Let’s hope that the rest of the world, specifically Europe smash this ridiculous proposal apart for what it is. Europe has already sorted out USB-C etc. Its not perfect and they don’t get everything right, but certainly big enough to make stuff right.
They’re too busy forcing chat control and age gates through our collective throats.
Yep. The E.U. has allowed itself to be dominated for too long by the US megacorps. It has the talent, ideas, and manufacturing to tell US firms to bugger off … and the sooner, the better for us all.
Unless you want hillbilly outrage slop destabilising your continent, you better get control away from American tech companies.
I’m starting to think these for-profit companies only care about making money.
gulp You might be right
What pisses me off it that they say they do this for security. It changes absolutely anything.
They really think that malware developers will say “oh no! I need to submit a picture of an id card to sign my malware! It’s literally impossible to submit a jpg of a stolen id card, I’m ruined and out of a job!”
What does it change? Waste 20 minutes of some malware developer while they register under a stolen id? They already have a system that scans for known malware and automatically remove it.
It’s always security when someone wants to take our freedom away. Always security…
Not always. It can also be about the children.
That’s also security.
Not really, it’s more about children not being exposed to things usually. Hence starting with age requirements for porn and they move forward to other things.
“Protecting the children from harmful content and predators”, “protecting people from terrorists and criminals”, “protecting users from hackers” are all forms of security, and are all used as arguments to erode freedoms.
It all boils down to: just give up this bit of freedom so we can keep everyone safe.
About keeping the children safe
Of course they know that. It’s about power and money. After all, they already have a security program that filters out malware. If we believe their stated reasoning (which we don’t), they’re tacitly admitting that their current security program is a complete failure, and also that they will not try to fix it.
The justification is simple, I don’t see the confusion, they want absolute power and for all alternatives to wither and die ? What is there not to understand ?
I am perfectly ok with android apps being required to be signed by not just a certificate (they always were just it could be self signed and just needed to match to upgrade without removing data) but a list of trusted entities.
As long as:
- I can install my own key on my phone (I’d I am trusted)
- major distributors like fdroid and have a key installed without friction (like web CAs)
- Google let’s me mark their key as untrusted (I probably won’t but I should be able to refuse things they trust (at install time, not disabling preloaded apps like settings)
Without this it feels too much extending the monopoly despite being forced to allow 3rd party stores.
“Google stands for free and open internet”
https://blog.google/outreach-initiatives/public-policy/keep-internet-free-and-open/
Aged like milk.
Don’t be evilBe evil when it makes money.
And of course the motto should have been, “Don’t do evil.” That would have been a respectable goal. But it wasn’t, because even back then they only wanted to be slightly better than Microsoft.
aged like a corpse in a bathtub more like it.
Mmmm head cheese
Don’t be something or other, hey check out this week’s doodle!
It seems to me that part of the problem is overreliance on phones as computing devices. A lot of things, like banking, are best done on an actual computer. We have become too dependent on phones.
Maybe we have this view because when we refer to computers we see a more open ecosystem that’s not found in the mobile phone era. I want that same liberty with my phone. When the word “sideloading” has disappeared, I think then we have known something has changed.
no it’s not. takes me 2 seconds to log in into my banking up in my phone. anything basic will take a few taps to do (eg transfer money).
Your phone has likely much better security for your banking apps than your computer, unless you run really niche setup like QubesOS.
You say “security” I say “a bug that won’t let me log in”. Which is it?
We as a society should be rethinking the term “security”, if it’s come to mean submitting to being jerked around however best suits some private company’s interests instead of our own. If there’s a central platform for its security benefit it should be democratically controlled instead of controlled by what are effectively feudal lords, or perhaps even an occupying force
The security I am talking about has nothing to do with being locked down. Linux could easily implement the same, but it probably never will, because it requires a bit of central management and vision. And Linux really struggles with that.
You’re responding downthread of QubesOS being mentioned
Sure it’s hard to get that kind of security onto mainstream distros. But it exists.
Yeah, I was the one mentioning QubesOS. Since I tried it and didn’t last a week because of how bad the user experience was. I am not a CIA spy, I am looking for a balance of security and usability and android is amazing at that. Sure, some things could be more secure. Sure, I can’t do some things because GrapheneOS can’t be rooted. But the balance is excellent. At least for me.
I’m not sure how it works the way where you live but where I live, the way the banking apps are implemented completely violate MFA. They rely on SMS verification which is absurd since if you’re phone is already compromised, no doubt your SMSes are too. There’s no true multi-device authentication in place and this has led to a huge number of victims being scammed after their devices get compromised by a phishing attack.
The desktop and phone are both insecure, proper security should not have all your eggs in one basket.
Well, yes. But then again, I would trust my GrapheneOS phone not getting compromised over 3 linux devices. MFA is not some ultimate solutions and it is a pain to use.
Yeah, SIM swaps are a concern too.
The phone is not insecure because of all eggs on basket.
Which is the point. Why do we need this security when the most virus riden PC can access my banking website.
That’s a good point, time to ban banking websites and only allow people with locked-down phones to bank.
Yeah but it’s “we” as in everyone not “we” as in “Lemmy commenters”.
So the network effect will keep the average person on a locked-down phone that can’t run anything anti-regime
Yep I absolutely refuse to put any banking apps on my phone. The only thing that has access to my bank is me physically going there or logging into their website via my own computer. Fuck any app that asks for access to my bank account including autopay services thorugh third parties.
The only third party serive I use for payments is paypal and that only goes to my credit card.
“Year of the Linux Phone” has a nice ring to it.
Not for me, no. I love the sandboxing and permissions of android (GrapheneOS). Honestly, desktop OSs should learn from it. Also, android is a lot easier to use, especially on small form factor devices.
Idk about GrapheneOS in particular but I find the sandboxing solutions for GNU/Linux like bubblewrap to be much more granular than standard Android.
“give us access to manage phone calls or we won’t you me answer internet calls (which have nothing to do with actual SIM calls)”, “give us access to all your files or we wont let you share that file via the share function (which doesn’t need fs access to work)”.
On GNU/Linux I can only give a program exactly the resources it needs, I can disallow dbus, I can block it from accessing potentially troublesome things like /dev/dri, can overlay filesystems and pretend that’s my real home dir. Or can just mount the whole / to some other system.
I am not saying android is perfect, but too granular is also bad. I have better things to do then tweaking SELinux policies.
Right now the only decently speced phone with mainline Linux support is the Oneplus 6, and the only one I can find is being sold for $2000
There’s the FairPhone 6, running e/OS, Which is a deGoogled port of android, running microG
https://murena.com/america/shop/smartphones/brand-new/murena-fairphone-6/
If f-droid doesn’t expect to survive I think the whole stack /e/OS relies on might eventually collapse (microg, lineage, …).
I dunno how viable it is, but linux phones with waydroid is a thing
Also, I’d imagine that a small pocket of custom ROM amd root folks will still exist
Come hell or high water, i will retain control of my phone
Damn, I was hoping my Oneplus 6T was worth a couple grand. Nope. Someone has one on Swappa unlocked and in mint condition for $180. A Oneplus 6 is listed on Ebay for $130.
Is it in stock though?
It is, but why does that matter?
Can’t you install graphene on Pixel 6 and later?
I think that’s the one I have, but please explain what mainline Linux kernel means? Would it be about installing bare Linux instead of Android?
It means you can use the regular Linux kernel instead of fucking around with a custom kernel (like Asahi) or with some sort of Android layer (like Halium). So running whatever distro you want shouldn’t be too difficult.
Open source community keeps trusting Google and they keep using the Embrace, Extend, Extinguish https://en.m.wikipedia.org/wiki/Embrace,_extend,_and_extinguish
What should anyone have done different? Not built for one of the largest platforms with the most users?
Android is so big because the community let them embrace it. Since the beginning the community should have worked in a true open solution. Now it’s really late to try to make a Linux phone
Luddite. I’ve let AI manage my finances and mortgage for about a month now. Hold on, there’s a knock at the door, some dudes with a big van or something
Linux would suck on a phone. Sorry it is barely usable on a laptop. We get worse battery life hardware less supported. Sure we put up with it but most people just want stuff to work.
Linux mobile
Yea… I’m really disappointed with the timing of FuriLabs new phone which is mostly a downgrade over the previous one. I’ve been window shopping phones for a couple of months and am at a loss for what to do. Even spent some time considering a dumb flip phone that can work as a wifi-hotspot and use a small linux tablet or something for the more involved stuff, but couldn’t find a good tablet option that wasn’t huge (would still want it to fit in my pocket) or come with the same problems.
Shift phone 8 from murena?
As far as I can tell, it’s just de-googled android… It is going to have the same eventual problems as any LineageOS, e/OS/, or GrapheneOS phone will have.
Unfortunately we need to come to terms with the fact that 1) Android is not Linux after all of the bastardizations Google has done to it and the control they maintain. 2) We need hardware mfrs on board for fully Open Source drivers for mobile hardware.
Basically all of the Linux phone options I’ve looked at have been disappointing. You’ve got people making open source OS like Sailfish or PostmarketOS or UbuntuTouch, but they only work for pretty narrow (and old) hardware and they don’t get 100% functionality on basically any of the hardware. FuriLabs was the first one I’d seen claiming you could use all of the features of the hardware, but even then it is using a bunch of (basically) compatibility layers to trick android apps into running, so I don’t even know if that will work after Google gets done with their plans.
deleted by creator
I will literally go without a smartphone if Google does this, this is insane I would have bought an iphone if I wanted a junk device I don’t actually own.
If this effects de-googled android, I will probably start investing in Linux phones.
I would rather have a limited phone than has full freedom than one that makes everyone go through Google.
It won’t. This is for 99% of users with their Google enabled devices. It’s still shit and it will effect the 1% indirectly by the reduction of available software outside the play store.
The crazy part is this may make iOS the better alternative when considering the emergence of third-party app stores and Apple’s loosening grip on their ecosystem.
LineageOS is still a good option too, for anyone who would prefer to keep the phone they have
Where are the third party app stores on iOS. Apple is delaying and fighting every inch in the EU.
Not really. They are converging onto the exact same thing. 3rd party stores are allowed, but needs [Google/Apple]'s approval.
If you are big and have teeth (like Epic Games), you will (probably) be allowed, if you are small like a single open source developer, the can shut you down city dubious “security”/“ToS” issue, and you probably don’t have the money to sue.
LineageOS is not really an alternative though, as it will still be hit by this. Please see the comment here: https://lemmy.world/post/36621884/19652276
iOS would be the better alternative, if it wasn’t for the hardware they run on. After all, Apple is infamous for their blatant planned obsolescence on their iPhones since the iPhone 6. Unfortunately, Google seems to be following Apple in this way as well since they launched an update that made the Pixel 6a’s battery so much worse than before. Therefore, we must all have a dumb phone + Linux phone set up…or something
I can agree on Apple not really having a properly supported hardware repair ecosystem, and actively working against third party repair.
But the software? When Samsung and friends had 2-4 years of security updates, Apple had almost twice that. The iPhone XS still has support, 6 years after end-of-sale, 7 years from release. Normal people can’t be expected to flash their phones with LineageOS. The situation is slightly better nowadays, but Samsung still seems to be depreciating 3 year old devices: https://endoflife.date/samsung-mobile
To add, Apple has actually been making amends regarding repairability. It’s small steps, but leagues ahead of what’s offered for popular android manufacturers, while still maintaining their IP68 ratings on most devices.
I can’t speak to how they make their parts available to third parties (seems to be a grey area), but there has been a reasonable focus with the last couple generations of iPhones that ensures the device can be repaired from either side.
Overall, the tide seems to have shifted. If you’re going to be at the mercy of a corporate giant in order to keep up with modernity, then Apple is currently holding the dimly lit torch of consumer rights.
Apple is infamous for their blatant planned obsolescence on their iPhones since the iPhone 6
They learned from it. The phone toggles itself when the battery health is at 80% max capacity, but this is toggleable. Also, the iPhone 11 still runs smooth.
iOS would be the better alternative
- Already can’t “sideload”. iOS will be just as restrictive as Android in 2026-2027.
- Apps immediately gets killed in the background. Can’t even transfer data to a USB Drive without needing to downloading a separate app, and need the app in the foreground.
- iPhones cannot multitask
- Developer account costs $99 **per year. On Google its only a $25 one time fee (for the near future, at least, I can’t predict what they will do in like 2035)
Yeah, if Android effectively kills fdroid, then it essentially becomes like iOS. Whilst you can technically still sideload, apps must get certified by Google themselves and there’s no way they’ll allow 90% of fdroid unless its their Google Play versions.Tbf though, I didn’t know the background thing, which just goes to show that neither of them are ideal. Especially since Apple locks down their devices really hard which turns things like transferring files without a cloud service into a challenge. Therefore, in the future, I might just use a dumb phone for basic phone calls and text messages (meanly just for things like job applications or services like pharmacies) and a Linux phone for everything else. That’s assuming Linux phones have evolved just enough to be usable alongside a dumb phone for what it can’t do, which is SMS.
They both go for the least open option. If asking for all devs registration and validation from google is viable and legally sound, apple will do the same if that’s not already in the pipe.
Both “stores” are targeted for the same issues.
Isn’t this illegal in Europe? Was that the whole point of forcing apple to allow alternative app stores?
If you have a Mac, have you ever tried installing an app and have it refuse because it’s not signed by Apple, and then you had to go into settings and click “allow anyway?”
This is that, except without the allow anyway feature, like iOS. It doesn’t matter if it comes from the play store or elsewhere, as this story originally had us believe.
No, Google is following Apple’s exmaple.
Technically, third party app stores are allowed. Developers “only” register with google to receive a developer certificate. Isn’t apple doing the same thing in response to the EU regulations and that has been allowed?
Seems like a weasel around the requirement to get rid of the actual benefit of 3rd party stores.
I can’t believe how useless the EU regulations are.
Technically illegal where I live.
In Brazil you can’t sell a device with a given feature and then remove said feature in a software update. Even Apple, known for never allowing downgrades, was forced to downgrade and pay a fine to a customer after his iPad 3 updated to iOS 7 and lost an iOS 6 feature.
In other words… every single Android device sold until today in Brazil allows sideloading. Even if a single customer uses a sideloaded app, removing the ability to sideload freely would be illegal, and because the original feature didn’t require a developer signature it can’t be enforced now.
The issue is, as always, if this went to court somebody would have to manage to explain to a tech illiterate judge what a “developer signature” is, how this relates to “sideloading” and so on.
technically you will still be able to install apps from outside the play store, but the developer will need to verify their identity with google.
Of course, most developers will refuse to do so (myself included), and so most apps will not be able to be installed. From a technical perspective, installing apps from other sources will still be allowed. So i can see judges ruling that this is not a feature removal.
You and I both know this is google killing non play store apps, but I don’t think the tech illiterate judges will see it that way.
Technically you can still install apps unsigned through ADB.
Considering it’s easier than ever to start up something like Shizuku, it could be used to grant f-droid access to install apps bypassing the requirement.
Obviously not a good solution by any means.
but the developer will need to verify their identity with google.
If I purchase a device today, it’s got the ability to install apps that are not verified. This is a feature. If now it’s restricted, it violates our code.
The problem might be that Google will argue this isn’t a downgrade at all, but an upgrade (for “security” reasons). I don’t want to be a pessimist, but the tech illiterate judges could eat that up.
thank god for brazil
… Brazil is one of the first countries this’ll go into effect and I also remember something about how that first batch of countries was chosen because their governmemts support this change.
because their governmemts support this change.
I can see how Google’s PR team might use this argument, but it’s certainly illegal in Brazil so our government most definitely isn’t supporting this decision. Also, it needs to be way more specific than “government” - who exactly is endorsing this? Procon? Anatel? Polícia Federal?
Either way, the actual reason for targeting Brazil as one of the first is because we do love our piracy, which naturally translates into sideloading being frequent.
brazil and piracy are a match made in heaven, I remember when I was 8 and my mom went with me to a openstreet market to buy xbox360 games, all were pirate copies selling in open sky to anyone to buy, copyright be dammed, and of course can’t forget the famous “gato” to watch all tv channels for free with a android box that definetly does not has a backdoor in it
Best of luck to Brazil then. Hopefully you get them to change course.
Brazil has actually been really good about holding the mega corps to account recently. I’m very hopeful for them.
Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices.
Are they actually proposing to make any previously sold devices “certified” through a software update, though? Your points are right on if this edict applied to all devices.
A “certified Android device” is a device running Google Play Services, Play Protect, Google’s WideVine DRM scheme and a few other requirements. If you purchase a device from a known manufacturer, like Samsung, you’re falling into this category.
For those in Europe, write your representatives.
Fro me f-droid’s post: https://f-droid.org/2025/09/29/google-developer-registration-decree.html
What do we propose?
Regulatory and competition authorities should look carefully at Google’s proposed activities, and ensure that policies designed to improve security are not abused to consolidate monopoly control. We urge regulators to safeguard the ability of alternative app stores and open-source projects to operate freely, and to protect developers who cannot or will not comply with exclusionary registration schemes and demands for personal information.
If you are a developer or user who values digital freedom, you can help. Write to your Member of Parliament, Congressperson or other representative, sign petitions in defense of sideloading, and contact the European Commission’s Digital Markets Act (DMA) team to express why preserving open distribution matters. By making your voice heard, you help defend not only F-Droid, but the principle that software should remain a commons, accessible and free from unnecessary corporate gatekeeping.
https://f-droid.org/2025/09/04/twif.html [^antifeatures]: F-Droid Anti-Features overview: https://f-droid.org/docs/Anti-Features/ [^howmanyusers]: How many F-Droid users are there, exactly? We don’t know, because we don’t track users or have any registration. “No user accounts, by design”: https://f-droid.org/2022/02/28/no-user-accounts-by-design.html [^sideloading]: ‘“Sideload” is a weird euphemism that the mobile duopoly came up with; it means “installing software without our permission,” which we used to just call “installing software” (because you don’t need a manufacturer’s permission to install software on your computer).’ — Pluralistic: Darth Android: https://pluralistic.net/2025/09/01/fulu/ [^playprotect]: “Google Play Protect checks your apps and devices for harmful behavior”: https://support.google.com/googleplay/answer/2812853
do we have a contact tool like for chat control?
