cross-posted from: https://discuss.tchncs.de/post/45277582
Opening my weather app this morning I was greeted by this warning:
Google has announced that, starting in 2026/2027, all apps on certified Android devices will require the developer to submit personal identity details directly to Google. Since the developers of this app do not agree to this requirement, this app will no longer work on certified Android devices after that time.
It’s the first time I hear about this, seems to be about:
Cirrus app: Github
Was this a big thing I somehow missed? I hope more devs will follow suit.
I have a bird identifier which listens to the mic when you run it and it easily identifies the birds and it gave me that tonight when I opened it. I’m thinking that F-Droid (where it came from ) may be injecting that in the installs for those devs which have yet agreed to Google’s changes or otherwise flat out said they wouldn’t. I’m not sure if that would be the case with this app, but since you got the same one I did, it makes me wonder if that is the case.
Let’s go ahead and not accuse alternative app stores of injecting code into apps they distribute with absolutely no evidence, hey?
Yes but if we don’t accuse them, how will we lock down and own all software so nobody can avoid our malicious code!?
If it is whoBIRD it’s the same author.
And Audio Spectrum Analyzer
Actually it looks like author developed a lot of apps, they are listed on GitHub https://github.com/woheller69/omweather
Yes, it’s whoBIRD
As far as I know F-Droid are adament about builds being easily to reproduce.
They are the only alternative market that worked for hours for free to come up with a build system that let’s you get the same APK with every builds.
So basically you are accusing an alt market that makes it a point that you can recreate any APK on their market. They are the only actually making sure you can check there is nothing “injected” in an APK.