This is an android 16 feature, scheduled for sept 2026 “prerelease” and 2027 rollout. I expect/hope some phones will have a setting to disable “the security”. If not, there is great opportunty for high end hardware linux first phones, with good android emulation software.
I’ll go to iphone if it’s not able to be disabled. And I hate iphone.
deleted by creator
This is the risk of “trusted computing” architectures. Who is governing the “trusted” part of that.
These cryptographic signatures are not as much of a death knell for Android as some would have you believe. The trick is to get a common code signing cert into your device, that is then used to sign any third party APK you want to run. You can avoid the Google tax this way. I assume that’s how most sideloading sites and apps are going to handle this.
The question is, how do you add that certificate? Is it easy and straight forward (with plenty of scary warnings), as a user? Or is it going to be a developer options deal? Or will I need root to add the cert?
I’m not sure what that answer is right now.
I just want to finish this post with a few words about trusted computing models. Plainly: Apple has been doing this for years … That’s why you download basically everything from an app store with Apple. Whether on your Mac OS device, your iPhone, iPad or whatever iDevice… Whether the devs need to sign it, or the app gets signed when it lands on the store, there’s a signature to ensure that the app hasn’t been tampered with and that Apple has given the app it’s security blessings, that it is safe to run. Microsoft and Google have both been climbing towards the same forever. Apple embedded their root of trust in their own proprietary TPM which has been included with every Mac, and iDevice for a long ass time. Google also has a TPM, the Titan security module, I believe that was introduced around pixel 3? Or 4?.. Microsoft made huge waves requiring it for Windows 11, and we all know what that discussion looks like. Apple requires a TPM (which they supply, so nobody noticed), Google has been adding a TPM and TPM functionality to their phones for years, and now Windows is the same. None of this is a bad thing. Trusted computing can eliminate much of the need for antivirus software, among other things. I digress. We’ve been going this way for a long time. Google is just more or less, doing what Apple has already done, and what Microsoft will very likely do very soon, making it a requirement. Battlefield 6 I think, was one of the first to require trusted computing on Windows and it will, for damned sure, not be the last that does. The only real hurdle here is managing what is trusted. So far, each vendor has kept the keys to their own kingdoms, but this is contrary to computing concepts. Like the Internet, it should be able to be done without needing trust from a specific provider. That’s how SSL works, that’s how the Internet works, that’s how trusted computing should work. The only thing that should be secret is the private signing keys. What Google, Apple, and Microsoft should be doing, is issuing intermediary keys that can sign code signing certs. So trusted institutions that create apps, like… Idk, valve as an example, can create a signature key for steam and sign Steam with it, so the trust goes from MS root to intermediary key for valve, to steam code signing key, and suddenly you have an app that’s trusted. Valve can then use their key to sign software on their store that may not have a coffee signing key of it’s own. This is just one example based on Windows. And above all of this, the user should be able to import a trusted code signing cert, or an intermediary cert signing cert, to their service as trusted.
Anyways, thanks for coming to my Ted talk.
So yeah we’ll do a decentralized Linux phone of sorts, if Google is going full 3rd Reich with Android we’ll move to a Linux based OS phone.
Simple as that.
This was the main reason I have a spare android phone to install whatever I want on it and just factory reset if there’s an issue. Android / Google is really shooting itself in the foot cause there isn’t a point in owning an android after this imo
Similar story here. I’ve got apps that I need to use from developers that are not around anymore. My old phone only needs wifi and I’ve disabled/uninstalled everything else. The phones battery last like 7 days now.
When it comes to the current final frontier, Linux phones, what brands/models would be the best option? Or are you all really recommending iPhones?
You can’t sideload in Linux.
“All” you need to do is reflash your phone and reinstall Android/Chromium (soon to be renamed Android). Since you are not a certified supplier, the checking is not activated.
On Chromebooks the setting will be on, since they are used in schools, but since it has a terminal you can remove the block, it won’t be simple, probably terminal commands and changing configuration files, but it won’t be impossible.
Linux handheld with a 4g usb modem, doing calls over the internet. Just an idea, im not doing this, nor do i know how practical it actually is.
Apple now allows sideloading of apps and Google is trying to get rid of sideloading.
What… the Fuck?
Apple now allows sideloading of apps
Apple allows as much sideloading as google wants to next near.
Yes, you can install from .iPa files, but you still need to pay 100€ a year to be able to sign the IPA files, otherwise you cant run them. as much as with googles new policy you now need to pay 25€ + your full name to get a signature, to sign the Apks with
Yea but Apple got sued into allowing that
Now we have to get EU on the case 😀
I have LineageOS on my second phone, so the issue doesn’t apply to custom ROMs, as the developers assured me. On my main phone, however, I still have the stock ROM because it’s a new and expensive phone, and there are no custom ROMs for it yet, especially as it’s a MediaTek. If they try to block sideloading, it would be a good time to report it to the European Union.
They also stopped support that allowed for easier development of custom ROMs a couple weeks back. So it’s not good news for custom ROMs. Either someone needs to form Android for good, or Linux phones are our next best bet.
Back in 2019 when the leadership changed, they moved to be 100% about advertising, which is why Google started going browser fingerprint tracking. Invasive is the name of the game. Within 6 months of that, they’re also locking down their entire ecosystem like Apples does, specifically to squeeze more data out for advertising. This isn’t an action taken in a vacuum.
Just get root, and it wouldn’t be too difficult to bypass.
I already bypass many of Google’s stupid and arbitrary restrictions like their minimal SDK version requirement for side-loading apps and such with Magisk and Xposed modules.
Are you sure it won’t apply? As far as I understand, it’ll apply to all devices with Google services installed. Which includes most ROMs, as well as non-Google ROMs after you manually install gapps. Is my understanding off?
The requirements apply to all “Google-certified Android devices” which includes:
Devices with Google Play Store
Devices with Google Mobile Services (GMS)
Devices with Play Protect
All mainstream Android devices from manufacturers including Samsung, Xiaomi, Motorola, OnePlus, and Google Pixel
Custom ROMs without Google services & uncertified devices are not affected by these restrictions.
From the linked wiki.
I don’t have Google services, nor do I ever plan to install them. I’m perfectly happy with F-Droid, Aurora Store and NeoStore.
Soon aurora store may stop working. They could add some crap to the apks in the play store that checks whether the phone has google services. So either the devs put their apks somewhere available (like on fdroid, which most wont do), or theyll just put their binaries on the play store, which will just be a useless blob for those that dont have play services. Then we get another shitty cat an mouse game about spoofing play services, them catching up, on repeat.
> be me
> buy new phone, chose android cause I can install anything on it
> get free iphone from work
> sell iphone on ebay cause I can install anything I want on my android
> google doesnt want me to install anything I wantFuck me. I kept the wrong phone.
So in your world, a completely locked down phone is better than a phone that you can easily open up again by flashing a ROM or replacing Gservices for MicroG with adb + Magisk?
If Google is going to lock down my device to the point where I can’t install apps without their permission, I might as well dump Android and go straight to Apple. I sacrificed my phone being good for the openness of the platform, but if Google loses that openness, why shouldn’t I go with Apple?
The only answer is money at that point. I don’t know how much phones are these days, but aren’t iPhones like $1400, but Android is like $900?
I may be wrong though. Last time I bought a phone was 2018, and it was $600. Still using it.
I already tend to buy the expensive flagship models of phones. I buy unlocked and it lasts me ~5+ years, so I get the best phone I can get at the time and make it last, so money isn’t as much of an issue if I were to move to an iPhone.
Apple hardware has always been a generation ahead. Even when android/qualcom catches up, next generation is out already. The reason to avoid apple was it being a closed system money grab.
Apple hardware ahead of Android? I’ll have what you’re having!
a18pro beats M3 max in single core. Compared to 7840hs, it has 40% high single score geekbench 6, though 50% less multicore. Even beats ai395max at single score. Android competition catches up to even in gaming/gpu, but single core/responsiveness is still light years ahead. a19 next month, likely. M3 ultra has competitive aspects to xeon and epyc. Apple definitely has a lead on arm implementations.
Please show me a single benchmark with a flagship android beating a flagship iPhone.
Can you at least put a custom ROM on to disable this?
The issue is that Android used to be open source but they’re moving to closed source under the guise of security as well which will make it difficult/impossible to update the rom
Joke’s on them, my phone only cost $300
Same here, got a recent (so not completely new) Xiaomi 13T Pro. Very little crap on it and it has impressive specs like 16GB RAM, 1TB storage and a very good Leica camera.
I’d love putting Linux on it one day, the specs are almost as good as my main PC lol.
I think I am just done with the whole concept of the convenient prepackaged tech product, and especially staying “connected” with them.
For example, I stopped wearing a smart watch this summer and it’s been a positive. I was the type to wear it 23 hours a day and track my sleep with it and everything. It turns out that not instantly seeing every notification or knowing the exact minute of the day are not a big deal, sans are even good for me.
Part of what I’ve also done is use my phone a lot less and my linux desktop a lot more. I use it as a mobile communication device and not my computer for everything. I guess the next time I need to replace it I’ll either get an iphone since everybody in my family has one, or I’ll see where these wonderful Linux phone projects end up.
I know it’s not really ready for it yet, but I guess I’m gonna be looking into a Linux phone before I thought I would.
Will this kill FDroid ? I imagine yes since you have to install it from a download.
My suspicion is that the main purpose of Googles decision is to stop F-Droid and Aurora Store from working.
They don’t care about those.
They want revanced and other ad circumvention tools out.
They ARE an ad company, you know?
And especially any youtube app that blocks ads. OF COURSE Google will never allow Newpipe, Revanced, FreeTube and so on to be installed on Android phones ever again.
None of those have worked for me on Android since a couple of months.
Firefox with uBlock Origin is the last bastion, and don’t think that’s not on their radar.
I’ll just buy and use decade old phones with unlocked bootloader till I can. There’s barely any innovation in phones these days and I’m sure someone will come to fill the gap Android left (hopefully Linux). I’m still using my 5 year old phone degoogled with custom a16 and still going strong. I also have a backup pixel 6 in case the current one breaks. I can easily wait 10-15 years.
Banking Apps in my country doesn’t even install on Android version of previous 2 version, because “security” reasons…not because of their incompetence to make their app more secure. I had to buy new phone to use my own money.
This do not depends on bank incompetence, it depends from the regulations the banks need to follow.
And for the same reason you cannot install on a rooted phone (or at least, you should not be able to do it)
