23 comments

[ 2.7 ms ] story [ 42.0 ms ] thread
... as an open platform. Android as a mobile and home device OS is approaching 4 billion.
Hackers will be concerned with the open platform.
Bad title. It should read "Android Developer Verification" or something similar.
It's Holwerda's typical absolutist, extreme take.
I lost a lot of sympathy for these campaigns when they started to use hyperbole.

ADV is not a virus, nor a trojan horse.

> killing the ability to install your own software on your phone

But you can still install whatever you want over ADB...

By definition Google Mobile Services are a rootkit and have always been, not only since ADV...
> But you can still install whatever you want over ADB...

...if you wait 24 hours.

And also thanks to the new Google Play attestation API a lot of apps won't even work on alternative Android OS'es. But that's all needed in the name of security. Never mind if your Samsung Galaxy phone is EOL and hasn't been receiving updates for 4 years anymore. It still works with the attestation API. But the fully updated GrapheneOS phone is a real security hazard apparently, so it won't work with it.

So no, you can't just run everything you want via side-loading. It's pretty obvious Google is making a power play to curb down on everything that isn't going via Google Play.

> And also thanks to the new Google Play attestation API a lot of apps won't even work on alternative Android OS'es.

Tbf to Google, AFAIK they aren't forcing third party app developers to enforce Safetynet/Google attestation.

Oh no, hyperbole! How ever will you recover?!

This has the same energy as “I lost a lot of sympathy for these political protests when they mildly inconvenienced me on my commute.”

If you don’t agree with something, just say so. You don’t need to hide behind fake pearl clutching.

Same kind of hyperbole that Google uses saying that "they have to do this because it's too dangerous for users to install whatever they want"
I really don't see how Google will make Samsung and the big Chinese Android phone manufacturers (Xiaomi, OnePlus, ...) put this crap on their own custom Android distributions, especially because all these guys know that if they do it will have a very severe cost -- Besides Play and the Galaxy Store F-Droid is probably the third most popular distribution channel for Android apps on Galaxy devices, for example.

So I do think the only people who will be really affected by this are those running Google's own Pixel devices which are entirely locked into the Play ecosystem. The rest not so much.

> So I do think the only people who will be really affected by this are those running Google's own Pixel devices which are entirely locked into the Play ecosystem. The rest not so much.

Ironically its the opposite because Google's Pixel series are relatively open and thus its possible to install Android forks (GrapheneOS, LineageOS) without Google Mobile Services that contain ADV

I have couple apps from f-droid, and I'm not prepared for this. Let's hope something happens, otherwise rip.
so whats stopping a realFOSS fork of android? are boot loaders locked? too much diversity? do we need to buy one of those phone farms used by botters?
FOSS fork of Android is useless without hardware capable of running them. Which means you need hardware manufacturers and telecom companies on your side.
Google Pixels are open ;)
Except Google is the very company progressively shutting out open source efforts out of the Android ecosystem.
Nothing they will continue to work just like before, this is only an issue if you include the proprietary rootkit that is google play services.
Doubt it as google push Android and Android is said to have a better camera than apple..but stats show 50/50 between two