I smell revival of jailbreak days 😁
And maybe a peak of smuggling china android phones running chinaDroid with crapChecks
i love how google will basically destroy the worlds most popular mobile operating system just to protect youtube premium revenue
thats my theory too.
this is exactly why google should have been broken up.
Honestly at this point they actually likely need to be EVEN MORE strict to deal with how bad the app store is and how many scam apps are floating around.
My grand father has been given like 30 scam apks to install via email that we’re just crypto ransomware basically, and he’s had to reformat his phone at least 10 times this year from installing scam shit from the playstore it self too.
Both the playstore AND scammers are target android like crazy
There’s basically no way to crack down on it short of what they are doing and frankly it’s still not enough.
Anyone who thinks this is just Google being evil is massive fucking out of touch with the reality of what elderly and less it savvy people have to deal with. It fucking SUCKS.
And I fucking hate these changes too, but even I cant say it’s enough. There’s too many fucking shit bag assholes ruining all the good things.
They should just display more warning’s or safeguards, they don’t have to remove it completely. There’s several apps that I use that google would never let register. :(
They also already have installation from external sources turned on by default.
Why the hell are we babying people who turn it off? They read the warning, they know the risks.
i agree
We really need some money poured into the Linux mobile space because this is a terrible direction to go.
dug my pinephone out of a drawer yesterday and gave it a whirl. still pretty rough unfortunately even after updating postmarket os.
Cool being able to SSH into my phone though
I’m still hoping they can get to a state for more general users. I really want one still. I need a Linux phone doing the old sidekick designs.
The main issue will be application support.
Linux running on the desktop in 2025 is helped immensely by everything being web based. So long as you have a browser you are fine for a lot of general computing.
The phone space is ruled by apps. The phone makers and the companies developing apps prefer it this way.
Getting a banking app, or Uber or Facebook Messenger to work on a Linux phone is going to be a massive pain in the ass (ignoring the rest of the OS which is definitely not even close to useable for the general public).
I would love a Linux phone but we are so far away.
The phone space is ruled by apps. The phone makers and the companies developing apps prefer it this way.
That’s true, but for everything non-free, they always end up having a perfectly working web app that will accept my money.
I’m sure there will be some sort of compatibility layer available. Android Linux based after all.
There already is! I had a Furi Labs FLX1 for a while and it was able to run Android apps surprisingly via Andromeda (their fork of Waydroid).
i’m just gonna switch to steam deck + gsm router
tbh part of the rough experience for me may be down to the hardware. the ubports version of the pinephone i have is quite low power. 2GB memory and a little ARM Cortex-A53
tis sluggish
Cool being able to SSH into my phone though
I thought you could do that on Android?
Yeah, you absolutely can, and without needing root or anything.
Plain AOSP is already pretty brutal. An alternate OS is practically a non-starter. Phones aren’t just web browsers and SMS.
- Tap-to-pay
- Including transit fares
- Bank apps
- RCS messaging
- MFA and security apps
- Work profiles
- Streaming media that’s not 480p
Not to mention that the camera is going to suuuuuuuuck.
Forking or improving AOSP is more viable but none of the more mainstream ROMs want to piss off Google. That’s why most LineageOS forums forbid talking about defeating Play Integrity.
Also no GPU driver, because even if the manufacturer does actually provide it, some nerd within the community will block it for not being “free software” enough and that “for light 2D applications, CPU blitter is more than enough”.
On a mobile device? It’s more likely that only OSS drivers work and the binary blob driver only worked with a pre-Pandemic aged kernel. Or it needed a very specific userspace library that doesn’t work with a minimal libc.
“Free software enough” usually means “has a snowball’s chance of actually working”.
- Tap-to-pay
So now 3rd party app stores need an ADB loopback to work around that.
Not hard to do, but uselessly annoying.
Installing the third party stores would be way harder than it is right now if they do that though. No way the devs of e.g. f-droid are getting a verification on an app that bypasses Google’s new ‘safety measures’
I could imagine something like Sidequest happening on Android.
That’s only if the apps distributed are unverified. Mind, the EU already requires app stores to document the identities of devs, but there are loopholes for Small enterprises. In 2027, manufacturers need to document the identities of their suppliers. There are still exceptions for non-profit open source projects, but that’s not what Google is. Surely, no one here wants Google to avoid regulations by investing in open source.
I believe F-Droid signs the packages it distributes so that creates a painful choke point. Revoke F-Droid’s key and it will break all of F-Droid instantaneously. The only exception for F-Droid’s signing is if the build is reproducible, which is a high bar for a lot of projects, and then F-Droid will use the upstream signature.
Also, they’re trying to close the ADB loophole.
I expect phones in the EU are going to become a lot more locked down in the next 14 months, like Samsung is already showing. But also think that Google will try its best to make developing for Android easy to get into.
I think you can already do that with shizuku and dome fdroid clients. It also makes using 3rd party appstores more convenient just in general.
Is this even legal in the EU? The majority of phones in the EU are Android phones so this effectively gives Google control over what apps can be installed to the majority of phones. I thought the Digital Markets Act was designed to prevent exactly this.
Google will become the exact same as apple, third party stores are technically “allowed”, but requires Google’s official stamp (digital signature), it’s same with Apple. Its probably legal since Apple is already like this.
A corporation like Epic Games will be left alone since they can afford lawyers. An open source volunteer dev making a Youtube alternative client will get their certificates revoked under dubious “ToS Violation” claims and they won’t have money to sue.
It’ll be a battle and then they’ll get knocked and so on and so forth until we get these lazy cunts out of politics and break up the fuckin tech companies.
I think some recent EU proposals that make Google responsible for ensuring users can’t install malicious apps is what have caused this to happen though. I could be wrong but I think I remember hearing about that.
This is essentially Google moving to do what I always thought was Apple’s malicious compliance on the DMA, but which European courts seem to have accepted as just fine. I’m pretty miffed at Google for sinking to Apple’s level on this.
Hold up, why all this crap… when most of the malware/infostealers is on Google Playstore… and googe itself is doing it.
It’s called “eliminating competition”.
Literally TODAY someone I know installed an application called “PDF viewer for android” that had a green adobe icon and it started wrecking absolute havoc on their phone with pop ads and redirects to scam support sites.
The AppStore is full of this shit.
Free market and openness my ass.
Get fucked
Can someone “redpilled by corporate” explain me how this policy actually increase security?
It’s trivial for a malware developer to pay $25 with a stolen card and a stolen id
Look at the “verified” bots on xitter, they didn’t solve the bots problem, rather just monetized it
It’s a lie. Google just wants control.
It’s not about stopping malware; it’s about being able to act on malware.
Making a new account with a new phone number and new credit card is a minor barrier to entry.
That said, it’s a cool story, but I think they’re looking to stop vanced style patching.
The vast majority of malware isn’t delivered via play store because of the existing measures and protections they have. Same reason you see very little app-store-based malware on iOS. DISCLAIMER: YES MALWARE EXISTS ON APPLE HARDWARE PLEASE DON’T SHOUT AT ME. Talking specifically about anything installed via first party stores on both platforms.
Their main issue is this: dumb people install apks from spurious website and infect their phones. The least controllable and most pervasive factor here is the intelligence and knowledge of the user which cannot be controlled for by Google. So by eliminating the ability to exploit this entirely, it will eliminate that specific vector.
It’s a sledgehammer solution that naturally comes with many downsides like disrupting intelligent and knowledgeable users that just want to hack around with FOSS and such.
Google is relying on It being too expensive for malware creators to have to guide each individual user through adb installation and usage process just to get access to their phone. Most scammers only do that level of interaction to extract actual cash/gift cards from the target.
I am personally and directly affected by their decision in many negative ways, but I’m not so dense as to not understand why they’re doing it.
/corpodronespeak
EDIT: bots help Xitter maintain inflated usage figures which justify people’s jobs, share prices, etc. Bots are a feature, not a bug.
yes, of course malware is distributed via apk.
But what’s the difference between:
- malware that is signed anonymously and then, when its signature is identified, it’s removed via play protect
- malware that is signed with a stolen identity and then, when its signature is identified, it’s removed via play protect
?
Isn’t exactly the same stuff? Or there’s someone that is actually thinking that criminals will use their real ID card for the verification?
Does not change anything for malware distribution, except bother them for a dozen minutes meanwhile they “verify” their stolen ID
Because it can be invalidated. That’s the difference.
It’s absolutely not foolproof, but nothing is. Most actions corps take for this stuff only slows down the spread. Hackers and bad actors innovate way faster than companies can keep up with. So companies cast a wide net with their solutions. And the cycle continues.
Apks can be invalidated after installation?
with the new system, you must go online to check if the license for that app is still valid or revoked. But the current system works almost the same: if there’s an internet connection play protect checks the signature against an online malware db and prevents installation.
From a couple years ago, google has the power to remotely install/uninstall any apk on your phone without your consent
No, the certificate can be invalidated preventing future installations for other users. If you already have it you’re SOOL
Their main issue is this: dumb people install apks from spurious website
No they don’t. Most people don’t even know what an apk even is.
Most people don’t know what a bootloader is. They still turn their devices on and off every day.
This whole conversation is about adding obstacles to prevent non technical users from doing things they don’t fully understand.
The overwhelming majority of Android users don’t even know where to start to install software outside of the Play Store. If they’re even aware that it’s possible.
It’s actually an incredibly common way that they are infected, especially in places where WhatsApp is the default communication platform
Yes you’re right. If they knew, it would likely come with the knowledge that, if someone asks you to do this, you’re probably being scammed.
That’s what makes them most vulnerable to these kinds of scams.
Corporate needs to have somebody to sue in case of a policy violation. Very especially those debloated apps that float around the web - they need to ensure they have a physical person to pin the blame to in court.
I would assume that you won’t just be able to register with a stolen id and stole card.
if scammers can open a bank account with stolen identities, i’d assume google, which is entirely run by bots without any human oversight, wouldn’t have a better detection
You don’t think Google have better tech than banks?
Oh boy. You have no idea how old and bad the underlying tech that banks work on is.
I presume they are implying that the play store review process will catch compromised apps? Not likely considering how many dodgy apps have been found on play store. It’s just another controlling act.
Google is doing this to comply with EU regulations supposed to increase security. Now imagine that Google was pushing back against this instead of complying. As per usual, Lemmy would be up in arms against Google for failing to protect people’s data and not complying with our laws and culture. You’d be downvoted to oblivion for asked that question and called a corporate bootlicker.
I think these rules come from German legal culture, which traditionally has a strong need to control information exchange and processing.
the way they originally phrased it, it was seemingly because of authoritarian governments like singapore wanting to exert more control (hey google, can you revoke the certificate or doxx this dev for us?) and then they realized that they could make more money if they extended this block worldwide
I’m sure the EU is not the only jurisdiction demanding this sort of thing, but I doubt Singapore has the pull needed to get Google to move.
Brussels effect. Imagine Google were to still allow unverified apps in the US. Most devs would still opt for verification so as not to lose the EU market. The proportion of malware is probably going to be higher among the few remaining unverified apps. Sooner or later, some US scam victims would sue Google for failing to protect them like it protects Europeans. Hard to refute.
Ok, fuck this crap. This was the main reason to prefer Android over iOS. Going to start trying out some of the FOSS Android forks
Another example of Embrace, extend, and extinguish
Google has stopped releasing parts of android as open source and it releases some as a code dump without the modification history to make harder to use. Android forks are going to struggle to keep up.
I wonder if any and everyone who has ever contributed code under whichever open license was used could sue the tits off google, not as a class, but thousands upon thousands of individual lawsuits, for breach of terms of said licence/contract.
GNU only stipulates that the code must be released. Whether it is as an inconvenient dump of a well structured code history is not specified.
I’m just skimming through the license on my phone and they include LGPL, apache, BSD, Mozilla public license, eclipse public license, w3c, MIT, apple, and GNu.
IANAPOLL (The extra POL is for patent or licensing) so I don’t know the intricacies of each type.
But there are a lot.
ThIs ApPLicAtIoN iS DaNgErOuS
Again not on custom ROMs.
(And could help the push of new alternatives os)
If it’s easy to patch this out, I wonder if there will be manufacturers that will choose to do so for their official ROMs. It would be extra value for the brand, imho. A reason to choose, say, Samsung, over a Pixel phone, if Samsung were to patch this restriction out, for example. After all, they also have the Galaxy Store which is also offering apps that I doubt they’ll want Google to regulate.
I didn’t read the terms but I think this is against Google terms of services, so sure you can patch this out but as a company you would suffer legal actions or would be forced to remove Google services from your devices.
Samsung will just ask Samsung Store devs to be registered
deleted by creator
How long until they patch out getting developer mode working on you phone without a registration, requiring you to pay for it and also take a “short” AI generated crash course in app development and monetization?
We need better Mobile Linux / Android distros
