Installing any app I want outside the Play Store was the primary reason I decided to go with Android, despite most of the people I know using iPhones. If I can't do this anymore, I may as well switch and be able to use iMessage and FaceTime with them.
Android is losing a unique selling point. This will have an impact on what a techie may recommend to a non-techie in the future, because everything is beige now.
I have the feeling Google has given up on using nerds as beachheads. The market is saturated enough and they don't need us anymore to do grass roots spreading of their products. It's the same with Youtube. As long as there were enough people who were unencumbered by ads because of their ad block and kept spreading links, the importance of Youtube was growing. After market saturation that vehicle isn't necessary anymore and they can squeeze them out.
Then you'd be rewarding the company that pioneered and normalized taking away these rights. The next rights you'll lose will probably originate on Apple again years before Google takes them away too.
You can still install apps outside the play store, but the developer does need to verify their signing information. Effectively this means that any app you install must have a paper trail to the originating developer, even if its not on the app store. On one hand, I can see the need for this to track down virus creators, but on the other, it provides Google transparency and control over side loaded app. It IS a concerning move, but currently this is far from 'killing' non-appstore apps for most of the market.
Switching to iPhone will make it even more obvious there is an unhealthy monopoly, so that's nice. If there's no good reason to choose Android, why not?
How will Google force Android users to "update" so sideloadinng can be prevented
Non-updated versions of Android running non-updated versions of sideloaded apps will not have the restriction
Another example of how not every "update" is for "security" and "updates" should be optional
The computer owner chooses one version of an operating system, e.g., "I chose Android because I can sideload any app", but by allowing automatic updates, without reviewing them first, the computer owner agrees to let the operating system vendor change the software remotely to anything the vendor chooses. The computer owner goes along with whatever the vendor decides, letting the vendor take them for a ride
If the operating system gets _worse_ in the opinion of the computer owner, if it fails to meet their needs, e.g., "sideloading", then that's too bad. The computer owner chose one version of Android, but by subscribing to "automatic updates" they effectively chose all future versions as well
This is why I prefer BSD UNIX-like operating system projects where I can choose to update or not to update. Unlike the hypothetical Android user, the project does not decide for me
HN replies may try to draw attention to "security" and away from "sideloading restriction". However there is no option to accept "security updates" while rejecting "sideloading restriction updates". According to the so-called "tech" companies that conduct data collection and surveillance as a "business model" through free, auto-updated software, every update, no matter what it contains, is deemed essential and critical for "security"
Online commentators seem to agree that the computer owner should have the choice to install or not install _any_ software outside the "app store", so-called "sideloading". Perhaps this freedom to choose whether to install or not install software should also apply to operating system "updates"
Maybe it’s because I’m European but I’ve never understood what iMessage even is or what it offers above either sms or WhatsApp/signal. And I’ve used an iPhone for the past 15 years.
There are no good reasons left to use either platform - you're basically paying an arm and a leg to rent a device whose primary purpose is to usurp your attention and plunder your wallet at every possible opportunity.
Use and encourage your circle to use Signal, so you're not limited to any given platform, or the political or ideological whims of the gardenmeisters.
Google has gone full enshittified with this move, might as well move as far and as fast away from all the shit if you're technically capable, introduce whatever pressure you can to signal that there's a desperate need in the smartphone market for something clean and honest.
You can still side-load signed apps. It's a similar limitation to macOS which won't let you run apps that Apple hasn't signed without command line or control panel shenanigans. Compared to iOS, Android still has the advantage of installing your own full browser (like Firefox) with full-fat ad blocking (uBlock Origin, not Lite). iOS is Safari-only right now though, in theory, some alternative engines may be available in Europe later.
Antitrust action is badly needed in this area. It is ridiculous that I need permission from my device manufacturer to install software on hardware I own. There is no viable alternative than to live in Apple and Google’s ecosystems. This duopoly cannot be allowed to keep this much control of the mobile platforms.
There needs to be a mandatory override for any lock down put in place by a manufacturer. I understand the need for security, but it should be illegal to prevent me from bypassing security if I decide to on my own device. Make it take multiple clicks and show me scary warnings, that's fine.
Technically Android still allows installation of anything if you use the debugging tool. Maybe that is where we have to draw the line, I'm not sure.
The funny thing here: They have active spyware and malware on their app store. They go by vague offical sounding names like "Gallery" and "Messages" "Text Messages"
I've reported it and that goes to an google form where the app stays up. I've even gone farenough where I've escalated through internal Google contacts. Nothing is done. It's not sideloading that's the issue.
It's google. This is a hostile behavior to all users of the devices and developers of their platform.
_--
My thoughts on where this might go:
We're getting into an era where there are organizations that are violently hostile to your device and they demand that. These people believe that the device you paid for and the service you paid for is theirs.
I.e. mobile ids from governments, which may introduce client side scanning. More so, theres a hostile push for "age verification" which would lean on the Play integrity chain. Want to find out who does this? Look into Magisck on reddit and the apps people have difficultly using. This is not a case of "someone wants to hack something".. it's all about control.
If you're watching the Root/third party space.. right now there are issues running apps. Some apps scan for "SuperSU" app and will refuse to run. (As in they're not sandboxed)
We need to stop calling it "sideloading", we should call it freely installing software. The term "sideloading" makes it sound shady and hacky when in reality it is what we have been able to do on our computers since forever. These are not phones, they are computers shaped like phones, computer which we fully bought with our money, and I we shall install what we want on our own computers.
If you focus on the fact that Google fraudulently marketed an operating system that allows users to run any software they like (until they successfully drove other open options out of the marketplace) you have all the legal justification you need to force Google to back down.
In the US, there's no requirement for a company to honor the claims of prior advertisements for things that they might do in the future for a different product. And even if a company does lie about the features of their product, advertising law does not require a company to change the features of their product to meet those claims. What could be required is a change in the advertising, or a refund for people who bought the devices under the false terms.
But if you advertise a certain side of feature features in a phone three years ago, and sell something completely different next year, that's entirely legal.
I think the reason you keep reiterating this is because once you realize that there is no legal justification to go after Google for this move under current US law, the only real solution becomes obvious: new legislation, and you really don't want that, because you know it will apply to Apple devices as well, which would be The End of the World.
(This is before Apple/Google lobbying efforts result in either the death of the bill or a bunch of exceptions allowing companies to do "notarization" or "developer verification".)
The Android Developer Blog called it "an ID check at the airport which confirms a traveler's identity but is separate from the security screening of their bags."
From the mouths of rubes, I guess. The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
>The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
If it's really about protecting "airlines' business model", why did TSA recently start requiring REAL ID to board flights? Were airlines really losing substantial amounts of money through forged drivers licenses that they felt they needed to crack down?
This is nonsensical. The minute the government doesn’t check ID to get on a plane that coincides with your ticket, the airline will start doing ID checks before getting on domestic flights just like they do for international flights.
And some airports are now allowing non fliers inside the terminal.
Even hotels force you to verify your ID to check in even though the reservation I’d transferable - just add a guest to your room when you make the reservation.
I know this is side topic but if buying the Android or iPhone hardware gives us hardware we don't control, then what alternatives we realistically have? I do own pinephone (and I was recently reading that they kinda staled with development of new phones hardware), I know about librem.. is there anything else on the market?
LineageOS? /e/OS? ArrowOS? Android has so much momentum that seems like it would be difficult to avoid a fork. I know Waydroid exists, but I'm not sure that's good enough. Ubuntu Touch sounds really cool too, but I've put effort into it with a used Google Pixel 3A and it's not an easy, cheap thing to try out right now. And it's still dependent on binary blobs for drivers, as far as I know. Not a great situation.
Regarding banking apps and things like that, I don't run into to any issues except for not being able to scan checks for deposit on the mobile website. And also I have to have physical credit cards. If you can't do what you need, consider changing to a local credit union which has your interests in mind far more than a for-profit bank.
I've never run into a need for apps for a government purpose, but perhaps I will someday.
I'm sure my situation where I live may be different than your situation where you live.
I don't use an open source fork of Android daily and from what I can tell the best option that exists today.
The only hardware that I know will continue to be open enough for this to be viable in the future is Fairphone. I hope there are others. I would definitely would NOT trust Google Pixel to remain open for the foreseeable future.
Personally, I'm trying to get out of the habit of using my phone anyway, so I might as well have laptop or desktop hardware that can fulfill my needs.
There's an overarching lesson that FLOSS needs to learn from the last fifteen years:
If it's not copyleft, it's not free. Also, it's more than just a legal classification of IP law, it's an ethos. I don't care how "free" your underlying OS is, if most of the userland is proprietary and the only way to really effectively use the software on consumer hardware is to use a megacorp's implementation of it and to bow to their whims, it might as well be Microsoft Windows.
This is why I always thought Android never really was Linux. Sure, it has a Linux kernel, but that kernel just exists to run a bunch of software in a way that you have no real control over.
This is laying the groundwork for mandatory software. Soon after this browsers and messengers will be required to install tracking components to be included in the app stores or approved for sideloading.
This is how the surveillance blob will get around the huge backlash to Apple's mandatory on-device child abuse scanning, close off any avenues to escape it before re-introducing mandatory on-device spying.
However, I don't think they haven't measured the number of users installing apps outside of the Play store. May be they just don't care about the small % of total users who are a large % here on HN.
And this will creep out to the major desktop systems too, Apple is doing it with their stupid "non-verified app" and Windows looks more likely to do so with their "need Microsoft account to login" to windows.
Can anyone say exactly what this would mean for F-Droid? For instance, not that I want this to happen but if F-Droid really wanted, they could conceivably get verified developer status.
And then they could offer apps, which (again I don't want this, just asking), could also be distributed if verified. F-Droid would have to be verified and would only be able to distribute apps from developers that are also verified.
And so conceivably you could still install apps from outside the Play store if they're verified. Unless the Play store is administering verification.
I'm not saying that would work, in fact, I think in practice it wouldn't. I'm just trying to play out what that would look like to understand the specifics of how F-Droid is being effectively dismantled. But I'm all ears if someone has a different interpretation about how F-Droid lives through this. It would seem that it would only survive on degoogled phones.
If nothing prevents this from happening, then when it does happen, I will make it a point to carry nothing but a laptop and a dumb phone, maybe a hotspot. If I need something from the internet, I will get it before the trip. If I can't get it on the trip, and forgot to beforehand, I will either find another way, or not do whatever it is.
I don't know why I don't do that now, honestly. Sounds pretty interesting.
In my eyes, Google is violating my rights because I did not agree to them stopping independent installation. I view them pushing this update as criminal vandalism.
People choose Android because they need / want more control over their system. If Google continues to remove that control, they lose the only thing that gives their OS an edge.
[+] [-] itg|5 months ago|reply
[+] [-] AnonymousPlanet|4 months ago|reply
I have the feeling Google has given up on using nerds as beachheads. The market is saturated enough and they don't need us anymore to do grass roots spreading of their products. It's the same with Youtube. As long as there were enough people who were unencumbered by ads because of their ad block and kept spreading links, the importance of Youtube was growing. After market saturation that vehicle isn't necessary anymore and they can squeeze them out.
[+] [-] XorNot|4 months ago|reply
It's become my go-to for "I need a utility for X task".
[+] [-] jamesnorden|4 months ago|reply
I, too, love vendor lockin.
[+] [-] xandrius|4 months ago|reply
We do not have to choose the lesser of two evils this time.
[+] [-] Fergusonb|4 months ago|reply
Sideloading was the killer feature for me as well.
[+] [-] gdulli|5 months ago|reply
[+] [-] jadbox|5 months ago|reply
[+] [-] Buttons840|4 months ago|reply
[+] [-] 1vuio0pswjnm7|4 months ago|reply
How will Google force Android users to "update" so sideloadinng can be prevented
Non-updated versions of Android running non-updated versions of sideloaded apps will not have the restriction
Another example of how not every "update" is for "security" and "updates" should be optional
The computer owner chooses one version of an operating system, e.g., "I chose Android because I can sideload any app", but by allowing automatic updates, without reviewing them first, the computer owner agrees to let the operating system vendor change the software remotely to anything the vendor chooses. The computer owner goes along with whatever the vendor decides, letting the vendor take them for a ride
If the operating system gets _worse_ in the opinion of the computer owner, if it fails to meet their needs, e.g., "sideloading", then that's too bad. The computer owner chose one version of Android, but by subscribing to "automatic updates" they effectively chose all future versions as well
This is why I prefer BSD UNIX-like operating system projects where I can choose to update or not to update. Unlike the hypothetical Android user, the project does not decide for me
HN replies may try to draw attention to "security" and away from "sideloading restriction". However there is no option to accept "security updates" while rejecting "sideloading restriction updates". According to the so-called "tech" companies that conduct data collection and surveillance as a "business model" through free, auto-updated software, every update, no matter what it contains, is deemed essential and critical for "security"
Online commentators seem to agree that the computer owner should have the choice to install or not install _any_ software outside the "app store", so-called "sideloading". Perhaps this freedom to choose whether to install or not install software should also apply to operating system "updates"
[+] [-] blurbleblurble|4 months ago|reply
[+] [-] FranzFerdiNaN|4 months ago|reply
[+] [-] observationist|4 months ago|reply
There are no good reasons left to use either platform - you're basically paying an arm and a leg to rent a device whose primary purpose is to usurp your attention and plunder your wallet at every possible opportunity.
Use and encourage your circle to use Signal, so you're not limited to any given platform, or the political or ideological whims of the gardenmeisters.
Google has gone full enshittified with this move, might as well move as far and as fast away from all the shit if you're technically capable, introduce whatever pressure you can to signal that there's a desperate need in the smartphone market for something clean and honest.
[+] [-] hahn-kev|4 months ago|reply
[+] [-] treyd|4 months ago|reply
[+] [-] wiether|5 months ago|reply
[+] [-] colordrops|4 months ago|reply
https://www.youtube.com/watch?v=DnWykPvftfg
[+] [-] unknown|4 months ago|reply
[deleted]
[+] [-] 63stack|5 months ago|reply
[+] [-] brazukadev|5 months ago|reply
You still can do that with PWAs in Android. Let's see for how long.
[+] [-] JohnTHaller|4 months ago|reply
[+] [-] jim201|5 months ago|reply
[+] [-] spogbiper|5 months ago|reply
Technically Android still allows installation of anything if you use the debugging tool. Maybe that is where we have to draw the line, I'm not sure.
[+] [-] monksy|4 months ago|reply
I've reported it and that goes to an google form where the app stays up. I've even gone farenough where I've escalated through internal Google contacts. Nothing is done. It's not sideloading that's the issue.
It's google. This is a hostile behavior to all users of the devices and developers of their platform.
_--
My thoughts on where this might go:
We're getting into an era where there are organizations that are violently hostile to your device and they demand that. These people believe that the device you paid for and the service you paid for is theirs.
I.e. mobile ids from governments, which may introduce client side scanning. More so, theres a hostile push for "age verification" which would lean on the Play integrity chain. Want to find out who does this? Look into Magisck on reddit and the apps people have difficultly using. This is not a case of "someone wants to hack something".. it's all about control.
If you're watching the Root/third party space.. right now there are issues running apps. Some apps scan for "SuperSU" app and will refuse to run. (As in they're not sandboxed)
[+] [-] HiPhish|5 months ago|reply
[+] [-] GeekyBear|4 months ago|reply
[+] [-] kube-system|4 months ago|reply
In the US, there's no requirement for a company to honor the claims of prior advertisements for things that they might do in the future for a different product. And even if a company does lie about the features of their product, advertising law does not require a company to change the features of their product to meet those claims. What could be required is a change in the advertising, or a refund for people who bought the devices under the false terms.
But if you advertise a certain side of feature features in a phone three years ago, and sell something completely different next year, that's entirely legal.
[+] [-] dangus|4 months ago|reply
And even if it did, it’s not like marketing campaigns make claims that last forever.
Red Lobster doesn’t owe you anything because endless crab legs isn’t a thing anymore.
[+] [-] NotPractical|4 months ago|reply
I already replied here: https://news.ycombinator.com/item?id=45512015
I think the reason you keep reiterating this is because once you realize that there is no legal justification to go after Google for this move under current US law, the only real solution becomes obvious: new legislation, and you really don't want that, because you know it will apply to Apple devices as well, which would be The End of the World.
If you want to see what the solution to this problem looks like, take a look at the bipartisan App Store Freedom Act: https://www.congress.gov/bill/119th-congress/house-bill/3209...
(This is before Apple/Google lobbying efforts result in either the death of the bill or a bunch of exceptions allowing companies to do "notarization" or "developer verification".)
[+] [-] isaacremuant|4 months ago|reply
[+] [-] billev2k|5 months ago|reply
From the mouths of rubes, I guess. The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
[+] [-] gruez|5 months ago|reply
If it's really about protecting "airlines' business model", why did TSA recently start requiring REAL ID to board flights? Were airlines really losing substantial amounts of money through forged drivers licenses that they felt they needed to crack down?
[+] [-] raw_anon_1111|4 months ago|reply
And some airports are now allowing non fliers inside the terminal.
Even hotels force you to verify your ID to check in even though the reservation I’d transferable - just add a guest to your room when you make the reservation.
[+] [-] marcosdumay|4 months ago|reply
[+] [-] ohman876|4 months ago|reply
[+] [-] benjaminoakes|4 months ago|reply
Regarding banking apps and things like that, I don't run into to any issues except for not being able to scan checks for deposit on the mobile website. And also I have to have physical credit cards. If you can't do what you need, consider changing to a local credit union which has your interests in mind far more than a for-profit bank.
I've never run into a need for apps for a government purpose, but perhaps I will someday.
I'm sure my situation where I live may be different than your situation where you live.
I don't use an open source fork of Android daily and from what I can tell the best option that exists today.
The only hardware that I know will continue to be open enough for this to be viable in the future is Fairphone. I hope there are others. I would definitely would NOT trust Google Pixel to remain open for the foreseeable future.
Personally, I'm trying to get out of the habit of using my phone anyway, so I might as well have laptop or desktop hardware that can fulfill my needs.
[+] [-] sudo_and_pray|4 months ago|reply
Problem will be with banking apps and such, well you can get an used iphone and in lockdown mode it should be fine even if it reaches EoL.
[+] [-] greatgib|4 months ago|reply
[+] [-] lenerdenator|4 months ago|reply
If it's not copyleft, it's not free. Also, it's more than just a legal classification of IP law, it's an ethos. I don't care how "free" your underlying OS is, if most of the userland is proprietary and the only way to really effectively use the software on consumer hardware is to use a megacorp's implementation of it and to bow to their whims, it might as well be Microsoft Windows.
This is why I always thought Android never really was Linux. Sure, it has a Linux kernel, but that kernel just exists to run a bunch of software in a way that you have no real control over.
[+] [-] gclawes|4 months ago|reply
This is how the surveillance blob will get around the huge backlash to Apple's mandatory on-device child abuse scanning, close off any avenues to escape it before re-introducing mandatory on-device spying.
[+] [-] rclkrtrzckr|5 months ago|reply
Yeah, check for all the fake sora apps in the play store.
[+] [-] freefaler|4 months ago|reply
However, I don't think they haven't measured the number of users installing apps outside of the Play store. May be they just don't care about the small % of total users who are a large % here on HN.
This is a part of a bigger trend, Cory Doctorow spoke about 13 years ago in his "The coming war on general computing": https://www.youtube.com/watch?v=HUEvRyemKSg
And this will creep out to the major desktop systems too, Apple is doing it with their stupid "non-verified app" and Windows looks more likely to do so with their "need Microsoft account to login" to windows.
[+] [-] casenmgreen|4 months ago|reply
Google have over-reached.
It is unacceptable to software developers to be unable to install software on their own phones, and this will lead to a successor to Android.
It will take time, but it will now happen.
[+] [-] miclill|4 months ago|reply
[+] [-] glenstein|4 months ago|reply
And then they could offer apps, which (again I don't want this, just asking), could also be distributed if verified. F-Droid would have to be verified and would only be able to distribute apps from developers that are also verified.
And so conceivably you could still install apps from outside the Play store if they're verified. Unless the Play store is administering verification.
I'm not saying that would work, in fact, I think in practice it wouldn't. I'm just trying to play out what that would look like to understand the specifics of how F-Droid is being effectively dismantled. But I'm all ears if someone has a different interpretation about how F-Droid lives through this. It would seem that it would only survive on degoogled phones.
[+] [-] seanw444|4 months ago|reply
I don't know why I don't do that now, honestly. Sounds pretty interesting.
[+] [-] blastersyndrome|4 months ago|reply
In my eyes, Google is violating my rights because I did not agree to them stopping independent installation. I view them pushing this update as criminal vandalism.
[+] [-] hollow-moe|5 months ago|reply
[+] [-] Escapade5160|4 months ago|reply
[+] [-] a456463|4 months ago|reply
Let's call it what it is. Attack on what ownership of our stuff means.