Installing any app I want outside the Play Store was the primary reason I decided to go with Android, despite most of the people I know using iPhones. If I can't do this anymore, I may as well switch and be able to use iMessage and FaceTime with them.
You can still side-load signed apps. It's a similar limitation to macOS which won't let you run apps that Apple hasn't signed without command line or control panel shenanigans. Compared to iOS, Android still has the advantage of installing your own full browser (like Firefox) with full-fat ad blocking (uBlock Origin, not Lite). iOS is Safari-only right now though, in theory, some alternative engines may be available in Europe later.
Maybe it’s because I’m European but I’ve never understood what iMessage even is or what it offers above either sms or WhatsApp/signal. And I’ve used an iPhone for the past 15 years.
There are no good reasons left to use either platform - you're basically paying an arm and a leg to rent a device whose primary purpose is to usurp your attention and plunder your wallet at every possible opportunity.
Use and encourage your circle to use Signal, so you're not limited to any given platform, or the political or ideological whims of the gardenmeisters.
Google has gone full enshittified with this move, might as well move as far and as fast away from all the shit if you're technically capable, introduce whatever pressure you can to signal that there's a desperate need in the smartphone market for something clean and honest.
Android is losing a unique selling point. This will have an impact on what a techie may recommend to a non-techie in the future, because everything is beige now.
I have the feeling Google has given up on using nerds as beachheads. The market is saturated enough and they don't need us anymore to do grass roots spreading of their products. It's the same with Youtube. As long as there were enough people who were unencumbered by ads because of their ad block and kept spreading links, the importance of Youtube was growing. After market saturation that vehicle isn't necessary anymore and they can squeeze them out.
Switching to iPhone will make it even more obvious there is an unhealthy monopoly, so that's nice. If there's no good reason to choose Android, why not?
How will Google force Android users to "update" so sideloadinng can be prevented
Non-updated versions of Android running non-updated versions of sideloaded apps will not have the restriction
Another example of how not every "update" is for "security" and "updates" should be optional
The computer owner chooses one version of an operating system, e.g., "I chose Android because I can sideload any app", but by allowing automatic updates, without reviewing them first, the computer owner agrees to let the operating system vendor change the software remotely to anything the vendor chooses. The computer owner goes along with whatever the vendor decides, letting the vendor take them for a ride
If the operating system gets _worse_ in the opinion of the computer owner, if it fails to meet their needs, e.g., "sideloading", then that's too bad. The computer owner chose one version of Android, but by subscribing to "automatic updates" they effectively chose all future versions as well
This is why I prefer BSD UNIX-like operating system projects where I can choose to update or not to update. Unlike the hypothetical Android user, the project does not decide for me
HN replies may try to draw attention to "security" and away from "sideloading restriction". However there is no option to accept "security updates" while rejecting "sideloading restriction updates". According to the so-called "tech" companies that conduct data collection and surveillance as a "business model" through free, auto-updated software, every update, no matter what it contains, is deemed essential and critical for "security"
Online commentators seem to agree that the computer owner should have the choice to install or not install _any_ software outside the "app store", so-called "sideloading". Perhaps this freedom to choose whether to install or not install software should also apply to operating system "updates"
What happens if the computer owner disables Google Play Services along with the Play Store and keeps the phone offline
(Own experients conducted over the years make this a "rhetorical question" meaning I already know the answer)
Not every app requires Play Services and internet access
(Online commentators sometimes try to argue that all apps, even offlines ones, "require" Play Services otherwise they cannot be updated automatically, highlighting the significance of "automatic updates" in steering debates about Android. Own experiments show that many if not most apps work fine without Play Services and can be updated manually if desired)
Not every phone is used for banking or other "government services"
(For example, some owners have mulltiple phones. Some owners may have phones with older versions of mobile OS that may be used for experiments)
Not every computer owner is the same
(For example, most phone owners do not install any apps at all. Of those that do, most use "app stores", not so-called "sideloading")
HN replies are likely to invoke "security" as a retort to any suggestion of decision-making and control being placed with the computer owner
We need to stop calling it "sideloading", we should call it freely installing software. The term "sideloading" makes it sound shady and hacky when in reality it is what we have been able to do on our computers since forever. These are not phones, they are computers shaped like phones, computer which we fully bought with our money, and I we shall install what we want on our own computers.
If Google provides a permanent mechanism to disable this in developer settings, then this devolves to an inconvenience.
The setting to allow unsigned apps could be per appstore tracked by an on-device sqlite database, so a badly-behaving app will be known by its installer.
I always found this term utterly bizarre. It first showed up in the early days of the mobile "revolution" and felt astroturfed, since no developer would think we need a fundamentally new term for downloading software. It felt like something some dark patterns team came up with to discourage free installation of software on your own device.
Of course maybe I'm overthinking it. It's common for people deep in the bowels of an industry to invent pointless jargon, like "deplane" for getting off an airplane. Anyone know where the term "sideload" was coined or by whom?
How badly screwed are we that the term "installing" doesn't work because it doesn't exclude the now default assumption that someone else controls everything you are allowed to install.
I've been using Sailfish OS for quite some time, but I don't do all of my computing on the phone. There's quite a high friction for using any of the mainstream Android apps, so usually you have to find an alternative if possible.
They all died. There were Linux phones until Android and there were some non-Android phones until Android 8 or so, such as Qt Extended, RIM BlackBerry OS, Palm webOS, Mozilla Firefox OS, and Microsoft Windows Phone, to name a few. They all died from numerous footgun wounds as well as pressures from competition.
VoLTE was one of major contributors to the situation, by the way. Only iOS and Android supported voice call on 4G LTE for first 3-5 years, due to it being a huge pile of TBDs and transitional hacks. There were political fights in whether the LTE is to be 4G or it was to be 3.9999G and superseded quickly by a completely separate 4G standard. This meant that companies and consortium that maintained alternative OS could spend unrealistic amount of lobbying and engineering effort trying to get into it, risking investments needed for it, or give up and start procurement process for a white flag. All chose the latter, and we ended up with an iOS/Android duopoly with unprecedented totality.
Antitrust action is badly needed in this area. It is ridiculous that I need permission from my device manufacturer to install software on hardware I own. There is no viable alternative than to live in Apple and Google’s ecosystems. This duopoly cannot be allowed to keep this much control of the mobile platforms.
The Android Developer Blog called it "an ID check at the airport which confirms a traveler's identity but is separate from the security screening of their bags."
From the mouths of rubes, I guess. The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
This is nonsensical. The minute the government doesn’t check ID to get on a plane that coincides with your ticket, the airline will start doing ID checks before getting on domestic flights just like they do for international flights.
And some airports are now allowing non fliers inside the terminal.
Even hotels force you to verify your ID to check in even though the reservation I’d transferable - just add a guest to your room when you make the reservation.
As with manifest v3, Google is once again misusing their position as a source of open standards to benefit their adware business. Hopefully the EU fines them once again.
A weird hill to choose to die on given that in practice it's not really a meaningful percentage of people that are using adblockers and the negative PR they get from these oversteps is massive.
If you want to install software on your Microsoft Windows computer, it has to be signed by a verified developer, otherwise you get an overridable warning that the developer cannot be verified, the software may contain malware etc.
If you want to install software on you MacOS machine, the same thing applies. It must come from a verified developer with an apple account, otherwise you get a warning and must jump through hoops to override. As of macos15.1 this is considerably more difficult to override.
If you want to install iOS apps, the apps have to be signed by a verified developer. Theres no exceptions.
I just dont see a future where being able to create and publish an app anonymously is going to be supported.
Becoming a verified developer is a PITA, and can take a while or be impossible (i.e. getting a DUNS number if you're in a sanctioned country might be not at all possible) but at the same time, eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win.
> I just dont see a future where being able to create and publish an app anonymously is going to be supported.
This is strongly needed if surveillance laws like Chat Control are not to be trivially bypassed. This way applications that don't offer governments the required surveillance features can be banned and the developpers can be sued. Not looking forward to that.
> eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win
No, this is just false. There's numerous, well-documented instances of malware making it past gatekeepers security checks. This move is exclusively about Google asserting control over users and developers and has nothing to do with security or safety.
The only "huge safety win" comes from designing more secure execution models (capabilities, sandboxing, virtual machines) that are a property of the operating system, not manual inspection by some megacorp (or other human organization).
This is a weak argument. If things have slipped through the cracks with someone actively reviewing it, the alternative cant be 'lets not do any checking whatsoever'.
There are better arguments against this that other commenters here have provided (including "my device, my rule") but this isnt a strong argument.
Meh, I can still install what I want via adb. It's probably a good thing most people won't be able to click a link and have a new program installed by an anonymous person. Especially in an ecosystem where .apks are passed around manually
I know this is side topic but if buying the Android or iPhone hardware gives us hardware we don't control, then what alternatives we realistically have? I do own pinephone (and I was recently reading that they kinda staled with development of new phones hardware), I know about librem.. is there anything else on the market?
However, I don't think they haven't measured the number of users installing apps outside of the Play store. May be they just don't care about the small % of total users who are a large % here on HN.
And this will creep out to the major desktop systems too, Apple is doing it with their stupid "non-verified app" and Windows looks more likely to do so with their "need Microsoft account to login" to windows.
I just wish BlackBerry went in a different direction. If during the early-mid 2010s they decided to dedicate to open-source and privacy-first, as well as keeping their flagship QWERTY format with the optimized BlackBerryOS, they could still be around serving a particularly large niche in the smartphone market: Those who use their phone for communication and utility over entertainment.
Maybe they can make a comeback. If anyone at BlackBerry is reading this, just do it, please and thank you.
Can anyone say exactly what this would mean for F-Droid? For instance, not that I want this to happen but if F-Droid really wanted, they could conceivably get verified developer status.
And then they could offer apps, which (again I don't want this, just asking), could also be distributed if verified. F-Droid would have to be verified and would only be able to distribute apps from developers that are also verified.
And so conceivably you could still install apps from outside the Play store if they're verified. Unless the Play store is administering verification.
I'm not saying that would work, in fact, I think in practice it wouldn't. I'm just trying to play out what that would look like to understand the specifics of how F-Droid is being effectively dismantled. But I'm all ears if someone has a different interpretation about how F-Droid lives through this. It would seem that it would only survive on degoogled phones.
There's an overarching lesson that FLOSS needs to learn from the last fifteen years:
If it's not copyleft, it's not free. Also, it's more than just a legal classification of IP law, it's an ethos. I don't care how "free" your underlying OS is, if most of the userland is proprietary and the only way to really effectively use the software on consumer hardware is to use a megacorp's implementation of it and to bow to their whims, it might as well be Microsoft Windows.
This is why I always thought Android never really was Linux. Sure, it has a Linux kernel, but that kernel just exists to run a bunch of software in a way that you have no real control over.
101 comments
[ 924 ms ] story [ 1316 ms ] threadI, too, love vendor lockin.
We do not have to choose the lesser of two evils this time.
It's become my go-to for "I need a utility for X task".
There are no good reasons left to use either platform - you're basically paying an arm and a leg to rent a device whose primary purpose is to usurp your attention and plunder your wallet at every possible opportunity.
Use and encourage your circle to use Signal, so you're not limited to any given platform, or the political or ideological whims of the gardenmeisters.
Google has gone full enshittified with this move, might as well move as far and as fast away from all the shit if you're technically capable, introduce whatever pressure you can to signal that there's a desperate need in the smartphone market for something clean and honest.
Sideloading was the killer feature for me as well.
I have the feeling Google has given up on using nerds as beachheads. The market is saturated enough and they don't need us anymore to do grass roots spreading of their products. It's the same with Youtube. As long as there were enough people who were unencumbered by ads because of their ad block and kept spreading links, the importance of Youtube was growing. After market saturation that vehicle isn't necessary anymore and they can squeeze them out.
https://www.youtube.com/watch?v=DnWykPvftfg
How will Google force Android users to "update" so sideloadinng can be prevented
Non-updated versions of Android running non-updated versions of sideloaded apps will not have the restriction
Another example of how not every "update" is for "security" and "updates" should be optional
The computer owner chooses one version of an operating system, e.g., "I chose Android because I can sideload any app", but by allowing automatic updates, without reviewing them first, the computer owner agrees to let the operating system vendor change the software remotely to anything the vendor chooses. The computer owner goes along with whatever the vendor decides, letting the vendor take them for a ride
If the operating system gets _worse_ in the opinion of the computer owner, if it fails to meet their needs, e.g., "sideloading", then that's too bad. The computer owner chose one version of Android, but by subscribing to "automatic updates" they effectively chose all future versions as well
This is why I prefer BSD UNIX-like operating system projects where I can choose to update or not to update. Unlike the hypothetical Android user, the project does not decide for me
HN replies may try to draw attention to "security" and away from "sideloading restriction". However there is no option to accept "security updates" while rejecting "sideloading restriction updates". According to the so-called "tech" companies that conduct data collection and surveillance as a "business model" through free, auto-updated software, every update, no matter what it contains, is deemed essential and critical for "security"
Online commentators seem to agree that the computer owner should have the choice to install or not install _any_ software outside the "app store", so-called "sideloading". Perhaps this freedom to choose whether to install or not install software should also apply to operating system "updates"
(Own experients conducted over the years make this a "rhetorical question" meaning I already know the answer)
Not every app requires Play Services and internet access
(Online commentators sometimes try to argue that all apps, even offlines ones, "require" Play Services otherwise they cannot be updated automatically, highlighting the significance of "automatic updates" in steering debates about Android. Own experiments show that many if not most apps work fine without Play Services and can be updated manually if desired)
Not every phone is used for banking or other "government services"
(For example, some owners have mulltiple phones. Some owners may have phones with older versions of mobile OS that may be used for experiments)
Not every computer owner is the same
(For example, most phone owners do not install any apps at all. Of those that do, most use "app stores", not so-called "sideloading")
HN replies are likely to invoke "security" as a retort to any suggestion of decision-making and control being placed with the computer owner
The setting to allow unsigned apps could be per appstore tracked by an on-device sqlite database, so a badly-behaving app will be known by its installer.
Of course maybe I'm overthinking it. It's common for people deep in the bowels of an industry to invent pointless jargon, like "deplane" for getting off an airplane. Anyone know where the term "sideload" was coined or by whom?
Consumers are already familiar with what a "locked phone" is.
Let's calling, "Lameloading" or something to really nail it home.
VoLTE was one of major contributors to the situation, by the way. Only iOS and Android supported voice call on 4G LTE for first 3-5 years, due to it being a huge pile of TBDs and transitional hacks. There were political fights in whether the LTE is to be 4G or it was to be 3.9999G and superseded quickly by a completely separate 4G standard. This meant that companies and consortium that maintained alternative OS could spend unrealistic amount of lobbying and engineering effort trying to get into it, risking investments needed for it, or give up and start procurement process for a white flag. All chose the latter, and we ended up with an iOS/Android duopoly with unprecedented totality.
Are there consumer watchdogs in CA that would champion something like this?
From the mouths of rubes, I guess. The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
And some airports are now allowing non fliers inside the terminal.
Even hotels force you to verify your ID to check in even though the reservation I’d transferable - just add a guest to your room when you make the reservation.
A weird hill to choose to die on given that in practice it's not really a meaningful percentage of people that are using adblockers and the negative PR they get from these oversteps is massive.
If you want to install software on you MacOS machine, the same thing applies. It must come from a verified developer with an apple account, otherwise you get a warning and must jump through hoops to override. As of macos15.1 this is considerably more difficult to override.
If you want to install iOS apps, the apps have to be signed by a verified developer. Theres no exceptions.
I just dont see a future where being able to create and publish an app anonymously is going to be supported.
Becoming a verified developer is a PITA, and can take a while or be impossible (i.e. getting a DUNS number if you're in a sanctioned country might be not at all possible) but at the same time, eliminating the ability of our devices from running any old code it downloads and runs is a huge safety win.
This is strongly needed if surveillance laws like Chat Control are not to be trivially bypassed. This way applications that don't offer governments the required surveillance features can be banned and the developpers can be sued. Not looking forward to that.
No, this is just false. There's numerous, well-documented instances of malware making it past gatekeepers security checks. This move is exclusively about Google asserting control over users and developers and has nothing to do with security or safety.
The only "huge safety win" comes from designing more secure execution models (capabilities, sandboxing, virtual machines) that are a property of the operating system, not manual inspection by some megacorp (or other human organization).
Yeah, check for all the fake sora apps in the play store.
There are better arguments against this that other commenters here have provided (including "my device, my rule") but this isnt a strong argument.
Google have over-reached.
It is unacceptable to software developers to be unable to install software on their own phones, and this will lead to a successor to Android.
It will take time, but it will now happen.
However, I don't think they haven't measured the number of users installing apps outside of the Play store. May be they just don't care about the small % of total users who are a large % here on HN.
This is a part of a bigger trend, Cory Doctorow spoke about 13 years ago in his "The coming war on general computing": https://www.youtube.com/watch?v=HUEvRyemKSg
And this will creep out to the major desktop systems too, Apple is doing it with their stupid "non-verified app" and Windows looks more likely to do so with their "need Microsoft account to login" to windows.
Maybe they can make a comeback. If anyone at BlackBerry is reading this, just do it, please and thank you.
Let's call it what it is. Attack on what ownership of our stuff means.
And then they could offer apps, which (again I don't want this, just asking), could also be distributed if verified. F-Droid would have to be verified and would only be able to distribute apps from developers that are also verified.
And so conceivably you could still install apps from outside the Play store if they're verified. Unless the Play store is administering verification.
I'm not saying that would work, in fact, I think in practice it wouldn't. I'm just trying to play out what that would look like to understand the specifics of how F-Droid is being effectively dismantled. But I'm all ears if someone has a different interpretation about how F-Droid lives through this. It would seem that it would only survive on degoogled phones.
If it's not copyleft, it's not free. Also, it's more than just a legal classification of IP law, it's an ethos. I don't care how "free" your underlying OS is, if most of the userland is proprietary and the only way to really effectively use the software on consumer hardware is to use a megacorp's implementation of it and to bow to their whims, it might as well be Microsoft Windows.
This is why I always thought Android never really was Linux. Sure, it has a Linux kernel, but that kernel just exists to run a bunch of software in a way that you have no real control over.
- if you compile from source and deploy via adb nothing changes
- if you use a closed source binary, the identity of the owner becomes mandatory
so the issue is anonymously published closed source software?