Privacy[...]
In the new blog post, Google’s Matthew Forsythe confirms that the developer verification system is slated to come online on September 30 of this year. The initial deployment will be limited to countries with a high level of app scams: Brazil, Indonesia, Singapore, and Thailand.
[...]
Google released its new developer console back in March, inviting external developers the opportunity to pay $25 and verify their identities early. Developers who don’t register will find that their apps cannot be sideloaded on Google-certified Android devices once verification has rolled out. Google says that almost every app in the Play Store is now ready for the change, and a “large majority” of apps outside Google Play have completed verification.
[...]
Google says it will verify the apps in the following stores when it begins enforcing the new restrictions.
Google (Google Play)
Honor (HONOR App Market)
OPlus (OPPO App Market)
Samsung (Galaxy Store)
Transsion (Palm Store)
vivo (V-Appstore)
Xiaomi (GetApps)
[...]
The next step toward verifying apps will come this month as Google deploys a new system service on most certified devices. The package (com.google.android.verifier) will appear on phones and tablets running Android 8 or higher, allowing Google to block the installation of unverified apps. It will remain dormant until verification is activated in your specific region.
In July, Google plans to roll out the new developer APIs and begin testing for “limited distribution” accounts. This is Google’s solution for hobbyists who want to make their own apps and share them with a small group. Limited accounts won’t require a fee or government ID verification, but you can install these apps on up to 20 devices.
In August, the advanced flow will become available globally ahead of verification becoming mandatory in the first markets. As detailed a few months ago, the advanced flow will allow users to bypass verification, but the process isn’t easy. You’ll have to navigate to a buried menu, confirm you understand the risks multiple times, and wait a whole day before completing the process.
And that brings us to September, when Android devices in Brazil, Indonesia, Singapore, and Thailand will begin checking verification status before installing apps. However, things get murky after that. Google will undoubtedly monitor how verification works as millions of users are suddenly limited to verified apps, which could affect how it moves forward. Google says it intends to expand developer verification in 2027, eventually making it a global device policy.
Unlinked, code 7919e0d4
Sooo if I just use adb to disable that service
com.google.android.verifier
I wont have to put up with google's bs?
Yes, but forcing all users to do that will kill off 90% of the market for F-Droid.
That kind of behavior calls hard fork. Fuck off google.
Oh I didnt mean anyone else should I was just trying to confirm my thoughts on whether this would work
Trust me fuck Google and this is horrid news for FOSS so I hope there can be some fight back against this dictatorial censorship... Google is evil for trying to create a walled garden like Apple's out of android
That's not what I meant. I meant that yes, there are technical ways to get around this garden wall.
But only a very small percentage of users will know of it, or dare open a terminal to issue adb commands to their phone.
So the majority will be locked out of open and free app stores despite the technical possibility to keep using them.
And with fewer users, there will be fewer developers and fewer apps available.
GrapheneOS is the way to go
I hate this timeline
Maybe Commodore saw this coming and that explains the crazy pricing of their linux flip phone.
May a thousand bricks breach Google HQ's windows.
Hey Google, could you not dictate what I'm allowed to install on my own damn device for my "safety"? I don't need a third parent, and if I had to pick one it wouldn't be you.
Up until now, I haven't been overwhelmingly emotional about all the horrible things happening right now.
I don't know why this news hit me particularly hard. Reading it made me feel like a part of me died. Got glassy eyed. This kind of feels like the final betrayal in a sense. Not the ultimate betrayal, but one super close to my heart.
Hey, it's gonna be alright
-You still will be able to sideload apps, they just add a nasty 24-hour cooldown -In the meantime, it's worth having a migration strategy to a mobile OS that actually respects you - be it Graphene, Lineage, or Linux/Sailfish.
Yep, it's time to start moving away from these big tech companies and develop utz competitors
be it Graphene, Lineage, or Linux/Sailfish.
The prob comes when the ONLY mobile OS that work for the things ppl want to do are IOS and Android. We could see a world where MOST web sites are locked behind chain-of-trust reqs. Certainly all the important ones needed for normal life.
We're not quite there today. But it is the direction.
I'm so tired of everything being made shittier all the time and being able to do nothing about it.
Just a waiting game for Linux to save the day again.
Should be a challenge, “how can I help Linux get there?” If more of the general public tech enthusiasts were interested in developing this out, I have no doubt it could be done in months time. Ref: be the change you want to see in the world.
For sure, but all I can do is report bugs and donate money here and there. I don't have the skills for such advanced development myself.
Pathetic
Fuck this shit!
How greedy are you?
How can I stop it from happening on a Samsung s25? Can I just not update Google services somehow? Atleast until I can import a phone with graphene or Motorola releases one? I dont care about the apps from outside store but I do about the verified device shit.
I really just hope that this "com.google.android.verifier" package won't become a system app so i can just uninstall it whenever it appears on my device.
Google, you stick to your guns, I'll stick to mine. Sayonara.
This is like if Walmart started policing what products Target can sell and policing what products can go into your house, while not bothering to police their own store.
So is there a way to bypass this or is basically everyone using a phone that isn't one of the fancy Linux ones essentially fucked?
https://github.com/woheller69/FreeDroidWarn#solutions
Here's a copy/paste, sans hyperlinks:
Developer verification will be enforced on certified devices with Google Play Services installed, which is the majority of Android devices. There are options to bypass the restriction:
- Use a free, uncensored Android system like /e/os, LineageOS, or GrapheneOS that does not preinstall Google Play Services.
- "Degoogle" by removing Google Play Services. If it is a system app, you can uninstall it using ADB.
- Install apps via ADB. Google has already confirmed that ADB will continue to work in the future. You can either use ADB from a PC as described below or use a wireless ADB based installer like anyapk.
Oh, cool, didn't know there were so many alternative app stores. Based on a quick google search it seems Xiaomi is the only one with a web interface and that hosts Qobuz and Discord.
I’m not happy about this but they really have no choice.
The android app marketplace is infested with spyware and Android devices were recently found to be the vector for one of if not the worlds biggest botnet (super/bad box).
If you wanna be able to keep using your os to make ad money you gotta lock it down and since Android is largely open source and used by tons of oems that means locking down some part that you could conceivably do without but no one really will.
look, I trust F-droid and open source apps more than I trust the sponsored garbage on play store alongside shit like kalshi and candycrush. The security point is moot. The call is coming from inside the house.
As for ad money, being one of the most grossly profitable corporations in the world isn't enough? Must line go up always? At what point is having an absurd amount of profit enough? Where is the line?
None of this even attempts to address the problem of Google Play (the primary android app marketplace) being filled with malware. Every single app that's being distributed through Google Play today already has a "verified" developer by the same criteria they're applying system-wide. That malware can continue working as it already does without any changes.
This is exclusively about Google imposing control on all apps distributed through channels that otherwise used to be outside Google's control.
Google's claimed reasoning is that this control is a good thing and makes them be able to block apps made by malware developers in the same way they already do in Google Play, even for users who install apps from other sources. Critics disagree because Google forcibly taking personal information and money from all software developers and wielding the ability to remotely kill any app they don't like for any reason have far wider consequences than protecting users from malware, and the proliferation of malware on Google Play shows how (in)effective Google's measures against it are. Neither side believes or claims this can or will make Google Play any safer.
Yes it does.
It forces developers to register if they wanna distribute software. Now they can’t just pivot to a new identity whenever they’re under investigation.
It prevents devices from running software from unverified developers. Now the malware developer can’t just use a third party store to bypass the verification requirements.
That’s both sides of the coin, but wait, there’s more:
End users can disable it if they’re willing to go without play services or can do their own sideloading and support with a “limited” developer account.
The end result is not a panacea that fixes every problem with Android but a move to bring the various official android marketplaces in line with the ios app store.
Google already does what it should: sideloading apps requires you to manually approve the source, and when you do, a popup appears warning user of potential dangers. No need to play daddy any more than this.
Having a locked ecosystem is very convenient and profitable for Google, but terrible for its users. Google wants this walled garden not out of safety, but to get a tight grip on the app stores - and get a solid buck while doing it.
They should police their own store then. Fuck this "oh they have to" shit.
This is what it looks like when they police their store.
The phone someone purchased from Samsung isn't "their store" bud. The play store is.
And someone can either disable the system service that does this and go without play services (which is their store) or get a “limited” developer account and keep doing whatever they’re doing.
This is what it looks like when they try to police the software that's NOT from their store (or their partners).
All the Google-verified malware that infests Google's marketplace will continue to be a problematic vector after this change. But this change will put obstacles in my attempts to install safe alternatives that are free of malware and not part of Google's junkyard or spyware full of anti-features.
