I can’t see this move by Google as anything but a power grab to reduce competition. If someone wants to bear the “risk” of installing software that hasn’t been vetted by Google, why does Google insist on being a nanny that makes it more difficult? Money, that’s why. Google is acting to try to enforce its monopoly over android apps. GrapheneOS, which is more secure than android, doesn’t make a fuss over this issue. No, this is only an issue with the company that hoovers up all your data in breach of your privacy.
From F-Droid to emulators, here's who's hit hardest by Android's new verification rules
Submitted 1 day ago by throws_lemy@lemmy.nz to technology@lemmy.world
https://www.androidauthority.com/android-app-verification-impact-3650447/
Comments
N0t_5ure@lemmy.world 1 day ago
plyth@feddit.org 1 day ago
I can’t see this move by Google as anything but a power grab to reduce competition
It locks down phones. Without sideloading the elite controls which messenger services can be used. They most likely can also secretly update apps and replace them with versions that leak the encryption keys.
With Google not being threatened by a competitor this essentially tells us that the elite is serious about moving to fascism.
It’s frightening to me that the comment has 85 upvotes but no reply that points this out.
inari@piefed.zip 1 day ago
Ironically, this may be a catalyst for better Linux Phones
xiii@lemmy.world 23 hours ago
It took 6-10 years for Android to take shape.
On Linux, every app has full access to your browsing history, clipboard (passwords), photos with geo-tags, music, list of other installed apps, contacts. Unrestricted battery and network access – it’s a tracking paradise. And all it takes is one supply chain attack on npm install with typical 4000K dependency packages
timestatic@feddit.org 21 hours ago
Thats why flatpaks exist for those kind of apps and sandboxes are very much possible on linux (even if not widely used for normal programs)
DupaCycki@lemmy.world 20 hours ago
Linux phones have already been around for many years. Right now we’re very close to Linux phones that are usable on a daily basis. Not as close to decent Linux phones, of course, but with the right (not at all unrealistic) resources it could be completely within reach in a year or two.
Also, Flatpaks exist and work pretty much just like Android apps.
bilb@lemmy.ml 1 day ago
Just in time for them to be practically outlawed, if my gut can be trusted. I hope not.
inari@piefed.zip 1 day ago
Dark times ahead…
ThomasWilliams@lemmy.world 1 day ago
You cannot sideload on Linux, not unless you’re some sort of mutant freak who can reverse engineer C code.
NewOldGuard@lemmy.ml 1 day ago
“Side load” is just language used to mean installing software outside of the official approved vendor store. Linux lets you install software from wherever you want, you’re not locked into a vendor or manufacturer ecosystem. So in a sense all you do is “sideload,” it’s just normal non-corporate OSes call that “installation”
Traister101@lemmy.today 1 day ago
Indeed, it’s just called installing there
JustAnotherPodunk@lemmy.world 1 day ago
Yeah we can do that. What do you think side loading means? Changing the name of an install doesn’t make it different. Back in my day we called it installing a program. Things changed. Then we called it downloading an app. Things changed. Now if it’s not approved it’s called side loading? Blow it out your ass.
Its a program. Take the training wheels off of the Internet. I grew up when this was a cautionary tale. But up and deal with the consequences or get out.
cmhe@lemmy.world 1 day ago
I guess you are joking? And mean “side-loading” as in injecting custom code via LD_PRELOAD and not the strange definition phone makers use for describing ‘installing an app’.
nathan@lemmy.permisuan.com 1 day ago
How would reverse engineering c code be side loading? You can get .deb, .rpm etc and install them on your distro as long as it supports the format, regardless of who developed the app, and honestly even if it doesn’t support the format there are ways. You can even compile the source code of more Linux apps, at least the FOSS ones, with just a few commands. If anything it would be more realistic to say you can ONLY side load on Linux
Lanske@lemmy.world 1 day ago
Ordered a Jolla phone with their SailfishOs (linux based). Time to leave android
FG_3479@lemmy.world 59 minutes ago
SailfishOS is heavily closed source and Jolla used to be linked to Russia with Rostelecom owning 60%+ of it.
Skv@lemmy.world 11 hours ago
Someone needs to bring back Symbian OS
ouRKaoS@lemmy.today 10 hours ago
I miss my old Nokia sometimes
versionc@lemmy.world 14 hours ago
Isn’t SailfishOS proprietary?
vimmiewimmie@slrpnk.net 19 hours ago
Would these work outside of Europe, say in the U.S. or Canada?
Lanske@lemmy.world 18 hours ago
They will work outside of Europe according to their website. Also it says on the website:
The initial sales markets are EU, UK, Switzerland and Norway. Entering other markets, such as the U.S. and Canada are to be decided due course based on potential interest from the areas.
We will design the cellular band configuration to enable potential future markets, including major U.S. carrier networks.
hamsterkill@lemmy.sdf.org 16 hours ago
Possibly at a base level, but not well. Most US carriers have a white list of devices certified to use their networks.
Crozekiel@lemmy.zip 18 hours ago
does VoLTE work? Basically all carriers in the us use this and we knocked down all of the old tech towers. My understanding is the EU still has all the old towers up for just voice calls and don’t need VoLTE to work.
Quick web search suggests it is a “beta” feature at best currently :(
timestatic@feddit.org 1 day ago
Thank god I run /e/OS. I just hope this won’t hurt the popularity of sideloaded apps too much, as this might mean FOSS apps becoming stagnant because they don’t receive as much attention anymore
Landless2029@lemmy.world 1 day ago
This is my #1 concern with this bullshit.
ReginaPhalange@lemmy.world 1 day ago
Hard agree. If I’m forces to only run barely used FOSS apps, then I might as well buy a linux phone.
FiberJungle@lemmy.ml 20 hours ago
For /e/os have adblocker? How’s the learning curve?
timestatic@feddit.org 17 hours ago
They have a tool called advanced privacy that tries to block in-app trackers. Adblocking is more a browser thing but the preinstalled browser does have it (although I use uBlock on Fennec, a Firefox fork). Theres really not that much to learn most things just work. The only thing you need to know is that some apps that rely heavily on Google Play Services might not work properly. For example Google Maps does not work (but the Webapp does or you can just use CoMaps or Osmand, something OpenStreetMap based). Generally I found the switch to be pretty easy. My banking apps all worked fine but I’ve heard some people have trouble with theirs. The App Launcher is kind of iOS inspired but I didn’t like it that much so I just swapped it out with Kvaerisito.
mrbutterscotch@feddit.org 1 day ago
I also use /e/OS. I’m not to versed in these things, but if I understand correctly from your comment, this decision by Google won’t directly affect us right? Only in the sense that it discourages developers to not support FOSS apps?
timestatic@feddit.org 21 hours ago
Yeah, it won’t affect you really. /e/OS is based off of AOSP and Lineage and the devs can just choose to keep it like it currently is. I haven’t really found a source for it but since theres like no official play store, and the lineage community would just patch out whatever google introduces (If this even reaches AOSP) I don’t think this will ever bother neither of us. The real threat comes from FOSS projects dying bc most Android users still use proprietary android
greencoil@lemmy.frozeninferno.xyz 1 day ago
Saving you a click:
Read the fine print carefully, and Google’s new app-loading processes aren’t as invasive as they could have been. For many users, nothing will change. Even for users exploring apps outside Google’s walled garden, the process is usually a one-time setup with a few simple steps and a short wait, keeping the experience virtually the same as it is today.
We have phone manufacturers who offer unlocked boot loaders as a feature, but require two weeks or more of device ownership, registration using personally identifiable info for an online account, and many times don’t even allow you to relock the boot loader. Despite all this hassle, these devices still get updated third party OS’s with Lineage and eOS.
Anyone who was publishing to FDroid already is not going to be annoyed about the 24 hour scare screen for users. The most inconvenient aspect is that they can’t use the same signing keys as a Google Play release, which they should never have been doing anyway. Its absurd that developers were using the same signing keys across all different distribution methods in the first place.
Zak@lemmy.world 1 day ago
Anyone who was publishing to FDroid already is not going to be annoyed about the 24 hour scare screen for users.
Bullshit.
It’s hard enough to get people to step outside the Play Store ecosystem. Any additional friction will greatly reduce the number who do, and the combination of a reboot and a long waiting period is a lot of friction for the average person.
patruelis@lemmy.world 1 day ago
24h now, a week next year, etc. Not ling to go before is fully enclosed.
greencoil@lemmy.frozeninferno.xyz 1 day ago
I specifically said publishing. Publishers/developers are not the average person. And the people installing third party apps on the user hostile platform of Android are also already dealing with friction. I’m more concerned with developers giving up because they need to do unacceptable ID verification, or are outright banned from development APKs entirely, than users giving up because “this takes too long…” Frankly, you ignoring the context of my post comes off as you just wanting to be angry.
I read the headline, I read the article, and I answered the rage bait presented in said headline. The impact of this change is “fuck all and nothing”. I’ve got plenty of web sites that are inaccessible without getting around geoblocks with a VPN. Been in communities shut down by corporate media throwing money and legal teams at denying their right to exist. Feels like everyone wants a federal ID to use an online service these days, and Google wont be that far behind doing their own version of it. But this update changes literally nothing for power users right now. Sorry that I’m not as upset because the slippery slope isn’t as steep as everyone else says it is.
If you really want something worth being mad at, get mad at the hardware manufactures who release hardware with proprietary firmware that only runs on Android. Wouldn’t be having this discussion at all if users were allowed to run completely custom software from boot. If there was an open standard for a battery powered device that could run a modern compliant web browser, and take SMS/phone calls, we could tell Google to kick sand. Instead we have an ocean of built-to-expire mobile phones that end up being “obsolete” within 2 years. I’m pretty sure the mobile carriers/ISPs have more control over what hardware is allowed to exist though. I should probably do more research on that.
Zedstrian@sopuli.xyz 1 day ago
The APK installation process is already more inconvenient than it should be, and now it will be getting even worse. There should be no difference in installing an APK via Google Play versus any other method; the fact that the process will still warn about ‘security’ each and every time after the 24 hour wait period shows that even for “advanced users” they want to make it as inconvenient as possible while claiming to still be keeping Android open.
greencoil@lemmy.frozeninferno.xyz 1 day ago
I agree. I do not want to come off as defending Google here. Things will get worse as they always have, and the sooner we got off Googles corporate platform, the better. Google has no business forcing themselves as a “trusted central source”, especially with all the evidence showing that the Play Store is a more common and successful attack vector than third party apks. Third party offerings should be as easy and accessible as Googles.
I guess I’m just really annoyed at the public response because it continues to be doom and gloom; as if open source app development was going to die overnight due to this one change. I’m pointing out that there is already more restrictive things on the Android platform, and big projects still exist despite that. As hostile as a development platform Android has been, a new one time, 24 hour scare screen is likely not going to be the final straw for developers.
ThomasWilliams@lemmy.world 1 day ago
The APK installation process is already more inconvenient than it should be,
You what. All you have to do is download the apk and then run it on the phone. HTF could it be any easier ?
JustAnotherPodunk@lemmy.world 1 day ago
If I paid a thousand bucks for a flagship phone, I should be able to install whatever the fuck I want. Full stop.
If I paid twenty bucks for a secondhand basic bitch ass phone I should be able to install whatever the fuck I want. Double full stop.
What’s your argument? I can’t do whatever I want with my device? Fuck off.
greencoil@lemmy.frozeninferno.xyz 20 hours ago
Cool, its never been like that and you kept buying Android devices anyway?
I’d like that too. In what way does “things should be better” counter argument “this update changes nothing”?
I’m gonna stop commenting honestly. Y’all just wanne be mad.
plyth@feddit.org 1 day ago
can’t use the same signing keys as a Google Play release, which they should never have been doing anyway
Why? Same author, same signature.
spirinolas@lemmy.world 18 hours ago
I’m curious, how does this affect EU users? Isn’t this against our rules?
DreamlandLividity@lemmy.world 18 hours ago
It’s trying to squeeze through a legal loophole. They have to allow apps from outside their appstore. But law does not explicitly say they can’t require them to be verified by google first.
Skv@lemmy.world 11 hours ago
So get a phone that can run AOSP and its many child roms and dont give a damn. Literally whole point of Android.
Now that US market has long since abandoned locking you into a contract for 2 years in exchange for a free flagship, and locking bootloaders on US models on top of that - just export whatever you want and magisk/aosp it.
This new limit is literally made for the savvy public who uses external apks and such and not the vast majority of room temperature IQs anyway.
Appoxo@lemmy.dbzer0.com 1 day ago
Nobody (for now),/as it can be easil, bypassed
ThomasWilliams@lemmy.world 1 day ago
There are many very good reasons to host apps outside the Play Store.
You won’t have to upload apks to the Play Store.
Nonsense story.
Neo@lemmy.sdf.org 16 hours ago
I wonder how much of this is about cracking down on Newpipe, ReVanced and other unauthorized clients.
RunawayFixer@lemmy.world 15 hours ago
My suspicion is that it’s because the playstore has become so awful that google is seeing the effect in their earnings. If customers get burned one too many times on a crappy app with fake reviews, then they’re not going to spend any money on anything else in the store anymore. So now Google tries to sabotage the possible alternatives, rather than try to fix their product.