Their arguments are kind of lame. To install APKs from outside the store is already an involved process that generally makes it harder for the uninformed to sideload. Make sideloading a bit harder, but possible. My xiaomi makes me wait and read warnings before installing APKs, for example.
Side loading will still be possible but the apps themselves will need to be signed by the developer through Google, so Google ultimately still controls what can be installed. Maybe someone will crack it.
[Installing software] will still be possible but the apps themselves will need to be signed by the developer through Google, so Google ultimately still controls what can be installed. Maybe someone will crack it.
Fixed that for you :-)
It’s a great way to workaround them being forced to open the ecosystem a little and allowing alternative stores and that stuff. It only took more than a decade, they obviously not happy about it, so gotta screw people in another way.
That’s apple. Android has traditionally allowed sideloading. They aren’t be forced to open up anything, they’re just adding restrictions.
I know it’s not really ready for it yet, but I guess I’m gonna be looking into a Linux phone before I thought I would.
If Google is going to lock down my device to the point where I can’t install apps without their permission, I might as well dump Android and go straight to Apple. I sacrificed my phone being good for the openness of the platform, but if Google loses that openness, why shouldn’t I go with Apple?
Because the cheapest new iPhone is $600 and you can get a cheap new android phone for around $100-$200 and get 6 years of security updates (Galaxy A16 for example)
If a smartphone is no longer a computer where you can install whatever you want, why bother investing so much money on a very locked-down phone? You can use the hundred of dollars you saved to spend on a small portable PC or something to run any software you want.
Yeah but my banks don’t support my small portable PC, nor does my mobile phone provider. If I wanted a small portable PC I’d get a small portable PC. What I want is a smartphone.
$600 is pocket change for a phone these days. And for that $600 you’re getting a flagship phone. You couldn’t pay me enough money to put up with a non-flagship. Been there, done that. They’re too slow and frustrating, and apps keep closing due to lack of RAM. Never again. I much rather spend $600-800 on a high-end device that’s a couple of generations old.
A $200 phone in 2015 is not the same as a $200 phone in 2025. I know from experience.
Those phones in 2015 were awful, but in 2025, they feel more like mid-range phones.
Edit: And $600 is pocket change? Sound like someone lived a privilaged life.
This 100%
I have used tracfone since 2012 and only bought phones from their store, sub $150. The budget phones today are so much better than the last 10 years.
I just can’t wrap my head around sinking that much into a phone when you replace it every year and it cost as much as a decent budget computer, but worse.
I make $19/hr and live paycheck to paycheck. I’m just being realistic about the current cell phone market.
Openness isn’t just a nice to have. It is essential.
The difference between general purpose computing and gatekept walled garden computing is night and day.
Identifying the devs is not in the “need to know” for Google. Google sells or helps to sell a general purpose open device where it is on us to exploit that device however we will.
Now Google wants to switch to a walled garden, moderated development model.
If Google promises it won’t use those dev IDs to moderate development, their promise is only worth the wind it moves and the sound it makes.
You might say their words are like farts in the wind
now while at first view, your sentiment is understandable, i actually kinda differ.
when you buy any product at any store, i believe that there has to be a legal entity behind the store that sells you this product, and the legal entity needs to be identifiable. i.e. if you run a shop and give packages to people, you need to show ID to open up that shop. i believe it is the same for charity organizations which give away packages for free.
now, why would it be different for apps? apps are software packages, and if they’re given away, there should be a legal entity behind it that is identifiable. this isn’t to surveil or suppress people, it’s just how business has always been done, and for good reason so. businesses need legal representatives to operate, even if it’s a charity, because otherwise there’s nobody to “talk to” when there’s issues, and also imposters would have an easy game.
that doesn’t mean that you can’t donate packages away on the streets. just put it in front of your front door and wait until somebody passes by and takes it, or give it directly into the hands of your friends, you don’t need to open a business for that. just, if you do it regularly, interacting with people you don’t personally know, there is a legal entity that represents that recurring activity, like a business or charity.
If i understand it correctly, even with the new changes, what can be done is that open software distribution sites like F-Droid can sign the packages instead of the original developers and therefore circumvent the identification of the original developers, and also you can still install unsigned third-party apps if you enter a command on the command line to disable ID certificate checking. it’s just an extra step, not a block-all.
The only answer is money at that point. I don’t know how much phones are these days, but aren’t iPhones like $1400, but Android is like $900?
I may be wrong though. Last time I bought a phone was 2018, and it was $600. Still using it.
I already tend to buy the expensive flagship models of phones. I buy unlocked and it lasts me ~5+ years, so I get the best phone I can get at the time and make it last, so money isn’t as much of an issue if I were to move to an iPhone.
This change requires you to attach your real name when publishing software. That’s all. You can still publish to and install packages from anywhere. This doesn’t come close to Apple’s complete control.
Google already scans packages you’re installing for malware and alerts you and allows you to install them anyway. This gives that scanner one more tool to identify bad actors.
Apple hardware has always been a generation ahead. Even when android/qualcom catches up, next generation is out already. The reason to avoid apple was it being a closed system money grab.
Apple hardware ahead of Android? I’ll have what you’re having!
Please show me a single benchmark with a flagship android beating a flagship iPhone.
a18pro beats M3 max in single core. Compared to 7840hs, it has 40% high single score geekbench 6, though 50% less multicore. Even beats ai395max at single score. Android competition catches up to even in gaming/gpu, but single core/responsiveness is still light years ahead. a19 next month, likely. M3 ultra has competitive aspects to xeon and epyc. Apple definitely has a lead on arm implementations.
Apple now allows sideloading of apps and Google is trying to get rid of sideloading.
What… the Fuck?
Apple now allows sideloading of apps
Apple allows as much sideloading as google wants to next near.
Yes, you can install from .iPa files, but you still need to pay 100€ a year to be able to sign the IPA files, otherwise you cant run them. as much as with googles new policy you now need to pay 25€ + your full name to get a signature, to sign the Apks with
Now we have to get EU on the case 😀
Yea but Apple got sued into allowing that
Don’t call it sideloading. Did you watch the video?
To be fair, they are now both on the same level. Both now allow sideloading from “trusted” sources, aka developers verified by Apple/Google.
This is the risk of “trusted computing” architectures. Who is governing the “trusted” part of that.
These cryptographic signatures are not as much of a death knell for Android as some would have you believe. The trick is to get a common code signing cert into your device, that is then used to sign any third party APK you want to run. You can avoid the Google tax this way. I assume that’s how most sideloading sites and apps are going to handle this.
The question is, how do you add that certificate? Is it easy and straight forward (with plenty of scary warnings), as a user? Or is it going to be a developer options deal? Or will I need root to add the cert?
I’m not sure what that answer is right now.
I just want to finish this post with a few words about trusted computing models. Plainly: Apple has been doing this for years … That’s why you download basically everything from an app store with Apple. Whether on your Mac OS device, your iPhone, iPad or whatever iDevice… Whether the devs need to sign it, or the app gets signed when it lands on the store, there’s a signature to ensure that the app hasn’t been tampered with and that Apple has given the app it’s security blessings, that it is safe to run. Microsoft and Google have both been climbing towards the same forever. Apple embedded their root of trust in their own proprietary TPM which has been included with every Mac, and iDevice for a long ass time. Google also has a TPM, the Titan security module, I believe that was introduced around pixel 3? Or 4?.. Microsoft made huge waves requiring it for Windows 11, and we all know what that discussion looks like. Apple requires a TPM (which they supply, so nobody noticed), Google has been adding a TPM and TPM functionality to their phones for years, and now Windows is the same. None of this is a bad thing. Trusted computing can eliminate much of the need for antivirus software, among other things. I digress. We’ve been going this way for a long time. Google is just more or less, doing what Apple has already done, and what Microsoft will very likely do very soon, making it a requirement. Battlefield 6 I think, was one of the first to require trusted computing on Windows and it will, for damned sure, not be the last that does. The only real hurdle here is managing what is trusted. So far, each vendor has kept the keys to their own kingdoms, but this is contrary to computing concepts. Like the Internet, it should be able to be done without needing trust from a specific provider. That’s how SSL works, that’s how the Internet works, that’s how trusted computing should work. The only thing that should be secret is the private signing keys. What Google, Apple, and Microsoft should be doing, is issuing intermediary keys that can sign code signing certs. So trusted institutions that create apps, like… Idk, valve as an example, can create a signature key for steam and sign Steam with it, so the trust goes from MS root to intermediary key for valve, to steam code signing key, and suddenly you have an app that’s trusted. Valve can then use their key to sign software on their store that may not have a coffee signing key of it’s own. This is just one example based on Windows. And above all of this, the user should be able to import a trusted code signing cert, or an intermediary cert signing cert, to their service as trusted.
Anyways, thanks for coming to my Ted talk.
Thanks for sharing all of that. I got to think a little bit about stuff that normally I would take for granted.
If they only cared about thwarting malware they could have just relied on code signing via public certificate authorities, like with binaries on Windows.
Code signing offers slight protection from malware but not as you might think. If a company signs an installer, or executable then it tells you it came from them but not what it does. It could still be malicious, or it could be inadvertently bundled with malware in DLLs or scripts and you wouldn’t know. You’re just hoping the company has done its due diligence and you trust them to run.
Microsoft does have an antivirus system on top and fingerprints downloads too and applies some kind of trust score that is better if an exe is signed. There is probably no single mitigation that stops malware infection but apply lots of smaller mitigations in in depth and most people will be safe.
The irony is Microsoft still lets people run files ending with .scr way too easily. Much of the malware on torrent websites is a file ending with .scr knowing the OS will hide the extension, e.g. movie.mp4.scr appears as movie.mp4 in File Explorer and people click through and get infected.
These arguments would apply the same to Google’s approach. My argument is that Google appears to have another agenda.
The point is so that most people can’t or won’t figure it out or get discouraged. So that in time, google’s “unwanted” software will be starved of attention and funds to continue being developped and these “weeds” in their garden slowly wither and die
I think I am just done with the whole concept of the convenient prepackaged tech product, and especially staying “connected” with them.
For example, I stopped wearing a smart watch this summer and it’s been a positive. I was the type to wear it 23 hours a day and track my sleep with it and everything. It turns out that not instantly seeing every notification or knowing the exact minute of the day are not a big deal, sans are even good for me.
Part of what I’ve also done is use my phone a lot less and my linux desktop a lot more. I use it as a mobile communication device and not my computer for everything. I guess the next time I need to replace it I’ll either get an iphone since everybody in my family has one, or I’ll see where these wonderful Linux phone projects end up.
So yeah we’ll do a decentralized Linux phone of sorts, if Google is going full 3rd Reich with Android we’ll move to a Linux based OS phone.
Simple as that.
Who is we? what group of people has the dev funding and time to produce FOSS hardware and software to compete with the average android phone?
We the people that want a finished product with distribution and a good eco system from day zero. It must be next gen hardware and be priced more than competitively.
It’s good to want, and I say that as someone who would dance for joy if an open source phone became viable. If you think starting a new ecosystem and expecting it to be “good, next gen, priced competitively” is feasible via volunteer work anytime soon, I want whatever you’re smoking :)
It was a sarcasm.
You forgot your /s
Expecting sarcasm to be understood in text is dumb. Too many dipshits exist to assume people arnt serious
I wouldn’t call it dumb but maybe expecting too much from people now that convenience and hand holding is expected at all times.
*Canned laughter that fades into awkward reflective silence.*
Dude. On what hardware? My 1 years old AND 4 years old Samsung phones now lock their bootloader.
Random, fly by night China phones won’t have enough documentation or enough consistency in hardware to be a viable rally point for firmware devs, will they?
Don’t get me wrong. I will buy exactly that Linux Phone for my next device if it gives me three browsers and enough untracked fundamental functionality like calculators and contact lists.
But I’m genuinely worried there won’t be a hardware vendor in the game in my market (the land of Y’allQaeda) to sell me a compatible device that plays nice with the three mobile providers that still exist here.
Will this kill FDroid ? I imagine yes since you have to install it from a download.
My suspicion is that the main purpose of Googles decision is to stop F-Droid and Aurora Store from working.
They don’t care about those.
They want revanced and other ad circumvention tools out.
They ARE an ad company, you know?
And especially any youtube app that blocks ads. OF COURSE Google will never allow Newpipe, Revanced, FreeTube and so on to be installed on Android phones ever again.
None of those have worked for me on Android since a couple of months.
Firefox with uBlock Origin is the last bastion, and don’t think that’s not on their radar.
Hey don’t mind me, I’m just gonna whip out my steamdeck (that I already have) to watch a youtube video using the desktop firefox. (Yes I know its 720p, but whatever lol, its good enough for gaming, its good enough for youtube)
Its like Microsoft and Google are teaming up to drive me closer to Linux.
Windows 12 phones are going to come. Microsoft will have their own RISC chips to run mobile platforms. Their relationship with Intel has limited them too much while the rest of the Tech giants grew too powerful with their own branded chips and devices.
Sideloading being so easy on iphones and now becoming very difficult on android. Wow
Yeah but don’t you have to boot up your PC and connect your phone to iTunes once a week to re-enable developer mode to be able to sideload? Is there a more permanent method that I’m unaware of?
Jesus, how the heck is this called “sideloading is so easy on an iPhone”?
That’s a nightmare procedure, and completely unnecessary.
Obviously Apple makes sideloading as hard as possible.
No i dont have to connect my phone to a pc. It refreshes from the phone and i sideload from my phone
They are converging to become the same thing.
Its not any better on iOS, fyi, they too require Apple’s final approval.
They don’t require apples approval at all not sure if youre talking about the EU. Im talking about sideloading with sidestore and live container
> be me
> buy new phone, chose android cause I can install anything on it
> get free iphone from work
> sell iphone on ebay cause I can install anything I want on my android
> google doesnt want me to install anything I wantFuck me. I kept the wrong phone.
So in your world, a completely locked down phone is better than a phone that you can easily open up again by flashing a ROM or replacing Gservices for MicroG with adb + Magisk?
not every android phone’s hardware even allows installing custom ROMs, as far as i’m aware of. and even if the phone technically does allow it, that doesn’t mean that any good custom ROMs are even available for it. so the issue is a bit more difficult than that.
Adb can uninstall Gservices and Magisk has a MicroG module
They are both now on the same level. Both iPhone and Android now allow sideloading of apps of “trusted” developers, so developers verified by Google/Apple.
$1000 USD for a mobile phone…no thanks.
It used to be a pocket computer, now its just a mini-prison-cell.
If anyone is using currently using a flagship phone, when your phone dies and you need a replacement: consider just getting a cheap $100 android phone then spend the rest of the money you would’ve spent on a flagship on a portable PC instead
This is the route I went years ago. Not only do i not feel like lugging around an obnoxiously long buttonless 1kg remote control, within two months the display will be shattered because I sneezed, and I will have to buy a new one because replacing the screen costs as much as a new phone.
I know they do that shit by design. Why would the back side of the phone need to be made of fucking glass? It’s literally the only reason I ever buy new phones, the screen is the only thing that ever breaks, and they never survive long enough to be “too old” to use.
Spot on! +1
My problem with this is when I now don’t have freedom from surveillance in my country because I mainly use F-Droid to install my privacy conscious apps.
This should read that google is screwed, as android users flock to alternative phones. But no, so many would rather just keep on bending the knee to daddy data scrap.
Android users will have no idea it’s happening because only a tiny minority even knows what sideloading is. I don’t think I have done it in my last 3 phones, so maybe a decade or so. It’s definitely not enough of a reason even for someone like me to switch, let alone an average user.
I get what you’re saying and you’re definitely right. I don’t side load things all that much but the times I have was because there was no other viable way to get what I needed and it worked amazingly well (not to mention testing something before it’s available on the app store).
It’s one of those things like a fire extinguisher that you might not need but you are very grateful it’s there just in case you ever do.
Yes, I love to have the capability, but haven’t used it so long that it wouldn’t motivate me to switch away from android to keep it.
Removed by mod
Removed by mod
Cheap iphone?
“old”
What are those alternatives? I can’t think of any that are ready for prime time.
