The detail that keeps getting lost in these threads: the "advanced flow" for power users is delivered through Google Play Services, not the Android OS. That's the whole game.
It means the safeguard is not part of AOSP. It ships as a closed component that Google can narrow, gate, or remove in any Play Services update, with no Android version bump, no OEM coordination, no user consent beyond the usual auto-update. "Open platform with an escape hatch" is load-bearing in the PR; "closed escape hatch bolted onto an open kernel" is what's actually shipping.
The second tell is timing. It's five months from enforcement and the flow has not appeared in any beta, dev preview, or canary build. We're being asked to treat a blog post and UI mockups as a functional guarantee. No other platform change of this scope lands without a shipping preview this late, and Google knows it.
The third piece most devs skim past: registration requires uploading evidence of your private signing key. Whatever you think of the verification program in principle, that specific requirement changes the threat model of every Android key in existence, including the ones protecting apps people already depend on.
"Sideloading still works" is only true in the narrow sense that some ceremony remains. The mechanism protecting that ceremony is owned by the party with the strongest incentive to eventually close it.
What follows is the "advanced flow." I feel like there should be a class action lawsuit in response to this as when I purchased my device I had an expectation that I could install apps without this insane limitation
Enable Developer Mode ↗ by tapping the software build number in About Phone seven times
In Settings > System, open Developer Options and scroll down to “Allow Unverified Packages.”
Flip the toggle and answer a scare screen confirming that you are not being coerced
Enter your device unlock pin/password
Restart your device
Wait 24 hours
Return to the unverified packages menu at the end of the security delay
Scroll past additional scare screen warnings and select either “Allow temporarily” (seven days) or “Allow indefinitely.”
On the next scare screen, confirm that you understand the risks.
You can now install unverified packages on the device by tapping the “Install anyway” option in the package manager.
How is this unreasonable? This is to prevent cases where people are told to urgently install the app while on a call, so the call has to be broken and person has a day to actually do something about the call.
Are you that zoomer brained to not be able to wait a day to install your APK?
> the "advanced flow" for power users is delivered through Google Play Services, not the Android OS. That's the whole game.
What is the source for this claim? I can believe it, but I haven't seen where the claim actually comes from, and it doesn't seem to be mentioned in Google's announcements.
If the "advanced flow" is delivered through play services, what does this mean for degoogled Android phones? Or are those not concerned with the new side loading limitations?
Put simply, If I were to install plain AOSP and F-Droid would I be able to continue installing apps normally?
>Combat astroturfing: when you encounter suspect posts on community forums and social media in support of the policy (“Well, actually…”), challenge them and do not be shy.
Someone contact Dang, because this is now allowed. I have been suspicious HN has actively supported astroturfers over the years for some sort of financial or mutually beneficial gain.
Anyway I basically changed to web apps. They are much easier to deal with and develop.
F-Droid really does have some great stuff, and you can know that the default posture is user respect rather than the opposite situation of the Play Store. I've started almost exclusively using F-Droid, excepting only for a few core apps that aren't available there (much to my disappointment).
If you haven't searched/browsed F-Droid in the last few years, do it. You'll likely be pleasantly surprised.
F-Droid is amazing. I basically wont install anything from the playstore unless its my bank or something.
Video games on F-Droid are how Android games should be. They have the spirt: No ads, no micro transactions, etc..
Kids educational games are the same. I have been using those games only for years and I've had 0 issues. Playstore games, you get an update and now your progress is frozen unless you pay.
Fully agree. Can you recommend some games, and kids educational games? I've tried a few and like them, but would love some recs.
The ones I like: Breakout 71, Chess, Word Maker, Word Tracer, Roboyard, FaFa Runner (short but briefly fun), Minesweeper (Privacy Friendly), Simon Tatham's Puzzles, SuperTuxKart, Tux Rider.
Well, actually I've long held the view that accusations of astroturfing, shilling, being a Chinese/Russian/CIA/MAGA/Soros/Martian bot, etc, are just people being too lazy to take on arguments they dislike with well-reasoned arguments of their own, but needing some sort of a quick "exit strategy" out of a conversation. Maybe this isn't true on Facebook, but here or on Reddit it is always far more likely that you're talking to an actual, possibly very wrong/bad, human being.
What is perfectly reasonable and rational is to only respond to clearly written arguments with some evidence of thought and time invested in them, and to consider others to be too low-effort or spammy to invest time in responding to. But guess what? Real humans spam for free, they're mostly not paid to do so by the PRC or George Soros.
Hypothetically, if Pixel phones became the go-to phone on Android, would G be less or more likely to keep it open? I have a bad feeling that the former is more accurate. The fragmentation somewhat forces the openness, or at least a baseline of openness. If pixels went to 98% market share, a rug pull seems easy and desirable for the management classes.
I'll admit that my cynicism is in no small part to having seen Android team members at G carrying around iPhones. It kills me to think that the bad parts of Apple are so interwoven into Android through cultural assimilation.
I have a Pixel 8 pro, last year I went to NYC with a friend who had an iPhone.
We went to some of the museums and as we were taking pics, the difference in color accuracy were dismal.
The Google phone was much, much, worse. I think google used to be known for their good photography and I was very happy with my earlier pixel 6. But something happened.
I'm sorry to say, but when it comes to photos and videos I think the iphone is now much better than the pixel phones.
Not only that but theres a lot of things that are easier to do when you're inside the apple ecosystem. Particularly in countries with high iphone usage.
I think Google has dropped the ball hard, and yeah, people working in android use iphones, people working in the google watch use apple watch.
I have recently upgraded to an iPhone 17 Pro Max from iPhone X (yes, I buy once a decade or so), and I also take photos with a A7-III.
The latest iPhone takes shockingly good photos. It's not a full frame mirrorless by any stretch, but it's really in another league when it comes to mobile photography.
Interesting, I also have a pixel 8 pro, and my photos often look better to me than my friend's iPhone. Not sure what phone he has though, it might be an older one (though P8Pro isn't exactly bleeding edge anymore either).
> It kills me to think that the bad parts of Apple are so interwoven into Android through cultural assimilation.
It’s more like Android is worse so they don’t want to use it. Dogfooding is good, of course, but if they don’t force them to do it, they will naturally choose the best phone. Which is not an Android.
The sad thing is, I started with Android believing it more than Apple's ecosystem, and after my first Android phone, I quickly jumped ship to iPhone.
My parents use Android devices and I manage them. With every iteration, Apple went to the way of PalmOS' refined flows as much as possible, and Android became what Windows CE aspired to be. A complex multi-layer wafer you can't understand which layer comes from where, and it's all different and non-standard between vendors.
Not the least, Android is mobile land of mini tools you have to install to be able to have a power-user friendly platform. Reminds me my old Windows days where I had to install utilities half day to be able to make the installation usable the way I want.
This initiative is well-appreciated, but - are we not barking up the wrong tree? Should the effort really be focused on pressuring Alphabet to modify an ecosystem that they already partially closed, and that they already have overall control over - rather than promoting a properly free alternative? I mean, non-Android Linux phones are already a thing, albeit clunky and not very popular. Would it not make sense to get some non-US entities (NGOs, phone manufacturers/vendors, municipalities or even states or multi-state entities) to form a consortium and invest enough in finishing up the engineering work necessary to make that a viable alternative? Without any single party controlling it?
Which of these political entities is in a better situation because of an open phone rather than partnering with Apple and Google? Anyone with the funding to make a Linux phone happen loses money and/or power making it happen. And users do not care, less than 2% of users will ever leave iOS or Android for Linux unless it's a substantially easier and more accessible experience for them, and we all know that will never happen.
As I mentioned previously, the writing is on the wall. It is a matter of time.
We definitely need a true alternative on the market, preferably open, to balance things out and to free everyone from the duopoly. The political pressure that is needed is not to “keep” Android open, but to ensure that governments and institutions don't double down on the existing duopoly. Ensure that interoperability standards are in place, and don't lock people into the existing big tech platforms/solutions.
Android was never open. Its security model / the permission system is anticompetitive and the user is a third class citizen.
Google can do everything as they control the system - this gives full innovation capabilities. Then there are vendors which are restricted by Google via CDD (checked by CTS/VTS), they might add "privileged apps" but they can't touch what Google does on the system..
And only then there are regular developers/users, apps which they can install have very limited capabilities, they can't extend the system beyond a limited set of APIs that Google allows them to use.
This limits third party innovation already, but Google constantly makes it worse by restricting third party app capabilities even further under the guise of "security"..
It depends on what you mean by "Android." FOSS distributions such as Lineage or Graphene are unaffected by developer verification or other restrictions, and are truly open in the sense that they are controlled by the user.
> and are truly open in the sense that they are controlled by the user.
I don't see them altering the permission model, you probably meant the possibility of modifying the system by tools such as Magisk, which indeed make it possible to install software much less restricted..
.. but you can do that on any device with an unlockable bootloader. Graphene/Lineage only remove some Google spyware.
Try to install a Lineage phone app on GrapheneOS to understand what I mean :)
> Try to install a Lineage phone app on GrapheneOS to understand what I mean
I am not sure what you mean here. Any Android app should work on both Lineage and Graphene, it's the same base system. Graphene's debloating also goes far beyond removing some Google spyware. By default, there are no Google libraries, Play Store and Google apps.
You can't install the LineageOS phone app (with more modern looks) on GrapheneOS, because:
- the package name is already taken and to replace app with the same name the package needs to be signed with the same key which you don't have
- even if you modify package name, it's a system privileged app, privileged apps may only be installed by Google/vendors (unless you're recompiling the OS [64GiB RAM needed])
- if you strip all the privileges, functions like call recording won't work.
I've had to deal with google's review process for docs add-ons and play store apps. It was a demotivating experience, disrespectful, inhumane and unfair. The idea that this will be the only way to be allowed to create things for android is so depressing. Putting hundreds of hours of effort into an app to hear back a vague "does not comply with some rule" is such a let down. This has been my main motivation to degoogle.
It feels like there is a wide open opportunity for some new OS's to enter the mainstream marketplace. I see nothing but dissatisfaction with the incumbents.
We still have problems with websites only working on Chrome, moving to a new - or grow an already existing one - open mobile ecosystem in 2026 and beyond it's going to be much more difficult than the Year of Desktop Linux, unfortunately :(
In order to enter the mainstream market and challenge the consumer OS duopolies, a new OS needs at least two things:
1. Retail presence
2. A large advertising budget
This is why it's so difficult to challenge the existing duopolies on desktop and mobile. If a consumer can't walk into a retail store, see a device on the showroom floor with the new OS installed by default, and buy a device with the new OS installed by default, then the new OS has zero chance of becoming mainstream.
Among other reasons, this is why Linux has failed to go mainstream. Linux has no retail presence, and it's not advertising to consumers.
There's so much lock-in/captive-audience on these platforms I don't see this happening with mobile phones as they exist today. The only thing that will crack it is the "Next Big Thing"™, and who knows what/when that will be (AR glasses? Brain chips? Some AI wearable?)?
I want what you say to be true, but realistically it's not because of the "security" features available to app developers, and the fact that so many companies (even government!) have moved to mandatory apps. I don't know how we ever get past that with a new OS.
There are android distributions like Graphene OS and LineageOS that are completely open. The problem is application developers that specifically restrict their apps to only run on google/apple certified hard-/software
At this point, I'm just going to run a desktop OS on all of my future phones.
I've given up on cell phone software, but I wish cell phone hardware were better. I'm okay with a processor that isn't the latest and greatest, as long as it isn't in so-old-it-draws-watts-at-idle PinePhone territory, but fast processors seems to be all that phone manufacturers care about. They cut corners everywhere else, precluding the headphone ports, expandable storage, replaceable batteries, infrared transmitters, and physical buttons that made older phones much more useful, and they not only make the screens skinnier, but they literally cut off the corners. I want a nice uninterrupted at least 9:16 aspect ratio, if not higher.
The advanced flow is perfectly reasonable and I'm 100% sure there will be Magisk based bypasses for it if you absolutely require Google services + APK installs. The percentage of people installing legit 3rd party APKs is miniscule compared to the number of elderly scammed by these shitty apps. Glad Google is taking steps to close this security hole. Just wait the damn 24h you impatient "poweruser". 100% sure that there won't be a full lockdown or an extension of the timeout cuz this is gonna close most, if not all of the holes for these shitty apps.
> it will no longer be possible to develop apps for the Android platform without first registering centrally with Google
This is inaccurate. The enforcement is through Google Mobile Services. The article fails to point out that some manufacturers build versions/forks of Android that do not include GMS, but these are still technically Android.
68 comments
It means the safeguard is not part of AOSP. It ships as a closed component that Google can narrow, gate, or remove in any Play Services update, with no Android version bump, no OEM coordination, no user consent beyond the usual auto-update. "Open platform with an escape hatch" is load-bearing in the PR; "closed escape hatch bolted onto an open kernel" is what's actually shipping.
The second tell is timing. It's five months from enforcement and the flow has not appeared in any beta, dev preview, or canary build. We're being asked to treat a blog post and UI mockups as a functional guarantee. No other platform change of this scope lands without a shipping preview this late, and Google knows it.
The third piece most devs skim past: registration requires uploading evidence of your private signing key. Whatever you think of the verification program in principle, that specific requirement changes the threat model of every Android key in existence, including the ones protecting apps people already depend on.
"Sideloading still works" is only true in the narrow sense that some ceremony remains. The mechanism protecting that ceremony is owned by the party with the strongest incentive to eventually close it.
Are you that zoomer brained to not be able to wait a day to install your APK?
> the "advanced flow" for power users is delivered through Google Play Services, not the Android OS. That's the whole game.
What is the source for this claim? I can believe it, but I haven't seen where the claim actually comes from, and it doesn't seem to be mentioned in Google's announcements.
Put simply, If I were to install plain AOSP and F-Droid would I be able to continue installing apps normally?
Anyway, I did my part, basically I only use FDroid. I filled this out: https://docs.google.com/forms/d/e/1FAIpQLSfN3UQeNspQsZCO2ITk...
>Combat astroturfing: when you encounter suspect posts on community forums and social media in support of the policy (“Well, actually…”), challenge them and do not be shy.
Someone contact Dang, because this is now allowed. I have been suspicious HN has actively supported astroturfers over the years for some sort of financial or mutually beneficial gain.
Anyway I basically changed to web apps. They are much easier to deal with and develop.
If you haven't searched/browsed F-Droid in the last few years, do it. You'll likely be pleasantly surprised.
Video games on F-Droid are how Android games should be. They have the spirt: No ads, no micro transactions, etc..
Kids educational games are the same. I have been using those games only for years and I've had 0 issues. Playstore games, you get an update and now your progress is frozen unless you pay.
Guitar tuner? same
File explorer, image viewer, etc... Same
Everything: same
The ones I like: Breakout 71, Chess, Word Maker, Word Tracer, Roboyard, FaFa Runner (short but briefly fun), Minesweeper (Privacy Friendly), Simon Tatham's Puzzles, SuperTuxKart, Tux Rider.
> We need a financial way to reward the resistance
Here you go: https://eff.org, https://edri.org, https://noyb.eu
See also: https://news.ycombinator.com/from?site=eff.org
https://news.ycombinator.com/from?site=edri.org
https://news.ycombinator.com/from?site=noyb.eu
What is perfectly reasonable and rational is to only respond to clearly written arguments with some evidence of thought and time invested in them, and to consider others to be too low-effort or spammy to invest time in responding to. But guess what? Real humans spam for free, they're mostly not paid to do so by the PRC or George Soros.
> far more likely that you're talking to an actual, possibly very wrong/bad, human being.
Is it? I can't name another social media site that is simultaneously more ubiquitous than HN and bereft of any anti-spam measures.
I'll admit that my cynicism is in no small part to having seen Android team members at G carrying around iPhones. It kills me to think that the bad parts of Apple are so interwoven into Android through cultural assimilation.
We went to some of the museums and as we were taking pics, the difference in color accuracy were dismal.
The Google phone was much, much, worse. I think google used to be known for their good photography and I was very happy with my earlier pixel 6. But something happened.
I'm sorry to say, but when it comes to photos and videos I think the iphone is now much better than the pixel phones.
Not only that but theres a lot of things that are easier to do when you're inside the apple ecosystem. Particularly in countries with high iphone usage.
I think Google has dropped the ball hard, and yeah, people working in android use iphones, people working in the google watch use apple watch.
The latest iPhone takes shockingly good photos. It's not a full frame mirrorless by any stretch, but it's really in another league when it comes to mobile photography.
> It kills me to think that the bad parts of Apple are so interwoven into Android through cultural assimilation.
It’s more like Android is worse so they don’t want to use it. Dogfooding is good, of course, but if they don’t force them to do it, they will naturally choose the best phone. Which is not an Android.
My parents use Android devices and I manage them. With every iteration, Apple went to the way of PalmOS' refined flows as much as possible, and Android became what Windows CE aspired to be. A complex multi-layer wafer you can't understand which layer comes from where, and it's all different and non-standard between vendors.
Not the least, Android is mobile land of mini tools you have to install to be able to have a power-user friendly platform. Reminds me my old Windows days where I had to install utilities half day to be able to make the installation usable the way I want.
We definitely need a true alternative on the market, preferably open, to balance things out and to free everyone from the duopoly. The political pressure that is needed is not to “keep” Android open, but to ensure that governments and institutions don't double down on the existing duopoly. Ensure that interoperability standards are in place, and don't lock people into the existing big tech platforms/solutions.
Google can do everything as they control the system - this gives full innovation capabilities. Then there are vendors which are restricted by Google via CDD (checked by CTS/VTS), they might add "privileged apps" but they can't touch what Google does on the system..
And only then there are regular developers/users, apps which they can install have very limited capabilities, they can't extend the system beyond a limited set of APIs that Google allows them to use.
This limits third party innovation already, but Google constantly makes it worse by restricting third party app capabilities even further under the guise of "security"..
> and are truly open in the sense that they are controlled by the user.
I don't see them altering the permission model, you probably meant the possibility of modifying the system by tools such as Magisk, which indeed make it possible to install software much less restricted..
.. but you can do that on any device with an unlockable bootloader. Graphene/Lineage only remove some Google spyware.
Try to install a Lineage phone app on GrapheneOS to understand what I mean :)
> Try to install a Lineage phone app on GrapheneOS to understand what I mean
I am not sure what you mean here. Any Android app should work on both Lineage and Graphene, it's the same base system. Graphene's debloating also goes far beyond removing some Google spyware. By default, there are no Google libraries, Play Store and Google apps.
- the package name is already taken and to replace app with the same name the package needs to be signed with the same key which you don't have
- even if you modify package name, it's a system privileged app, privileged apps may only be installed by Google/vendors (unless you're recompiling the OS [64GiB RAM needed])
- if you strip all the privileges, functions like call recording won't work.
Same for contacts and so on..
1. Retail presence
2. A large advertising budget
This is why it's so difficult to challenge the existing duopolies on desktop and mobile. If a consumer can't walk into a retail store, see a device on the showroom floor with the new OS installed by default, and buy a device with the new OS installed by default, then the new OS has zero chance of becoming mainstream.
Among other reasons, this is why Linux has failed to go mainstream. Linux has no retail presence, and it's not advertising to consumers.
Some more discussion in February
Open Letter to Google on Mandatory Developer Registration for App Distribution
https://news.ycombinator.com/item?id=47139765
I've given up on cell phone software, but I wish cell phone hardware were better. I'm okay with a processor that isn't the latest and greatest, as long as it isn't in so-old-it-draws-watts-at-idle PinePhone territory, but fast processors seems to be all that phone manufacturers care about. They cut corners everywhere else, precluding the headphone ports, expandable storage, replaceable batteries, infrared transmitters, and physical buttons that made older phones much more useful, and they not only make the screens skinnier, but they literally cut off the corners. I want a nice uninterrupted at least 9:16 aspect ratio, if not higher.
> it will no longer be possible to develop apps for the Android platform without first registering centrally with Google
This is inaccurate. The enforcement is through Google Mobile Services. The article fails to point out that some manufacturers build versions/forks of Android that do not include GMS, but these are still technically Android.
Not sure what I'll do. Does Asus still make a phone?