Yep, it's as bad as everyone expected it to be. "We aren't taking away sideloading, we're just going to fully control it now! No Google-unapproved code on user devices! For security reasons!"
Chrome isn't enough. We need Android to get clawed away from Google too.
Not really though, as you can still install apps over adb without developer verification, same as always.
And by what mechanism can you prevent google from disabling adb? Or implementing a situation like iOS where sideloaded dev apps only last for a week and are signed with your personal developer key tied to your credit card?
There's nothing to stop them, and absolutely no reason to think they won't take away adb sideloading in the near future.
Google have full control to do this on their Pixel devices by rolling out new firmware with further restrictions - though there is no evidence they plan to do so.
However other vendors that build upon AOSP, such as Samsung, can make their own decisions on this.
> However other vendors that build upon AOSP, such as Samsung, can make their own decisions on this.
Pure AOSP devices are only some chinese knockoffs without play store. If your device needs play store/device integrity verification, there are lots are requirements by goog that needs to be met. Goog can add new requirement to disable installing unverified apps from adb.
Sure, that's going really well for Graphene. What happens when AOSP is abandoned and google close-sources everything they can get away with? Do you expect users to start compiling years-old AOSP and rolling device trees themselves?
Do you see the direction they're heading? They're now making it so maybe .5% of android users know how to sideload. They're clearly chipping away at it, even though they might not be making all the changes at once.
What fraction of users do you think have a legitimate need to sideload apps on Android? I would imagine it's much less than 0.5%. Developers and technically-minded power users must be a tiny minority amongst Android users given that it has an install base in the billions.
Right now, not many. My point is that they aren't flipping a giant switch from an open platform to a closed platform. They're boiling the frog -- slowly removing features until all choice is gone.
A few more years in this direction and Android can be as locked down as iPhone before Apple was forced to allow sideloading
Give them an inch...
You can sideload apps in ios too, but you may not run it.
On Android you can both install and run apps over adb. The linked article explains:
> Participating in developer verification will not affect your experience in Android Studio, the official IDE for Android app development. You will continue to be able to build and run an app even if your identity is not verified. Android Studio is unaffected because deployments performed with adb, which Android Studio uses behind the scenes to push builds to devices, is unaffected. You can continue to develop, debug, and test your app locally by deploying to both emulators and physical devices, just as you do now.
Which is a clear roadblock for third-party appstores adoption, notably F-Droid which compiles and signs the apps it distributes.
What if F-Droid distributes an app Google or its US overlords deems dangerous or illegal? Will they block and/or revoke that signature, thus taking down F-Droid in its entirety?
Not really though. That's not how apps are usually installed on Android outside of Google's control.
Not for long.
> you can still install apps over adb
and they will be removed by play protect.
> We want to make sure that if you download an app, it’s truly from the developer it claims to be published from, regardless of where you get the app. Verified developers will have the same freedom to distribute their apps directly to users through sideloading or through any app store they prefer.
This makes no sense at all.
Not to mention this doesn't even solve the problem. What's preventing someone from registering and then releasing an app with a similar name to a famous app? Sure, the registration means there's someone you can sue, but it doesn't allow the user to identify the publisher. A "verified publisher" field when you're installing an app would solve both issues (similar to windows[1]), and not require every app developer to register with google.
[1] https://en.wikipedia.org/wiki/File:User_Account_Control.png
Microsoft does make you register with them to get verified though
Classic strawman argument and corporate tactics of shifting the conversation without addressing real concerns.
Somewhat unrelated: Do you think the UK government and Google have the same PR team?
Thought: Maybe we can organise and collectively hire this PR team to get Google, other big tech, and our governments, to look bad... And get shit done that way... If 2025 is the year of the PR spin, surely the only counter-measure is counter-spin?
Edit: Hold on, I think I just re-invented the concept of a political party.
More confirmation that Google is a company with too much power and should be forced to sell Android and Chrome
They’re more likely to buy out all of our members of parliaments and turn into East India Company and form their own army to protect their investment.
We’ve got to a point where corporations are bigger than some countries and getting almost unlimited powers again.
No need to listen. We all know how evil the intentions are. This will kill the platform, for better or worse.
We’ve been through this route before, it doesn’t kill the platforms. It just alienates people like us, which is actually a net benefit to Google.
Android was a sink for people who want things like this and an excuse for people to rationalize Apple doing it. If Android is "good enough" then who needs some actual Linux phone? If Android is open and that's what you want then why don't people just buy one of those instead of having the government break up Apple and Google?
People become willing to do things when you throw them out in the cold that they wouldn't do when you were still supplying the bread and circuses, and those people they don't like? It's because they're stubborn and they actually care and they know how to build things, isn't it?
In this case, the benefit of android is that the owner of the device owns it, so can run whatever they want, in stark contrast to apple.
If that goes away, might as well use apple's walled garden. There is no point for android to exist if freedom goes away.
An average person never thinks about that. That’s like not even a thing one ever thinks of while purchasing a phone.
However, if you prefer not to, we are also introducing a free developer account type that will allow teachers, students, and hobbyists to distribute apps to a limited number of devices without needing to provide a government ID.
I lobbied everyone for years against Apple devices, switching people to Android to have a little bit more freedom. Now Google Android will be the same shit.
If people working on Google are hanging out around here, please know that your company really sucks now...
> On hardware devices owned by consenting adults, without anything related to Google, or touching their servers, still they allow themselves a right to review
Aren’t the changes only for Google certified Android devices, AKA those that come with the play store?
As said by others, first it will be hard to find smartphones without that, especially if it is a requirement to be android certified and be allowed to have the play store running.
But, the biggest trap that we can easily expect is that a lot of apps like banking apps will use Google API to check that they can only run on devices with the check for signatures. Same as the check for rooted devices.
Only? This is everything except Huawei.
Which accounts for any Android device normies can be expected to own. What, you think your aunt Louise is going to flash GrapheneOS onto her phone?
What do the OEMs have to say about this? A lot of them, including Samsung, have their own app stores. Surely they'd not be willing to cede control?
OEM will of course retain more rights than device owner as it's always the case on android
Samsung's store contains virtually no original third-party software, anything that's worth installing and is not from Samsung is available on the Play Store.
You know, you have to wonder what they did wrong.
Sure the Play store was dominant when they started their own store. Yet companies tend to have excellent success if they control the OS on the device.
They could have offered no commission for 5 years, or some such.
Does anyone reading this know if the contract they had to sign with Google, to have the Play store pre-installed, reduced their ability to compete?
I mean look at the whole Epic thing. They could have offered them commission free use of the store, and used that to draw users in.
It's like they weren't trying.
They probably weren’t. Samsung does just enough work so that they could feasibly create their own fork of Android in the event of Google trying to fuck them.
The Galaxy store is more of an insurance policy than a real product they expect people to use.
So this is saying you have to have an Android developer account and sign the app with your identity… so a one-time $25 cost and that’s it? You can still distribute and sideload apps as long as you sign them.
Microsoft does this for Windows apps if you don’t want scary warnings popping up everywhere. Apple doesn’t even let you sideload at all for iOS and for macOS they do the forced trash malware thing unless you run commands to allow the app in the terminal.
Am I missing how this is different from what we already have on most platforms? Is it because you can’t force it to install the apps? Is there not a developer mode that lets you install unsigned apps, or a way to root the device to install apps?
The fact that other platforms do something similar is not an excuse, and this is more restrictive than both windows and macOS, even if technically less restrictive than iOS.
(The fact that all those platforms still have malware, as well as the officially sanctioned google store, should also inform you about how effective this measure is for its stated goal)
> Am I missing how this is different from what we already have on most platforms?
Most? The only platform that is like that is ios.
On linux, in any form, I can run what I want.
On a mac I can run what I want.
On windows I can run what I want.
Obviously on BSDs, Illumos, etc, I can run what I want.
On android up to now, I can run what I want.
The one and sole exception where I don't really own the device and can't run what I want it ios (therefore I don't own anything that uses ios). And now google wants to join that evil club.
Have you used windows 11 and macOS 26? They both have malware scanning and throw up alerts or scary dialogs that you have to do cli commands or workarounds to launch unknown apps. I don’t see this as much different than Android requiring you to either root or enable developer options.
I understand this is a controversial position and I’m not in favor of this change, I just want to understand where the real differences are in an impartial way.
Of course Linux is an exception but it is also not widely used by consumers like Android and the other OSes I listed are.
I'd be fine with a warning. You can just dismiss it and continue doing your thing.
It is a bit more convoluted in macOS now but still something quick.
What Google is saying is that I need to install adb, search for a cable, connect it and _then_ run the cli command. It is very different, not even close.
Warnings don't work. Scammers will tell you please do the needful and dismiss the warning, and grandma will obey. UAC on Windows was instructive: it only served to desensitize people to warning dialogs. Microsoft is moving toward the industry best practice in this regard by setting Windows Defender to quarantine unsigned code automatically.
No problem running what I want on mac. I've never had a mac app store account, I find the idea repulsive so I don't. I download what I want and use it.
I don't use windows but my kid has a gaming rig which has windows and I know we download various programs on that and use them, no problem.
The whole point of a personal computer is you install and run whatever you want on it.
I used to think a phone is just a phone so who cares, but nowadays the phone is the personal computer for a lot of people, so that same freedom is vitally important.
I'm guessing Windows gets a pass because you can still fairly easily bypass the signature check - it's effectively a warning rather than a hard block. It sounds like for (mainstream) Android, the only workaround will be to plug it into a PC and use adb there to install an unsigned app, which is considerably harder. Installing a custom ROM will presumably get around it too, but that's tough, and various government and banking apps etc tend to refuse to run because of attestation.
Apple is of course locked down, but that's not news. The anger is because Android was the better option on this dimension.
Is rooting the same as a custom rom nowadays? And enabling developer options won’t allow installation of unsigned apps either?
They could add a developer option to bypass the new restriction, but as far as I know they haven't said they'll do that, and I don't see any reason why they would. The adb bypass is probably good enough for actual developers.
Apps can certainly detect if a phone is rooted and refuse to work, like with a custom ROM. It's up to the developer what they care about, but this is not unusual. There are ways to try to trick the check into passing, but it sounds like the kind of thing that might break on any update.
The test is can you say, "thank you for telling me this app isn't signed, install it anyway." And with this system you can't.
It's not about the $25. It's about Google centralizing control. If they don't like your app, oops, no verification for you.
Goodbye NewPipe. Goodbye anything that doesn't align with Google's capitalist interest or American imperial interest.
But they don’t verify each app in this case, just the developer… you get verified before you even tell them what type of app you have.
Sure, it’s possible they could retroactively ban your app, but they could do that without signing too. Just ban com.anonymous.newpipe or whatever the package name is. The signing doesn’t really change this.
The year of the Linux Phone is coming!
There sadly isn't a single viable option for a Linux mobile phone out there.
- Purism runs ancient hardware, charges way too much and has questionable business ethics.
- Pine64 has equally bad hardware but reasonable prices. I don't like the Hong-Kong connection though. Not sure how the security patching environment is in practice.
The only option on the table as I see it is buying from the devil and installing GrapheneOS.
There is also jolla / sailfishos built by ex Nokia engineers. The Russians forked it and are useing it in government / industry.
DHH has not completed his desktop Linux quest yet…
The only reason I still have a Google account is because I have a android phone.
Seems like that will change soon.
Is an Apple account materially better?
As though to flex a muscle, around the time this program was first announced, apple revoked a third party application from being installed on its devices. I say its and not users, because they've proven it's not your device.
I would say an apple account feels a bit less like having stepped in shit.
But no, I think in the case when android is no option any more, I will seriously reconsider if we peaked on some enshitification with smartphones.
Maybe no smartphone or Linux phones will be more interesting for some time for me then.
Look, Google. You and me both, we don't want EU bureaucracy to get involved again... (It's going to be a different group than the chat control people. If the chat control people win bigly, this would actually support what they want. Is there, like, any connection between that and the timing of these new rules?)
DMA does nothing to prevent this, Google claims it's about security which will satisfy the DMA. Same as for Apple (the EU is going after them because of the fees, not because of the complicated process). The EU is not interested in letting you run unapproved software because they want to use it for themselves with their digital wallet app and ID checks.
> If your team’s current test process relies on distributing APKs to testers for installation using methods other than adb, you will need to verify your identity and register the package.
Absolute bullshit Google. You have no right telling me what I can and cannot run on my own devices. Regardless of how I choose to install it.
> my own devices
I mean hey, at least we all know now that they aren't.
This mostly confirms that it's exactly as bad as we thought. The only clarification is that building from source and installing via adb will continue to be allowed. For now.
My understanding was that those packages still had to be signed with a key known to Google.
The current blog post does appear to say that you don't need to be verified to install and run apps with adb.
Ah thanks for correcting me. I had only listened to the ADB podcast episode and from that it seemed that signature would always be needed.
> One of the most important themes we hear from the developer community is the need for more lead time to adapt to changes
No, it's not.
That's the biggest lie haha, if they asked a single real developer, we want less useless paperwork.
Googles decisision to add developer verification killed my interest in handset development entirely. But hey, at least I know what to focus my time on rather than third party app development ie. F-Droid. I look at my android phone differently now that its on the table which sucks but hey they made me switch my development time to linux drivers now instead.
After 15 years of professional development on Android I too am now thinking about switching my focus to something different. And it sucks.
Just wished there was a viable* FOSS Linux based mobile OS project out there that I could offer my time and energy to instead.
Aren't Graphene and Lineage exactly that?
I have been running Graphene on a Pixel for a while now and I don't think Linux phones are a viable alternative. The vast majority of Android apps just work on Graphene, and there are millions of them. The UI experience is polished, everything just works with the exception of apps that require Google Play Integrity. And of course these projects aren't affected by Google's restrictions on sideloading.
Look I love that GrapheneOS exists, and I have used it in the past (as have I with Lineage).
But GrapheneOS lives by the mercy of Google. Pixel devices being reference devices makes it so that it's unlikely that Google will close them down completely.
However, as can be seen with this verification move, Google is willing to go very far to accomplish its aims. They already delayed delivery of Android 16 images, causing GrapheneOS some headaches.
Who is to say more isn't to come.
Google also announced that Pixel devices are no longer reference devices. The reference device is now some VM.
Waydroid exists and a mobile distro that provided Waydroid OOTB would be as usable as a full-on Android phone. You could even build it to remove the app verification stuff if that found its way into AOSP.
One interesting aspect of this is that when using a personal Android with a work profile, developer options and ADB is (or at least can be) disabled. BYOD will then imply you can't sideload at all.
And nothing of value was lost. BYOD means Corporate can push whatever spyware they want onto your personal phone. I tell any employer I work for, if you really need me to be reachable by phone via an app, you can supply me a work phone. Otherwise I'll do without. I keep a bright-line distinction between personal devices and work devices, and never mix the two. My boss knows this explicitly.
I'm not an android developer, so I'm missing some context and key information. But I have a question: When Google is asking developers to "register" their apps as part of this new program, are they just trying to keep a mapping from some code signing key to a government ID? Or are they trying to do a code review process that is similar to submitting to an app store?
I know both are objectionable in their own way, but these two scenarios are quite different and I want to understand this better.
The first one for sure, second one — to an extent. If you publish “objectionable” apps (we are told this will be used to combat malware) — your certificate will be revoked.
Yes, combat malware. They totally aren't doing this to kill off ReVanced.
As criminals don't have access to stolen identity documents that they can use ....
Boy do I regret signing up to a yearly plan of Google Workspace, I sure as fuck won't be renewing that next year.
https://fireborn.mataroa.blog/blog/why-the-hell-does-android...
It's disappointing that google has turned evil.
I loved how easy it waa to mod things in the beginning. All that is now gone.
“Don’t be evil”
android is the notness, and well, so is the whole fucking web next year this time, linuxphon/computer with removable drives and wired periferals ,do the stuff thay needs done, ignore the rest the security theater can continue for those who want it,over there, yes, yes, up against the wall will be fine
[flagged]
Interesting comment. Do you have more information about this please:
> The industry-wide standards for character design, costume design, theming, even mechanics are all set based on these guidelines, which have evolved into ironclad requirements. You will not get funding for your game, nor support or approval from the major platforms (particularly consoles) without complying with these guidelines.
I don't personally play video games but have noticed a lot of disgruntled discourse around things such as "Body Type 1" and "Body Type 2" in lieu of "Male" and "Female" being implemented in new releases. Is that as a result of these guidelines?
If you end with the stupid gender crap instead of leading with it you'll be taken seriously for a few paragraphs before people stop reading.
Can an non-profit LLC verify itself and submit apps on behalf or anonymous developers after vetting their code? If so, that would probably a nice middle-ground.
The reaction to this change has truly changed my opinion that developer's opinions on a lot of subjects affecting the public's safety and security shouldn't be valued much (and yes, I realize I am on HN). If this is a bridge too far, then why should anyone listen to devs about "we can't backdoor cryptography" and things like chat control and more? You can't make every hill the hill you die on. I wouldn't even be against requiring a professional certification organization for developers before they're allowed to publish software to the masses. I would very much find it unpleasant, but we live in a society. You need a license to drive, to be a doctor, engineer and just about any profession where people's safety and well being is in jeopardy. Even real estate agents are licensed! and people all up in arms about a simple id verification.
This is just to address malicious code. How does the public know your code isn't full of vulnerabilities, that you're not selling their data to the highest bidder? How do they know that you have a good understanding of secure coding practices and knowledge of privacy laws? Let's talk about that instead, if you publish software for a private group of people, there should be no restrictions. If you're publishing it on a platform that would expose your software to billions of people, get a license after id verification and passing a globally standardized exam (multiple choice and a practical coding exam!).
See, the big disconnect is that most developers see software as something similar to writing a book or selling a home-made item on etsy or ebay. But in reality, it's more like manufacturing a car or a gun, or opening a bank (if your app takes payments), or even opening a restaurant or a food truck. all these things require licensing. The malware and privacy loss people suffer is akin too food poisoning, car accidents,etc.. but since it all happens virtually and there is typically no physical harm, developers are dismissive of it. This isn't the 90's anymore, people's lives and livelihoods are all online, all the security measures you can take, using signal for chat, passkeys and password managers for creds,vpns,etc.. and you're still one legit looking app install away, one convincing phish away from your phone being compromised along with all your accounts, finances , job and your entire life as you recognize it from being harmed or destroyed.
I urge you all to temper passions with reason and practicality.
The umbrella organisation signing apps is not impossible, as far as I know. But it would need to be pretty cautious, because if Google revokes its registration, that could block all the apps it has signed at once.
It's hard to see how you could get the necessary level of careful code review with just volunteer effort. But I suspect that most developers who don't want to register with Google are also unlikely to pay money to a third party to work around this.
With enough developers, revoking that cert would affect too many users, so Google would be forced to be careful. It will sort of be like devs unionizing. As far as review goes, not having the money or time to review code sounds exactly like the problem Google is trying to eradicate, because right now when your app causes problems you can just create a different account and start over without risking your reputation.
> I wouldn't even be against requiring a professional certification organization for developers before they're allowed to publish software to the masses
Is Google that organization? Because they themselves have decided that they are. I think what people are worried about is that Google is positioning itself to be the judge, jury, and executioner within such a licensing framework, not necessarily the licensing itself.
> This is just to address malicious code.
Yes, and if Google had shown that it's capable of identifying and rejecting malicious code distributed via its own app store, then maybe their proposed expansion of that security program to the entirety of the Android app ecosystem would carry some weight. But as it stands, their Play Store is full of user-hostile and often malicious apps[1].
> If you publish software for a private group of people, there should be no restrictions. If you're publishing it on a platform that would expose your software to billions of people, get a license after id verification
But that's exactly the opposite of what Google is doing, here, and why people are mad. Google isn't adding a new policy to their app distribution platform (the play store that grants exposure to billions of users), but rather they are forcing ID verification on any form of app distribution: If you want any regular user to be able to install your code, no matter how small the audience, you'll need to first give your identity to Google, and obtain a (paid[1]?) license. So the restrictions do apply to "a private group of people" too.
The crux, and what has people up in arms I think, is the overreach of Google's peoposed licensing policy to cover not only their own app distribution ecosystem, but all others targeting Android.
Many technical users of Android consider it to be a general purpose computing platform, and they want to retain the freedom to install and run whatever software they trust.
Google should focus their supposed concerns about regular user's safety on the user-hostile apps that they allow to exist in their own app store, rather than grasping for broader control that they'll "probably use at some point but only for good things like user security".
1: https://f-droid.org/en/2025/09/29/google-developer-registrat...
> Is Google that organization?
I agree, it isn't and shouldn't be, an industry self-regulating org is needed, like the CA/B forum for browsers. Maybe one day we can transition to that.
> Yes, and if Google had shown that it's capable of identifying and rejecting malicious code distributed via its own app store,
You're making the opposite point there, they can't do a good job at scanning their appstore, so requiring devs to id themselves is a better option, so that anyone publishing malicious code might risk real-world criminal penalties. That's a better deterrent than google scanning code.
> If you want any regular user to be able to install your code, no matter how small the audience, you'll need to first give your identity to Google, and obtain a (paid[1]?) license. So the restrictions do apply to "a private group of people" too.
This applies to google certified phones, and such phones at the time of certification are sold to the public, not to a private audience. Private audiences need to buy non-google-certified phones (which exist). The question of google certification is one you need to have with phone vendors not Google. Samsung can opt to avoid google certification just fine. They have every right to demand that a phone with their stamp on it can only run apps by devs they authenticated, this is the price of their seal of approval.
> Many technical users of Android consider it to be a general purpose computing platform, and they want to retain the freedom to install and run whatever software they trust.
Yeah, for example I have an x86 android VM, it won't be affected because it isn't google certified. If you came up with a custom tablet or laptop that runs android, you can load random apps on it just fine.
> Google should focus their supposed concerns about regular user's safety on the user-hostile apps..
They can do multiple things, but this helps with that as well. the dev making user hostile apps now has to use his real name and their reputation will now follow them forever.
> This is just to address malicious code
Where "malicious" is defined as anything that Google or the American Empire doesn't agree with.
Malicious is to cause harm and if it refuses your app because of that reason you have legal recourse.
Legal recourse in the American empire that just made Google block an app to warn of its armed goons approaching? Color me skeptical.
Libel for calling it malicious and a tort case for malicious interference in trace/commerce. Although, fighting google's lawyers is another matter. If they blocked it without reason, it would be difficult, but if they said it was malicious and that was a lie, regardless of ToS or contracts you have a libel case as the very least. IANAL.
This isn't so bad. Unlike other mobile OSes (namely iOS and HarmonyOS), you will still be able to install whatever you like on Android over a USB debugging connection (adb) without any developer verification.
It doesn't take much effort to enable Developer Options, plug into a laptop and run "adb install whatever.apk". It's kind of like the floppy disk era again, having to physically insert things into one's computer to install software. Not a big deal.
At least as far as I understand, this would be a huge issue for F-Droid, to the extent that it isn't clear if it can continue at all. Half of my apps come from there, and gets automatically updated. Starting to download APKs manually and install them with ADB isn't impossible, but a huge downside.
This might open up a market opportunity for an "F-Droid box" that one would plug into an Android phone over USB, to install and update F-Droid apps over adb. Or the equivalent software for a laptop.
Taking away adb install should be the next step. It's a slippery slope
Is there any evidence that Google plan to do this?
They've made their intentions clear. As soon as third-parties start to use adb for sideloading there's a very good chance they start to lock that down as well.
That is speculation. Is there any evidence?
None that will satisfy your standards, given I think only the announcement from google themselves will.
Was there ever evidence that they would take away apk installing?
The current trajectory provides at least strong evidence.
If adb installing is used to circumvent their signing programm, it has to go as well.
adb backup is gone
> It doesn't take much effort to enable Developer Options, plug into a laptop and run "adb install whatever.apk"
This is clearly a troll, confirmed by the green username.
Remember there are likely Google developers on this site. Maybe some of the same ones that are implementing this change.
Not a troll, just someone who read the article to see what these developer verification changes actually entail.