Manually installing an app via adb must, of course, be permitted. But that is not sufficient.

> Keeping users safe on Android is our top priority.

Google's mandatory verification is not about security, but about control (they want to forbid apps like ReVanced that could reduce their advertising revenue).

When SimpleMobileTools was sold to a shady company (https://news.ycombinator.com/item?id=38505229), the new owner was able to push any user-hostile changes they wanted to all users who had installed the original app through Google Play (that's the very reason why the initial app could be sold in the first place, to exploit a large, preexisting user base that had the initial version installed).

That was not the case on F-Droid, which blocked the new user-hostile version and recommended the open source fork (Fossify Apps). (see also this comment: https://news.ycombinator.com/item?id=45410805)

there cannot exist an easy way for a typical non-technical user to install “unverified apps” (whatever that means), because the governments of countries where such scams are widespread will hold Google responsible.

Meanwhile this very fact seems fundamentally unacceptable to many, so there will be no end to this discourse IMO.

The word "sideload" made it sound like you're smuggle something you shouldn't onto the system. Subtle word tricks like this could sneak poisons into your mind, be watchful.

The buried lede:

> a dedicated account type for students and hobbyists. This will allow you to distribute your creations to a limited number of devices without going through the full verification

So a natural limit on how big a hobby project can get. The example they give, where verification would require scammers to burn an identity to build another app instead of just being able to do a new build whenever an app gets detected as malware, shows that apps with few installs are where the danger is. This measure just doesn't add up

As long as this is a one-time flow: Good, great, yes, I'll gladly scroll through as many prompts as you want to enable sideloading. I understand the risks!

But I fear this will be no better than Apple's flow for installing unsigned binaries in macOS.

Please do better.

But having done it, I'm actually pretty impressed with the existing security. At least on my S24, you have to both enable sideloading at the system level, and enable each specific app to be allowed to "Install other apps" (e.g. when I first tried to launch the APK that I had downloaded from Firefox, I received a notification that I would need to whitelist Firefox to be allowed to install apps. I decided no, and instead whitelisted my File Manager app and then opened the APK through that).

I then installed F-Droid, allowed it to install other apps, installed NewPipe, and then toggled back off the system-level sideloading setting. NewPipe still works, and I don't think anything else can install. This satisfies my security paranoia that once the door to sideloading is opened that apps can install other apps willy-nilly. Not so.

So I really don't see what this new initiative by Google solves, other than, as others have said, control. The idea that somehow all user security woes come from sideloading apps and they would somehow be safe if they simply stuck strictly to the Play Store is patently untrue, given the number of malware-laden apps currently lurking in the Play Store.

I highly doubt this is your "top" priority. Or if it is then you're gotten there by completely ignoring Google account security.

> intercepts the victim's notifications

And who controls these notifications and forces application developers to use a specific service?

> bad actors can spin up new harmful apps instantly.

Like banking applications that use push or SMS for two factor authentication. You seem to approve those without hesitation. I guess their "top" priority is dependent on the situation.

I think a better compromise would have been for google to require developer verification, but also allow third party appstores like f-droid that don't require verification but still are required to "sign" the apks, instead of users enabling wide-open apk sideloading. that way, hobbyists can still publish apps in third party stores, and it is a couple of more steps harder for users to fall for social engineering,because they now have to install/enable f-droid, and then find the right malicious app and download it. The apk downloaded straight from the malicious site won't be loaded no matter what.

Google can then require highlighting things like number of downloads and developer reputation by 3rd party appstores, and maybe even require an inconsistent set of steps to search and find apps to make it harder to social engineer people (like names of buttons, ux arrangements, number of clicks,etc.. randomize it all).

What frustrated me on this topic from the beginning is that solutions like what I'm proposing (and better ones) are possible. But the HN prevailing sentiment (and elsewhere) is pitchforks and torches. Ok, disagree with google, but let's discuss about how to solve the android malware problem that is hurting real people, it is irresponsible to do otherwise.

Anyway, I am already planning for a future in which Google does not feature as prominently as did until now. Small steps so far ( grapheneOS ), but to me the writing the wall is unmistakable. Google got cold feet over feedback and now they can allow things.

When negative publicity ends, they will start working towards further locking it in again. I am personally done with passively accepting it. It might be annoying, but it degoogling is a simple necessity.

Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified. We are designing this flow specifically to resist coercion, ensuring that users aren't tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months.

> 13. For a period beginning on the Effective Date through June 30, 2032, Google will [...] and will continue to permit the direct downloading of apps from developer websites and third-party stores without any fees being imposed for those downloads unless the downloads originate from linkouts from apps installed/updated by Google Play (excluding web browsers).

6 days ago the court expressed skepticism as to the proposal and announced that they'd have a hearing, with testimony from expert witnesses, as to whether it would prevent the market harms that the original injunction was trying to cure [2].

Today Google announces this, effectively confirming that they're backing down from their requirement that third party app developers pay google prior to distributing their apps.

Nothing (yet) is explicitly tying these together, but I can't help but suspect that this move is in large part being made to convince the court that they're actually intending to honour this portion of the proposed injunction even though Epic would have little reason to enforce it.

[1] https://storage.courtlistener.com/recap/gov.uscourts.cand.36...

[2] https://storage.courtlistener.com/recap/gov.uscourts.cand.36...

You will not be able to use any of your banking apps without first removing all of those...

We need alternatives, this will not work and is a risk to freedom/democracy for all of us.

Switzerland is implementing a digital ID[1]. It will be made available to the most common devices and is open source. However Google and Apple can just remove it, what then?

[1] https://github.com/swiyu-admin-ch

It's not an option, even if they pretend it to be one: if I click the text "install without scanning", nothing happens. I must accept the big button that uploads the app for a scan. It's none of their business.

ADB is no alternative for me, because it's easier for me to send a websocket command to my 9 devices (mostly dashboards) so that they download the file and start the upgrade process, so that I then only need to press the "upgrade" button manually on each device. Remove the dashboards from the walls, just to plug an USB cable in them, to upgrade the apps?

* "Android Developer Verification Proposed Changes" by agnostic-apollo (https://github.com/agnostic-apollo), Termux app (https://github.com/termux/termux-app) developer: https://issuetracker.google.com/issues/459832198 via https://old.reddit.com/r/termux/comments/1ourtxj/android_dev... (old.reddit.com/r/termux/comments/1ourtxj/android_developer_verification_discourse/)

Do the changes here do anything for F-Droid?

One thing which can immediately improve security is forbidding SMS read access forever. Just like Apple does. No App should be able to read SMS.

Things have been going bad since then. Closing of root access, closing of software, youtube not working in split screen etc. All the changes make me think of Android as more and more repulsing. Recent changes like removing old software from the store because they didn't update API and now this... Google stop being evil

Then let me decide which apps can access the internet, and which app can access which domain names / IP addresses.

Because it feels like there are a lot of DATA THIEVES out there, selling my data to companies you work with.

We call them Firewalls on the PC.

Other schemes include impersonating sex workers to lure victims into nude video chats, then persuading them to install an app that harvests private content and contacts for blackmail.

If Android is open source, why can't/won't a community fork it? Graphene OS exists but many folks claim Netflix and banking apps do not work with it (despite allowing logins from any common desktop browser)?

If all widely-accepted phone operating systems are de-facto proprietary, what does this say about the current phase of society?

What choice do non-billionaire/millionaire humans have for living in a single-planet society where technology is so highly integrated (and the inherent non-consensual compromises)?

What If the little people are going to get squeezed even more?

Troubling questions.

Other thoughts on how you could make a coercion resistant power user toggle? I'm very excited that Google's thinking about offering this because it gives me faith that just because I chose to be in a minority, I won't be relegated.

On the flip side, I was so shaken by the original announcement that would kill off F-Droid that I've been very actively looking into building my own mobile device that runs Linux. I purchased the components for a Hackberry Pi that I'm hoping to build in the next couple of months, but knowing that Android won't kill off F-Droid entirely is heartening.

Google goes on to say how taking away one of your last remaining rights is good for you, if you like it or not.

It is clear to everyone why Google is partnering with governments around the world to remove our rights to installing apps. Laws are not on your side and must be reevaluated on an individual level to move forward. You decide your own terms, you have the power.

Only we can stop this together.

I don't agree that this is something that should be restricted to "advanced" users, even. One of the basic freedoms that protects users from the unilateral control of the developers, is other developers (like me) being able to patch apps and distribute them to friends and family, without making a public fork or meeting play store requirements. Take for example, youtube revanced. If I want to help my friends by making a private f-droid or obtainium repository, to save them the trouble of going through the (legal!) process of patching and updating the app themselves, right now I can do this. If this requires going through a lengthy process instead, that may or may not be detectable by apps that will then choose to cease to function (this has happened with rooting), my ability to help friends and family as someone with the know-how and experience gets reduced significantly. There's many things that don't fly on the play store, such as the completely legal NewPipe, AdAway, and Termux applications, and while I can sign up for the developer verification, it's not clear to me under what circumstances the verification can be terminated.

However, I think there are other things they should do as well (in addition to the other things) if they want to improve the safety, such as looking at the apps in Google Play to check that they are not malware (since apparently some are; however, it says they do have some safeguards, so hopefully that would help), and to make the permission system to work better (e.g. to make it clear that it can intercept notificatinos; there are legitimate reasons to do this but it should require an explicit permission setting to make this clear).

This is old rule: you don't need to take over control of all the people, you just need to take over those two-three suppliers that are covering all the people. If for example new politician Tronald Dump will take seat in 2035 in USA and they will try to push their agenda to other countries, they will take over the LLM, phone and OS providers, namely OpenAI, MS, Apple, Google. That's all to control to have the souls ruled all over the world. If something must vanish, will vanish. Like in the Ministry of Truth

Verification sounds great on paper, but if this turns into “prove you’re a real dev by jumping through 12 forms of bureaucracy,” it’ll just push more talent to sideloading and open platforms.

Still, if Google actually nails this — transparent, fair, and fast — it could be the first time in years Android feels safer without feeling locked down. That’d be a plot twist I’d love to see.

That seems like a severe security bug in Android APIs or sandboxing or something else.

> bad actors can spin up new harmful apps instantly

Why are harmful apps possible at all?

Two key announcements:

> we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified.

> We are using your input to shape a dedicated account type for students and hobbyists. This will allow you to distribute your creations to a limited number of devices without going through the full verification requirements.

this is a misleading title. they only allow side-loading unverified apps only on fewer devices.

Mercedes will allow drivers to carry passengers without verification.

Sounds silly, doesn't it?

Ford will allow drivers to carry passengers without verification.

Sounds silly, doesn't it?

It is hard to to trust anyone who starts communication with an obvious falsehood. Users beware.

I see here and there some comments about someone was scammed, etc… Lack of knowledge of users is not a good reason. They still will get scammed, in a different way, but outcome will be the same.

On PC one can install whatever want - and nobody is blaming OS for it.

"You should open up the tool, put no restrictions, and yet ensure that it is safe and secure" is an impossible task for anyone.

Google mentions about being on a call, and being tricked into handing over codes. So why not use signals and huristics to decide?

If user is on a call, block any ability to install a shady app. Implement a cool down before that functionality is restored (say 24 hours). It can also detect where the user is based to add additional protection (such as mandating the use of play protect to scan the app before it's activated and add another cool down regardless).

There's lots of ways to help protect the user but it's wrong to ultimately control them. The real world is full of scary dangers that technology is trying to solve but is actively making things worse (such as computerized safety systems in cars).

Ultimately, the user is responsible and whilst it's palpable Google would want to reduce harm in this specific way, we know authoritarian governments would also love to be able to dictate what software people can run. The harm to democracy is simply too great in favor of saving a few people's money.

I believe they will push responsability onto OEM.

So they haven't actually changed anything yet, but they say that they will "in the coming months."

So if I want to release a free android game my options are.

A: Hope Google doesn't change course again.

B: Give Google a copy of my apartment lease,

Would be too hard for them to ya know actually implement sandboxing which would prevent this.

Anything aside from full bootloader access means I'm renting my device.

Too late now though.

1) announce decision that will make everything even worse

2) wait for negative opinion

3) announce walking back on the decision

4) observe general sense of relief

The only way this can be stopped is to make it costly to even announce "decisions making everything worse"

Recently I wanted to find a good app to manage my shopping lists as well as keep an ordering of this list so that I could run through the supermarket more efficiently. I really hate backtracking the supermarket to get some item on my list that I forgot was in a spot I'd already been. Of course, it had to work offline-first and I didn't mind a bit of configuration.

Everything on Google Play Store was some cloud-integrated garbage app. The only app that came even close was an app on F-droid called Aisleron, which lets you manage both your home stock and supermarkets in terms of "aisles" of products, flipping easily between what is in stock and what is needed and then managing an aisle-based sorting of these products per supermarket that I frequent.

Great App! However, I worry that this app would never have been released had Google considered actively blocking the author from creating legitimate and highly useful pieces of software like Aisleron.

Lets not celebrate prematurely and let us wait for more details on whats actually changing both technically and process wise. We should demand more clarity and should not wait to discover it after the implementation at which point it is hard and nearly impossible to push back against.

We don't want to be in a situation where they technically make it possible but make it practically impossible to install apps outside playstore.

Can I use FDroid?

Sorry, *allow*? ALLOW?

I'm sorry. My device. My software. My customer or friend. You don't have the right to insert yourself into the process. Very kind of you to ALLOW me to do something you have no involvement in whatsoever.

Like everything google do the real reason for the plan is to let google insert themselves unwanted into someone elses business so they can extract money from other people's work.

I would bin my android phone now if the alternatives weren't even worse,

> Google will allow users to sideload Android apps without verification

Which seems to be false. As far as I understand, Google still requires verification.

/Old man laughing at "cloud" that is my baremetal.

I'm really over third parties telling me that my safety is their priority. Unless you're transporting my body (ie, airline, ride share, etc), then I really don't need you to be looking out for my safety. See the problem is: when you do look out for my safety, you do it by giving yourself control over my life that is not healthy for either of us.

Let my safety be my concern, and the functionality of your product can be your top priority.

"Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified. We are designing this flow specifically to resist coercion, ensuring that users aren't tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months. "

First of all, there is principally no good reason why adult people should be patronized by Google or other companies and kept from installing the software they want to install. Limitation of numbers just means that I cannot publish my .apk and let users install it freely. However, anyone who is allowed to smoke, drink alcohol, or get a motorcycle, should also be allowed to install whatever application they want. It's a matter of basic individual freedom.

Second, the majority of reasonable users cannot be restricted from using their device as they wish just because a small minority falls for scams. A minority of people also drink themselves to death, die in motorcycle accidents, or smoke. There is nothing wrong with taking risks and taking responsibility for one's own life. We don't need for-profit corporations to hold our hands.

Third, if they believed their own arguments, then they'd make certain functions such as intercepting SMS messages and installing a custom keyboard subject to stricter requirements with potential developer verification and keep the OS open and free otherwise. This would be a piece of cake since the technical infrastructure is already there on Android. The fact that they don't clearly indicates they're hypocrites and want to control users and developers, make 3rd party app stores harder or impossible, control which apps they "allow" as part of anti-competitive behavior, and possibly extract some extra cash from developers in the future.

It's a pity how private computing is destroyed and that's the reason we all have to use inferior web apps until browsers are closed down in the same way in the name of security theater.

Sounds like just trying to save face, they didn't have a language of "we're only _MAYBE_ stopping everyone from installing non-verified apps" back then. They were quite adamant.

But happy that they're dropping the craziest part of this in any case. Won't stop me from investigating Graphene OS and other options when getting my next handset though, the previous move surely caused a jolt in my interest.

This is exactly the right thing to do and the best possible outcome. Google is correct that arbitrary Software installation can be harmful to users, especially those with limited technical knowledge. At the same time there are many users who want to install software freely and should be able to do so.

The compromise of a clear and unambiguous warning of the potential dangers, which the user is then allowed to accept, seems very good and the right thing to do.

I assume the results of my actions and I accept that if something bad is going to happen, it's my fault. I am fine with that.

I want the same kind of freedom on my phone, a device I own and I payed for with my own money. I am not smarter when using the PC and dumber when using the phone. I want to be able to opt out of verification and install whatever I want.

But it does not say (or I can't find it) how to JOIN the waiting list. Does anyone know how?