I use LineageOS. Will this affect me? I’m getting unclear answers. Someone told me that the apps will be forced to verify the OS.
Google Confirms Non-ADB APK Installs Will Require Developer Registration
Submitted 5 months ago by mesamunefire@piefed.social to technology@lemmy.world
Comments
jsomae@lemmy.ml 5 months ago
randomaside@lemmy.dbzer0.com 5 months ago
Literally TODAY someone I know installed an application called “PDF viewer for android” that had a green adobe icon and it started wrecking absolute havoc on their phone with pop ads and redirects to scam support sites.
The AppStore is full of this shit.
foremanguy92_@lemmy.ml 5 months ago
Again not on custom ROMs.
(And could help the push of new alternatives os)
Ferk@programming.dev 5 months ago
If it’s easy to patch this out, I wonder if there will be manufacturers that will choose to do so for their official ROMs. It would be extra value for the brand, imho. A reason to choose, say, Samsung, over a Pixel phone, if Samsung were to patch this restriction out, for example.
foremanguy92_@lemmy.ml 5 months ago
I didn’t read the terms but I think this is against Google terms of services, so sure you can patch this out but as a company you would suffer legal actions or would be forced to remove Google services from your devices.
Samsung will just ask Samsung Store devs to be registered
ZILtoid1991@lemmy.world 5 months ago
How long until they patch out getting developer mode working on you phone without a registration, requiring you to pay for it and also take a “short” AI generated crash course in app development and monetization?
masterofn001@lemmy.ca 5 months ago
So, will an app like this
codeberg.org/muntashir/AppManager
which uses (w)adb, be able to install apk as I currently do?
Or will they also fuck this up ?
Peruvian_Skies@sh.itjust.works 5 months ago
They won’t fuck this up YET. If AppManager doesn’t currently use ADB to install APKs, it van be made to. So can any F-Droid or Aurora Store client.
However, I’d say that the odds that Google will stop at this certificate demand and will not eventually try to paywall ADB somehow are currently 0% in my estimation.
Mohaim@lemmy.blahaj.zone 5 months ago
This is the final push I needed to switch to GrapheneOS. Thanks Google! Now, if only I didn’t have to give Google money for the Pixel so I can install GrapheneOS.
jsomae@lemmy.ml 5 months ago
You can use LineageOS on your existing non-pixel android phone, instead of purchasing a pixel.
NuclearDolphin@lemmy.ml 5 months ago
This will kill the FOSS app ecosystem regardless. Android forks of any form should be abandoned. GrapheneOS can be a decent stopgap though.
ricdeh@lemmy.world 5 months ago
Sorry for the downvote, but I see this take repeated here on Lemmy so often and it just makes no sense. This will not kill the FOSS app “ecosystem”. Nothing whatsoever changes for FOSS ROMs like LineageOS or GrapheneOS. And as long as there are FOSS operating systems, apps will be developed for them. If anything, this could drive mainstream adoption of free/libre Android forward, re-invigorating the scene through public outcry.
And to the people who propose fully jumping ship from Android to “Linux phones” because of Google’s recent changes, you would only make the app support matter worse. As someone who daily drives both a phone with LineageOS and one with postmarketOS (mainline-ish Linux), mobile app support is endlessly worse on Linux than the fallout from Google’s developer registration could ever be. That is not to say that Linux phones will not eventually get to a point of reasonable maturity, but it is way too early and frankly utterly irrational to bury AOSP Android or needlessly hate on it.
cupcakezealot@piefed.blahaj.zone 5 months ago
i love how google will basically destroy the worlds most popular mobile operating system just to protect youtube premium revenue
Holytimes@sh.itjust.works 5 months ago
Honestly at this point they actually likely need to be EVEN MORE strict to deal with how bad the app store is and how many scam apps are floating around.
My grand father has been given like 30 scam apks to install via email that we’re just crypto ransomware basically, and he’s had to reformat his phone at least 10 times this year from installing scam shit from the playstore it self too.
Both the playstore AND scammers are target android like crazy
There’s basically no way to crack down on it short of what they are doing and frankly it’s still not enough.
Anyone who thinks this is just Google being evil is massive fucking out of touch with the reality of what elderly and less it savvy people have to deal with. It fucking SUCKS.
GaryGhost@lemmy.world 5 months ago
They should just display more warning’s or safeguards, they don’t have to remove it completely. There’s several apps that I use that google would never let register. :(
jsomae@lemmy.ml 5 months ago
this is exactly why google should have been broken up.
mesamunefire@piefed.social 5 months ago
thats my theory too.
merdaverse@lemmy.zip 5 months ago
Ok, fuck this crap. This was the main reason to prefer Android over iOS. Going to start trying out some of the FOSS Android forks
nlgranger@lemmy.world 5 months ago
Google has stopped releasing parts of android as open source and it releases some as a code dump without the modification history to make harder to use. Android forks are going to struggle to keep up.
masterofn001@lemmy.ca 5 months ago
I wonder if any and everyone who has ever contributed code under whichever open license was used could sue the tits off google, not as a class, but thousands upon thousands of individual lawsuits, for breach of terms of said licence/contract.
User79185@discuss.tchncs.de 5 months ago
Hold up, why all this crap… when most of the malware/infostealer is on Google Playstore… and googling itself is doing it. So what exactly security it is?
rmuk@feddit.uk 5 months ago
It’s called “eliminating competition”.
boogiebored@lemmy.world 5 months ago
Get fucked
squaresinger@lemmy.world 5 months ago
So now 3rd party app stores need an ADB loopback to work around that.
Not hard to do, but uselessly annoying.
AI_toothbrush@lemmy.zip 5 months ago
I think you can already do that with shizuku and dome fdroid clients. It also makes using 3rd party appstores more convenient just in general.
General_Effort@lemmy.world 5 months ago
That’s only if the apps distributed are unverified. Mind, the EU already requires app stores to document the identities of devs, but there are loopholes for Small enterprises. In 2027, manufacturers need to document the identities of their suppliers. There are still exceptions for non-profit open source projects, but that’s not what Google is. Surely, no one here wants Google to avoid regulations by investing in open source.
aquovie@lemmy.cafe 5 months ago
I believe F-Droid signs the packages it distributes so that creates a painful choke point. Revoke F-Droid’s key and it will break all of F-Droid instantaneously. The only exception for F-Droid’s signing is if the build is reproducible, which is a high bar for a lot of projects, and then F-Droid will use the upstream signature.
Also, they’re trying to close the ADB loophole.
Fiery@lemmy.dbzer0.com 5 months ago
Installing the third party stores would be way harder than it is right now if they do that though. No way the devs of e.g. f-droid are getting a verification on an app that bypasses Google’s new ‘safety measures’
squaresinger@lemmy.world 5 months ago
I could imagine something like Sidequest happening on Android.
Suavevillain@lemmy.world 5 months ago
We really need some money poured into the Linux mobile space because this is a terrible direction to go.
aquovie@lemmy.cafe 5 months ago
Plain AOSP is already pretty brutal. An alternate OS is practically a non-starter. Phones aren’t just web browsers and SMS.
- Tap-to-pay
- Including transit fares
- Bank apps
- RCS messaging
- MFA and security apps
- Work profiles
- Streaming media that’s not 480p
Not to mention that the camera is going to suuuuuuuuck.
Forking or improving AOSP is more viable but none of the more mainstream ROMs want to piss off Google. That’s why most LineageOS forums forbid talking about defeating Play Integrity.
ZILtoid1991@lemmy.world 5 months ago
Also no GPU driver, because even if the manufacturer does actually provide it, some nerd within the community will block it for not being “free software” enough and that “for light 2D applications, CPU blitter is more than enough”.
- Tap-to-pay
PrettyFlyForAFatGuy@feddit.uk 5 months ago
dug my pinephone out of a drawer yesterday and gave it a whirl. still pretty rough unfortunately even after updating postmarket os.
Cool being able to SSH into my phone though
Dojan@pawb.social 5 months ago
Cool being able to SSH into my phone though
I thought you could do that on Android?
Suavevillain@lemmy.world 5 months ago
I’m still hoping they can get to a state for more general users. I really want one still. I need a Linux phone doing the old sidekick designs.
VintageGenious@sh.itjust.works 5 months ago
We need better Mobile Linux / Android distros
snoons@lemmy.ca 5 months ago
ThIs ApPLicAtIoN iS DaNgErOuS
MonkderVierte@lemmy.zip 5 months ago
Free market and openness my ass.
excral@feddit.org 5 months ago
Is this even legal in the EU. The majority of phones in the EU are Android phones so this effectively gives Google control over what apps can be installed to the majority of phones. I thought the Digital Markets Act was designed to prevent exactly this.
lengau@midwest.social 5 months ago
This is essentially Google moving to do what I always thought was Apple’s malicious compliance on the DMA, but which European courts seem to have accepted as just fine. I’m pretty miffed at Google for sinking to Apple’s level on this.
MrScottyTay@sh.itjust.works 5 months ago
I think some recent EU proposals that make Google responsible for ensuring users can’t install malicious apps is what have caused this to happen though. I could be wrong but I think I remember hearing about that.
DeathByBigSad@sh.itjust.works 5 months ago
Google will become the exact same as apple, third party stores are technically “allowed”, but requires Google’s official stamp (digital signature), it’s same with Apple.
A corporation like Epic Games will be left alone since they can afford lawyers. An open source volunteer dev making a Youtube alternative client will get their certificates revoked under dubious “ToS Violation” claims and they won’t have money to sue.
Squizzy@lemmy.world 5 months ago
It’ll be a battle and then they’ll get knocked and so on and so forth until we get these lazy cunts out of politics and break up the fuckin tech companies.
brucethemoose@lemmy.world 5 months ago
Man, I miss my jailbroken iPhone 5.
It was like having your cake and eating it, and somehow its stock (much less tweaked) UI is less clunky than whatever TF Apple has done to my discount 16.
FireWire400@lemmy.world 5 months ago
The UI in iOS 26 looks like Windows Aero on Crack, and not in a good way…
Wispy2891@lemmy.world 5 months ago
Can someone “redpilled by corporate” explain me how this policy actually increase security?
It’s trivial for a malware developer to pay $25 with a stolen card and a stolen id
Look at the “verified” bots on xitter, they didn’t solve the bots problem, rather just monetized it
csolisr@hub.azkware.net 5 months ago
Corporate needs to have somebody to sue in case of a policy violation. Very especially those debloated apps that float around the web - they need to ensure they have a physical person to pin the blame to in court.rumba@lemmy.zip 5 months ago
It’s not about stopping malware; it’s about being able to act on malware.
Making a new account with a new phone number and new credit card is a minor barrier to entry.
That said, it’s a cool story, but I think they’re looking to stop vanced style patching.
killeronthecorner@lemmy.world 5 months ago
The vast majority of malware isn’t delivered via play store because of the existing measures and protections they have. Same reason you see very little app-store-based malware on iOS. DISCLAIMER: YES MALWARE EXISTS ON APPLE HARDWARE PLEASE DON’T SHOUT AT ME. Talking specifically about anything installed via first party stores on both platforms.
Their main issue is this: dumb people install apks from spurious website and infect their phones. The least controllable and most pervasive factor here is the intelligence and knowledge of the user which cannot be controlled for by Google. So by eliminating the ability to exploit this entirely, it will eliminate that kind of malware.
It’s a sledgehammer solution that naturally comes with many downsides like disrupting intelligent and knowledgeable users that just want to hack around with FOSS and such.
Google is relying on It being too expensive for malware creators to have to guide each individual user through adb installation and usage process just to get access to their phone. Most scammers only do that level of interaction to extract actual cash/gift cards from the target.
I am personally and directly affected by their decision in many negative ways, but I’m not so dense as to not understand why they’re doing it.
/corpodronespeak
prole@lemmy.blahaj.zone 5 months ago
Their main issue is this: dumb people install apks from spurious website
No they don’t. Most people don’t even know what an apk even is.
Wispy2891@lemmy.world 5 months ago
yes, of course malware is distributed via apk.
But what’s the difference between:
- malware that signed anonymously and then, when its signature is identified, it’s removed via play protect
- malware that is signed with a stolen identity and then, when its signature is identified, it’s removed via play protect
?
Does not change anything for malware distribution, except bother them for a dozen minutes meanwhile they “verify” their stolen ID
General_Effort@lemmy.world 5 months ago
Google is doing this to comply with EU regulations supposed to increase security. Now imagine that Google was pushing back against this instead of complying. As per usual, Lemmy would be up in arms against Google for failing to protect people’s data and not complying with our laws and culture. You’d be downvoted to oblivion for asked that question and called a corporate bootlicker.
I think these rules come from German legal culture, which traditionally has a strong need to control information exchange and processing.
Wispy2891@lemmy.world 5 months ago
the way they originally phrased it, it was seemingly because of authoritarian governments like singapore wanting to exert more control (hey google, can you revoke the certificate or doxx this dev for us?) and then they realized that they could make more money if they extended this block worldwide
Reginald_T_Biter@lemmy.world 5 months ago
I presume they are implying that the play store review process will catch compromised apps? Not likely considering how many dodgy apps have been found on play store. It’s just another controlling act.
FreedomAdvocate@lemmy.net.au 5 months ago
I would assume that you won’t just be able to register with a stolen id and stole card.
Wispy2891@lemmy.world 5 months ago
if scammers can open a bank account with stolen identities, i’d assume google, which is entirely run by bots without any human oversight, wouldn’t have a better detection
SaharaMaleikuhm@feddit.org 5 months ago
It’s a lie. Google just wants control.
Wispy2891@lemmy.world 5 months ago
screenshot of official announcement with suspiciously low upvotes
Found the 91 Google employees
Matth78@lemmy.zip 5 months ago
Hope they would be sued in America and Europe for it. I can’t believe it will be OK… And can’t believe they clearly think it will be.
csolisr@hub.azkware.net 5 months ago
Sensitive Content
Calling it already, one of the most popular apps around will be a wrapper around ADB in order to install new apps - maybe Shizuku or Sui?fnrir@lemmy.blahaj.zone 5 months ago
Shizuku?
Allero@lemmy.today 5 months ago
App that mimics wireless debugging device and allows you to access ADB functionality locally. Widely used to perform actions that are normally unavailable on non-rooted devices. Some apps rely on functionality provided by Shizuku - for example, Canta, which allows you to delete any app, including undeletable pre-installed ones.
themachinestops@lemmy.dbzer0.com 5 months ago
If Fdriod could incorporate this it will not affect them.
twinklefruit@lemmings.world 5 months ago
I wish I could tie whoever made this decision to a radiator and face judgement.
lechekaflan@lemmy.world 5 months ago
muusemuuse@sh.itjust.works 5 months ago
I was about to switch to android but ended up with another iPhone because of Google killing the only reasons to use android.
I like my air but I’m still waiting for what I really want. A viable Linux phone.
Duke_Nukem_1990@feddit.org 5 months ago
A viable Linux phone.
I am eyeing the Jolla C2. Gonna use GrapheneOS for as long as possible, but if all else fails I will use the shittiest Linux phone over this Google/Apple nightmare.
SaharaMaleikuhm@feddit.org 5 months ago
Google is building a walled garden, so I went with this other walled garden instead.
You people have zero logical consistency and I’ve seen so many such comments on reddit. I want to pick your brain and figure out how you can roll over THAT easily for corpos.
muusemuuse@sh.itjust.works 5 months ago
I was looking at a pixel fold running grapheneOS. Google is making changes that I dislike and realistically cannot avoid so why jump ship from my existing walled garden into one that’s just now starting to from, with even worse privacy and a business model totally dependent on violating as much of your privacy as possible?
The future of graphene and other third party roms is uncertain but I needed to upgrade my phone. My screen was cracked but usable but once I remove it to replace the battery I won’t be able to reinstall the single piece of glass and by that point I’m halfway to a new phone anyway.
For now, I’m okay with my air, but I know me and Apple are on not going to be together long term. I’m pulling off the cloud and breaking up dependancies one by one so, but as far as phones go, there isn’t a viable option quite yet. It’s definitely coming but it’s not here yet.
We need to break free from both Apple AND Google. Borrowing from Google to make another rom but still being dependent on them to keep your project alive and supported is no longer an option. We need a clean break away from them.
I can foresee a phone-like pocket computer running Linux that doesn’t have cellular capabilities at all. American cell phone companies weren’t crazy about supporting windows phone a many even blocked them from joining their networks. We are starting to see the same shit with Linux phones now. But most people don’t need data everywhere. There’s wifi where people like me actually use it. And so I can see a market for a voip service for phones that lets you use them like mobile landlines. For simple texts, a network of Lora packet radios would suffice and reticulum seems to be up the task of serving that need.
Costs are increasing and our dependance on these devices are changing so not every problem we have with Linux phones will need to be solved by the time that such devices get off the ground. We have options for tomorrow.
But today, the iPhone air was fine for me.
scratchee@feddit.uk 5 months ago
Or maybe “if I have to be trapped in a walled garden, why would I pick Google’s shitty one?”
Baguette@lemmy.blahaj.zone 5 months ago
I hope google fails as a whole in the near future and gets dissolved once and for all. Sick and tired of tech companies trying to be sources of authority, working with authoritarian governments, and dictating what you can and can’t do.
architect@thelemmy.club 5 months ago
I’ll be honest, tech got us by the balls… and they know it.
medem@lemmy.wtf 5 months ago
No they don’t. There are viable, open source alternatives for 99% of the software/services we use. The fact that people are not aware of it is already like half of the real problem.
DoucheBagMcSwag@lemmy.dbzer0.com 5 months ago
Install with options bout to be my new best friend
Eagle0110@lemmy.world 5 months ago
Thankfully I have root, I’ll just simply hook into it runtime via Xposed to bypass this nonsense.
Seriously anyone who doesn’t have root on their Android devices these days and age, well may Google have mercy on you lol
goatinspace@feddit.org 5 months ago
Cyberflunk@lemmy.world 5 months ago
i bailed on android to join my family on ios, and i hate it. now i cant even go back comfortably. so… linux phones?
Sensitive Content
Petter1@discuss.tchncs.de 5 months ago
I smell revival of jailbreak days 😁
And maybe a peak of smuggling china android phones running chinaDroid with crapChecks