions because they specifically crafted the problem to not be solvable. No amount of compromises will stop them from advancing further.
I think Google is trying to solve the problem at the wrong level - people do not really understand their computing devices enough to understand the risks, they never had to learn or were taught how to use such devices, they were only told it's easy and to not ask questions. The interfaces are designed in a way that allows them to get by with almost no understanding of anything. Which is why such solutions may also be bypassed by a determined attacker. Such scams only really expose this fact. So there is no good way to differentiate between the two groups.
My solution is educating about smartphones and computers first. Not in an in-depth way, but people need to understand what "application", "verified" means and what are the risks. I think android cleaned up the abstraction enough to make this possible.
Being able to tell if an app came from a trusted company or not is a good thing, but I would rather such a solution be managed in an OS-independent way, not controlled by Google. Applications not authenticated by a company should not be second-tier citizens, but there should be a clear warning (and the users should already know the difference before even seeing this warning).
I think the scams and phishing also expose another important problem that nobody tried to tackle yet - you can't authenticate calls, sms messages or emails. There is no good way of telling if it's actually your bank calling you, or if it's just a scammer.
In the end, we also need to accept that not all scams can be prevented, at some point if someone is calling as a friend of your family member, and is asking to urgently transfer money to an unknown account, and you fall for this... I really can't think of a technological measure that would've helped, it's only you and your common sense.
There's no way this is really about scammers. I have never heard of scammers pushing sideloaded apps upon their victims in order to carry out their scams.
Would welcome evidence to the contrary. Is this truly a threat model that's seen in the wild?
My gut says no because social engineering is about hijacking legitimate, first-party processes. Scammers attack login credentials, MFA flows, and use first-party apps to maintain access (think remote control software like TeamViewer). These apps come from the Play Store, not from meticulously curated collections like F-Droid, and not from somebody pressuring you to sideload an APK.
And if scammers decide to use sideloading as an attack vector -- then like all the other security gates that can be defeated via social engineering, I expect they will find an end-run around this one as well. Either on a technical basis, or by social-engineering users into bumbling past it and on to the next stage of the scam.
Build an idiot-proof system and society will build a better idiot. And yeah, the rest of us only wind up slightly annoyed, _for now_, until Google tightens their grip further on some other flimsy pretext.
No, it is not. This is moving the goalposts. The original issue is developer verification. No appreciable harm prevention can or will come from forcing devs to identify themselves.
That's because most fraud uses social tactics and LEGITIMATE tools/software.
Impinging on my property rights cannot and will not protect fraud victims.
This 24-hour wait time nonsense is a humiliation ritual designed to invalidate any expectation of Android being an open platform. The messaging is very clear and the writing's on the wall now, there's nowhere to go from here but down.
Anytime I open the Play store it feels like I am getting hustled to install Scam Software I don't want. With Scam I mean either it is overblown with Ads or wants a subscription.
I really extremely rarely open the Play Store.
F-Droid is my place to. Even if the tools are simple, they are reliable.
Maybe Google is also scared, that with coding agents some OSS Tools improve that much that commercial alternatives don't matter.
>And what is malware? For [Android Ecosystem President], malware in the context of developer verification is an application package that “causes harm to the user’s device or personal data that the user did not intend.”
Like when Google, Facebook, Apple, Microsoft, et al. cooperated with¹ the unconstitutional and illegal² PRISM program to hand over bulk user data to the NSA without a warrant? That kind of harm to my personal data that I did not intend?
If so, I'd love to hear an explanation of why every Google/Alphabet, Facebook/Meta, and Microsoft application haven't been removed for being malware already.
There will no any benefit from using Android instead of iPhone if there's no sideloading.
As for the IDs, I think what happens is that Google sees no need to have hobbyists anymore in the ecosystem. Companies are easier to deal with, easier to change ecosystem to what's needed for Google. While for app development companies, there will be a single enterprise account with some ID used for many developers. And companies just shut up and follow almost any non-financial requirements Google wants to add.
In contrast, opensource developers frequently go public advocating for user privacy and data prorection, while companies tend to be on the same side as Google squeezing any bit of personal user data to sell it for any margin possible.
Is any open mobile device and OS ecosystem possible at this point of time, other than the hobbyist one? With closed gates of LTE/5G ecosystem it seems there's no such possible at all.
Although I'm slightly relieved there is a way out of Googles verification system, it's still pretty wild if you compare this to installing software on a Windows pc. I'm sure Microsoft is heading in the same direction with Windows, but today its still "only" a few confirmations to install anything.
This will sadly still put a major damper on adoption of open source apps, while giving a false sense of security that apps from the Play store are safe.
Years down the road, the low usage of apps installed from outside the Play store will be used as an argument for removing the functionality completely.
There's an interesting subset of Windows machines out there running in "S" mode [1]. This mode restricts the customer to only using applications from the Windows Store.
We get occasional support tickets about the popups that come when trying to run a regular installer while in this mode. Luckily, people can disable "S" mode, but there's no way to re-enable "S" mode without a fresh install.
Apple has been doing it for years not allowing "unsigned" software to be installed using the same "for the safety of the user" even against the user's wishes.
In addition to a enabling it in this onerous way, this should be a thing you can set when you first set up the phone after factory default: "I am technologically literate and I accept the risks of side loading indefinitely." If it's set once during set up then none of the vulnerable people will have it set for the lifetime of their phone. A scammer would have to factory reset their phone which would defeat the purpose of gaining access.
> Restart your phone and reauthenticate: This cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.
This is smart.
But putting my design hat on here: couldn't this be the whole approach? When enabling the "unverified apps" setting, the phone could terminate all running apps and calls before walking the user through the process.
Why do you even need the rest of the complexity -- if the fear is that non-savvy users are being coached into installing malware,then preventing comms while fiddling with the settings seems pretty OK?
You could even combine this with randomised UI, labels etc. so it's not possible to coach someone in advance about what to press.
As an idea, what about allowing the 24 hours to be bypassed using adb (edit: bypass to allow indefinitely, not just install a single app)?
I understand there is some problem trying to be solved here, but honestly this is still quite frustrating for legitimate uses. If this is the direction that computing is moving, I'd really rather there were separate products available for power users/devs that reflected our different usage.
Right, if this is being built into AOSP I dont see how they wouldn't add an adb command to immediately skip the "Advanced Flow" wait. if it's safe to let uses run "adb install", then "adb skip-advanced-flow" should be just as safe to do too.
I'm surprised but happy to see you and so many others here saying this. In recent years it seemed like this 'hacker' community was all about Apple devices, but now that Google is going partway in the same direction, people aren't all just taking it.
Do you think there's two groups, and the people that cared simply went with Android and so there was never this outcry about installing free software on iOS, or that this will last only as long as the change still feels recent and like a new restriction?
The secret reason they are doing this is because governments want to be able to identify everyone online everywhere it matters at all time. They want to strip anonymity from computing.
Apple and Google can now credibly claim to governments to have nearly ubiquitous computing platforms that they can guarantee do not run any software that is not approved or antithetical to the goals of authorities. This makes the device safe for storing things like government IDs. OSs and Browsers will be required to present these IDs or at first just attest to them.
Before posting online, renting a server, using an app you will have to idenitfy yourself using your phone or similarly locked down PC (i.e. mac).
The introduction is under the guise as always of protecting the children. In reality they are removing your rights to privacy and free speech.
24 hour mandatory wait time to side load!? All apps I want to use on my phone are not in the Play Store. So I buy a new phone (or wipe a used phone) and then I can’t even use it for 24 hours?
1) The one-time, one-day waiting period only applies if you go through the advanced flow to allow installing unregistered apps. You can still install registered apps (ie. apps made by developers who have verified their identity) even if they're distributed outside the Play Store.
2) You can use ADB to immediately install unregistered apps. ADB installs are not subject to the waiting period.
So let's say I'm F-Droid, an organization making a direct competitor to the Google Play Store and openly pointing out how much scammy shit is available in that store. My options are 1) submit my identity to Google (my competitor) so they can identify me and choose to revoke that verification at any point, or 2) I can tell all my users that they must go through these scary dialogs AND wait 1 day before they can use my competing product? That's cool, glad we've got the options laid out in front of us.
I forgot 3) instruct my users how to use ADB from another computer to install my competing app. Awesome.
I want to use the apps that don't hellbent on your Google right away. This is MY phone. I paid my money. I don't want Google to dictate what I should do.
From purely a usability standpoint, not a freedom standpoint, I would actually be okay with that for my personal use if it stayed like that. But the point is that they're just making it worse and worse. They won't stop with this. I can arrange to do without an important app for a day, even if I had to get a new phone unexpectedly (If I had to skip attending an event and stay at home where my computer is, because I could only properly be on call with my sideloaded app, I'd chalk it up to an unusual situation). But it won't be long before they change it again.
Yeah, it's terrible. I buy a new phone and then can't effectively use it for 24 hours? Half my apps are downloaded from F-Droid, which I've used for over a decade. Just gives me another reason why I'm very happy to have recently moved over to GrapheneOS.
This news confirms my thoughts to abandon Google's line of Android upgrades at the first opportunity.
Even before Google's edict I disabled enforced Android updates in case that at Google's demand manufacturers slipstreamed some restrictive code that cannot be later removed. One only has to look at the disastrous precedent with Windows 11 to see how insidious and ever-increasing lock-in works.
Fact is Big Tech cannot be trusted and there's a long lineage to prove it—MS Windows, Sun/OpenOffice and many others—and now Android. To avoid future calamities like this and to ensure survival of F-Droid, et al we urgently need to break Big Tech's nexus with open source independent of Big Tech's control.
I can only hope more manufacturers are prepared to fork Android to cater for the upcoming demand.
I'd urge everyone here to seriously consider switching to GrapheneOS. It's a far simpler transition than e.g. switching from Windows or OSX to Linux, and many people find that it has basically no friction vs android.
More people moving to GrapheneOS is the best tool we have against Google's continued and escalating hostility to user freedom and privacy and general anti-competitive conduct. (Of course, you could ditch having a smartphone entirely..., but if you're willing to consider that you don't need me plugging an alternative).
I'd like to add that you can start in a really affordable way. E.g. the Pixel 9a is typically 350 Euro here and a perfectly fine way to start out with GrapheneOS - it still has years of support in it.
Would but unfortunately I got screwed with a locked bootloader, either going to go the dumbphone or the (much less practical) cyberdeck + SIM card route.
I'm not sure if I've heard this discussion from somewhere else and took it as my owm thought. Anyways, I consider this era the beginning of tech feudalism. I honestly don't think we'll be able to escape it. Please note I use Linux and GapheneOS as my two main daily drivers. Most normal people do not care and they think it's crazy I'd make my life so inconvenient. It's my perspective, but I believe users in general don't care, understand, and prefer convenience over choice. Which gives a lot of power to this push for max control. Wether we like it or not I think we won't be able to stop it. I'm not being negative about it or trying to demoralize anyone. We already have at least four basic tech-feudal states, Microsoft, Android, Apple, and Freedom-Software. Each one somewhat has a used base that reflects it's ideology.
> “In that 24-hour period, we think it becomes much harder for attackers to persist their attack,” said Samat. “In that time, you can probably find out that your loved one isn’t really being held in jail or that your bank account isn’t really under attack.”
I wanted to be negative about the whole idea, as due to my age I'm resentful of not being allowed to use my own computer as I see fit.
On the other hand, in principle I see what they're going for here. The only decent argument for these user-hostile lockdowns is the malware issue.
Even alternatives like GrapheneOS relies on AOSP. I wonder if it's possible for regulators in certain countries to pressure Google to kill it in the future.
Even if that's not the case, I'd imagine attestation apps like banking apps would require some kind of identity verification in exchange for trusting Graphene's keys.
In principle it doesn't make sense to leave any escape hatch, but I guess as always, it boils down to economy.
Or at least include this flag in the system backups and restore it upon switching to a new device...
If you get most/all of your apps from F-Droid, they're essentially establishing a policy of "any time you get a new phone, you can't use it for 24 hours", which is... insane?
"Android is one of the most open systems I've ever seen. What makes Android great is it's literally designed from the ground up to be customised in a very powerful way." -- Sundar Pichai
Oh, how times have changed. And so many believed this and repeated it.
> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.
I don't quite understand how those installs would be tracked. If I create a "hobbyist" account and share the apk, are the devices that install that app all reporting it to Google? To my knowledge, Google only does this through the optional Play Protect system, is that now no longer optional? I'd like to know if my computer is reporting every app I install up to Google.
Which I also don't like, but at least that can be done offline. The signature could be verified on device without sending everything to Google. If they have to track the 20 seats for the hobbyist accounts then they have to be tracking every single install
I mean, I'm happy to be conspiratorial about it too, I give Google no benefit of the doubt, but outside of Play Protect I don't think they explicitly say "your phone is telling us every app you install." This new feature is them making that explicit.
When I side-load open-source apps for other people, I want to do it right in the moment, not activate the feature, and the next time I see them (like half a year later), install the app.
When Google announced there would be an alternative installation method, I did not expect such a mess...
To their credit, the 24hr hold would actually serve an important, legitimate purpose if the same malware weren't going to be on the PlayStore anyway. I was expecting to disagree with their public statements more than I actually did on this topic.
This still isn't a good idea. It's not going to materially improve security for anyone, so all the negatives (beaten to death here and elsewhere) are still top-of-mind.
> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.
What stops scammers from simply creating a new hobbyist account for every 20 people they scam?
> Flip the toggle and tap to confirm you are not being coerced
This is just spreading fear. If you're being coerced to do this, then you're in a much bigger danger than what a rogue application sideloaded to your phone represents.
“Being coerced” typically means “you’re on the phone with a person who claims to be a bank representative and who is trying to push you into flipping the toggle.”
Find the email address of the CEO/board members. When you get this on your device. Let your thoughts be known to them with a screenshot. Feel free to use language that will make them feel dumb and sad. Don't expect them to understand logical arguments or pleas.
Companies get away from this because they distance themselves from their customers and they have systems to hide feedback.
How exactly is this going to stop scammers from simply modifying their scam runbook to say "Turn this thing on, and get back to me in 24 hours.", and then continue on from the next step?
We know from Nigerian email scams that these things can stretch out days, weeks, months, all to get the victim to do the thing.
> We know from Nigerian email scams that these things can stretch out days, weeks, months, all to get the victim to do the thing.
the real issue i think is using technology to stop a non-technology problem (scams) as that is a society problem
but it seems govts arent interested or incapable of solving the causes (education, opportunity, destitution, etc etc) and probably also influx of scams from sanctioned countries (again a society/world level problem) that cant participate in the world trade etc...
so they lean on the technology companies to lockdown things more because what else can they do?
The Nigerian type scams typically prey on greed; time pressure isn't part of the draw.
There's another class of scams where the draw is fear - "your son is in jail", "your bank account is under investigation and will be closed in 24 hours if you don't act now", &c. They rely on time pressure to prevent the victim from reaching out directly to the parties they're lying about and disproving the scam.
This is aimed at that particular type of scam and that particular type of victim.
Scammers will just start the process and call back the next day. There is an entire genre of scam relying on slowly building rapport and only cashing in once all the way at the end.
Unfortunately that's your own misunderstanding. iOS (as well as modern android) quite effectively prevent phone theft while the electronics are in transit along the last mile of the supply chain. Anything beyond that is a happy accident.
(I'm being a bit overly cynical there but IMO only the tiniest bit.)
So this means one can't just copy over unsigned apps from previous phone when transferring.
As others have suggested, there should be an option skip the 24hr wait when activating at setup time. Or, alternatively, when the previous phone one is transferring from has it enabled it should be without wait time on the new one.
It probably sounds like a nitty gritty detail here but who is enforcing the 24 hours and how are they enforcing it?
Because if that "enforcement" is Google then they are still engineering a situation where they hold the keys to the kingdom. They may benevolently let you install what you want, but the sword of damacles will hang over everyone forever, with the darth vader contract in full force ("pray we don't change the deal any further"). If nothing else, it will have a chilling effect. But more than likely, it will attract regulators like moths to a flame to coerce Google into banning their favorite open source apps that they don't like. In other words: it won't solve anything at all, really.
Honestly, if coerced sideloading is a real attack vector, then this seems to be a pretty fair compromise.
I just remain skeptical that this tactic is successful on modern Android, with all the settings and scare screens you need to go through in order to sideload an app and grant dangerous permissions.
I expect scammers will move to pre-packaged software with a bundled ADB client for Windows/Mac, then the flow is "enable developer options" -> "enable usb debugging" -> "install malware and grant permissions with one click over ADB". People with laptops are more lucrative targets anyway.
After today's announced policy goes into effect, it will be easier to coach users to install a Progressive Web App ("Installable Web Apps") than it will be to coach users to sideload a native Android app, even if the Android app has no permissions to do anything more than what an Installable Web App can do: make basic HTTPS requests and store some app-local data. (99% of apps need no more permissions than that!)
I think Google believes it should be easy to install a web app. It should be just as easy to sideload a native app with limited permissions. But it should be very hard/expensive for a malware author to anonymously distribute an app with the permission to intercept texts and calls.
I don't think Google has a strategy around what should be easy for users to do. PWAs still lack native capabilities and are obviously shortcuts to Chrome, and Google pushes developers to Trusted Web Activities which need to be published on the Play Store or sideloaded.
But these developer verification policies don't make any exceptions for permission-light apps, nor do they make it harder to sideload apps which request dangerous permissions, they just identify developers. I also suspect that making developer verification dependent on app manifest permissions opens up a bypass, as the package manager would need to check both on each update instead of just on first install.
The scam only has to work on a tiny slice of users, and the people who fall for fake bank alerts or package texts will march through a pile of Android warnigns if the script is convincing enough. Once the operator gets them onto a PC, the whole thing gets easier because ADB turns it into a guided install instead of a phone-only sideload.
That's why I don't think the extra prompts matter much beyond raising attacker cost a bit. Google is patching the visible path while the scam just moves one hop sideways.
> Honestly, if coerced sideloading is a real attack vector, [...]
I don't believe that it is. I follow this "scene" pretty closely, and that means I read about successful scams all the time. They happen in huge numbers. Yet I have never encountered a reliable report of one that utilized a "sideloaded"[1] malicious app. Not once. Phishing email messages and web sites, sure. This change will not help counter those, though.
I don't even see what you could accomplish with a malicious app that you couldn't otherwise. I would certainly be interested to hear of any real world cases demonstrating the danger.
[1] When I was a kid, this was called "installing."
This is the thing that bothers me the most about this. It is as if even the HN crowd is taking it as given that malware is this big problem for banking on Android but in reality there seems to be very little evidence to back this up. I regularly read local (Finnish) news stories about scams and they always seem to be about purely social engineering via whatsapp or the scammer calling their number and convincing the victim they are a banking official or police etc.
That's why I'm inclined to believe Google is just using safety as an excuse to further leverage their monopoly.
Hmm, as long as the waiting period is not per-app then maybe this is OK. Especially now that there is a well supported way to distribute alternative app stores without going through the sideloading process.
This is getting a ton of hate here, but I think it feels like a pretty reasonably balanced response to competing concerns: protecting literally billions of non-tech-savvy users from potentially malicious social-engineering attacks while allowing devs and tech-savvy a path to bypass that protection if they’re sure they want to.
What concrete change to the policy would be a strict Pareto improvement keeping just those two concerns in mind?
I'm pretty surprised at the amount of hate here. All the "just build it ourselves!" and "Google wants your data", and almost no top-level comments even discussing the difficulty of dealing with malware and social engineering.
There are at least three moral arguments that can be made:
- Google, as a capitalist company, is ignoring the privacy and FOSS implications, and is guilty of screwing the customer due to greed
- Regular, non-tech folks are constantly being robbed of their privacy, money, and/or identity through malware and social engineering attacks, and Google is guilty of not doing enough to protect them
- Enabling malware delivery and use props up criminals and known bad actors (e.g., north korean), and by not stopping this Google is guilty of supporting these bad actors
I'm not seeing either of those last two points being made strongly. Maybe it's just not the target audience — people here aren't as likely to be scammed, and few of us are regularly thinking about north korea — but I'd expect to see more consideration for the costs of inaction here.
It’s pretty common for techies to overestimate how widely their opinions and desires are shared. If you think a good chunk of the population wants to sideload apps, then this feels like an attack. But it’s really just a decision not to cater to a tiny fraction of the market. It’s the same thing in discussions about headphone jacks or small phones. People act like it’s nefarious, when really it’s just that their desire for those things is pretty uncommon.
Personally I think there should be a lot more work done on how to secure arbitrary apps from arbitrary sources so that they are unable to hurt people, rather than focusing so much on on preventing random apps from being installed in the first place. This would help the average person as well, since these walled gardens still make mistakes. But it’s not realistic to put a box in everyone’s pockets that’s three taps away from sending all their money to some dude in Laos.
If this becomes widely successful and side-loaded crapware apps and Android phone scammers drop off a cliff, we will still be upset because we want a perfect world where everyone is above average in their digital security. Time boxing is a great compromise and you've lost none of your previous freedoms. Guaranteed convenience of side-loaded software was never in the Android terms of use.
Reminder that when you use terminology like "sideloading" you're accepting the premise that there's something inherently dodgy about installing your software onto your operating system.
Could this be worked around by installing a single shell app which then loads other apps internally? I think it's possible to dynamically load Dalvik byte code in ART these days, right?
Obviously permissions would be a problem, as you can't update the app manifest, so there would either have to be one shell app per publisher (which would at least solve the problem of installing updates for their apps) or the shell would need its own internal system for managing permissions (like a browser does). Maybe it could also sandbox different apps from each other in different subprocesses, unless that needs root privileges, but maybe it's possible with Landlock?
Or we can always fall back to the "sweet solution" Steve Jobs offered us with the original iPhone, and just let the web browser be the shell.
That would be very similar to LiveContainer for iOS [1]. I think that unsandboxed JIT is still possible as of Android 16, but Google has been cracking down on it.
I get that its pretty clear with the straight sideloading case, but can anyone say for sure what this will look like for an f-droid user? Its hard to keep track but I thought something new here because of EU is that alternative app stores != sideloading? Something where app stores could choose themselves to get "verified," whatever that means, to become a trusted vendor? Or is this completely wrong?
The alleged inability of a company like Google to create an operating system that makes banking apps secure while allowing users to install whatever they like is very implausible. Android apps are already sandboxed and have fine-grained access control, and the operating system controls everything that is painted on the screen.
The security justification for this measure is not credible.
I am not happy about this, but as long as advanced Android users can still turn this off and keep it off, we're still in a better place than iOS.
Even though I understand the design decisions here, I think we're going about this the wrong way. Sure, users can be pressured into allowing unverified apps and installing malware, and adding a 24-hour delay will probably reduce the number of victims, but ultimately, the real solution here is user education, not technological guardrails.
If I want to completely nuke my phone with malware, Google shouldn't stand in my way. Why not just force me to read some sort of "If someone is rushing you to do this, it is probably an attack" message before letting me adjust this setting?
Anyone who ignores that warning is probably going to still fall for the scam. If anything, scammers will just communicate the new process, and it risks sounding even more legitimate if they have to go through more Google-centric steps.
I wonder how long this will last before they lock it down further. There was a lot of pushback this time around and they still ended up increasing the temperature of the metaphorical boiling frog. It still seems like they're pushing towards the Apple model where those who don't want to self-dox and/or pay get a very limited key (what Google currently calls "limited distribution accounts").
I mean the writing's on the wall, they just don't want to do it all at once to avoid backlash. I wouldn't be surprised if they kill sideloading completely several years down the road.
The timing is interesting. With the measurable shift in quality of models and the agentic workflow becoming more popular (exacerbated by SaaS companies trying to democratise app building), there will probably an explosion of even more apps (as if there aren't enough already). The programmer in me likes that because I can easily build an app that is specific to my needs. But so can a person who doesn't have the technical background which combined with poor security track record of LLM generated code, is a risky combination security-wise. Not sure if that was actually the motivation or whether it was preserving the revenue from the developer ecosystem by creating another walled garden.
There are multiple apps that I know and want to use that are no longer available on Play Store, but only via Zapstore, Obtanium or similar. I'm just hoping that these changes don't affect solutions like GrapheneOS or that we will soon get linux based phone that's good...
It's not like the Google Play store hasn't been known to host malicious apps, yet you are not required to wait 24 hours before you install apps from their store.
I suspect they are hoping users just give up and go to the play store instead. Google touts about "Play Protect" which scans all apps on the device, even those from unknown sources so these measures can barely be justified.
Imagine if Microsoft said you need to wait 24 hours before installing a program not from their store, which is against the entire premise of windows.
Computing, I once believed was based on an open idea that people made software and you could install it freely, yes there are bad actors, but that's why we had antivirus and other protection methods, now we're inch by inch losing those freedoms. iOS wants you to enter your date of birth now.
The future feels very uncertain, but we need to protect the little freedoms we have left, once they're gone, they're gone for good.
Supported Android since the beta m3 SDK in 2008 (ok, I was in high school, but I still downloaded it!) Never considered abandoning it before now.
It's time to leave Android.
Call me naive, but despite the feeling in my gut I was holding out for Google's answer. Reading what it is, this is still going way too far. You essentially need to be a developer in order to sideload, which brings Android down to parity with iOS.
No, being able to sideload (on my phones, AND friends and family as-needed) is a fundamental computing right. This is my personal belief. And this move by Google is a step too far.
I switched to iOS in anticipation of this change. The reality is, if they are thinking about doing this, it's only a matter of time before they do it. If I have to choose between two walled gardens, apple will win every time.
I've been slowly degoogling because of how Google is treating Android. It's slow, but I've been setting up emails on other providers, stopped using Google search, stopped uploading photos etc.
This is destroying and devaluing the app ecosystem on all platforms, discouraging companies from treating it as a stable target, right when Apple is gaining dominant market share.
Is it really worth executing payments, maps, geospatial APIs, etc. on one platform if >30% of your customer base can't use it and it changes every 6 months (because that's what they've engineered)? No. Who wants to maintain that?
Then what is the interface people are pushed to? The browser, where Google historically dominates.
This is the main thing that Android users have been saying is the differentiator for them using Android, and they're butchering it in multiple ways. Wild.
I feel like loading sideloaded applications it's locked enough, google created google protect (which I have disable) but it if you have it enabled you are unable to instal sideloaded apps, also you have to accept the prompt to accept the app you're installing from and the prompt from your android to let you install sideloaded apps, like how many prompts is enough?
now also a fee and verification.
Most of the apps I enjoy the most are in alternatives stores.
Ankidroid,keeepassxc,revanced, newpipe,tubular.
Same here! I've traded some privacy for freedom, but if they take away freedom, I'm still paying the privacy price. In this scenario, there is nothing left for me here. So Apple beckons.
I feel like there's a big thing being missed in all of this, which is that F-Droid lives. I scrolled through hundreds of comments so far and not seen anyone make this observation.
Do I love it? Absolutely not. But F-Droid was facing an existential threat from the early early versions of the proposal and now will continue to live. Again, I don't love it but this is a huge change to the fate of F-Droid.
Well, Google is keeping the fees and the ID requirements for devs, while also vastly shrinking the population that will be willing to get permission to sideload from Google, decimating much of F-Droid's reach. They are basically attacking freedom on both sides, clamping down and extracting on the supply side, and creating friction and confusion on the demand side.
I'm extremely worried for the future of open source on mobile operating systems. We traded freedom for convenience.
TBH it is a little surprising, because one option available to Google was staying the course and hiding behind their Epic court loss.
"Everyone can still access F-Droid, it just has to live in the Play Store. We're bound by law to support alternative app stores now anyways. Everyone wins!"
The measures seem a lot less restrictive than I expected. 24h wait time is nothing if you suppress your ego, developer options is already the first thing I enable, an open adb channel is and will be a constant choice and the one-time-forever option a neat convenience. They could kill user experience for all but it's more a friction and not a restriction.
> Install apps: Once you confirm you understand the risks, you’re all set to install apps from unverified developers, with the option of enabling for 7 days or indefinitely. For safety, you’ll still see a warning that the app is from an unverified developer, but you can just tap “Install Anyway.”
If you can enable this once, forever, after a 24 hour cooldown period I don't hate this as much as I hated some of the other proposals from Google. It'll just be something you do as part of the setup for a new phone.
Could the title say "process to install non-curated Android apps"? "Sideload" and "unverified" imply that the collection of centrally approved apps is the default way to install software.
Or maybe it is and android's promises about openness are dead.
I think this topic is not about safety, but about profit and responsibilities.
The reality is that users should take responsibility but are not allowed to, so Google takes over and makes a profit.
You don't need a CS degree to use a phone, but you can be a power user by time....but not anymore, the company needs you to stay fool and pay for "help" (not directly sometime).
This is a marketing tactic, similar to a side-load.
At this point the meta for tech inclined people is to go full dumbphone, get a UMPC with SIM card support, cobble together a cyberdeck with a SIM module, or building an ESP32 powered cellphone (https://www.xda-developers.com/someone-made-a-4g-esp32-smart...). RIP F-Droid.
The 24 hour wait period is the largest of the annoyances in this list, but given that adb installs still work, I think this is a list of things I can ultimately live with.
Nothing screams being infantilised by your platform more than having to wait 24 hours to be allowed to install software on your own purchased computing devices.
It'd be nice if they put a little sticker on the box or a flashing warning when you go to buy the phone noting that you'll be unable to use it as you desire for 24 hours if you are not willing to bend over to your corporate overlord.
Alternatives like GrapheneOS and Lineage are the way to go for right now, but I worry as things get more and more locked down that those options won't work with a lot of apps.
> I worry as things get more and more locked down that those options won't work with a lot of apps
I am increasingly interested in a dual-prong approach of building a parallel world of OSS apps, platforms, etc, plus an adversarial inter-op project for duping and wrapping apps/services from the commercial/normie world. We have some solid bases with Android/Graphene, Linux more broadly, wine, and Android VMs like Waydroid. Even if things don't get a lot of users, if the users it has are highly technical on average things can probably chug along.
Yeah, I do hope that an "inter-op" idea can be possible, otherwise anyone who doesn't want to join the duopoly fully will slowly be unable to interact with more and more aspects of commerce, government, etc. I guess the GrapheneOS method of integrating Play Services but keeping the user in control (e.g., being able to block Play apps' internet connections) is something like that, but ultimately it's controlled by Google and there are problems with Play Integrity, meaning some things just don't work.
That's not entirely unreasonable. As long as there is a way to enable this in perpetuity for my device(s) and it works for all Android devices it's a compromise I could live with.
Again, can we, please, stop call it side-loading. I'm not sliding in anything "from the side" on the sly, I am simply installing an app of my choice on my damn phone.
Tbh, I love this flow. They truely think for users, all users not just advanced users. Unlike Apple, Apple just think for its ecosystem, its money.
How the advanced flow works for users
Enable developer mode in system settings: Activating this is simple. This prevents accidental triggers or "one-tap" bypasses often used in high-pressure scams.
Confirm you aren't being coached: There is a quick check to make sure that no one is talking you into turning off your security. While power users know how to vet apps, scammers often pressure victims into disabling protections.
Restart your phone and reauthenticate: This cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.
Come back after the protective waiting period and verify: There is a one-time, one-day wait and then you can confirm that this is really you who’s making this change with our biometric authentication (fingerprint or face unlock) or device PIN. Scammers rely on manufactured urgency, so this breaks their spell and gives you time to think.
Install apps: Once you confirm you understand the risks, you’re all set to install apps from unverified developers, with the option of enabling for 7 days or indefinitely. For safety, you’ll still see a warning that the app is from an unverified developer, but you can just tap “Install Anyway.”
This is great news for my wife and my parents, but it would really be nice to have the choice when it comes to my phone's OS. Just like I had with Linux. I boggles my mind how the components in a phone are somehow different to the components in a PC in that they are unaccessible to people who write drivers for them.
Android should be freed from Google. I know, I know, not realistic, not easy to do, but still. With that I mean there should be only open source software at all times, at the least for any base system to use (so, not only Google but ALL of them; this is a different focus than open source alternatives).
This seems like a good solution that will put a sizeable dent in scam success rates while not actually removing options for developers and power users. The added friction will make some people bounce off F-Droid and the likes which is unfortunate, but the wins here in scam prevention are much bigger than the losses in onboarding power users.
Do you need a Google account to opt out of the restriction? It says something about authenticating.
I don't have a Google account on my Androids. But I can't remove play services on them, sadly. As an intermediate protection I just don't sign in to Google play, that gives them at least a bit less identifying information to play with.
Since after doing this Google knows the user knows what they're doing (and officially they say they don't want to get in the way), why does this only enable installing unverified apps (still unprivileged), why is the system still insanely locked down? I thought the 24-hour delay solved the "security" problem?
People already have the choice between an ecosystem that offers the safety of a walled garden and one that allows the freedom to do anything you like, including shooting yourself in the foot.
Google's decision to walk back the supposed freedom to run anything you like removes user choice from the marketplace and harms consumers.
It'll be interesting to see how the timing is enforced. Can you just set up your own NTP server to fool your phone into thinking it's really the future (and not just you adjusting your phone's clock manually). Will Google run a clock that you have to get a timestamp from (would it be easy to setup your own MITM proxy to get around this?). If the time somehow jumped backwards, would you lose the ability to install apps? Can google remotely disable this after it's already enabled (I think yes)?
I think it would be a bad idea to require an internet connection (for one thing, you might want to write your own app that does not require a internet connection); but, even if it doesn't, would not mean you can set the clock to avoid the delay, because it could be made to reset the delay if the clock is set.
The fact that I can sideload whatever I need and stay out of Google's ecosystem is the whole reason I use Android. Given the miserable choice between two fully locked-down platforms, why would I pick theirs?
A lot of people here are looking for compromises. Any compromise on this means giving ground to Google's monopoly and the war on open computing and ultimately freedom.
This is exactly what Google intended. This is why they started off by announcing completely removing device owner chosen installs (this is not side loading! It's simply installing.) and announced only apps allowed by Google would be available for install.
They knew it would cause backlash. They anticipated that and planned ahead faking a compromise.
They are trying to boil us like frogs by so slowly raising the temperature so we do not notice. Whenever the water gets so warm that people do notice they cool it down a little. But they will turn up the the heat again!
This 24h window is designed to make device owner controlled installs as unattractive as possible. They try to reduce it as much as they can while having plausible deniability ("You can still install apps not whitelisted by us"). They want to get the concept of people installing software of their own choice onto their own device as far away from the mainstream as possible. They want to marginalize it. They want to slowly and quietly kill off the open Android app ecosystem by reducing the user base.
The next step will be them claiming that barely anyone is installing apps not signed by them anyway. First they make people jump through ridiculous hoops to install non whitelisted apps, then they use the fact that few people jump through these hoops to justify removing the ability altogether.
Google does not care about preventing scams. If they did they would do something against the massive amount of scam ads that they host. Scams are just their "think of the children".
Do not play by their playbook!
Do not give them ground!
We must not accept any restrictions on the software we run on our own devices. The concept of ownership, personal autonomy and choice are being dismantled. Our freedom is the target of a slow, long waging war. This is yet another attack.
We must not compromise with the attacker. We must not give them any centimeter of ground.
im just as much of a hater of this as the next guy, because i depend on custom apks for work sometimes. pushing custom apks over adb is apparently going to be fine, so if that holds true, i dont care about this. at the end of the day, buying an android phone is buying a google device. i dont get the righteousness here. wouldnt this energy be better spent on discussing how we could make a new open source os to rival that of google? why would anyone at google (company at the forefront of anti privacy measures) care about what some nerds on the internet think about privacy? its like an ant screaming in front of an approaching bulldozer.
It's a pretty dire situation. There are two major options. iOS is iOS. Android is at least somewhat open and Google free Android actually exists.
The problem is that you often need a smartphone running either Android or iOS to participate in modern life. Unfortunately when running Android many apps that one might be more or less forced to use do not just require AOSP, but expect the presence of the proprietary Google services malware.
If we want to create an independent mobile OS AOSP might actually be a good start. We're just faced with a world that is actively harmful to people having control over their device and data.
I read several articles about this today, and surprisingly, found this video more clear and easy to understand what is the situation https://youtu.be/-WF34Sgq76c
So what's the solution? Graphene OS? Let's convince everyone we know to buy the upcoming Motorola phone. If it's sales hit 10s or 100s of million devices, only then Google will listen.
So this effectively means, if you buy a new phone and want to set it up, you'll have to do it tomorrow, because of an arbitrary flow Google created to save their play store percentages...
The 7 days vs forever choice is still crappy and gives me a bit of bad vibes considering they are the ones that pulled the youtube promotions (shorts, games) you can never turn off forever, so there's the concern they will remove the forever option from Android in the future. But as long as they don't end up doing that, it's fine for me.
Also, I do think it would be a good idea to make an exception to the 24-hour wait time if the phone is new enough (e.g. onboarding steps were completed less than one day ago), and/or through some specific bypass method using ADB. Power users who get a new phone want to set it up with all their cool apps and trinkets right away, and it's not good user experience to have to use ADB to install every single sideloaded app. Meanwhile a a regular user getting scammed right after getting a new phone is statistically unlikely.
I think I would be fine with that if they also provided the option to check the box immediately when you first setup your account on a new phone. I don't want to wait for 24 hours every time I change phones.
The only reason I stuck with Android was to have the freedom to basically install anything I like. This is not a solution, much less to any problem which existed before. I don't think my next phone will be Android.
There are numerous alternative operating systems and variants out there that should get more of our attention now. There's a mobile ubuntu, e/os , and more.
How does it track time? Is it possible that user will just change current time to the future to instantly process the request? Is it possible to track time "safely"?
That's just friggin great, except for those who use newer phones from Cricket - who disables developer mode for until the phone's been active on their network for 6 months...
Some years ago had a scam call about my "router connection error logs" and "I needed" to install TeamViewer from the PlayStore... So can't imagine what is this going stop
I'll say it again: this isn't a problem for Android to solve. Scammers will naturally adapt their "processes" to account for this 24-hour requirement and IMO it might make it seem more legitimate to the victim because there's less urgency.
The onus of protecting people's wealth should fall on the bank / institution who manages that persons wealth.
Nevertheless, this solution is better than ID verification for devs.
Why should the bank/institution be responsible for protecting individuals from themselves? They don't have police power- protecting people from bad actors is like, the reason to have a state. If the state wishes to farm it out to third parties, then we don't need the state anymore!
Yea I have no idea why the original commenter thinks Banks should have the power to tell me what I can and can't do with my own money.
It's nice that Zelle has checks and identity information shown to you when you're sending money, but if I click through 5 screens that say "Yes I know this person" but I actually don't.....no amount of regulation is going to solve that.
The bank/institution is where the money is leaving from therefore they should implement policies that protect vulnerable customers like seniors, for example. I don't know how that looks but it seems reasonable that they could put limits on an account flagged "vulnerable person"
I'm not sure what you're getting at with the rant about police power and a state? Google isn't the government either. What would legislation provide that banks can't already do today?
> I'll say it again: this isn't a problem for Android to solve.
They're not solving that problem. They're using it as an excuse to lock down the platform further and assume more control. Any incidental benefit for user "security" is an unintended consequence of their real agenda.
I'd rather not have to go through this ritual, but I appreciate that there is a genuine security problem that google are trying to address. I also suspect that they have other motivations bound-up in this - principally discouraging use of alternative app stores. But basically I could live with this process.
Yeah, I know... Stockholm syndrome...
Although I may not have to live with it, as none of my present devices are recent enough to still receive ota updates.
Context: I don't use alternative app stores. I occasionally side-load updates to apps that I've written myself, and very occasionally third party apps from trusted sources.
I don't think developers targeting alternative app stores would care much about having to perform verified developer registration. Particularly apps that are available in both Play Store and alternative app stores.
Unfortunately for making and spending my money, I am forced to have a phone. Either Android or Apple. I need my authenticators for work, banking apps etc. Will consider graphene os, not sure if it supports all the things I need. Otherwise I will get the cheapest iphone, only install required stuff and get a nice small laptop to carry around. Unfortunately I need to be reachable by phone (elder care) and dumb phones I think do not support authenticators/banking apps?
Maybe if the Jolla folks were serious about making inroads in the market for personal mobile devices that they're ostensibly trying to compete in. But they're just as deluded and as doomed as their Meego/Maemo/Moblin predecessors about the value proposition that the SDKs and system software they ship has with the market segment they're targeting.
I hate it of course, but I think for once there is a solution: just go for an alternative AOSP-based OS. Preferably GrapheneOS (soon available on Motorola phones).
The truth is that 99.9% of the people don't care. The remaining 0.1% is perfectly capable to use GrapheneOS.
I can see that majority of response is negative, being mobile developer myself I can understand.
What's the solution for 3rd world countries where 80% phones are android (and usually old/low spec) that balances freedom for knowledgeable users vs security/safety for the majority of users? you can roughly understand education level and tech literacy for the majority of people in 3rd world countries.
I had a taxi driver ask me for help with their Android phone after their kid did something and now their phone kept getting ads every 5 minutes in every app no matter what they were doing
It's a little inconvenient for someone setting up a new phone to have to wait a full day to install unregistered apps. But while I can't speak for others, it's a price I'm personally willing to pay to make the types of scams they mention much less effective. The perfect is the enemy of the good.
How would you feel about needing to wait 24 hours to visit an "unapproved" website on your phone? You would pay Google/Apple $25 to get whitelisted so people can browse to your personal website without getting a scary security message.
This is the same thing since it applies to all apps, not just apps that need special permissions.
I don't think it's fair to extend the analogy to what amounts to censorship of websites since that's not the system they're proposing. Also isn't the owner of a website already identifying themselves when they register their domain name and/or rent a server? I think this is not the same as downloading an app by an unknown developer.
From the article I understood this to be a one-time delay, as opposed to having to go through the same waiting process for every single "unlicensed" app I want to install (which I would not accept). I'm just waiting 24 hours once to permanently change my device into a mode where I can install any app I like without any restrictions/delays whatsoever.
On what basis do you believe that it will meaningfully reduce the dollars lost or persons harmed by fraud, as opposed to simple shuffling around the exact means used?
Well maybe nothing ultimately changes. Maybe we end up in a world where Android users have to wait 24 hours to change a setting so that their devices will install any apps they want, from then on with no further delays. But this seems to me like a relatively low cost for a potentially huge benefit for victims.
Give me a break bro. Google are among the biggest crooks in the game and knowingly allow all kinds of fraudsters to use their ad platform. This is all about ensuring their cut.
A king wanted to test the complacency of his subjects. He put a toll on a bridge. There were some noises but eventually everyone got used to it. He slowly kept increasing the toll, which came with increasing noises which would all eventually subside. He decided to take it a step further. He proclaimed that anyone crossing the bridge will be slapped by one of his guards. This time the protests were stronger and getting bigger. He thought "thank God my populace has woken up". He went outside to meet the leaders of the protesters and asked why are they protesting. The leaders said: "you started taking toll, we said nothing, you kept increasing it, we said nothing. But with this new policy, there's only 2 guards delivering the slaps, leading to huge line ups. So we demand that you employ more guards at the bridge to ensure faster slaps and smooth flow of traffic."
Newspeak is the trademark of oppressive regimes. Can we please not overexert ourselves in trying to please the global tech companies by pre-emptively changing our language?
Google details new process to install unverified Android apps. The sentence is much more clear using established language. Not "side-load", whatever that means.
Meh. I get the annoyance, but it's a one time cost for a small subset of their users. I would prefer if there was a flow during device setup that allowed you to opt into developer mode (with all the attendant big scary warnings), but it's a pretty reasonable balance for the vast majority of their users. (I suspect the number of scammers that are able to get a victim to buy a whole new device and onboard it is probably very low).
They'll just remove the "Advanced" ability in a few years once they've frog boiled people into jumping through hoops to use their phone the way they want.
Developers, including non-US citizens, are forced to give Google their government ID to distribute apps. This enables Google to track and censor projects, like NewPipe, an alternative open source Youtube frontend, by revoking signing permissions for developers.
>Developers, including non-US citizens, are forced to give Google their government ID to distribute apps.
Developers can choose to not undergo verification, thereby remaining anonymous. The only change is that their applications will need to be installed via ADB and/or this new advanced flow on certified Android devices.
Either way, you can still distribute your apps wherever you want. If you verify your identity, then there are no changes to the existing installation flow from a user perspective. If you choose not to verify your identity, then the installation will still be possible but only through high-friction methods (ADB, advanced flow). These methods are high-friction so anonymous scammers can't easily coerce their victims into installing malicious software.
This. Side loading being restricted is only one part of the problem; the other is mandatory developer verification for apps distributed through the Play Store.
That's not correct - the flow described in the post outlines the requirements to install any apps that haven't had their signature registered with Google.
That means those apps still keep on existing, they are just more of a hassle to install.
Is this in AOSP? I was assuming the changes are to GMS. I should hope that no distributor of AOSP(-based) images include this code anyway so it's just on the google devices
"Sideload", "unverified"!!! Woaa, careful now, we can't guarantee for anything!! Danger, danger!
How much can you twist words and language to engage in fear mongering? The headline could just as well have been "install", and "free choice" and "Google gatekeeps".
F-Droid. And also by Google's definition, everything I install from F-Droid. So Antennapod (Podcasts), ConnectBot, DAVx (sync my Fastmail calendar to my phone), Etar (Calendar app), Jellyfin (media player), Jiten (JP dictionary), KOReader (ebook reader), OsmAnd~ (Maps), VLC.
Meanwhile from the Play Store I have Bitwarden, Firefox, 2 banking apps, a few airline apps, Wireguard and Whatsapp. So I actually have more from F-Droid than the Play Store from what I regularly use.
Why not grab Fennec from f-droid as well? It used to also have more features, I'm not sure if that's still the case but might as well go with the open source build
I sideload no apps. I install most apps from either F-Droid main, or an other repo.
> Why those apps are not in a store?
All of them are in a repository. Just only the state sponsored ID-app is only available via the ad-infected Google RAT delivery service, also known as Google Play.
Every non-stock app on my phone was installed from an APK directly downloaded from the manufacturer or open source developer's site / Github releases. I've never had a Google Play account and have never used any Android "app store".
I switched from iOS to Android about three years ago. I saved all the APKs for everything I installed (or updated). When I got a new phone last fall it was pleasantly like geting a new PC. I imported my SMS and contacts from my last backup, then installed all the apps I use and imported or manually set any settings I wanted to customize.
The biggest pain was having to manually logon the couple of sites I allow to keep persistent cookies since device owners aren't allowed to just import/export cookies from mobile Chrome.
I _install_ apps through F-Droid, because on average, they are much less user-hostile. Less tracking, less accounts, less shenanigans. Built for usefulness rather than profit extraction. Which apps it shows is also 0% influenced by ads and other commercial value, whereas on Google's store, it's the opposite as it's the biggest factor.
Would Obtainium continue to work? I like the freedom of entrusting developers I know and installing APKs from repositories instead of restricting myself to app stores whose publishers have to be identified and approved by an advertising company.
Even if all my apps were from Google Play, it's not up to Google to remotely decide what code I can and cannot run on my device.
Especially important when talking about whole population.
Apart from why "those apps are not in a store", there's very good reason to want to use an alternative source for your applications. F-droid is a far safer source than google play is, because they actually vet the source code and project and build it themselves. You are far more likely to download malware from google's official 'safe' sources than from F-droid, and hence it's my first option when searching for simple utility applications because the top results on google play will be utterly infested with ads and tracking at minimum.
What? No requirement to personally bring in a form in triplicate to the Google office in Siberia, of course notarized by the Pope and Zendaya, and simply prove it was signed on the moon.
So much hassle to enable sideloading that I just... don't want to use Android? Having to go through 5 different menus, 3 different warnings AND wait 24 hours to install F-Droid? fuck no.
Yet more reasons to keep using an old rooted Android for as long as possible and contribute to any efforts that make it easier to do so. I suspect the reason Android become dominant was the ease of modding and the community that created, and now they're trying to turn it into another authoritarian walled-garden like Apple. To paraphrase the famous Torvalds: "Google, fuck you!"
"Those who give up freedom for security deserve neither."
This comment makes no sense to me. As an individual user, opting out takes 24 hours and is much easier than rooting. Either your criticism is that this is prohibitive for too many users who aren't likely to care enough to ever root their phone (which might be fair, but your response doesn't fit) or it is that Google is locking down the ecosystem for some nefarious purpose (they're evidently not).
A big problem that causes gullible people to follow scammers guidance is that real software with legit and important functionality is often utter crap and requires regularly dismissing various big red warning screens like expired or misconfogured ssl certs on the web, etc. People are taught to not take warning screens seriously because they often have to be bypassed for legit reasons.
Imagine if Microsoft did that with Windows. Absurd. The difference between Microsoft and Google seems to be that Microsoft accepts a small fraction of not-so-bright users getting scammed, because this is obviously much less bad than locking down the OS for everyone. (I say this as someone who is usually much more positive about Google than about Microsoft.)
I’m often annoyed at the 10 second timeout when installing Firefox extensions - 24 hours is beyond egregious. Telling me to come back tomorrow to install software on a device I own is a giant “fuck you”. Pretty sure I’d rather they banned side loading outright than this
From my read, it's explicitly a one-time thing. Presumably that means that even if you pick the "allow for 7 days" option, you can re-enable it after that without a delay (maybe with a reboot?).
I hate this. GrapheneOS all the way. I'll never purchase devices that force this on users without a simple way to opt out. I'm done with Google. Glad I cut all ties with that entity over the last few years. Just despicable.
Non-playstore applications will have restricted access(sms/telephony), and bit by bit the screws will be tightened.
"Only 0.0004% of the userbase installs after the initial 24 period, greater than x% take 48 hours or more so the 24hr window is now 72hr", and repeat until its all nice and locked down for them.
"Your google play account will now need ID to prevent children accessing adult software" will come along not long after. For the children.
Most of the problems are with the ease of modifications. Regular Linux based distro, with it's shared library model, masses of packages, and a proper packaging system, etc., will allow you fairly easily to just take any package, patch it however you like and just re-compile and install just the updated package. It's usually not a very hard process (well, Debian...) but there are distros where this is very simple, like Arch Linux, or Slackware.
I mean how do I just take some random Android phone and patch out something I don't like in one of the apps, or improve some behavior I don't like in one of the core libraries (like allow the fucking phone to be fucking woken up predictably by a background app, without some stupid mean-well logic trying to prevent predictable behavior, because waking up for 500ms every 5 minutes is "draing the battery too much" or some such nonsense)
There's usually not even a SW distribution, let alone a sane system for updating just one thing, without downloading 3 HDDs full of dev dependencies and re-building everything. Then HW is locked down, SW is locked down on purpose and just by sheer hostility to incremental individual small changes.
Whole ecosystem has to be designed around the FOSS ethos of giving the user access to code for purpose of them being reasonably able to actually do something with it to incrementally improve their experience, and not just to look at it pretty.
RHEL has Fedora upstream. There's a group of people who regularly contribute to those projects on their own time and the userland for Fedora is made up primarily of FOSS where people routinely try to consolidate popular features into main code branches. There's a truly free software project that is the main project that someone provides paid support for. Fedora drives the evolution of the system; RHEL just gives a way to make that evolution palatable to the suits.
Android has the AOSP but it's not the driver of Android as a platform. For the most part, the evolution is driven by a bunch of closed-source applications that Google and OEMs happen to run on Android. Those parties derive competitive advantage and brand identity from the proprietary code that runs on top of the Android OS, and don't make a habit of merging much of that into the project. There are the system-wide improvements that get updated, sure, but the ethos is not to keep the code moving up the chain into the project so that anyone can take it and do what they want with it for free.
It's a hard difference to describe but it's there.
I hate to say it, but I'm somewhat in agreement. I don't know why there's a allow 3 days/allow forever option. That's the only thing that's suspicious.
Assuming the requirements are actually justified, this seems like a tolerable compromise.
The constant sociopathic nudging from Google to do this or that to use something that was absolutely normal before or to enable something I didn't want and slowly removing reasonable options in favor of their dark pattern preferences was what made me to degoogle ~10 years ago, and they just seem to continue on the march to their dark side unconcerned.
I think most people here live too much in their tech bubble and don't realize how dumb the vast majority of people are when it comes to tech. I know that feeling myself that you lose the grip to "reality" when you are too much into tech, but after dealing a bit with "ordinary" people, I do understand why Google wants to do that.
Most people have absolutely no idea about tech at all. So many people don't even know what exactly a browser is, what a "tab" means or can't even get to install an iPad. Google mainly has to take care of these people, not people who install apps using F-Droid. Go to the streets and ask strangers if they know what F-Droid is, and if they don't, try to explain it to them.
The 24 hour wait period looks like a good trade off to me. Still allowing experienced users to install apps, but the majority of people will be protected, and it won't even affect most people.
And no, I'm not a bot or some pro Google activist, check my github account, I even use GrapheneOS myself.
I'm not in agreement with most of you, hn. They've found a decent compromise that works for power users and the general population. Your status as a power user does not invalidate the need to help the more vulnerable.
Having to wait a day for a one off isn't a big deal, if they kept it looser then you'd be shouting about the amount of scams that propagate on the platform.
This helping the vulnerable framing is naive at best. This is about an American ad company consolidating their power over what people can do with devices they bought and are reliant on daily.
Helping the vulnerable should not involve that. If your only idea on how to help the vulnerable involves that, think of better ideas.
At some point we need to start wondering if it's not just naivete but intellectual dishonesty. The same American corporations that claim to be imposing draconian control measures to "protect the vulnerable" are, at the same time, exploiting those very same vulnerable people to the best of their ability. Take Google, they have no problem showing ads for scams in Youtube and Google Ads. There is mounting evidence that their recommendation algorithms for Youtube, shorts, etc. negatively affect mental health, especially youngest ones. But it makes them money, and they've zero interest in preventing that or changing it.
And it's not just Google, it's the m.o. of all large corporations. Another example is Epic Games, they advertise how they will fight in court against big companies like Google and Apple to defend their users. Yet they've gotten fined repeatedly for amounts in the millions, for predatory micro-transactions, and misleading minors into spending money without the consent of their parents.
Time and time again it is proven that everything these companies do, it's always for the benefit of their bottom line, and consideration for their users does not even factor into their considerations. This is no different, they want to push it because it will give them more control or make them money, and it either won't protect anyone, or that's just an unintended side effect but a good way to market it.
Sure, I believe that the likes of Meta, Google, and god damn Microsoft who enabled mass brutal persecution of millions of people for money (engaged in recording and analysis of phone calls of Palestinians), care about vulnerable individuals, and not just about stuffing their pockets with more and more money by the means of increased control over "their" platforms.
My personal hard line is having to ask Google for permission to sideload. Even if it's free and no personal info is exchanged.
This new process is annoying but I can see it helping prevent scams.
Scammers can coerce people into ignoring warnings if they convince them their entire life savings are on the line. It's hard to do if you need to wait 24 hours before the setting unlocks.
The part in the flow where you select between allowing app installs for 7 days or forever is a glimpse into the future. That toggle shows the thought process that's going on at Google.
I can bet that a few versions down the line, the "Not recommended" option of allowing installs indefinitely will become so not recommended that they'll remove it outright. Then shrink the 7 day window to 3 days or less. Or only give users one allowed attempt at installing an app, after which it's another 24 hour waiting period for you. Then ask the user to verify themselves as a developer if they want to install whatever they want. Whatever helps them turn people away from alternatives and shrink the odds of someone dislodging their monopoly, they will do. Anything to drive people to Google Play only.
An actual example of this lives in the Gmail iOS app. Click a link in an email and every x days, a sheet appears: https://imgur.com/a/nlGS4Yk
1. Chrome
2. Google
3. Default browser app (w/unfamiliar generic logo)
They removed the option for Safari some time in the last two years; here's how it looked in 2024: https://imgur.com/1iBVFfc
And the cherry on top of dark UX patterns: an unchecked toggle rests at the bottom. "Ask me which app to use every time." You cannot stop getting these.
The darkest UX pattern I have ever hit is trying to cancel Google Workspace; whereby they disable the scrollbar on the page so you cannot actually get to the cancel button.
14 replies →
I was so mad when they removed the fourth option. I can't remember which one was which, but one meant "open in a webview inside this app" and the other was "open in a new tab in your default browser". It was still terrible UX but I liked at least having that choice.
I hate this pop-up so much. I don’t even have Chrome installed on my phone. How about open up on the only browser I have installed…
This kind of thing should be illegal. The default browser is the default for a reason, to avoid this kind of stuff.
I think I’ve reported this as a bug to Google a couple times, in a couple different apps… as they do it in their other apps too.
The only thing that bothers me more are the, “sign-in with Google”, prompts on 90% of websites now. How about just giving the option to login with Google if so choose to login, and not spam it on every website just for visiting?
Google really has made the internet and worse place in so many ways.
69 replies →
I’m in the UK and use the Gmail app, I don’t ever see this sheet. Is this US-only?
I don’t see the sheet for imgur.com either because, well, they’ve blocked access completely for UK users. :shrug:
3 replies →
An annoying extension of this is opening a Google maps link on mobile. It always prompts to open Google Maps (the app) no matter what. If you click no, its bugs the fuck out and opens an App Store link. If you click yes, even if you have Google Maps installed, it bugs the fuck out and opens an app store link. In neither case will it properly show the location on a first attempt. It's been like this for years. I'd ask what they're thinking when they came up with this, but I remain unconvinced that any such activity happens inside any Google offices today.
2 replies →
If you use iPhone, you can use iOS Mail app (and with iCloud mail) if you really care.
Apple dark UX pattern is that there always has badges on Settings app if you do not subscribe to iCloud even if you have manual backup. You cannot dismiss it.
3 replies →
I love the irony that the Imgur link asks you to install the Imgur app first
I don't understand why people don't use alternative mail clients to avoid that? Is the Gmail app the only one that is good enough? If so, and if it is essential to you, just go with the bundle (Gmail, Chrome, etc). (FWIW, I left gmail entirely, I pay for my email provider)
This would drive me insane! I'm glad I ditched Gmail altogether.
Please don't use imgur, it blocks off half of the internet. Use catbox.moe or imageban
the YouTube app does the same. Infuriating. I don't have Chrome installed and it doesn't list the only third party browser I _do_ have installed: Orion
Why are you even using the Gmail as your mail app?
22 replies →
Gatekeepers have to gatekeeper. Sigh.
I hope the EU cracks down on them like they did with Apple.
Merely regulating them isn't enough. The world needs to start enforcing antitrust laws. If we don't break up all these big tech companies, our future will be a technofeudalist cyberpunk dystopia.
6 replies →
Has the Apple situation really improved?
I'm probably out of the loop, but last I checked, to put an app somewhere that's not the official App Store, they required you to pay their hefty fee for putting it in the App Store (even if you weren't going to do that), _and_ an additional Core Technology Fee.
(And if that's still accurate, one thing I don't get is how that isn't also anti-competitive.)
Fast forward, and a few years from now, developers will have to sign their app with some EU bureau, otherwise it won't install anywhere. It's a choice about from whom come the restrictions. I don't like how much EU mandates and regulates hardware and software. It is about 20% helpful and 80% garbage regulations so far.
2 replies →
Pay verification fee to continue
so Apple then? They require you to pay the $99 yearly fee to sideload for more than 7 days
31 replies →
>"PLEASE DRINK VERIFICATION CAN TO CONTINUE"
7 replies →
[flagged]
I suppose the question is, who is actually willing to believe Google is going to deal in Good Faith. Why would anyone ever even begin to think that?
4 replies →
> "That's just FURTHER PROOF that you're secretly trying to destroy my phone."
What a ridiculous strawman. I outlined a specific issue with what they introduced. To make it even more clear - the new flow Google created would work just the same with just the 24 hour delay, but the way how they introduced the "For how long should you be able to install apps?" question comes out of left field and suddenly makes you think about timing. Why would they ask you that? After all, you jumped through a sufficient number of hoops for Google, they probably estimated that anyone who has gone that far out of their way should know what they're doing. So why ask a developer or power user about the duration when this feature works? The very unsubtle hint here is that the question is asked because soon enough, 'Forever' will not be an option anymore. It's a very common tactic - restrictions start light, and then are ratcheted up into a nagging reminder that works to dissuade everyone but the most dedicated.
> You understand there's a real goal being pursued here, right? Suppose Google is dealing in good faith.
I do. But why are you so implicitly adamant that the only goals here are good, noble, moral goals? Google will do everything in its interests, regardless of how good or bad it is for people. Decreasing the vectors of attack on their platform is profitable for them, and it also coincides with the public interest of not getting hacked. But ensuring that other brands, OEMs or developers can't interfere with them building an app distribution monopoly is also good for them. Being the sole arbiters of what goes on the devices that have now become mandatory for participating in society is extremely good for them. Do you think they're only pursuing the first one of the three?
> How should they solve it differently?
You're not going to like the answer, but there's no clean, perfect solution that balances everyone's interests. Companies are pushing the safety angle in pursuit of the three interests I listed above. You can see just how much it ramped up in the last few years, even though we've been living under this status quo for decades. But it's not as simple as turning devices into grandma-phones with approved functionality only, because both extremes have big drawbacks. If you have 90s-style insecure fully-privileged computing for everyone, that's a path towards extremely unsafe and vulnerable systems, worked on by people who don't know what they're doing. If you have full lock-down, you're awarding current market leaders with an endless reign of power by insulating them from competition and giving them more control over users. The way we were doing things before this crackdown was striking a good balance of keeping most grandmas out while not choking the abilities of the hobbyists or third-party app distributors too much. If you want an alternative, an ADB flag that you have to change once through a command prompt would've been good too.
what's your solution to combat scammers?
Do you think regular desktop computer should be locked down like this too? Scammers can also tell people to run Windows programs. Should that be banned too?
I'm fine with an opt-in lock-down feature so people can do it for their parents/grandparents/children.
Also, just let people get used to it. People will get burned, then tell their friends and they will then know not to simply follow what a stranger guides them to do over the phone. Maybe they will actually have second thoughts about what personal data they enter on their phone and when and where and who it may be sent to.
Same as with emails telling you to buy gift cards at the gas station. Should the clerk tell people to come back tomorrow if they want to buy a gift card, just in case they are being "guided" by a Nigerian prince scammer?
11 replies →
Let's say I'm sitting outside of your office with a bazooka and boxes of high explosives. You ask my why, and I say, "someone might try to rob this office." You say, "somehow, that does not persuade me that a stranger should loiter outside of my workplace with a massive stockpile of ordinance." I reply, "what's your solution to combat robberies?"
7 replies →
'Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.' - Benjamin Franklin
34 replies →
Would you support Microsoft doing the same thing to Windows?
These are general purpose computing devices. It's sure taking a long time, but Cory Doctorow's talk on the war on general purpose computing is sure starting to become a depressing reality: https://www.youtube.com/watch?v=HUEvRyemKSg
4 replies →
All apps should be open source and subject to verification by nonprofit repositories like F-Droid which have scary warnings on software that does undesirable things. For-profit appstores like Google and Apple that allow closed source software are too friendly to scams and malware.
15 replies →
Not the parent or agreeing/disagreeing with them, but to your question: if you get creative, there are a lot of things you could do, some more unorthodox than others.
Tongue-in-cheek example, just to get the point across: instead of calling it Developer Mode, call it "Scam mode (dangerous)". Require pressing a button that says "Someone might be scamming me right now." Then require the user to type (not paste) in a long sentence like "STOP! DO NOT CONTINUE IF SOMEONE IS TELLING YOU TO DO THIS! THIS IS A SCAM!"... you get the idea. Maybe ask them to type in some Linux command with special symbols to find the contents of some file with a random name. Then require a reboot for good measure and maybe require typing in another bit of text like "If a stranger told me to do this, it's a scam." Basically, make it as ridiculous and obnoxious as possible so that the message gets across loud and clear to anybody who doesn't know what they're doing.
21 replies →
I'm going to break your kneecaps. Oh, what's that? You don't like it? Well, what's your solution to P=NP?
If cooldowns work, put them on granting permissions.
There are just as many scam apps in play store and this system does nothing to help with those.
If I proposed putting mandatory cameras in all homes and you objected, would it then be fair for me to demand that you justify your position by proposing a better alternative to combat domestic violence?
Locking down computing is just fundamentally wrong and leads to an unfree society.
The choice is not between "individuals are on their own against scammers" and "users are locked into Google vetting their phone". Users should be able to choose another organisation to do the vetting. They bought a phone, they didn't sell their life to Google.
Tell the unsophisticated users that they would be safer inside the ecosystem that has always been a walled garden.
Why destroy the ecosystem that gives you the freedom to shoot yourself in the foot?
Turning Android into another walled garden removes user choice from the equation.
1 reply →
So there's no scamming happening in Apple's fully walled garden, "Only approved apps allowed" system, right?
https://blog.lastpass.com/posts/warning-fraudulent-app-imper...
Oh, turns out they just let you pretend to be the real company to sell your scam app.
What a load of good that "Approval" process does.
Enable unknown sources in developer options, have the user type out in order to proceed "If I am typing this and don't know what I am doing, I am likely being scammed".
I suppose you could make the cooldown apply to the actual installed app. Like... when it's first installed it won't work for 24 hours and the clock doesn't start until you reboot. And then on boot it scares you again before starting the clock. And then "scares" you again after the cooldown.
Force the phones to be open so I can install my own OS on them.
Then Google can do whatever they want with their OS and I can do what I need with mine. You might actually get phone OS competition. This is what the walled garden is actually meant to prevent.
China just executed couple of them that operated in Myanmar. Since we are hurling towards the bad parts in their dystopia anyway, why not also get the good ones?
Like the ones constantly advertising across Google's plethora of platforms without any repercussions or possibility of recourse with Google? For my safety, of course.
Education is the only solution to this.
You can’t feasibly protect someone that believes the person on the phone is their family member or the chief of police.
This kind of thing has to be verified like how they try drugs. Just randomly doing things will surely be useless, similar to how randomly optimizing parts of a program is generally worthless.
Are scammers using sideloaded apps when they can use whatever remote connexion the apps in the store allow ?
I think a big warning in red "Warning :If you don't personally know the person asking you to install this app, you are getting scammed. No legitimate business or Institution will ask you to install this app"
1 reply →
We need to remove the play store from Android phones. People have been scammed there more than any other store.
"Warning: if someone is talking to you and walking you through this screen, you may be being scammed!"
Done.
As if Google Play itself isn't a cesspool full of scammers, or Google ads, or Youtube. As long as Google get their cut they don't give a shit about scams. For a reality check, turn off your adblockers and you'll see how much Google profits from scams. Any solution to scamming can't involve Google, since they long have been a willing tool for scammers.
Pretending that this is about anything but Google's greed is giving them far too much credit.
Something called personal responsibility and intelligence.
...which clearly companies don't want, because complacent mindless idiots are easier to brainwash, control, and milk.
But this has nothing to do with combating scammers in the first place, have you never used the play store before? It's overwhelmingly scam apps with the most intrusive ad/tracking shit imaginable. There are scammers openly buying sponsored search results for names of popular apps so their malicious app with similar name appears as the first result.
> what's your solution to combat scammers?
I'd wipe the Play Store off the face of the earth. Have you looked at the garbage on there that Google considers legit?
This: https://news.ycombinator.com/item?id=47447600
is is the shit people are exposed to when they go through the Play Store. You don't find that on F-droid.
The second thing I'd do to combat scammers is the same thing I'd do to combat child porn and disinformation: educate people. This silly process is a technical answer to a social problem, and those rarely work well.
Arrest the scammers
I wonder how this will help combat scammers. Do you really think they don’t have $25 for a fee?
Furthermore, this verification system also functions as a US sanction mechanism—one that can be triggered against any entity the US decides to ban.
education
Don't install crap on your phone
[flagged]
7 replies →
At this point I'm convinced that there's something deeply wrong with how our society treats technology.
Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution. It's unsustainable in the long run. Also, the last thing this world needs right now is even more centralization of power. Especially around yet another US company.
People who are unwilling to figure out the risks just should not use smartphones and the internet. They should not use internet banking. They should probably not have a bank account at all and just stick to cash. And the society should be able to accommodate such people — which is not that hard, really. Just roll back some of the so-called innovations that happened over the last 15 years. Whether someone uses technology, and how much they do, should be a choice, not a burden.
> People who are unwilling to figure out the risks just should not use smartphones and the internet.
Sounds great in theory, but just today I was reminded how impossible this is when walking back from lunch, I noticed all the parking meters covered with a hood, labelled with instructions on how to pay with the app.
https://www.cbc.ca/news/canada/saskatchewan/city-of-regina-r...
What do you mean by impossible in this case? Can't you just have the coin-operated parking meters back? Where I live, in EU, parking meters even take cards.
EDIT: I guess "just" is doing some heavy-lifting, so I won't argue this further, but "impossible" isn't the word I would use either. The city could revert this decision, definitely if enough people wanted them to (that's... I know, the hardest part). I just agree with the OP that we technically could go back to slightly less-digital society.
44 replies →
I'm reading this discussion, and allow me to give you my two cents. It's not a matter of being impossible, but rather how much the rest of society is willing to pay to maintain such infrastructure (either through higher taxes when dealing with the government, or through more expensive goods/services when dealing with corporations, since companies need to maintain old infrastructure that most people don't use).
For example, I read that Switzerland voted to guarantee the use of physical cash, even enshrining it in the constitution, which clearly points toward preserving older infrastructure. However, if you have cash but no one accepts it, it becomes useless. So it would probably require more—something like requiring businesses and the government to accept that form of payment.
As many things in life, not impossible: but is society willing to pay for that?
This cuts both ways. Since smartphones are becoming such an essential necessity, we should never ever remove the possibility to adjust these devices for our own requirements
It's kinda dumb that you can't tap your card. At least they have a phone option, but really, why no CC?
1 reply →
Right, and builders now build homes with Ring cameras pre-installed. Surveillance chills aside it's about building rent-seeking into every corner of the economy, and that's a top-down goal of modern capitalism. Requiring a smart-phone to park is just part of it, and it goes back to the parent comment that there is something deeply wrong with how our society treats technology.
To me it proves that Google's steps to lock down phones isn't really about security. To them the scams that happen are acceptable losses. The scammed will still use Android and still click on ads and still let themselves be tracked and marketed to as before. But if Google can use the excuse of security to edge out alternative apps and app stores they will spend plenty of money and time to do it.
This isn't security, it's sealing a hole in the sales funnel.
>how to pay with the app.
Or by phone.
[flagged]
1 reply →
This has nothing to do with keeping people safe. If it did then power users could continue to install their own software by being given that ability as a developer setting. The fact that some people are gullible enough to go into a hidden setting on their phone and enable that in order to install an app from a random Chinese website is not a good reason to take away everyone's freedom. Consolidation of power is all this is about.
There is immense pressure to stop online scams which are draining old people of their life savings. The whole flow from the article seems entirely based around letting power users install what they want while being able to break the flow of a scammer guiding a clueless person in to installing malware.
It is promising that Google has avoided just turning off sideloading but still put measures in place to protect people.
13 replies →
It absolutely has to do with keeping people safe. You not caring isn't relevant.
7 replies →
This has nothing to do with keeping people safe.
...and...
some people are gullible enough to go into a hidden setting on their phone and enable that in order to install an app from a random Chinese website
are kind of contradictory.
5 replies →
> Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution.
This isn't about how skilled a person is, it is about tackling social engineering. The article gave the example of someone posing as a relative, it could also be a blackmail scheme, but it could also be the carefully planned takeover of a respected open source project (ahem, xz).
What I am saying is this sort of crime affect anyone. We simply see more of it among the vulnerable because they are the low hanging fruit. Raising the bar will only change who is vulnerable. Society is simply too invested in technology to dissuade criminals. Which is why I don't think this will work, and why I think going nuclear on truly independent developers is going to do more damage than good.
There's quite a gap between this sort of opportunistic scamming that's happening all over the world and targeted multi-year campaigns that probably require the resources of a nation state.
6 replies →
I was always under the impression security was a red herring and the real reason was control. Google wants to own the device and rent it to users with revocable terms the same way SaaS subscription software works. Locking down what can run is a key step in that process
I worked at a bank on the backend for architecture and security.. and I've posted this attestation here before, but the sheer volume of fraud and fraud attempts in the whole network is astonishing. Our device fingerprinting and no-jailbreak-rules weren't even close to an attempt at control. It was defense, based on network volume and hard losses.
Should we ever suffer a significant loss of customer identity data and/or funds, that risk was considered an existential threat for our customers and our institution.
I'm not coming to Google's defense, but fraud is a big, heavy, violent force in critical infrastructure.
And our phones are a compelling surface area for attacks and identity thefts.
32 replies →
What would happen to a normal person's phone when Google decided to revoke their Google account? Will the phone still function? Or is it "just" a matter of creating another Google account?
I “get” technology so I understand how you got here.
But this is the wrong take. I expect to go to a restaurant and not die from the food… and I want nothing to do with the inner workings of the kitchen. I just want to know any restaurant I go into will be safe. Society has made restaurants safe, either because of government pressure or it’s good for business.
How is that not a fair ask for technology, too? We all have things we know well, and then there’s reasons we’re alive that we don’t even know exist because someone took care of it.
It’s unreasonable to only allow people to participate in society once they understand every nuance.
Your analogy doesn't work here. Going to a restaurant is like using an app store. Installing apks is like cooking at home. Nothing stops you from cooking a meal that will get you sick.
Now imagine that every restaurant in your city is owned by one of two megacorporations and they really don't want you to have a microwave at home, let alone a stove. They expect that you will get all your food from them. This is where it's going with apps right now.
1 reply →
You could torture the analogy more and say that this is more like saying "it is possible to make bad food and kill yourself at home, so we require everyone to go to a restaurant."
8 replies →
Because no amount of safeguards put up by the restaurant is going to protect you from getting sick of you decide to empty a bottle of bleach into your meal.
1 reply →
If you want to cook at home, there's no waiting list. There's no popup you have to confirm three times. You buy a stove, which likely lasts you half your life, a fridge, some dishes, pots, pans and so on.
I think it's fine to give people an easy mode. Not everyone cares about cooking (or tech). I just wish companies weren't trying to take the advanced features from the rest of us who do care.
I think it is different for some people because they are passionate and interested in tech.
I'd imagine someone who is passionate about cooking wouldn't be delighted if you cloudn't buy any ingredients in a store.
I see the value in precooked food and black-box working technology. But for me myself, as an enthusiast: I like being able to tinker and control my technology.
So the solution being proposed by multiple companies, is that the restaurant is now responsible to check your age and gender before they bring you something from the kitchen. Also, now you cannot tell the kitchen to use your toaster as some toasters are built to burn the restaurant down or poison the food.
It still doesn't make sense, we need a better plan.
you expect a restaurant to be safe but there is no guarantee that it is. Many people have had food poisoning and I am sure some have died. It is obvious you don't "get" technology at all. You don't even "get" restaurants.
More like some users have shellfish problems so the restauarants stop serving shellfish. Apparently the "contains shellfish" labels aren't enough
The ask is fair but the distinction regarding one or two companies total being the arbiter of this is the issue.
Bad analogies are bad analogies
And I expect to be able to open a restauraunt without surrendering my identity and private information to a huge monopolistic company.
And I expect to buy food without that food being sanctioned by a huge, monopolistic company. Especially if said company has shown itself to be completely subservient to an overbearing, increasingly fascist government.
Could the technophobes please just buy different smartphones? If certain people want to opt in to locked down devices, I think that's okay. But please give me a device that lets me do whatever I want. (And still lets me participate in modern society—I can't live with a Linux phone).
Apple's argument for locking down the iPhone but not the Mac has always been some variation of "Mac users are professionals and iPhones are for everyone." Fine! Where can I buy the unrestricted iPhone? As far as I'm concerned, basically every problem could be solved if Apple would put the Security Research Device on an unlisted page of their online store for the general public. Normies won't buy it, and I will.
You can do that, there are custom roms and open source phones. The problem is banks are legally obligated a lot of the time to pay out for fraud and scams. So in response they won't allow you to run their software unless they can verify the compute environment.
6 replies →
We already have that. The market for the "technophobe" (e.g. above average and below levels of security awareness) phone is 100x larger.
That means the people who say "I can evaluate the intricacies and impacts of software authorization" have significantly fewer speciality devices to pick from, and those devices may not be worth developers (or regulators) making carve-outs to support.
> Apple's argument for locking down the iPhone but not the Mac has always been some variation of "Mac users are professionals and iPhones are for everyone."
That argument no longer holds water with the release of the Macbook Neo and the associated Tiktok advertising campaign [1].
[1] https://www.tiktok.com/@apple
They are. Android and iOS are the technophobe options. Technophiles can buy phones with GrapheneOS and LineageOS and even mainline Linux.
> People who are unwilling to figure out the risks just should not use smartphones and the internet.
That train has left the station decades ago. The internet has become an essential part of modern societies. People can't not use the internet (or smartphones), at least if they don't live in the woods.
Have you read my comment in full?
30 replies →
> People who are unwilling to figure out the risks just should not use smartphones and the internet
People who aren't technically sophisticated should choose the smartphone ecosystem that was designed to offer the safety of a walled garden from the start.
Google sold Android as the ecosystem that gave users the freedom to do anything they like, including shooting themselves in the foot.
Google should not be allowed to fraudulently go back on their promise now that they have driven the other open ecosystems out of the marketplace.
Choosing an iPhone is not sufficient to avoid the risks of technology. The majority of online scams require nothing more than two pre-installed apps: Safari and Phone.
2 replies →
> At this point I'm convinced that there's something deeply wrong with how our society treats technology.
The problem isnt with technology. The problem is with physical ownership versus copyright/trademark/patent ownership in abeyance of physical ownership.
I go to a store and buy a device. I have a receipt showing a legal and good sale. This device isnt mine, even if a receipt says so.
The software (and now theres ALWAYS software) isnt mine and can never be mine. My ownership is degraded because a company can claim that I didn't buy a copy of software, or that its only licensed, or they retain control remotely.
And the situation is even worse if the company claims its a "digital restriction", ala DMCA. Then even my 1st amendment speech rights are abrogated AND my ownership rights are ignored.
It would not be hard to right this sinking ship.
If you think about it for as long as I did, you will find that the moment everything went sideways is when general-purpose computing devices started having their initial bootloader in the mask ROM of the CPU/SoC. Outlaw just that, say, by requiring the first instruction the CPU executes to physically reside in a separate ROM/flash chip, and suddenly, everything is super hackable. But DMCA abolition would certainly be very helpful as well.
I don't know if Google is making the right choice here, but I do believe that technology should be for anyone (anyone who wants it, at least).
How do you plan to decide who gets to use internet banking and who doesn't? That doesn't seem like a good road to be going down, either.
People themselves will decide. Same way they decided whether they wanted to buy a computer in the 00s. It's just that those who decide to not have internet banking should not be disadvantaged by the society compared to those who have it.
2 replies →
>Ruining Android for everyone
Are they really though? does the average person really care about side loading? I think we are in an echo chamber. I can't picture any of the people in my life installing things from outside of an app store on their phone. However I realize that's purely anecdotal, it would be nice to see actual statistics on this to have a more informed decision.
When I point out that Apple listened to the Chinese government and removed apps that protestors were using to communicate during the Hong Kong protests, they seem to get it.
1 reply →
If you phrase it as "sideloading" then probably not, since it doesn't sound like something they might want to do, it also sounds difficult and technical. If you phrase it as installing your own software then it might garner some interest from the general populace, as who wouldn't want the option to install their desired software.
3 replies →
Of course the average person doesn't care. Similar to how the average person doesn't care about age verification for social media. '
But it will affect them all the same.
Of course nobody is doing that, because Google and Apple made it too hard already.
Even Fortnite gave up on direct installs. If one of most popular game in the world can't make it, who can?
This "sideloading" thing is mostly to enforce US sanctions against countries like China, Russia and Iran.
So yes, hundreds of millions of people care about this.
4 replies →
It sounds like you're not grasping the meaning of the linguistic construction being used by the person you're quoting. (Or you're being deliberately deceptive about your understanding of their intent. But it's probably just the former. I'm guessing you're ESL.)
"Ruining Android for everyone" ("to try to maybe help some") does not mean, "Android is now ruined for X, for all X." It means, perhaps confusingly, pretty much the opposite.
It means: "There exists some X for which Android is now ruined (because Google is trying to protect Y, for all Y)." (Yes, really. The way the other person phrased it is the right way way to phrase it—or, at least, it's a valid way to phrase it.)
1 reply →
(some) people are starting to understand why cash is so important. It's the neutrality that it provides. The fact that it can't be programmatically limited or censored and you can't be excluded from the economy. Cash is inclusive. Obviously cash becomes much harder to "use" online and in apps...
Activists and human rights lawyers are constantly getting their bank accounts closed or denied, even UN human rights council members, members of the ICC, journalists, pro-palestine activists or people in the BDS movement, it happens ALL the time now in europe, people have no idea how bad that has become, nobody in mass media is ever reporting on it.
3 replies →
Smartphones and the internet are really useful and convenient. Even if we could make it work, it seems quite rude to say that people should be excluded from it because we can't be bothered to make it safe.
Consider an older technology that became fundamental to much of daily life a century or two ago: writing. After a few millennia where literacy was a specialized skill, we pretty quickly transitioned to a society where it was essential for common activities. Rather than make sure everything had pictures and such to accommodate the illiterate, we tried to make it so that the entire population is literate, and came pretty close to succeeding. There are people who just outright can't read for whatever reason, but they're a very small minority and we aim to accommodate them by giving them assistance so they can get by in a literate world, rather than changing the world so you don't need to be able to read to live a normal life.
Rather than saying that half the population (a low estimate, I believe, for how many people will fall prey to malware in an anything-goes world) should abandon this technology, we should work to make it so they don't have to, with some combination of education and technological measures.
Some people don't want to be taught about some things because they don't care enough about them. I was told a story as a kid about a grandma that didn't want to learn to read and write. It's the same thing here — there are people who don't want a smartphone. They were just fine with an old cell phone that could only call and text, but then the society forced them to buy a smartphone, so they did, but they still don't really want it. It's still a burden to them. It still creates more problems for them than it solves. I know several people like that.
1 reply →
Yellowstone rangers taught us that building an effective anti-bear trash container is impossible because the top 10% of bears are smarter than the bottom 10% of tourists.
They obviously didn't teach us that, because it isn't true. It's trivial to provide a container that can only be opened by following instructions that a human can understand and a bear can't.
That container won't work to stop bears from having access to trash, because tourists have the alternative of just throwing their trash on the ground, but being unwilling to bother using a bear-safe container is a very different thing from being unable to.
Idiocracy needs a spiritual "sequel" with modern times.
It is called baseline reality, unfortunately.
We haven't started watering crops with salt-water but it's only a matter of time.
2 replies →
open source alternative, at first it's going to suck. but over time it will win. imagine how miserable we would be if all we had was windows and osx. but we have linux. we are now at such crossroads were the choice is android and apple, we need a free alternative. much sooner than most realize the threat to freedom from big corps, govt and others will be so big that we would wish to have a free mobile OS. mobile is now the main computing platform and needs a free big corp alternative. it's true that some big corps would refuse to allow there apps to run on there like a bank, but that's okay! there will be alternatives ...
Not necessarily; coding agents might help to accelerate getting to Android/iOS feature parity much faster than what was the case with Linux.
5 replies →
> Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution.
Those groups of people are Google's paying customers. Google will, of course, defer to the ones who need more help to be safe online over the ones who don't. That's how you create a safe ecosystem.
What's then left as Google's advantage? I'm really not interested in buying myself a cage, but if Google will make me choose between two cages then Apple has nicer one.
3 replies →
Start your own nation and then start your own company, then.
Nobody is forcing you to use a smartphone. If your work needs you to use some app, they’ll buy you a phone if they respect you.
If you’re so upset just stop using it. But you won’t.
Or people just learn it and if they screw up they learn from those mistakes.
My take is quite different. Every device that I use to do internet banking or things of that nature, I'm very happy to delegate security to companies, and consider that already I trust said bank with my finances. If I want a device I "fully control", then I don't expect a bank to trust it, I don't expect to do internet banking on it or other sensitive stuff of that nature. And that's the status quo even with Google implementing this, open-source OSes still exist, just don't expect internet banking to happen on them.
I like this idea. But last time I tried it the customer representative on the other line told me they were sorry but they could not accommodate my request at this time.
I agree. In fact, one of the things I frequently propose is that we disallow the elderly and mentally disabled from using advanced technology without government proctor. In this way we can protect them. Everyone else can choose to turn off their scam protection.
People frequently talk about this with respect to AI and ads and how it’s bad for people to be use these things. I recommend we disallow the internet entirely for classes of people whose minds are not ready for the downsides of the tech.
With your Adderall prescription should come a phone number to sign up to the government proctoring service.
> to try to maybe help some rather technologically-hopeless groups of people
Even if they're the majority?
(Keep in mind that as average lifespan keeps getting longer while birth rates keep going lower, demographics will tend to skew older and older. Already happened in Japan; other developed countries will catch up soon.)
> They should probably not have a bank account at all and just stick to cash.
You know that these (mostly) don't fall into this category of being "hopeless with [modern] technology" because they're cognitively impaired, right?
Mostly, the people who most benefit by these protections, are just people 1. with full lives, who 2. are old enough that when they were first introduced to these kinds of technologies, it came at a time in their life when they already had too much to do and too many other things to think/care about, to have any time left over for adapting their thinking to a "new way of doing things."
This group of people still fully understands, and can make fluent use of, all the older technologies "from back in their day" that they did absorb and adapt to earlier in their lives, back when they had the time/motivation to do so. They can use a bank account; they can make phone calls and understand voicemail; they can print and fax and probably even email things. They can, just barely, use messaging apps. But truly modern inventions like "social media' confound them.
Old bigcorps with low churn rates are literally chock-full of this type of person, because they've worked there since they were young. That's why these companies themselves can sometimes come off as "out of touch", both in their communications and in their decision-making. But those companies don't often collapse from mismanagement. Things still get done just fine. Just using slower, older processes.
This isn't about helping people, that's just the cover story.
This is about Google wanting more control over their ecosystem.
Your mistake is taking Google's argument at face value. Protecting users is an outright lie, this is purely about control.
Google doesn't give one single shit if users download malware from the Play Store, but hypothetical malware from third party sources is so much worse that we need to ruin the whole OS? That doesn't pass the sniff test.
Google wants to make sure you can only download malware from developers who give google a cut. They want to control the OS and remove user choice. That's all it is. That's what it's always been about.
"Protecting users" is a pretense and nothing more. Google does not care at all about user safety. They aren't even capable of caring at this point. There are far, far cheaper and more effective ways to actually protect users, and google isn't doing any of them.
I'm assuming good faith and giving them the benefit of the doubt.
Of course it might be that they want more control. In addition to controlling the world's most popular web browser and the world's most popular search engine and the world's most popular online advertising network and the world's most popular online video service.
3 replies →
It's all part of the war on general computing. This dystopian nightmare is coming to desktop operating systems too. See the age verification stuff that's all of a sudden being pushed hard by countries all over the world.
As someone that was going to switch from iPhone to Android/Pixel later this year, at least now I know not to bother anymore, as the locking down of Android won't stop here.
1 reply →
Consider that you, and most of the community here, wouldn't have jobs if that were the case. XD
How is it unsustainable when iOS has enforced even stricter rules for its nearly 20 year lifespan?
Android has about 2/3 worldwide market share and it hasn't had anything like this before. Many people, myself included, chose it exactly because it allows the installation of modded, pirated, or otherwise non-store-worthy apps.
2 replies →
There two main mobile OS in the space, one moron-proof but limited, the other a bit more permissive, but slightly less secure for it.
The problem is that most apps target only those two, and the second is trying to moron-proof, loosing most of it value to part of its users, while the apps are still locked in.
>They should probably not have a bank account at all and just stick to cash
Pretty much illegal in some parts of EU
Source?
Also how is it related to the EU if it only affects certain places? Could have just said certain places in Europe
5 replies →
Completely illegal in Spain if you have a paid job.
Not sure how it works in countries that didn't go through 80 years of socialism, but I assume that you're saying that in those countries, your salary is required to go to your bank account and can't be paid in cash. Then you can still pretty much "stick to cash" by withdrawing the whole thing on your payday. But then idk, maybe everyone in those countries is aware of the risks related to keeping their money in a bank, it's just the internet banking that introduces the new ones for them.
2 replies →
You live in a bubble. The roles are inversed. This is "ruining" Android for the 0.001% of power users that install .apk files and improving it for the huge chunk of population that are still getting hit by malicious ads that try to push app installs onto you.
Who is hosting these ads? Might it be Google?
4 replies →
So then let it be such that only 0.001% of people will use smartphones.
Its not society, this is simply more fascism. Corperate and government cooperation to surviel and controll the masses.
So long as the 5g chips and the 2 mobile app stores remain under control, then 5 eyes has nearly full coverage.
A fascist society is a society. Members of that society will gladly vote in more fascism.
Is this even the reason? If Android phonemakers are simply concerned about tech-illiterate users switching to iPhone, they could sell a locked-down Android phone that requires some know-how to unlock.
This was a reason that someone at Google gave iirc, but its ridiculous.
"We could make devices safe for everyone but this upsets freedom purists, so I've decided some people need to stay in the dark ages instead"
'Only the educated elite should be permitted to use technology' is a great take, but unfortunately the peons outvote and outspend you, so their opinions matter more than yours.
[dead]
[flagged]
what
I fully agree. Similar to killing bacteria with antibiotics, Attempting to idiot-proof machinery only leads to the creation of idiot-proofing-resistant idiots.
We need to move back to putting users back into full control. Machines (including computers) should ALWAYS respect the input of the user, even if the user is wrong.
If a person shoots themself with a gun as a result of their incompetence, we don't fault the gun manufacturer for not designing the gun to prevent auto-execution. If you can't operate a firearm safely, you shouldn't attempt to operate a firearm.
Similarly, if a person deliberately points their car a solid object and accelerates into it, the actions of the operator shouldn't be the car manufacturer's responsibility. We need to get rid of ESC, ABS, AEB, etc. These features have created a whole slew of drivers who speed headfirst into the back of stationary drivers and expect their car to stop itself. This works right up until a sensor fails and the operator flies through the windshield (usually people like this don't wear seat-belts). If you can't drive, you shouldn't be driving until you rectify your incompetence.
Similarly, phones and computers should respect user input. If a users wants root access to their personal device, they should be able to get root access. If a user runs "rm -rf --no-preserve-root /" as root, the device should oblige and delete everything, since that is what the operator instructed it to do. If you can't be trusted to use a computer, you shouldn't be using a computer until you rectify your incompetence.
The lack of accountability in modern society is disgusting, and it leads to much deeper societal problems when people refuse to better themselves and instead expect the world to shield them from their willful ignorance.
I was with you right up until "We need to get rid of ESC, ABS, AEB, etc.".
That is unreasonable. ABS, ESC, and AEB all exist to interpret what the driver intends. The driver does not intend for their wheels to lock up, that's why ABS exists, nor does the driver intend to skid. You can argue that AEB does not reflect the will of the driver, but it can also be disabled.
Given how many tech savvy people here run OpenClaw or one of it’s copycats I wouldn’t be so harsh in my judgment.
> just should not use smartphones and the internet
That's ridiculous. Phones are being made more and more of a requirement to participate in society, including by governments.
Which is exactly my point! This is exactly the thing that desperately needs to be undone.
>That's ridiculous. Phones are being made more and more of a requirement to participate in society, including by governments.
The latter is what's ridiculous, not what the parent suggests.
If the government wants to force me to use a certain device, it should give me that device.
No, you have that backwards. A society is judged by how it treats its least able members. Android devices are primarily for mainstream users, not us. Technically adept users are the minority and we can deal with a few hoops to customize our phones the way we like.
It's selfish to advocate against better protections for the least able people in the world just for our own convenience.
This is going to hurt legitimate sideloading way more than actually necessary to reduce scams:
- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?
- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need. This kills the pathway for new users to sideload apps that have similar functionality to those on the Play Store.
The rest -- restarting, confirming you aren't being coached, and per-install warnings -- would be just as effective alone to "protect users," but with those prior two points, it's clear that this is just simply intended to make sideloading so inconvenient that many won't bother or can't (dev mode req.).
>- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?
Hi, I'm the community engagement manager @ Android. It's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.
If you turn off developer options, then to turn off the advanced flow, you would first have to turn developer options back on.
>- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need.
ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
I don't think Google should be changing Android this way at all, and fear that it will later be used for evil. That said, I thought of an improvement:
Allow a toggle with no waiting period during initial device setup. The user is almost certainly not being guided by a scammer when they're first setting up their device, so this addresses the concern Google claims is driving the verification requirement. I'll be pretty angry if I have to wait a day to install F-Droid and finish setting up a new phone.
Evil, for the record would mean blocking developers of things that do not act against the user's wishes, but might offend governments or interfere with Google's business model, like the article's example of an alternative YouTube client that bypasses Google’s ads. Youtube is within its rights to try to block such clients, but preventing my device from installing them when that's what I want to do is itself a malicious act.
13 replies →
> It's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.
Ok, but why is this advertised to applications in the first place? It's quite literally none of their business that developer options are enabled and it's a constant source of pain when some government / banking apps think they're being more "secure" by disallowing this.
> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
Someone is just going to make a nice GUI application for sideloading apks with a single drag-and-drop, so if your idea is that ADB is a way to ensure only "users who know what they're doing" are gonna sideload, you've done nothing. This is all security theatre.
13 replies →
Why do you keep harping on about ADB installs. That's not helpful. It doesn't help me install open source apps from FDroid. It's ridiculous that you think booting up a computer and using ADB is a reasonable workaround. It isn't.
5 replies →
The only reason I run android over iOS is the freedom to install things I want on it. A waiting period is unacceptable as Android has proven that it can't be trusted not to tighten the grip further.
Reconsider.
1 reply →
The only reason I use an Android instead of an Apple phone is that I can install two apps off of github. I am actively making a certain number of very quantifiable sacrifices already at this very moment by not stepping into the orchard.
If you go forward with this, I am not coming back. I will never again in my life trust you. And believe me - I still have boycotts on-going 20 years later. Including microsoft. It is surprisingly easy to avoid you "Ubiquitous" companies once you get your mind into it.
Why don’t you create an option to bypass this whole thing permanently on adb then? You can even add your 24h delay.
I’m not convinced this is really to protect users from being hurt by scammers, it is really about protecting the users from doing what hurts your company interests.
3 replies →
At what point will you draw the line between "the user wants to do this because of his/her free will" and "the user wants to do this because someone else told them to"? Where will you stop?
All of this is just a bandaid, so why not stop at the state we are at _right now_, without some kind of 24h-long process to enable sideloading and let people be people? Yes, people make mistakes. But that is not your responsibility, especially if it comes at the cost of freedom. The most secure android device would probably be a brick, but you won't sell these, right?
Please instead take these resources and invest them into the app verification process in the play store. Way too many scams are right under your nose, no need to search in places where people are happy with the status quo.
So... we're just going to move the scam into convincing the end user to run an application on their PC to ADB sideload the Scam App. Got it, simple enough. It's not hard to coach a user into clicking the "no, I'm not being coached" button, too, to guide them towards the ADB enable flow.
3 replies →
Will third party apps like bank apps be able to detect whether advanced mode is enabled or not, like how they currently detect if developer options is enabled?
1 reply →
> I'm the community engagement manager
On a scale from "not worried" to "let them eat shit", how is the product team thinking about the breakage you'll get from people moving off platform?
> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
if that's the case, why would the new flow help reduce fraud and scams? These are meant to be roadblocks, which the ADB bypass will just...you know, by pass it? Why can't the scammer coach the victim to use this instead then?
Can you answer this question:
If you install F-Droid via ADB, can F-Droid then install the apps from its catalog?
2 replies →
I don't want to install via ADB at all. This is MY phone.
So give me a way to completely disable this nonsense via ADB.
This is hot garbage. Eliminating third party app stores like F-Droid defeats the whole purpose many of us even bother running Android instead of locked down Apple stuff.
I see the chosen language of "certain unregistered applications" (I suppose company mandated) already hints on the goal of control aspect. I want to deploy apps on my device. They are my apps, it’s my device, and I should not be required to ask for permission to do so.
May I use ADB or Developer mode to disable the one-day period?
2 replies →
Can apps detect whether the advanced flow for sideloading is enabled or not?
Do I need to be signed in to Google play to get the sideloading exception turned on? I don't sign in to it because I don't want to have my phone associated with a Google account. But I can't uninstall play completely on the devices I have.
It says something about 'restart your phone and reauthenticate' that's why I'm asking. What do you autenticate?
> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.
Um yeah but then do I have to install every update via adb? I want to just use F-Droid.
5 replies →
> ADB installs are not impacted by the waiting period
"If you don't like the food we're serving, you can always buy a farm"
Every single one of these steps are blatantly an attack on user freedom. The steps to unlocking the bootloader and install a different rom are not nearly as onerous. The only thing I will accept as reasonable, is a complete abandonment of this policy. Google has destroyed all trust I could have in it, and these weaselly worded concessions are based on a bullshit premise.
Thank you so much for clarifying! That is most definitely not as bad as I had feared.
I still feel, though, that having to go ahead and proclaim “I am a developer!” just to enable sideloading is a bit much, as almost certainly the vast majority of sideloaders aren’t developers. Nonetheless, it does keep sideloading as an option, and I do see why, from Google’s perspective, using the already-existing developer mode to gate the feature would be convenient in the short term. Perhaps the announcement should specify this -- I suspect a number of people who read it also noticed the lack of that clarification.
And yes, good point on ADB. That does make this less inconvenient for developers or power users, though doesn’t help non-developers very much.
> - Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?
What apps are those? I've yet to run into any of my banking apps that refuse to run with developer mode enabled. I've seen a few that do that for rooted phones but that's a different story. I've been running android for a decade and a half now with developer mode turned on basically the whole time and never had an app refuse to load because of it.
Wero in Europe. It's really insane. They make wero to make us less dependent on US tech and then hamstring it in this way.
1 reply →
I enable developer mode on every android phone to at least change the animation durations to twice the speed. I also have never run into an issue fwiw
Philippines' most popular e-wallet app GCash outright closes when the developer mode is enabled with the popup saying that the device has "settings [enabled] that are not secure".
RBC in Canada for instance, just having developer mode enabled blocks it here
Just summarizing the apps below it seems to mostly be banking/payment and government apps specifically outside the US that break under developer mode and sometimes even accessibility access.
I wonder what makes them less trustful of Android security. AFAIK there are still pretty hard limits to what you can do inside apps you did not create. US companies at least seem comfortable with their security even with Developer or accessibility apps enabled.
Brazil government app refuses to operate with developer mode on
All the banking and payment apps in India refuse to open if you have developer mode on
One of my banking apps didn't even run if I had accessibility settings turned on. I've since closed my account with them, just because of that.
The amount of control we've given corporations over our computers is incredibly disappointing.
3 replies →
TrueMoney is a Thai e-wallet/fintech app which refuses to open if Developer Mode is enabled, it actively checks for developer mode on each start.
SumUp won't let you use your phone to accept contactless payments while developer mode is enabled. You can still use an external card reader though.
The one-day waiting period is so arbitrary. Have they demonstrated any supporting data? We know google loves to flaunt data.
Something like Github's approach of forcing users to type the name of the repo they wish to delete would seem to be more than sufficient to protect technically disinclined users while still allowing technically aware users to do what they please with their own device.
> The one-day waiting period is so arbitrary.
Scammers aren't going to wait on the phone for a day with your elderly parent.
31 replies →
To paste code into the chrome dev console you just need to type “allow pasting”
> This is going to hurt legitimate sideloading way more than actually necessary to reduce scams
Isn't that the objective? "Reducing scams" is the same kind of argument as "what about the children"; it's supposed to make you stop thinking about what it means, because the intentions are so good.
This is clearly anticompetitive. Hope regulators will figure out, then we won't have it eg not in the EU. However, Google is also abusing their power to e.g. deinstall apps without any option to decide using 'play protect' and blocks whole alternative stores through 'safe browsing' flags. I posted this play protect incident about IzzyOnDroid a few days ago, because I was so outraged: https://news.ycombinator.com/item?id=47409344
You have to wait one day only once, when enabling the feature. I agree that enabling developer mode could be a problem but mostly because it's buried below screens and multiple touches. As a data point, I enabled developer mode on all my devices since 2011 and no banking app complained about it. But it could depend by the different banking systems of our countries.
You don't use the HSBC or Citibank app then I assume?
3 replies →
That is working as intended. Google wants to kill side loading.
Google wants to kill installing apps outside of playstore.
Installing apps manually or through another store app is not "sideloading".
Sideloading is the new jaywalking, a newish word to pretend that a pretty normal action would be in any way illegal, dangerous or harmful.
their goal is to make software installation as painful as possible without being outright impossible : ‘sideloading’ is only ever a euphemism for ‘illegitimate’.
> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on
And you blame Google for this? First of all, banks chose to make apps work this way, not Google. Moreover, they chose this likely due to scams. That proves scamming on android IS an issue that needs some technical solution.
>And you blame Google for this
Why does google allow apps to access this info?
Medical apps (such as those that talk to insulin pumps) also refuse to run when developer mode is turned on.
We'll see when this rolls out, but I don't foresee the package manager checking for developer mode when launching "unverified" apps, just when installing them. AFAICT the verification service is only queried on install currently.
Googler here (community engagement for Android) - I looked into the developer options question, and it's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.
If you turn off developer options, then to turn off the advanced flow, you would first have to turn developer options back on.
4 replies →
One of the first things I do when I buy a new Android phone, like day one, is to enable developer mode. I usually use that simply for the ability to speed up animations so the phone feels a bit more snappy. In all the years I've engaged in this behavior, I've never had an application refuse to work. A rooted phone? Yes. Definitely. But just having developer mode enabled, no.
That said, it may be that I've simply been lucky and have an encountered that yet. So I'll be keeping an eye out for it.
> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on
JFC. Why would an app be allowed to know this? Just another datapoint for fingerprinting.
Yes, it is really dumb that some of these settings are exposed to all apps with no permission gating [0]. But it will likely always be possible to fingerprint based on enabled developer options because there are preferences which can only be enabled via the developer options UI and (arguably) need to be visible to apps.
0: https://developer.android.com/reference/android/provider/Set...
1 reply →
It's always boggled my mind what native apps are allowed to know versus the same thing running in a browser on the same device.
Because estimates suggest Americans lose about $119 billion annually to financial scams, which is a not insignificant fraction of our entire military budget, or more than 5% of annual social security expenditures.
12 replies →
As described developer mode is only required at install time. Remains to be seen in the actual implementation, but as described in the post developer mode can be switched off after apps have been side loaded.
I don't know. I've been silently outraged and disappointed by this whole forbidding of unverified apps, but also hopeful it wouldn't affect me much as a user of grapheneos.
But this process seems pretty reasonable to me.
I'd like to think it is due in part to the efforts of F-Droid and others.
Waiting a day, once, to disable this protection doesn't seem like a big deal to me. I'd probably do it once when I got a phone and then forget about it.
I happen to have developer mode enabled right now, for no good reason other than I never disabled last time I needed it. Haven't had any issues with any apps.
I actually think these protections could help mitigate scammers.
It's not directly a big issue for us technical people and our own individual usage. Telling people about F-Droid, NewPipe (& forks) or secuso apps will be a pain. People will find free software / software not approved by Google complicated or suspicious. It is a huge issue, and even for us in the end because it hurts the software we love.
>the vast majority of people who need to sideload something will probably not be willing to wait a day
I disagree with this. Won't somebody who need to sideload something will just try again the next day...
Didn't Google already lose a case over making it hard to install alternative app stores? How is this not going to get them hit again? This is way worse than what Epic sued over.
I wouldn’t be fully optimistic about the one-day waiting period. Almost certain there will be a pop up showing up with: Process failed try again in 23:59:59.
Another take: People are not getting scammed because of side-loading (or not knowing your demographics/biometrics). People are getting scammed because of ignorance & stupidity & lack of common sense. In a way, its just nature running its course. If I'm able to scam you successfully, don't you deserve it at that point? Doesn't matter what we do, if you are scammable, you will get scammed.
Have these companies sent out their people to old age homes to teach old people how to use their tech and how avoid scams? If you lock the system down at max level, scams will just move offline again or find another way. Same if they build backdoors into encryption or make chats data available to gov agents: all illicit comms will just move off the network or find another smarter way. Its just how nature works, we are seeing tech-evolution in realtime.
> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on
Enable dev mode, sideload the apk, then disable dev mode. I'd argue that it is poor security practice to keep developer mode enabled long-term on a phone that is used for everyday activities, such as banking.
It is way past time to build a 'people's phone', funding it through a platform like LiberaPay [1][2] or Open Collective [3][4], with a requirement for the device to be completely open-source.
[1] https://liberapay.com/ [2] https://en.wikipedia.org/wiki/Liberapay [3] https://opencollective.com/ [4] https://en.wikipedia.org/wiki/Open_Collective
If we start today, we could have a new phone in 2-3 years. Future generations will thank us.
It's not just phones. There is a concerted movement by massively-moneyed folks to destroy the fabric of open society, so there are a number of different areas that need attention. A coordinated effort across the breadth of society to restore, maintain or improve the foundations of open society.
I think you are 2-4 orders of magnitude off if you think donation could be enough for a project as important as Android where 1 day delay in fixing security issue is just disasterous.
> where 1 day delay in fixing security issue is just disasterous.
looking at the current reality of patches is that you are lucky if there is a patch next month
So we don't even have a 'people's battery' to power up this phone. All these phone pouch batteries are proprietary in design. Go ask Framework for their BMS design details and provide links to it if you think I'm joking
Can you explain what open society means?
> Can you explain what open society means?
An open society is a society where people can freely express ideas, question authority, practice different beliefs, and participate in public life under the protection of laws and individual rights. It is usually marked by free speech, rule of law, pluralism, relatively open debate, and institutions that allow peaceful change.
https://en.wikipedia.org/wiki/Open_society
1 reply →
Open phones are all fine and well, but good luck convincing banking and government applications to work on those (especially in countries where bank login is used to access government services).
A single manufacturer convinced a lot of them to work with Apple phones.
It's definitely doable, but the product has to be appealing to users, which also seems doable as phones already peaked in capability and making a good phone now is more about polish in build + software than being technologically ahead of the competition.
I consider my 2yo mid-range phone a great phone, and with today's politics owning my phone is in the top-3 things I'd like my next phone to improve on, not a better camera, screen, battery, slimmer build nor gimmicky stuff (ok, maybe an IR to replace remotes or LoRa support would be kind of cool)
In my country, government applications are required to be interoperable, use open APIs and work with open formats (XML, PDF, etc.). There should be no problem there. I've already used some FOSS applications to interact with government services.
Banks are required to interoperate using open API in the EU. EU managed to cripple this requirement, by not requiring open api access to regular customers, but only to accredited organizations. There's more work to be done on this front.
> Open phones are all fine and well, but good luck convincing banking and government applications to work on those (especially in countries where bank login is used to access government services).
First phones, then lobbying. As citizens of an open society, government exists to serve us, not the other way around. With enough users, they will have to respond. As I said, there are a number of areas that need attention and a coordinated effort across the breadth of society to restore, maintain and improve the foundations of an open society.
7 replies →
Carry an old used iPhone, powered off with no SIM, and treat it as a black box hardware token that you turn on only for these uses. You can tether it via wifi through your “real” freedom phone.
3 replies →
there is a power that could help with this. And I know quite a few people do not like this. But this would be prime EU real estate.
convince people to use them and banks can suck it up
[dead]
[dead]
The forced ID for developers outside the Play store is already killing open source projects you could get on F-Droid. The EU really needs to identify this platform gatekeeping as a threat. As an EU citizen I should not be forced to give government ID to a US company, which can blacklist me without recourse, in order to share apps with other EU citizens on devices we own.
[dead]
[flagged]
The DSA covers App stores with a large numbers of users - this is about allowing users side load unsigned apps. Afaik there is no requirement to identify the developers of applications that can be installed on a vendors platform (outside the app store). Otherwise Microsoft would require Government ID to compile and email someone an EXE.
stop spreading misinformation
Welp, I guess my current Android phone will be my last one.
At least half of the apps I use on a daily basis come from f-droid. This enforced 24-hour wait is simply not acceptable. Android has always been a far inferior overall user experience compared to iPhone. Android's _only_ saving grace was that I could put my own third-party open-source apps on it. There is nothing left keeping me on Android now.
I'll probably get an iPhone next, but I do sincerely hope this hastens progress on a real "Linux phone" for the rest of us. Plasma Mobile (https://plasma-mobile.org) looks very nice indeed. I'll be more than happy to contribute to development and funding.
Switching to an iPhone will put you in an even worse walled garden that respects you even less. Even simple things like setting your default navigation app in iOS are gated behind moving to the EU.
True, but the point is, once you've sucked it up and given up, you may as well get other benefits back in exchange for turning tail. And the iPhone is unfortunately THE primary platform most applications develop for.
Personally, I am willing to just ditch the Android, get an iPhone as a "contact- and banking-only" device, and drag with me some sort of small computer everywhere. I've already dragged a linux retroconsole to a large number of places and have watched videos and listened to music and even edited code through it. May as well do the obvious and call it quits on phones-for-non-phone purposes entirely if phones will be so dedicated to being shitboxes.
7 replies →
If it helps, the 24-hour wait is a one-time process. You do it once, click the toggle to allow installing unregistered apps indefinitely, and then install whatever you want. You can even turn off developer options afterwards, per my understanding, and it won't impact your ability to install unregistered apps.
It does not help. This is friction imposed to reduce and eliminate sideloading in the name of safety.
I own my device, I choose the software running on it. Create friction points and I will chose another platform to execute my software.
different strokes i suppose. normally i like being able to use something the same day i buy it
95% of the apps i use are ''side loaded''. that includes a web browser, file browser, all the fossify apps for things like messaging, phone/contacts -- so the phone would be basically be a paperweight until that restriction is removed
For now.
Is the next prioritized epic to disable 24 hour wait for undesirable apks?
That does not help. That is a fundamentally fucking insane limitation that will completely destroy any developer's ability to develop without getting approval from Google. Regardless of my feelings of the annoyance of going through this process myself, 90% of users simply will not go through this process to install apps, killing any potential userbase. Google has no goddamn right to be the sole dictator of who is allowed to develop software for the largest platform in the world, to decide who is allowed to have a career in mobile software development and who is not, and you should be utterly ashamed of yourself for accepting a paycheck to defend this. I hope your shitty company and Apple both get their comeuppance in court for these monopolistic practices, and may we some day get a future where anyone is free to develop software without approval of a central police corp.
GrapheneOS phones are still an option, it’s unaffected by these rules.
If they manage to expand their lineup a bit, that'll be my next phone. Or, if a company makes a phone with GrapheneOS preinstalled, I'm giving them my money.
Fuck Google for doing this, and Play Integrity making me unable to use banks is even worse.
5 replies →
It's pretty crazy to trust such project to run your phone.
They have terrible support for banking apps and any app that needs play integrity
17 replies →
Used Graphene as a daily driver for a year. It’s an unserious toy.
4 replies →
What I'm about to say is probably going to be contraversial: but I think this is (long term) a good thing for opensource/freedom. The whole idea of 'apps' on a device that sits in your pocket and has access to a whole range of personal information was from the start, a bad idea. We have seen countless cases of 'verified apps' from the Playstore which hoover up all your personal data without your consent. I believe Steve Job's original plan for the iPhone was for apps to be web-based. This is good as web browsers run all the potentially dangerous code within a sandbox, with very restricted access to the host system's resources (storage, cameras, etc). Web technology has come a long way and even allows for GPU accelerated content to be used, and it's only getting better.
Phones, by their nature, are always internet connected (obviously there are instances where that isn't the case)...so if 90% of my apps are actually just web apps then that's fine. The opensource aspect of this should be: I build and run my own infrastructure (on cloud servers or my own servers) that serves up the web apps.
Sure, this isn't something that 'normal' people would do...but they aren't side loading apps anyway.
The web is decentralised, as long as we choose it to be. We need to take advantage of this property.
24-hour wait is a one time setup, I'd imagine that fdroid will keep working as usual after this super hidden don't enable me option is enabled.
If I understand correctly, the 24 hour wait is a one off. After the sideloading feature is enabled, it should stay on.
Good luck installing things from anywhere you want on an iPhone.
You're missing the point. I only use an Android because it lets me install whatever software I want. If that's no longer an option, then I'll pick based on other criteria, and then the iPhone beats the Android phone every time.
Probably f droid will become an official app store recognized by Google, and then you won't have to go through this flow to install f droid or its apps.
As I understand it, that would not bypass Google's requirement that the developer of each app be verified by Google.
Have you read their blog on the topic? It's the end of the project
Death, taxes and escalating safety are the only certainities in this tech dominated world. So, be ready for more safety in the next round few months/years down the line. Eventually Android will become as secure as ios. We need a third alternative before that day comes.
It's not a win by any means. I hope that we don't stop making noise.
Google serves ads with known scams and nothing seems done about it.
Yet, they are concerned about this.
It has nothing to do with safety, but everything to do with control.
I remember when Google disabled call recording in Android, so you no longer could record scammers. Thanks to recording I was able to get money back from insurance company that claimed they absolutely didn't sell me this and that over the phone (paid for premium insurance and got basic).
> I remember when Google disabled call recording in Android, so you no longer could record scammers.
Citation needed. My Pixel 7a with the latest updates has settings for call recording in the phone app. Since I never screwed around with it, I'd assume these are the defaults:
Call recording is turned on, with "asks to record calls" set
Automatically delete recordings is "never"
Automatically record calls with non-contacts is off
No specific numbers to automatically record calls are set
There is also a note that you have to agree to their ToS to use it, and I'd also suggest being careful if you live in a jurisdiction that requires two-party consent for recording.
In any case, I'm of the opinion that if F-Droid goes, I'm basically going to treat this as a feature phone and stay away from third-party apps in general aside from "musts" like banking.
2 replies →
It's not secure when one of the main adversaries (Google) controls all the keys.
I believe that is why "escalating safety" and "secure" were written in italics in the comment. Those are the terms Google would use, not necessarily the truth.
1 reply →
> It's not a win by any means.
It's a a defeat, albeit a minor one. The defeats will escalate until there's nothing left to lose. "Normies" don't care and the tech people who do care are fewer and further between than you'd think.
*Tightening control. Nothing about safety here.
I'm generally OK with this, but the 24 hour hang time does seem a bit onerous.
Most of the apps on my phone are installed from F-Droid. I guess the next time I get a new phone I'll have to wait at least 24 hours for it to become useful.
I'm seriously considering Graphene for a next personal device and whatever the cheapest iOS device is for work.
The apps might not be available though. Many developers are simply stopping in the face of Google's invasive policies. I don't blame them. Say goodbye to useful apps like Newpipe.
I don't see anything on NewPipe's website about not continuing development?
5 replies →
I'd say some od those apps starting with N and ending with E might... but I'm saying that only because of my intuition... might be the exact reason why Google introduces this policy
Developers will also be able to publish their apps on free Android devices like Graphene, I don't think that apps like NewPipe will go away.
Newpipe impedes revenue for an already free video hosting service. Google has less than zero obligation to them.
2 replies →
If my employer wants me to use a phone for work, they can buy whatever phone they want for me. I'm not going to buy a separate one just for them.
This is hopefully an exciting time to consider a Motorola device, since they are partnering with GrapheneOS, but I worry that Google will block Google Play Services on any device that doesn't comply, so this might actually be a demoralizing time to be a GrapheneOS fan, when we watch them worm their stupid walled garden nonsense into the Motorola version of it.
You don't need Google Play at all on GrapheneOS. You have to option of installing a sandboxed version of Google Play, but it isn't installed by default. Google's verification shenanigans are otherwise irrelevant to Graphene, it only applies to apps distributed through the Google store.
Blocking Play might not be that bad if some frameworks/efforts crop up to allow easily targeting devices without it.
1 reply →
Most of your F-Droid developers will leave the ecosystem if forced to pay Google to publish outside the Play Store.
The "protective waiting period" of 24h is what kills it. For people like me, who rely more and more every day on OSS apps not necessarily in the Play Store, installing a new phone will mean waiting a full day for almighty Google to allow me to do so. It reminds me of the same annoyance of carrier phone unlocks.
I wonder how this will play out in the phones coming out of the Motorola+GrapheneOS partnership.
I'm genuinely interested in proposals for other ways to differentiate knowledgeable users enabling side loading for reasons like OSS, vs naive users enabling it at the instruction of scammers to install malware.
The one time per device (not per app/install) is annoying, but seems like a reasonable tradeoff between preventing bad installs and allowing legit installs. I can't think of any obviously better ways.
I realise some disagree with the entire premise. I think refusing to accept the reason given doesn't advance the discussion though and I am very interested in what a better experience that is trying to solve the same problems could look like.
If you can get someone to do all these steps, you can get someone to wait 24 hours as well.
We use Android based devices internally with apps which aren't signed. I've had way too much trouble with Google flagging an internal app as problematic and then getting no where with Google "support" when we still used Google play.
The 24 hour wait is especially problematic because we often simply factory reset a device and preload it of there is any form of trouble.
This is just a power grab to lock down the ecosystem more. And ironically this seems to because of the Epic lawsuit. Google is now aligning with the absolute minimum they saw Apple needed to implement.
This was never about safety. It was all about control. Desktop OSes have always allow installing any softwares and the world is still spinning. Not even macos overreach this hard.
There's no solutions because they specifically crafted the problem to not be solvable. No amount of compromises will stop them from advancing further.
I think Google is trying to solve the problem at the wrong level - people do not really understand their computing devices enough to understand the risks, they never had to learn or were taught how to use such devices, they were only told it's easy and to not ask questions. The interfaces are designed in a way that allows them to get by with almost no understanding of anything. Which is why such solutions may also be bypassed by a determined attacker. Such scams only really expose this fact. So there is no good way to differentiate between the two groups.
My solution is educating about smartphones and computers first. Not in an in-depth way, but people need to understand what "application", "verified" means and what are the risks. I think android cleaned up the abstraction enough to make this possible.
Being able to tell if an app came from a trusted company or not is a good thing, but I would rather such a solution be managed in an OS-independent way, not controlled by Google. Applications not authenticated by a company should not be second-tier citizens, but there should be a clear warning (and the users should already know the difference before even seeing this warning).
I think the scams and phishing also expose another important problem that nobody tried to tackle yet - you can't authenticate calls, sms messages or emails. There is no good way of telling if it's actually your bank calling you, or if it's just a scammer.
In the end, we also need to accept that not all scams can be prevented, at some point if someone is calling as a friend of your family member, and is asking to urgently transfer money to an unknown account, and you fall for this... I really can't think of a technological measure that would've helped, it's only you and your common sense.
2 replies →
A minuscule amount of nerds being slightly annoyed is definitely worth when it hinders scammers from ruining a persons live.
There's no way this is really about scammers. I have never heard of scammers pushing sideloaded apps upon their victims in order to carry out their scams.
Would welcome evidence to the contrary. Is this truly a threat model that's seen in the wild?
My gut says no because social engineering is about hijacking legitimate, first-party processes. Scammers attack login credentials, MFA flows, and use first-party apps to maintain access (think remote control software like TeamViewer). These apps come from the Play Store, not from meticulously curated collections like F-Droid, and not from somebody pressuring you to sideload an APK.
And if scammers decide to use sideloading as an attack vector -- then like all the other security gates that can be defeated via social engineering, I expect they will find an end-run around this one as well. Either on a technical basis, or by social-engineering users into bumbling past it and on to the next stage of the scam.
Build an idiot-proof system and society will build a better idiot. And yeah, the rest of us only wind up slightly annoyed, _for now_, until Google tightens their grip further on some other flimsy pretext.
5 replies →
It won't make a dent in scammers' revenue.
No, it is not. This is moving the goalposts. The original issue is developer verification. No appreciable harm prevention can or will come from forcing devs to identify themselves.
That's because most fraud uses social tactics and LEGITIMATE tools/software.
Impinging on my property rights cannot and will not protect fraud victims.
oh to be young and naive...
This 24-hour wait time nonsense is a humiliation ritual designed to invalidate any expectation of Android being an open platform. The messaging is very clear and the writing's on the wall now, there's nowhere to go from here but down.
Anytime I open the Play store it feels like I am getting hustled to install Scam Software I don't want. With Scam I mean either it is overblown with Ads or wants a subscription.
I really extremely rarely open the Play Store.
F-Droid is my place to. Even if the tools are simple, they are reliable.
Maybe Google is also scared, that with coding agents some OSS Tools improve that much that commercial alternatives don't matter.
>And what is malware? For [Android Ecosystem President], malware in the context of developer verification is an application package that “causes harm to the user’s device or personal data that the user did not intend.”
Like when Google, Facebook, Apple, Microsoft, et al. cooperated with¹ the unconstitutional and illegal² PRISM program to hand over bulk user data to the NSA without a warrant? That kind of harm to my personal data that I did not intend?
If so, I'd love to hear an explanation of why every Google/Alphabet, Facebook/Meta, and Microsoft application haven't been removed for being malware already.
¹ https://www.theguardian.com/world/2013/jun/06/us-tech-giants...
² https://www.reuters.com/business/media-telecom/us-court-mass...
There will no any benefit from using Android instead of iPhone if there's no sideloading.
As for the IDs, I think what happens is that Google sees no need to have hobbyists anymore in the ecosystem. Companies are easier to deal with, easier to change ecosystem to what's needed for Google. While for app development companies, there will be a single enterprise account with some ID used for many developers. And companies just shut up and follow almost any non-financial requirements Google wants to add.
In contrast, opensource developers frequently go public advocating for user privacy and data prorection, while companies tend to be on the same side as Google squeezing any bit of personal user data to sell it for any margin possible.
Is any open mobile device and OS ecosystem possible at this point of time, other than the hobbyist one? With closed gates of LTE/5G ecosystem it seems there's no such possible at all.
> As for the IDs, I think what happens is that Google sees no need to have hobbyists anymore in the ecosystem.
Google has become an extremely selfish company.
Although I'm slightly relieved there is a way out of Googles verification system, it's still pretty wild if you compare this to installing software on a Windows pc. I'm sure Microsoft is heading in the same direction with Windows, but today its still "only" a few confirmations to install anything.
This will sadly still put a major damper on adoption of open source apps, while giving a false sense of security that apps from the Play store are safe.
Years down the road, the low usage of apps installed from outside the Play store will be used as an argument for removing the functionality completely.
There's an interesting subset of Windows machines out there running in "S" mode [1]. This mode restricts the customer to only using applications from the Windows Store.
We get occasional support tickets about the popups that come when trying to run a regular installer while in this mode. Luckily, people can disable "S" mode, but there's no way to re-enable "S" mode without a fresh install.
1: https://support.microsoft.com/en-us/windows/switching-out-of...
Yes, that is what happens with UWP applications, or sandboxing apps installed via the store with MSIX package identity.
Apple has been doing it for years not allowing "unsigned" software to be installed using the same "for the safety of the user" even against the user's wishes.
And they should remain the outlier.
In addition to a enabling it in this onerous way, this should be a thing you can set when you first set up the phone after factory default: "I am technologically literate and I accept the risks of side loading indefinitely." If it's set once during set up then none of the vulnerable people will have it set for the lifetime of their phone. A scammer would have to factory reset their phone which would defeat the purpose of gaining access.
I feel like even the "indefinite" option would be about as indefinite as setting your default browser on Windows
Probably true. Asking a tech company to stay good is like asking a lion to stay vegetarian.
That's a lot of words to explain how to install things on the device I supposedly own.
Wondering how long the blogpost would be if it explained what the flow for corpoloading applications approved by Google's shareholders would be?
Those don't usually have problems with providing ID for attestation??! Like, this is not a gotcha, at all?
The casual cynicism on this website really is something.
> Restart your phone and reauthenticate: This cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.
This is smart.
But putting my design hat on here: couldn't this be the whole approach? When enabling the "unverified apps" setting, the phone could terminate all running apps and calls before walking the user through the process.
Why do you even need the rest of the complexity -- if the fear is that non-savvy users are being coached into installing malware,then preventing comms while fiddling with the settings seems pretty OK?
You could even combine this with randomised UI, labels etc. so it's not possible to coach someone in advance about what to press.
> But putting my design hat on here: couldn't this be the whole approach?
No, because protecting users is just an excuse. The overreach is the goal.
Having worked in big tech, my money would be on Hanlon's Razor here -- "Never attribute to malice that which is adequately explained by incompetence"
1 reply →
I don't understand how it makes any difference.
A scammer is going to be familiar with the flow and can also just... call again?
"Just follow x, y, z and I will call back to help you"
It's getting harder and harder to be an Android enthusiast. Especially given the hypocrisy of Google Play containing an awful lot of malware.
From a detached perspective Play Services itself is practically sanctioned malware and this is to protect that monopoly.
As an idea, what about allowing the 24 hours to be bypassed using adb (edit: bypass to allow indefinitely, not just install a single app)?
I understand there is some problem trying to be solved here, but honestly this is still quite frustrating for legitimate uses. If this is the direction that computing is moving, I'd really rather there were separate products available for power users/devs that reflected our different usage.
Right, if this is being built into AOSP I dont see how they wouldn't add an adb command to immediately skip the "Advanced Flow" wait. if it's safe to let uses run "adb install", then "adb skip-advanced-flow" should be just as safe to do too.
As an idea, what about letting me install on my own device whatever I want?
This is ridiculous. Google is trying to dismantle the concept of ownership and personal autonomy. Do not give them any ground.
I'm surprised but happy to see you and so many others here saying this. In recent years it seemed like this 'hacker' community was all about Apple devices, but now that Google is going partway in the same direction, people aren't all just taking it.
Do you think there's two groups, and the people that cared simply went with Android and so there was never this outcry about installing free software on iOS, or that this will last only as long as the change still feels recent and like a new restriction?
1 reply →
[dead]
This is already how it works.
The secret reason they are doing this is because governments want to be able to identify everyone online everywhere it matters at all time. They want to strip anonymity from computing.
Apple and Google can now credibly claim to governments to have nearly ubiquitous computing platforms that they can guarantee do not run any software that is not approved or antithetical to the goals of authorities. This makes the device safe for storing things like government IDs. OSs and Browsers will be required to present these IDs or at first just attest to them.
Before posting online, renting a server, using an app you will have to idenitfy yourself using your phone or similarly locked down PC (i.e. mac).
The introduction is under the guise as always of protecting the children. In reality they are removing your rights to privacy and free speech.
24 hour mandatory wait time to side load!? All apps I want to use on my phone are not in the Play Store. So I buy a new phone (or wipe a used phone) and then I can’t even use it for 24 hours?
1) The one-time, one-day waiting period only applies if you go through the advanced flow to allow installing unregistered apps. You can still install registered apps (ie. apps made by developers who have verified their identity) even if they're distributed outside the Play Store.
2) You can use ADB to immediately install unregistered apps. ADB installs are not subject to the waiting period.
So let's say I'm F-Droid, an organization making a direct competitor to the Google Play Store and openly pointing out how much scammy shit is available in that store. My options are 1) submit my identity to Google (my competitor) so they can identify me and choose to revoke that verification at any point, or 2) I can tell all my users that they must go through these scary dialogs AND wait 1 day before they can use my competing product? That's cool, glad we've got the options laid out in front of us.
I forgot 3) instruct my users how to use ADB from another computer to install my competing app. Awesome.
1 reply →
3) And how can we keep on using F-Droid and other app stores?
4) How can we install apps made by devs who won't do the verification dance with Google?
6 replies →
I want to use the apps that don't hellbent on your Google right away. This is MY phone. I paid my money. I don't want Google to dictate what I should do.
1) Fuck
2) Google
asian development bank?
1 reply →
From purely a usability standpoint, not a freedom standpoint, I would actually be okay with that for my personal use if it stayed like that. But the point is that they're just making it worse and worse. They won't stop with this. I can arrange to do without an important app for a day, even if I had to get a new phone unexpectedly (If I had to skip attending an event and stay at home where my computer is, because I could only properly be on call with my sideloaded app, I'd chalk it up to an unusual situation). But it won't be long before they change it again.
Yeah, it's terrible. I buy a new phone and then can't effectively use it for 24 hours? Half my apps are downloaded from F-Droid, which I've used for over a decade. Just gives me another reason why I'm very happy to have recently moved over to GrapheneOS.
You can if you have a way to use ADB.
This news confirms my thoughts to abandon Google's line of Android upgrades at the first opportunity.
Even before Google's edict I disabled enforced Android updates in case that at Google's demand manufacturers slipstreamed some restrictive code that cannot be later removed. One only has to look at the disastrous precedent with Windows 11 to see how insidious and ever-increasing lock-in works.
Fact is Big Tech cannot be trusted and there's a long lineage to prove it—MS Windows, Sun/OpenOffice and many others—and now Android. To avoid future calamities like this and to ensure survival of F-Droid, et al we urgently need to break Big Tech's nexus with open source independent of Big Tech's control.
I can only hope more manufacturers are prepared to fork Android to cater for the upcoming demand.
Whoever worked on this: Thank you for your killing open computing. I hope you are proud and don't spend all the money at once.
I'd urge everyone here to seriously consider switching to GrapheneOS. It's a far simpler transition than e.g. switching from Windows or OSX to Linux, and many people find that it has basically no friction vs android.
More people moving to GrapheneOS is the best tool we have against Google's continued and escalating hostility to user freedom and privacy and general anti-competitive conduct. (Of course, you could ditch having a smartphone entirely..., but if you're willing to consider that you don't need me plugging an alternative).
I'd like to add that you can start in a really affordable way. E.g. the Pixel 9a is typically 350 Euro here and a perfectly fine way to start out with GrapheneOS - it still has years of support in it.
This has really moved up my timeline of switching to Graphene.
Admittadly I was being lazy and not checking if Line works on it yet, but I'll be finding that out this weekend it seems.
Would but unfortunately I got screwed with a locked bootloader, either going to go the dumbphone or the (much less practical) cyberdeck + SIM card route.
Calling "installing something without Google's or Apple's consent" "sideloading" is stupid.
I will die on this hill.
I agree fully. Sideloading has a negative connotation when it's literally just installing apps.
I'm not sure if I've heard this discussion from somewhere else and took it as my owm thought. Anyways, I consider this era the beginning of tech feudalism. I honestly don't think we'll be able to escape it. Please note I use Linux and GapheneOS as my two main daily drivers. Most normal people do not care and they think it's crazy I'd make my life so inconvenient. It's my perspective, but I believe users in general don't care, understand, and prefer convenience over choice. Which gives a lot of power to this push for max control. Wether we like it or not I think we won't be able to stop it. I'm not being negative about it or trying to demoralize anyone. We already have at least four basic tech-feudal states, Microsoft, Android, Apple, and Freedom-Software. Each one somewhat has a used base that reflects it's ideology.
> “In that 24-hour period, we think it becomes much harder for attackers to persist their attack,” said Samat. “In that time, you can probably find out that your loved one isn’t really being held in jail or that your bank account isn’t really under attack.”
I wanted to be negative about the whole idea, as due to my age I'm resentful of not being allowed to use my own computer as I see fit.
On the other hand, in principle I see what they're going for here. The only decent argument for these user-hostile lockdowns is the malware issue.
Even alternatives like GrapheneOS relies on AOSP. I wonder if it's possible for regulators in certain countries to pressure Google to kill it in the future.
Even if that's not the case, I'd imagine attestation apps like banking apps would require some kind of identity verification in exchange for trusting Graphene's keys.
In principle it doesn't make sense to leave any escape hatch, but I guess as always, it boils down to economy.
> Even alternatives like GrapheneOS relies on AOSP
There are alternatives that don’t: Mobian, Ubuntu Touch, PureOS, postmarketOS, Sailfish OS.
They should let you skip the wait if you're setting up a device for the first time.
I think that's a good point. When you're playing around flashing ROMs it's going to get really old, really fast.
Or at least include this flag in the system backups and restore it upon switching to a new device...
If you get most/all of your apps from F-Droid, they're essentially establishing a policy of "any time you get a new phone, you can't use it for 24 hours", which is... insane?
"Android is one of the most open systems I've ever seen. What makes Android great is it's literally designed from the ground up to be customised in a very powerful way." -- Sundar Pichai
Oh, how times have changed. And so many believed this and repeated it.
Time to put pressure on manufacturers to move to something more open like graphene, or another community based project
Am I going to have to wait 24hrs to have Google's malware and spyware forceloaded onto my phone, or is this a different category of malware?
That comes preinstalled :)
> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.
I don't quite understand how those installs would be tracked. If I create a "hobbyist" account and share the apk, are the devices that install that app all reporting it to Google? To my knowledge, Google only does this through the optional Play Protect system, is that now no longer optional? I'd like to know if my computer is reporting every app I install up to Google.
With this change, Android will not just send every app install to Google, but even require approval from Google before allowing app installs.
Which I also don't like, but at least that can be done offline. The signature could be verified on device without sending everything to Google. If they have to track the 20 seats for the hobbyist accounts then they have to be tracking every single install
2 replies →
You thought it wasn't reporting every app you install?
I mean, I'm happy to be conspiratorial about it too, I give Google no benefit of the doubt, but outside of Play Protect I don't think they explicitly say "your phone is telling us every app you install." This new feature is them making that explicit.
3 replies →
taps the sign: https://medhir.com/blog/right-to-root-access
24H forced wait time?!? WTF
When I side-load open-source apps for other people, I want to do it right in the moment, not activate the feature, and the next time I see them (like half a year later), install the app.
When Google announced there would be an alternative installation method, I did not expect such a mess...
So it seems it will work as they intended.
"I did not expect such a mess", I certainly did. Another arm of the push to remove anonymity online.
Don't forget offline. We now have an epidemic of license plate and face reading cameras rolling out all over the place.
Orwell couldn't even dream of the invasive monitoring that exists right now.
To their credit, the 24hr hold would actually serve an important, legitimate purpose if the same malware weren't going to be on the PlayStore anyway. I was expecting to disagree with their public statements more than I actually did on this topic.
This still isn't a good idea. It's not going to materially improve security for anyone, so all the negatives (beaten to death here and elsewhere) are still top-of-mind.
> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.
What stops scammers from simply creating a new hobbyist account for every 20 people they scam?
'Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.' - Benjamin Franklin
Sure, but what's "essential"?
Being able to decide yourself the software that is allowed to run on the hardware you own.
9 replies →
> Flip the toggle and tap to confirm you are not being coerced
This is just spreading fear. If you're being coerced to do this, then you're in a much bigger danger than what a rogue application sideloaded to your phone represents.
“Being coerced” typically means “you’re on the phone with a person who claims to be a bank representative and who is trying to push you into flipping the toggle.”
Find the email address of the CEO/board members. When you get this on your device. Let your thoughts be known to them with a screenshot. Feel free to use language that will make them feel dumb and sad. Don't expect them to understand logical arguments or pleas.
Companies get away from this because they distance themselves from their customers and they have systems to hide feedback.
> Balancing openness and choice with safety
No, I'm afraid this is tipping the scale of control in Google's favor.
How exactly is this going to stop scammers from simply modifying their scam runbook to say "Turn this thing on, and get back to me in 24 hours.", and then continue on from the next step?
We know from Nigerian email scams that these things can stretch out days, weeks, months, all to get the victim to do the thing.
the real issue i think is using technology to stop a non-technology problem (scams) as that is a society problem
but it seems govts arent interested or incapable of solving the causes (education, opportunity, destitution, etc etc) and probably also influx of scams from sanctioned countries (again a society/world level problem) that cant participate in the world trade etc...
so they lean on the technology companies to lockdown things more because what else can they do?
The Nigerian type scams typically prey on greed; time pressure isn't part of the draw.
There's another class of scams where the draw is fear - "your son is in jail", "your bank account is under investigation and will be closed in 24 hours if you don't act now", &c. They rely on time pressure to prevent the victim from reaching out directly to the parties they're lying about and disproving the scam.
This is aimed at that particular type of scam and that particular type of victim.
The goal seems to be breaking the real-time guidance scammers rely on. 24h probably works, but it feels like a heavy tradeoff for legit users.
Scammers will just start the process and call back the next day. There is an entire genre of scam relying on slowly building rapport and only cashing in once all the way at the end.
Exactly, it will have 0 effect on scammers. It is primarily made to piss off people and make it more difficult to install independent free software.
Capitulating now means next time the terms of the deal will be worse.
iOS was supposed to prevent phone theft by making phones brickable through iCloud.
Now, phone thieves just ask you at knifepoint or gunpoint to log out of iCloud
Unfortunately that's your own misunderstanding. iOS (as well as modern android) quite effectively prevent phone theft while the electronics are in transit along the last mile of the supply chain. Anything beyond that is a happy accident.
(I'm being a bit overly cynical there but IMO only the tiniest bit.)
They give no shit about safety. The real goal is to break NewPipe or YT Vanced and ads/subscription revenue. Google is advertising company foremost.
Stop propagating the term sideloading like its some kinda dirty thing.
Its just installing an app.
So this means one can't just copy over unsigned apps from previous phone when transferring.
As others have suggested, there should be an option skip the 24hr wait when activating at setup time. Or, alternatively, when the previous phone one is transferring from has it enabled it should be without wait time on the new one.
It probably sounds like a nitty gritty detail here but who is enforcing the 24 hours and how are they enforcing it?
Because if that "enforcement" is Google then they are still engineering a situation where they hold the keys to the kingdom. They may benevolently let you install what you want, but the sword of damacles will hang over everyone forever, with the darth vader contract in full force ("pray we don't change the deal any further"). If nothing else, it will have a chilling effect. But more than likely, it will attract regulators like moths to a flame to coerce Google into banning their favorite open source apps that they don't like. In other words: it won't solve anything at all, really.
Honestly, if coerced sideloading is a real attack vector, then this seems to be a pretty fair compromise.
I just remain skeptical that this tactic is successful on modern Android, with all the settings and scare screens you need to go through in order to sideload an app and grant dangerous permissions.
I expect scammers will move to pre-packaged software with a bundled ADB client for Windows/Mac, then the flow is "enable developer options" -> "enable usb debugging" -> "install malware and grant permissions with one click over ADB". People with laptops are more lucrative targets anyway.
I predict that they're going to introduce further restrictions, but I think the restrictions will only apply to certain powerful Android permissions.
The use case they're trying to protect against is malware authors "coaching" users to install their app.
In November, they specifically called out anonymous malware apps with the permission to intercept text messages and phone calls (circumventing two-factor authentication). https://android-developers.googleblog.com/2025/11/android-de...
After today's announced policy goes into effect, it will be easier to coach users to install a Progressive Web App ("Installable Web Apps") than it will be to coach users to sideload a native Android app, even if the Android app has no permissions to do anything more than what an Installable Web App can do: make basic HTTPS requests and store some app-local data. (99% of apps need no more permissions than that!)
I think Google believes it should be easy to install a web app. It should be just as easy to sideload a native app with limited permissions. But it should be very hard/expensive for a malware author to anonymously distribute an app with the permission to intercept texts and calls.
I don't think Google has a strategy around what should be easy for users to do. PWAs still lack native capabilities and are obviously shortcuts to Chrome, and Google pushes developers to Trusted Web Activities which need to be published on the Play Store or sideloaded.
But these developer verification policies don't make any exceptions for permission-light apps, nor do they make it harder to sideload apps which request dangerous permissions, they just identify developers. I also suspect that making developer verification dependent on app manifest permissions opens up a bypass, as the package manager would need to check both on each update instead of just on first install.
> But it should be very hard/expensive for a malware author to anonymously distribute an app with the permission to intercept texts and calls.
And how hard/expensive should it be for the developer of a legitimate F/OSS app to intercept calls/texts?
4 replies →
The scam only has to work on a tiny slice of users, and the people who fall for fake bank alerts or package texts will march through a pile of Android warnigns if the script is convincing enough. Once the operator gets them onto a PC, the whole thing gets easier because ADB turns it into a guided install instead of a phone-only sideload.
That's why I don't think the extra prompts matter much beyond raising attacker cost a bit. Google is patching the visible path while the scam just moves one hop sideways.
> Honestly, if coerced sideloading is a real attack vector, [...]
I don't believe that it is. I follow this "scene" pretty closely, and that means I read about successful scams all the time. They happen in huge numbers. Yet I have never encountered a reliable report of one that utilized a "sideloaded"[1] malicious app. Not once. Phishing email messages and web sites, sure. This change will not help counter those, though.
I don't even see what you could accomplish with a malicious app that you couldn't otherwise. I would certainly be interested to hear of any real world cases demonstrating the danger.
[1] When I was a kid, this was called "installing."
This is the thing that bothers me the most about this. It is as if even the HN crowd is taking it as given that malware is this big problem for banking on Android but in reality there seems to be very little evidence to back this up. I regularly read local (Finnish) news stories about scams and they always seem to be about purely social engineering via whatsapp or the scammer calling their number and convincing the victim they are a banking official or police etc.
That's why I'm inclined to believe Google is just using safety as an excuse to further leverage their monopoly.
Hmm, as long as the waiting period is not per-app then maybe this is OK. Especially now that there is a well supported way to distribute alternative app stores without going through the sideloading process.
This is getting a ton of hate here, but I think it feels like a pretty reasonably balanced response to competing concerns: protecting literally billions of non-tech-savvy users from potentially malicious social-engineering attacks while allowing devs and tech-savvy a path to bypass that protection if they’re sure they want to.
What concrete change to the policy would be a strict Pareto improvement keeping just those two concerns in mind?
I'm pretty surprised at the amount of hate here. All the "just build it ourselves!" and "Google wants your data", and almost no top-level comments even discussing the difficulty of dealing with malware and social engineering.
There are at least three moral arguments that can be made:
- Google, as a capitalist company, is ignoring the privacy and FOSS implications, and is guilty of screwing the customer due to greed
- Regular, non-tech folks are constantly being robbed of their privacy, money, and/or identity through malware and social engineering attacks, and Google is guilty of not doing enough to protect them
- Enabling malware delivery and use props up criminals and known bad actors (e.g., north korean), and by not stopping this Google is guilty of supporting these bad actors
I'm not seeing either of those last two points being made strongly. Maybe it's just not the target audience — people here aren't as likely to be scammed, and few of us are regularly thinking about north korea — but I'd expect to see more consideration for the costs of inaction here.
It’s pretty common for techies to overestimate how widely their opinions and desires are shared. If you think a good chunk of the population wants to sideload apps, then this feels like an attack. But it’s really just a decision not to cater to a tiny fraction of the market. It’s the same thing in discussions about headphone jacks or small phones. People act like it’s nefarious, when really it’s just that their desire for those things is pretty uncommon.
Personally I think there should be a lot more work done on how to secure arbitrary apps from arbitrary sources so that they are unable to hurt people, rather than focusing so much on on preventing random apps from being installed in the first place. This would help the average person as well, since these walled gardens still make mistakes. But it’s not realistic to put a box in everyone’s pockets that’s three taps away from sending all their money to some dude in Laos.
If this becomes widely successful and side-loaded crapware apps and Android phone scammers drop off a cliff, we will still be upset because we want a perfect world where everyone is above average in their digital security. Time boxing is a great compromise and you've lost none of your previous freedoms. Guaranteed convenience of side-loaded software was never in the Android terms of use.
Is there an accurate, neutral third party link about this that we can make the primary link instead?
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor...?
Edit: I've put one up there now - if there's a better article, let us know and we can change it again. I put the submitted URL in the toptext.
Reminder that when you use terminology like "sideloading" you're accepting the premise that there's something inherently dodgy about installing your software onto your operating system.
Just call it "installing".
Don't use the enemy language
Could this be worked around by installing a single shell app which then loads other apps internally? I think it's possible to dynamically load Dalvik byte code in ART these days, right?
Obviously permissions would be a problem, as you can't update the app manifest, so there would either have to be one shell app per publisher (which would at least solve the problem of installing updates for their apps) or the shell would need its own internal system for managing permissions (like a browser does). Maybe it could also sandbox different apps from each other in different subprocesses, unless that needs root privileges, but maybe it's possible with Landlock?
Or we can always fall back to the "sweet solution" Steve Jobs offered us with the original iPhone, and just let the web browser be the shell.
Or implement everything as WeChat mini programs.
That would be very similar to LiveContainer for iOS [1]. I think that unsandboxed JIT is still possible as of Android 16, but Google has been cracking down on it.
[1] https://github.com/LiveContainer/LiveContainer
I get that its pretty clear with the straight sideloading case, but can anyone say for sure what this will look like for an f-droid user? Its hard to keep track but I thought something new here because of EU is that alternative app stores != sideloading? Something where app stores could choose themselves to get "verified," whatever that means, to become a trusted vendor? Or is this completely wrong?
They're treating users like toddlers. Having to wait 24 hours to use my phone how I want to?
The alleged inability of a company like Google to create an operating system that makes banking apps secure while allowing users to install whatever they like is very implausible. Android apps are already sandboxed and have fine-grained access control, and the operating system controls everything that is painted on the screen.
The security justification for this measure is not credible.
“sideload”, is installing software without some asshole preventing me.
Let’s be clear here.
I am not happy about this, but as long as advanced Android users can still turn this off and keep it off, we're still in a better place than iOS.
Even though I understand the design decisions here, I think we're going about this the wrong way. Sure, users can be pressured into allowing unverified apps and installing malware, and adding a 24-hour delay will probably reduce the number of victims, but ultimately, the real solution here is user education, not technological guardrails.
If I want to completely nuke my phone with malware, Google shouldn't stand in my way. Why not just force me to read some sort of "If someone is rushing you to do this, it is probably an attack" message before letting me adjust this setting?
Anyone who ignores that warning is probably going to still fall for the scam. If anything, scammers will just communicate the new process, and it risks sounding even more legitimate if they have to go through more Google-centric steps.
tl;dr:
- You need to enable developer mode
- You need to click through a few scare dialogs
- You need to wait 24h once
I wonder how long this will last before they lock it down further. There was a lot of pushback this time around and they still ended up increasing the temperature of the metaphorical boiling frog. It still seems like they're pushing towards the Apple model where those who don't want to self-dox and/or pay get a very limited key (what Google currently calls "limited distribution accounts").
Will these measures eliminate fraud? Of course not. What a shame; I guess we'll need to lock down the platform even further.
This is so overt.
I propose we ban all computing devices to prevent fraud and harm to children.
its so obvious what the real goal is. No sideloading. Period. But nice of them to show their intentions while still giving time to leave.
I mean the writing's on the wall, they just don't want to do it all at once to avoid backlash. I wouldn't be surprised if they kill sideloading completely several years down the road.
Leaving where though?
>I wonder how long this will last before they lock it down further. As soon as the dust settles probably.
The timing is interesting. With the measurable shift in quality of models and the agentic workflow becoming more popular (exacerbated by SaaS companies trying to democratise app building), there will probably an explosion of even more apps (as if there aren't enough already). The programmer in me likes that because I can easily build an app that is specific to my needs. But so can a person who doesn't have the technical background which combined with poor security track record of LLM generated code, is a risky combination security-wise. Not sure if that was actually the motivation or whether it was preserving the revenue from the developer ecosystem by creating another walled garden.
* enable developer options
* confirm that you are not tricked
* restart phone and re-authenticate
* wait one day
* confirm with biometrics that you know what you are doing
* decide if you only want unrestricted installs for 1 week or forever
* confirm that you accept the risks
* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this
There are multiple apps that I know and want to use that are no longer available on Play Store, but only via Zapstore, Obtanium or similar. I'm just hoping that these changes don't affect solutions like GrapheneOS or that we will soon get linux based phone that's good...
It's not like the Google Play store hasn't been known to host malicious apps, yet you are not required to wait 24 hours before you install apps from their store.
I suspect they are hoping users just give up and go to the play store instead. Google touts about "Play Protect" which scans all apps on the device, even those from unknown sources so these measures can barely be justified.
Imagine if Microsoft said you need to wait 24 hours before installing a program not from their store, which is against the entire premise of windows.
Computing, I once believed was based on an open idea that people made software and you could install it freely, yes there are bad actors, but that's why we had antivirus and other protection methods, now we're inch by inch losing those freedoms. iOS wants you to enter your date of birth now.
The future feels very uncertain, but we need to protect the little freedoms we have left, once they're gone, they're gone for good.
Supported Android since the beta m3 SDK in 2008 (ok, I was in high school, but I still downloaded it!) Never considered abandoning it before now.
It's time to leave Android.
Call me naive, but despite the feeling in my gut I was holding out for Google's answer. Reading what it is, this is still going way too far. You essentially need to be a developer in order to sideload, which brings Android down to parity with iOS.
No, being able to sideload (on my phones, AND friends and family as-needed) is a fundamental computing right. This is my personal belief. And this move by Google is a step too far.
The search begins...
they even say that you can allow sideloading temporary or indefinitely. Guess which option wont be available anymore in two years.
I switched to iOS in anticipation of this change. The reality is, if they are thinking about doing this, it's only a matter of time before they do it. If I have to choose between two walled gardens, apple will win every time.
Apple is just as bad, you should have switched to Graphene and retained the good aspects of Android without the parts that suck (Google).
I love and use graphene regularly on my pixel devices
1 reply →
I've been slowly degoogling because of how Google is treating Android. It's slow, but I've been setting up emails on other providers, stopped using Google search, stopped uploading photos etc.
This is destroying and devaluing the app ecosystem on all platforms, discouraging companies from treating it as a stable target, right when Apple is gaining dominant market share.
Is it really worth executing payments, maps, geospatial APIs, etc. on one platform if >30% of your customer base can't use it and it changes every 6 months (because that's what they've engineered)? No. Who wants to maintain that?
Then what is the interface people are pushed to? The browser, where Google historically dominates.
This is the main thing that Android users have been saying is the differentiator for them using Android, and they're butchering it in multiple ways. Wild.
I feel like loading sideloaded applications it's locked enough, google created google protect (which I have disable) but it if you have it enabled you are unable to instal sideloaded apps, also you have to accept the prompt to accept the app you're installing from and the prompt from your android to let you install sideloaded apps, like how many prompts is enough? now also a fee and verification. Most of the apps I enjoy the most are in alternatives stores. Ankidroid,keeepassxc,revanced, newpipe,tubular.
I've stuck with Android despite privacy concerns because of the control I have over the device. If they're going to do this I might as well go Apple.
Same here! I've traded some privacy for freedom, but if they take away freedom, I'm still paying the privacy price. In this scenario, there is nothing left for me here. So Apple beckons.
I feel like there's a big thing being missed in all of this, which is that F-Droid lives. I scrolled through hundreds of comments so far and not seen anyone make this observation.
Do I love it? Absolutely not. But F-Droid was facing an existential threat from the early early versions of the proposal and now will continue to live. Again, I don't love it but this is a huge change to the fate of F-Droid.
Well, Google is keeping the fees and the ID requirements for devs, while also vastly shrinking the population that will be willing to get permission to sideload from Google, decimating much of F-Droid's reach. They are basically attacking freedom on both sides, clamping down and extracting on the supply side, and creating friction and confusion on the demand side.
I'm extremely worried for the future of open source on mobile operating systems. We traded freedom for convenience.
TBH it is a little surprising, because one option available to Google was staying the course and hiding behind their Epic court loss.
"Everyone can still access F-Droid, it just has to live in the Play Store. We're bound by law to support alternative app stores now anyways. Everyone wins!"
The measures seem a lot less restrictive than I expected. 24h wait time is nothing if you suppress your ego, developer options is already the first thing I enable, an open adb channel is and will be a constant choice and the one-time-forever option a neat convenience. They could kill user experience for all but it's more a friction and not a restriction.
> Install apps: Once you confirm you understand the risks, you’re all set to install apps from unverified developers, with the option of enabling for 7 days or indefinitely. For safety, you’ll still see a warning that the app is from an unverified developer, but you can just tap “Install Anyway.”
If you can enable this once, forever, after a 24 hour cooldown period I don't hate this as much as I hated some of the other proposals from Google. It'll just be something you do as part of the setup for a new phone.
Could the title say "process to install non-curated Android apps"? "Sideload" and "unverified" imply that the collection of centrally approved apps is the default way to install software.
Or maybe it is and android's promises about openness are dead.
I think this topic is not about safety, but about profit and responsibilities.
The reality is that users should take responsibility but are not allowed to, so Google takes over and makes a profit.
You don't need a CS degree to use a phone, but you can be a power user by time....but not anymore, the company needs you to stay fool and pay for "help" (not directly sometime).
This is a marketing tactic, similar to a side-load.
At this point the meta for tech inclined people is to go full dumbphone, get a UMPC with SIM card support, cobble together a cyberdeck with a SIM module, or building an ESP32 powered cellphone (https://www.xda-developers.com/someone-made-a-4g-esp32-smart...). RIP F-Droid.
The 24 hour wait period is the largest of the annoyances in this list, but given that adb installs still work, I think this is a list of things I can ultimately live with.
Nothing screams being infantilised by your platform more than having to wait 24 hours to be allowed to install software on your own purchased computing devices.
It'd be nice if they put a little sticker on the box or a flashing warning when you go to buy the phone noting that you'll be unable to use it as you desire for 24 hours if you are not willing to bend over to your corporate overlord.
Alternatives like GrapheneOS and Lineage are the way to go for right now, but I worry as things get more and more locked down that those options won't work with a lot of apps.
> I worry as things get more and more locked down that those options won't work with a lot of apps
I am increasingly interested in a dual-prong approach of building a parallel world of OSS apps, platforms, etc, plus an adversarial inter-op project for duping and wrapping apps/services from the commercial/normie world. We have some solid bases with Android/Graphene, Linux more broadly, wine, and Android VMs like Waydroid. Even if things don't get a lot of users, if the users it has are highly technical on average things can probably chug along.
Yeah, I do hope that an "inter-op" idea can be possible, otherwise anyone who doesn't want to join the duopoly fully will slowly be unable to interact with more and more aspects of commerce, government, etc. I guess the GrapheneOS method of integrating Play Services but keeping the user in control (e.g., being able to block Play apps' internet connections) is something like that, but ultimately it's controlled by Google and there are problems with Play Integrity, meaning some things just don't work.
1 reply →
Funny how that post doesn't mention that a huge amount of malware is downloaded from Google (from the Chrome Web Store as well as from Google Play).
That's not entirely unreasonable. As long as there is a way to enable this in perpetuity for my device(s) and it works for all Android devices it's a compromise I could live with.
Again, can we, please, stop call it side-loading. I'm not sliding in anything "from the side" on the sly, I am simply installing an app of my choice on my damn phone.
Tbh, I love this flow. They truely think for users, all users not just advanced users. Unlike Apple, Apple just think for its ecosystem, its money.
Do you also like Dictators that decide and think for you?
This is what I have with my bank. I need to wait 24h after adding a new recipient for wire transfers.
Being treated as a toddler by an organization that is itself completely disfunctional is mzking me angry.
This is great news for my wife and my parents, but it would really be nice to have the choice when it comes to my phone's OS. Just like I had with Linux. I boggles my mind how the components in a phone are somehow different to the components in a PC in that they are unaccessible to people who write drivers for them.
Android should be freed from Google. I know, I know, not realistic, not easy to do, but still. With that I mean there should be only open source software at all times, at the least for any base system to use (so, not only Google but ALL of them; this is a different focus than open source alternatives).
This seems like a good solution that will put a sizeable dent in scam success rates while not actually removing options for developers and power users. The added friction will make some people bounce off F-Droid and the likes which is unfortunate, but the wins here in scam prevention are much bigger than the losses in onboarding power users.
Do you need a Google account to opt out of the restriction? It says something about authenticating.
I don't have a Google account on my Androids. But I can't remove play services on them, sadly. As an intermediate protection I just don't sign in to Google play, that gives them at least a bit less identifying information to play with.
I hope this can be done without a Google account.
The reauthenticate means using device pin/biometrics if you have them enabled.
You will not need a Google account.
Oof that's what I was hoping for, thanks!
So if I have to reinstall my phone it won't be usable for 24h because I won't be allowed to install my F-Droid apps?
How is a 24 delay for manually installing apps going to combat malware on Google's play store?
Since after doing this Google knows the user knows what they're doing (and officially they say they don't want to get in the way), why does this only enable installing unverified apps (still unprivileged), why is the system still insanely locked down? I thought the 24-hour delay solved the "security" problem?
People already have the choice between an ecosystem that offers the safety of a walled garden and one that allows the freedom to do anything you like, including shooting yourself in the foot.
Google's decision to walk back the supposed freedom to run anything you like removes user choice from the marketplace and harms consumers.
Can you set your clock forward or does this also require phoning home to a central server to install an app on your computer?
It'll be interesting to see how the timing is enforced. Can you just set up your own NTP server to fool your phone into thinking it's really the future (and not just you adjusting your phone's clock manually). Will Google run a clock that you have to get a timestamp from (would it be easy to setup your own MITM proxy to get around this?). If the time somehow jumped backwards, would you lose the ability to install apps? Can google remotely disable this after it's already enabled (I think yes)?
It requires an internet connection to adjust the toggle.
I think it would be a bad idea to require an internet connection (for one thing, you might want to write your own app that does not require a internet connection); but, even if it doesn't, would not mean you can set the clock to avoid the delay, because it could be made to reset the delay if the clock is set.
Coming soon:
- New toaster requires permission from manufacturer to toast bread from a local bakery.
- Car manufacturer to vet all passengers. Any unidentified and unvetted passengers will disable the vehicle.
- TV manufacturer requires 7 days advance notice of what you want to watch.
Personally, I think they should at least drop the $25 fee if you publish outside of Play Store.
Developers could protest by changing our app icons to grayscale: https://news.ycombinator.com/item?id=47354917
If this was truthful about security...
Google could make a mobile website to take an app apk and verify it if its secure and offer to install it back to android users ...
My bias, former Android app developer.
This is using the increase in attacks to do a business monopoly goal instead...
Well, this sucks.
The fact that I can sideload whatever I need and stay out of Google's ecosystem is the whole reason I use Android. Given the miserable choice between two fully locked-down platforms, why would I pick theirs?
A lot of people here are looking for compromises. Any compromise on this means giving ground to Google's monopoly and the war on open computing and ultimately freedom.
This is exactly what Google intended. This is why they started off by announcing completely removing device owner chosen installs (this is not side loading! It's simply installing.) and announced only apps allowed by Google would be available for install.
They knew it would cause backlash. They anticipated that and planned ahead faking a compromise.
They are trying to boil us like frogs by so slowly raising the temperature so we do not notice. Whenever the water gets so warm that people do notice they cool it down a little. But they will turn up the the heat again!
This 24h window is designed to make device owner controlled installs as unattractive as possible. They try to reduce it as much as they can while having plausible deniability ("You can still install apps not whitelisted by us"). They want to get the concept of people installing software of their own choice onto their own device as far away from the mainstream as possible. They want to marginalize it. They want to slowly and quietly kill off the open Android app ecosystem by reducing the user base.
The next step will be them claiming that barely anyone is installing apps not signed by them anyway. First they make people jump through ridiculous hoops to install non whitelisted apps, then they use the fact that few people jump through these hoops to justify removing the ability altogether.
Google does not care about preventing scams. If they did they would do something against the massive amount of scam ads that they host. Scams are just their "think of the children".
Do not play by their playbook!
Do not give them ground!
We must not accept any restrictions on the software we run on our own devices. The concept of ownership, personal autonomy and choice are being dismantled. Our freedom is the target of a slow, long waging war. This is yet another attack.
We must not compromise with the attacker. We must not give them any centimeter of ground.
It's 2026 and regulators are finally getting around to do something about the mobile app distribution chokehold.
And Google thinks they can pull this? I hope regulators make it very clear that this is the wrong direction, and with record fines.
im just as much of a hater of this as the next guy, because i depend on custom apks for work sometimes. pushing custom apks over adb is apparently going to be fine, so if that holds true, i dont care about this. at the end of the day, buying an android phone is buying a google device. i dont get the righteousness here. wouldnt this energy be better spent on discussing how we could make a new open source os to rival that of google? why would anyone at google (company at the forefront of anti privacy measures) care about what some nerds on the internet think about privacy? its like an ant screaming in front of an approaching bulldozer.
It's a pretty dire situation. There are two major options. iOS is iOS. Android is at least somewhat open and Google free Android actually exists.
The problem is that you often need a smartphone running either Android or iOS to participate in modern life. Unfortunately when running Android many apps that one might be more or less forced to use do not just require AOSP, but expect the presence of the proprietary Google services malware.
If we want to create an independent mobile OS AOSP might actually be a good start. We're just faced with a world that is actively harmful to people having control over their device and data.
Fortunately older versions of Android, especially rooted ones, won't be affected.
are you sure about that? this is being pushed as an update to play services, not android.
I read several articles about this today, and surprisingly, found this video more clear and easy to understand what is the situation https://youtu.be/-WF34Sgq76c
So what's the solution? Graphene OS? Let's convince everyone we know to buy the upcoming Motorola phone. If it's sales hit 10s or 100s of million devices, only then Google will listen.
So this effectively means, if you buy a new phone and want to set it up, you'll have to do it tomorrow, because of an arbitrary flow Google created to save their play store percentages...
I think the new solution is a good compromise.
The 7 days vs forever choice is still crappy and gives me a bit of bad vibes considering they are the ones that pulled the youtube promotions (shorts, games) you can never turn off forever, so there's the concern they will remove the forever option from Android in the future. But as long as they don't end up doing that, it's fine for me.
Also, I do think it would be a good idea to make an exception to the 24-hour wait time if the phone is new enough (e.g. onboarding steps were completed less than one day ago), and/or through some specific bypass method using ADB. Power users who get a new phone want to set it up with all their cool apps and trinkets right away, and it's not good user experience to have to use ADB to install every single sideloaded app. Meanwhile a a regular user getting scammed right after getting a new phone is statistically unlikely.
So Google tightens its iron grip for "alternative" app stores.
I think I would be fine with that if they also provided the option to check the box immediately when you first setup your account on a new phone. I don't want to wait for 24 hours every time I change phones.
The only reason I stuck with Android was to have the freedom to basically install anything I like. This is not a solution, much less to any problem which existed before. I don't think my next phone will be Android.
Feels like one of those changes that makes sense from a security perspective, but will mostly hurt smaller devs who rely on sideloading.
Curious how this will play out for niche apps that aren’t on the Play Store.
There are numerous alternative operating systems and variants out there that should get more of our attention now. There's a mobile ubuntu, e/os , and more.
How does it track time? Is it possible that user will just change current time to the future to instantly process the request? Is it possible to track time "safely"?
idk if they'll use it for this, but Pixel phones have "secure" clocks used for image attestation, among other things.
https://security.googleblog.com/2025/09/pixel-android-truste...
That's just friggin great, except for those who use newer phones from Cricket - who disables developer mode for until the phone's been active on their network for 6 months...
Some years ago had a scam call about my "router connection error logs" and "I needed" to install TeamViewer from the PlayStore... So can't imagine what is this going stop
the best marketing apple has received in a long; death by self sabotage
They do it for your own good, to defend you from dangerous software.
Dangerous software is software that is not making Google money and that does not give Google control.
I'll say it again: this isn't a problem for Android to solve. Scammers will naturally adapt their "processes" to account for this 24-hour requirement and IMO it might make it seem more legitimate to the victim because there's less urgency.
The onus of protecting people's wealth should fall on the bank / institution who manages that persons wealth.
Nevertheless, this solution is better than ID verification for devs.
Why should the bank/institution be responsible for protecting individuals from themselves? They don't have police power- protecting people from bad actors is like, the reason to have a state. If the state wishes to farm it out to third parties, then we don't need the state anymore!
Yea I have no idea why the original commenter thinks Banks should have the power to tell me what I can and can't do with my own money.
It's nice that Zelle has checks and identity information shown to you when you're sending money, but if I click through 5 screens that say "Yes I know this person" but I actually don't.....no amount of regulation is going to solve that.
1 reply →
The bank/institution is where the money is leaving from therefore they should implement policies that protect vulnerable customers like seniors, for example. I don't know how that looks but it seems reasonable that they could put limits on an account flagged "vulnerable person"
I'm not sure what you're getting at with the rant about police power and a state? Google isn't the government either. What would legislation provide that banks can't already do today?
2 replies →
> I'll say it again: this isn't a problem for Android to solve.
They're not solving that problem. They're using it as an excuse to lock down the platform further and assume more control. Any incidental benefit for user "security" is an unintended consequence of their real agenda.
Good guy Google must have published the numbers of scamming incident due to current software installation setup.
I appreciate if some good samaritan can link to it.
Calling for regulators, especially the EU, is futile. They want this. All you'll get is something that feels and sounds like pushback, at most.
One gotta give it to them, advanced flow, what a great new double-speak-ism, would have made the ministry of truth very very proud.
I'd rather not have to go through this ritual, but I appreciate that there is a genuine security problem that google are trying to address. I also suspect that they have other motivations bound-up in this - principally discouraging use of alternative app stores. But basically I could live with this process.
Yeah, I know... Stockholm syndrome...
Although I may not have to live with it, as none of my present devices are recent enough to still receive ota updates.
Context: I don't use alternative app stores. I occasionally side-load updates to apps that I've written myself, and very occasionally third party apps from trusted sources.
I don't think developers targeting alternative app stores would care much about having to perform verified developer registration. Particularly apps that are available in both Play Store and alternative app stores.
As someone who has been forced at the Australian border to unlock my phone, and seen it taken away, maybe this isn't a bad idea.
I'd think it'd be useful to opt-in to a 24-hr app installation blackout for scenarios like this.
But also, Google would definitely give 5-eyes a tool to bypass this for whatever they wanted to do to your phone.
Good point.
50 times more likely? Don't they need to supply the data for that when making an "advertisement"?
This is the first thing I will be doing in my new Android Smartphone, in the very first hour.
Also, was this really necessary Google?
Hey, the user doesn't need a Google account, that's good. Still a danger of frog boiling but not as bad as I was expecting.
Any chance there is push from the carriers to implement something like this to cut down on hijacked devices sending spam?
I actually was kinda looking for a reason to give up phones. Thanks google.
Unfortunately for making and spending my money, I am forced to have a phone. Either Android or Apple. I need my authenticators for work, banking apps etc. Will consider graphene os, not sure if it supports all the things I need. Otherwise I will get the cheapest iphone, only install required stuff and get a nice small laptop to carry around. Unfortunately I need to be reachable by phone (elder care) and dumb phones I think do not support authenticators/banking apps?
SailfishOS / Jolla are unlikely to do this. Time to switch. Google's monopoly power over android is showing, badly.
Maybe if the Jolla folks were serious about making inroads in the market for personal mobile devices that they're ostensibly trying to compete in. But they're just as deluded and as doomed as their Meego/Maemo/Moblin predecessors about the value proposition that the SDKs and system software they ship has with the market segment they're targeting.
I hate it of course, but I think for once there is a solution: just go for an alternative AOSP-based OS. Preferably GrapheneOS (soon available on Motorola phones).
The truth is that 99.9% of the people don't care. The remaining 0.1% is perfectly capable to use GrapheneOS.
I can see that majority of response is negative, being mobile developer myself I can understand.
What's the solution for 3rd world countries where 80% phones are android (and usually old/low spec) that balances freedom for knowledgeable users vs security/safety for the majority of users? you can roughly understand education level and tech literacy for the majority of people in 3rd world countries.
To be blunt: I don't care. Don't make their incompetence my problem.
I had a taxi driver ask me for help with their Android phone after their kid did something and now their phone kept getting ads every 5 minutes in every app no matter what they were doing
Enable this per country then?
Huzzah! Our most gracious sovereign shall bestow his mercy upon us and allow us to install apps on our phones
What versions of Android will this apply to?
Random thought, but doesn't disabling developer mode turn off all of the changes in there?
There is a way out!
https://grapheneos.org
Selfhosted apps are going to start using PWA's in an even bigger way if this goes ahead.
They made a huge mistake with Dalvik and they seem to be doubling down on that mistake.
All these vibe coders and we're still stuck with Google and Apple. This is what you get with a duopoly
That's similar to the process of enabling developer options on Xiaomi phones, for the last 5 years
This instruction set should be linked in the Urbandictionary definition for Kafkaesque
I'll repeat my question from a while ago. Is the official Temu app, available on the Play Store, still full of questionable malware / spyware code?
If so, it's clear that none of these changes are actually to protect users.
If you login, log out they don't prompt you with the security warning on Android TV.
So can it be breached by turning off networking and setting the date forward a couple days?
It fun to see how they know exactly that really no one is trusting them.
It's a little inconvenient for someone setting up a new phone to have to wait a full day to install unregistered apps. But while I can't speak for others, it's a price I'm personally willing to pay to make the types of scams they mention much less effective. The perfect is the enemy of the good.
How would you feel about needing to wait 24 hours to visit an "unapproved" website on your phone? You would pay Google/Apple $25 to get whitelisted so people can browse to your personal website without getting a scary security message.
This is the same thing since it applies to all apps, not just apps that need special permissions.
I don't think it's fair to extend the analogy to what amounts to censorship of websites since that's not the system they're proposing. Also isn't the owner of a website already identifying themselves when they register their domain name and/or rent a server? I think this is not the same as downloading an app by an unknown developer.
From the article I understood this to be a one-time delay, as opposed to having to go through the same waiting process for every single "unlicensed" app I want to install (which I would not accept). I'm just waiting 24 hours once to permanently change my device into a mode where I can install any app I like without any restrictions/delays whatsoever.
On what basis do you believe that it will meaningfully reduce the dollars lost or persons harmed by fraud, as opposed to simple shuffling around the exact means used?
Well maybe nothing ultimately changes. Maybe we end up in a world where Android users have to wait 24 hours to change a setting so that their devices will install any apps they want, from then on with no further delays. But this seems to me like a relatively low cost for a potentially huge benefit for victims.
Give me a break bro. Google are among the biggest crooks in the game and knowingly allow all kinds of fraudsters to use their ad platform. This is all about ensuring their cut.
A king wanted to test the complacency of his subjects. He put a toll on a bridge. There were some noises but eventually everyone got used to it. He slowly kept increasing the toll, which came with increasing noises which would all eventually subside. He decided to take it a step further. He proclaimed that anyone crossing the bridge will be slapped by one of his guards. This time the protests were stronger and getting bigger. He thought "thank God my populace has woken up". He went outside to meet the leaders of the protesters and asked why are they protesting. The leaders said: "you started taking toll, we said nothing, you kept increasing it, we said nothing. But with this new policy, there's only 2 guards delivering the slaps, leading to huge line ups. So we demand that you employ more guards at the bridge to ensure faster slaps and smooth flow of traffic."
Switch to GrapheneOS
Newspeak is the trademark of oppressive regimes. Can we please not overexert ourselves in trying to please the global tech companies by pre-emptively changing our language?
Google details new process to install unverified Android apps. The sentence is much more clear using established language. Not "side-load", whatever that means.
Seems like a very reasonable compromise. What's the catch?
I don't find it reasonable that Google wants to make me wait 24h to install software on a device I own.
Meh. I get the annoyance, but it's a one time cost for a small subset of their users. I would prefer if there was a flow during device setup that allowed you to opt into developer mode (with all the attendant big scary warnings), but it's a pretty reasonable balance for the vast majority of their users. (I suspect the number of scammers that are able to get a victim to buy a whole new device and onboard it is probably very low).
2 replies →
Get with the newspeak, it's called "sideloading" now and your corporate overlords get to dictate the terms.
They'll just remove the "Advanced" ability in a few years once they've frog boiled people into jumping through hoops to use their phone the way they want.
Developers, including non-US citizens, are forced to give Google their government ID to distribute apps. This enables Google to track and censor projects, like NewPipe, an alternative open source Youtube frontend, by revoking signing permissions for developers.
>Developers, including non-US citizens, are forced to give Google their government ID to distribute apps.
Developers can choose to not undergo verification, thereby remaining anonymous. The only change is that their applications will need to be installed via ADB and/or this new advanced flow on certified Android devices.
Either way, you can still distribute your apps wherever you want. If you verify your identity, then there are no changes to the existing installation flow from a user perspective. If you choose not to verify your identity, then the installation will still be possible but only through high-friction methods (ADB, advanced flow). These methods are high-friction so anonymous scammers can't easily coerce their victims into installing malicious software.
4 replies →
This. Side loading being restricted is only one part of the problem; the other is mandatory developer verification for apps distributed through the Play Store.
That's not correct - the flow described in the post outlines the requirements to install any apps that haven't had their signature registered with Google.
That means those apps still keep on existing, they are just more of a hassle to install.
I don't see that on the page
5 replies →
This is downright wrong.
2 replies →
That I have to wait 24 Hours on my own device to install software?
Those working in Google (AOSP) that write these code should be ashamed of themselves. Eventually they are doing a bad thing for the society.
Is this in AOSP? I was assuming the changes are to GMS. I should hope that no distributor of AOSP(-based) images include this code anyway so it's just on the google devices
"Sideload", "unverified"!!! Woaa, careful now, we can't guarantee for anything!! Danger, danger!
How much can you twist words and language to engage in fear mongering? The headline could just as well have been "install", and "free choice" and "Google gatekeeps".
Malicious compliance.
So convoluted... that's all I gotta say.
Judging by the comments sideloading plays a major part in everyone's life. What apps do you sideload guys? Why those apps are not in a store?
F-Droid. And also by Google's definition, everything I install from F-Droid. So Antennapod (Podcasts), ConnectBot, DAVx (sync my Fastmail calendar to my phone), Etar (Calendar app), Jellyfin (media player), Jiten (JP dictionary), KOReader (ebook reader), OsmAnd~ (Maps), VLC.
Meanwhile from the Play Store I have Bitwarden, Firefox, 2 banking apps, a few airline apps, Wireguard and Whatsapp. So I actually have more from F-Droid than the Play Store from what I regularly use.
Why not grab Fennec from f-droid as well? It used to also have more features, I'm not sure if that's still the case but might as well go with the open source build
> What apps do you sideload guys?
I sideload no apps. I install most apps from either F-Droid main, or an other repo.
> Why those apps are not in a store?
All of them are in a repository. Just only the state sponsored ID-app is only available via the ad-infected Google RAT delivery service, also known as Google Play.
Every non-stock app on my phone was installed from an APK directly downloaded from the manufacturer or open source developer's site / Github releases. I've never had a Google Play account and have never used any Android "app store".
I switched from iOS to Android about three years ago. I saved all the APKs for everything I installed (or updated). When I got a new phone last fall it was pleasantly like geting a new PC. I imported my SMS and contacts from my last backup, then installed all the apps I use and imported or manually set any settings I wanted to customize.
The biggest pain was having to manually logon the couple of sites I allow to keep persistent cookies since device owners aren't allowed to just import/export cookies from mobile Chrome.
I _install_ apps through F-Droid, because on average, they are much less user-hostile. Less tracking, less accounts, less shenanigans. Built for usefulness rather than profit extraction. Which apps it shows is also 0% influenced by ads and other commercial value, whereas on Google's store, it's the opposite as it's the biggest factor.
> Why those apps are not in a store?
Why'd I put my app into their store if I don't agree with the store owner's policies?
I primarily go for apps via obtainium and fdroid. I go to Aura if I have to. GPlay if absolutely required (and I actually have to have the app)
Would Obtainium continue to work? I like the freedom of entrusting developers I know and installing APKs from repositories instead of restricting myself to app stores whose publishers have to be identified and approved by an advertising company.
Can I keep this freedom?
Even if all my apps were from Google Play, it's not up to Google to remotely decide what code I can and cannot run on my device. Especially important when talking about whole population.
I install from F-Droid when possible. It has less noise, and all apps are free as in software.
There are some true gems such as:
- NewPipe
(I'm not sure if you wanted to edit in entries or if this was our cue :D)
Apart from why "those apps are not in a store", there's very good reason to want to use an alternative source for your applications. F-droid is a far safer source than google play is, because they actually vet the source code and project and build it themselves. You are far more likely to download malware from google's official 'safe' sources than from F-droid, and hence it's my first option when searching for simple utility applications because the top results on google play will be utterly infested with ads and tracking at minimum.
This is ridiculous, most malware is shipped by google itself through the playstore.
This is eminently reasonable.
Now if only Android would allow for stronger sandboxing of apps (i.e. lie to them about any and all system settings).
I think it's only reasonable if you can install updates without having to do the whole dance (assuming you do the 7-day rather than permanent unlock).
But you're not balancing anything, just saying that you are
What? No requirement to personally bring in a form in triplicate to the Google office in Siberia, of course notarized by the Pope and Zendaya, and simply prove it was signed on the moon.
So much hassle to enable sideloading that I just... don't want to use Android? Having to go through 5 different menus, 3 different warnings AND wait 24 hours to install F-Droid? fuck no.
Yet more reasons to keep using an old rooted Android for as long as possible and contribute to any efforts that make it easier to do so. I suspect the reason Android become dominant was the ease of modding and the community that created, and now they're trying to turn it into another authoritarian walled-garden like Apple. To paraphrase the famous Torvalds: "Google, fuck you!"
"Those who give up freedom for security deserve neither."
This comment makes no sense to me. As an individual user, opting out takes 24 hours and is much easier than rooting. Either your criticism is that this is prohibitive for too many users who aren't likely to care enough to ever root their phone (which might be fair, but your response doesn't fit) or it is that Google is locking down the ecosystem for some nefarious purpose (they're evidently not).
or it is that Google is locking down the ecosystem for some nefarious purpose (they're evidently not).
Most of the comments here seem to agree that they are. Some people have clearly been so brainwashed that they can't figure it out.
2 replies →
A big problem that causes gullible people to follow scammers guidance is that real software with legit and important functionality is often utter crap and requires regularly dismissing various big red warning screens like expired or misconfogured ssl certs on the web, etc. People are taught to not take warning screens seriously because they often have to be bypassed for legit reasons.
The criticism against this decision seem to often miss the point of it IMHO.
Let's be realistic, there IS a problem with sideloaded apps being downloaded by ignorant people, and they do get scammed/hacked or whatever.
This leads to unhappy people complaining to their banks, politicians and media, these in turn starts lighting a fire under Googles bottom.
So, my point being, how do we solve the ACTUAL problem with rogue apps then?
Imagine if Microsoft did that with Windows. Absurd. The difference between Microsoft and Google seems to be that Microsoft accepts a small fraction of not-so-bright users getting scammed, because this is obviously much less bad than locking down the OS for everyone. (I say this as someone who is usually much more positive about Google than about Microsoft.)
such a bummer man, might as well go back to apple i guess..
I’m often annoyed at the 10 second timeout when installing Firefox extensions - 24 hours is beyond egregious. Telling me to come back tomorrow to install software on a device I own is a giant “fuck you”. Pretty sure I’d rather they banned side loading outright than this
is it 24 hour per app or to enable sideloading at all?
From my read, it's explicitly a one-time thing. Presumably that means that even if you pick the "allow for 7 days" option, you can re-enable it after that without a delay (maybe with a reboot?).
I hate this. GrapheneOS all the way. I'll never purchase devices that force this on users without a simple way to opt out. I'm done with Google. Glad I cut all ties with that entity over the last few years. Just despicable.
They have now successfully turned the temperature knob from 2 to 5. I wonder what 7 will be.
Non-playstore applications will have restricted access(sms/telephony), and bit by bit the screws will be tightened.
"Only 0.0004% of the userbase installs after the initial 24 period, greater than x% take 48 hours or more so the 24hr window is now 72hr", and repeat until its all nice and locked down for them.
"Your google play account will now need ID to prevent children accessing adult software" will come along not long after. For the children.
-.-
"Don't be evil" how far we've fallen.
dear google: fuck off and die. May something worth the resources it consumes grow from your fetid corpse.
And now we see why Android never really was Linux.
Does it have a Linux kernel? Of course. But this isn't a free operating system.
Most of the problems are with the ease of modifications. Regular Linux based distro, with it's shared library model, masses of packages, and a proper packaging system, etc., will allow you fairly easily to just take any package, patch it however you like and just re-compile and install just the updated package. It's usually not a very hard process (well, Debian...) but there are distros where this is very simple, like Arch Linux, or Slackware.
I mean how do I just take some random Android phone and patch out something I don't like in one of the apps, or improve some behavior I don't like in one of the core libraries (like allow the fucking phone to be fucking woken up predictably by a background app, without some stupid mean-well logic trying to prevent predictable behavior, because waking up for 500ms every 5 minutes is "draing the battery too much" or some such nonsense)
There's usually not even a SW distribution, let alone a sane system for updating just one thing, without downloading 3 HDDs full of dev dependencies and re-building everything. Then HW is locked down, SW is locked down on purpose and just by sheer hostility to incremental individual small changes.
Whole ecosystem has to be designed around the FOSS ethos of giving the user access to code for purpose of them being reasonably able to actually do something with it to incrementally improve their experience, and not just to look at it pretty.
RHEL isn't Linux either then?
It's more complex than that.
RHEL has Fedora upstream. There's a group of people who regularly contribute to those projects on their own time and the userland for Fedora is made up primarily of FOSS where people routinely try to consolidate popular features into main code branches. There's a truly free software project that is the main project that someone provides paid support for. Fedora drives the evolution of the system; RHEL just gives a way to make that evolution palatable to the suits.
Android has the AOSP but it's not the driver of Android as a platform. For the most part, the evolution is driven by a bunch of closed-source applications that Google and OEMs happen to run on Android. Those parties derive competitive advantage and brand identity from the proprietary code that runs on top of the Android OS, and don't make a habit of merging much of that into the project. There are the system-wide improvements that get updated, sure, but the ethos is not to keep the code moving up the chain into the project so that anyone can take it and do what they want with it for free.
It's a hard difference to describe but it's there.
A lot of you have never seen your loved ones get some shitty app on their phones and it shows.
If android security is so fucked that the 24 hours helps, why do they maintain it has security?
> Wait 24 hours
Man, fuck Google. I hope this bullshit is struck down by government regulation as malicious compliance to 3rd party app stores.
I wonder if GrapheneOS will have the same level of user-hostile bullshit. That may be my salvation board right now.
Sailfish OS would be great, but unfortunately my banks don't seem to play along with it.
I hate to say it, but I'm somewhat in agreement. I don't know why there's a allow 3 days/allow forever option. That's the only thing that's suspicious.
Assuming the requirements are actually justified, this seems like a tolerable compromise.
We need to get Epsteinist Interests out of our tech.
Corry's enshitification is in charge
The constant sociopathic nudging from Google to do this or that to use something that was absolutely normal before or to enable something I didn't want and slowly removing reasonable options in favor of their dark pattern preferences was what made me to degoogle ~10 years ago, and they just seem to continue on the march to their dark side unconcerned.
stopped reading at "combating malware"
[dead]
[dead]
[dead]
I think most people here live too much in their tech bubble and don't realize how dumb the vast majority of people are when it comes to tech. I know that feeling myself that you lose the grip to "reality" when you are too much into tech, but after dealing a bit with "ordinary" people, I do understand why Google wants to do that. Most people have absolutely no idea about tech at all. So many people don't even know what exactly a browser is, what a "tab" means or can't even get to install an iPad. Google mainly has to take care of these people, not people who install apps using F-Droid. Go to the streets and ask strangers if they know what F-Droid is, and if they don't, try to explain it to them. The 24 hour wait period looks like a good trade off to me. Still allowing experienced users to install apps, but the majority of people will be protected, and it won't even affect most people.
And no, I'm not a bot or some pro Google activist, check my github account, I even use GrapheneOS myself.
Scammers have no problem waiting 24 hours, so this doesn't protect incompetent people at all.
I'm not in agreement with most of you, hn. They've found a decent compromise that works for power users and the general population. Your status as a power user does not invalidate the need to help the more vulnerable.
Having to wait a day for a one off isn't a big deal, if they kept it looser then you'd be shouting about the amount of scams that propagate on the platform.
Same with bootloader unlocking isn't it?
Ah, its not much, just an email away ...
oh, not much it's email and a phone call away ...
Just wait 7 days ... no, it's just a month, and only one device par account? What's wrong with it? You are overreacting
Wait! Why you want to unlock your boot loader, only 0.000001% does it. You are abnormal, not the mass user
Fool me once it's on you Fool me twice ... it's on me.
We are already over twice, but none the wiser.
All Google Pixel phones still have unlockable and resignable bootloader.
1 reply →
You can buy a Pixel instead of a Xiaomi.
2 replies →
This helping the vulnerable framing is naive at best. This is about an American ad company consolidating their power over what people can do with devices they bought and are reliant on daily.
Helping the vulnerable should not involve that. If your only idea on how to help the vulnerable involves that, think of better ideas.
At some point we need to start wondering if it's not just naivete but intellectual dishonesty. The same American corporations that claim to be imposing draconian control measures to "protect the vulnerable" are, at the same time, exploiting those very same vulnerable people to the best of their ability. Take Google, they have no problem showing ads for scams in Youtube and Google Ads. There is mounting evidence that their recommendation algorithms for Youtube, shorts, etc. negatively affect mental health, especially youngest ones. But it makes them money, and they've zero interest in preventing that or changing it.
And it's not just Google, it's the m.o. of all large corporations. Another example is Epic Games, they advertise how they will fight in court against big companies like Google and Apple to defend their users. Yet they've gotten fined repeatedly for amounts in the millions, for predatory micro-transactions, and misleading minors into spending money without the consent of their parents.
Time and time again it is proven that everything these companies do, it's always for the benefit of their bottom line, and consideration for their users does not even factor into their considerations. This is no different, they want to push it because it will give them more control or make them money, and it either won't protect anyone, or that's just an unintended side effect but a good way to market it.
But this is very rich from them given they serve scam ads with impunity.
I'd say this has nothing to do with preventing scams, but to make independent software more difficult to distribute.
Sure, I believe that the likes of Meta, Google, and god damn Microsoft who enabled mass brutal persecution of millions of people for money (engaged in recording and analysis of phone calls of Palestinians), care about vulnerable individuals, and not just about stuffing their pockets with more and more money by the means of increased control over "their" platforms.
They sure spend billions to "help the vulnerable". Right. Like Meta here: https://github.com/upper-up/meta-lobbying-and-other-findings
My personal hard line is having to ask Google for permission to sideload. Even if it's free and no personal info is exchanged. This new process is annoying but I can see it helping prevent scams.
>Having to wait a day for a one off isn't a big deal
It's my phone. It's my software. Period.
The general population is deterred by burying a setting deep. Waiting is a dark pattern and we're not idiots.
Scammers can coerce people into ignoring warnings if they convince them their entire life savings are on the line. It's hard to do if you need to wait 24 hours before the setting unlocks.
4 replies →