Google's new developer verification requirements starting September 2026 will force ALL Android app developers to register with Google - even those avoiding the Play Store entirely. F-Droid, the tr...

Fuck Google with a stiff wire brush.

  • Arghblarg@lemmy.ca
    58·
    1 day ago

    I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.

    I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.

    Of course, this will only help those whose devices GrapheneOS can run on.

      • rumba@lemmy.zipEnglish
        4·
        3 hours ago

        Shouldn’t they be keeping bypass strategies a secret right now?

        They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.

        If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.

    • Truscape@lemmy.blahaj.zone
      48·
      1 day ago

      The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.

    • other8026@lemmy.mlEnglish
      21·
      1 day ago

      Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.

      • BCsven@lemmy.ca
        6·
        23 hours ago

        I think the issue is new hardware and google starting to close source android, so that Graphene devs don’t have the open source to work with. They’ll probably get binary blobs

        • other8026@lemmy.mlEnglish
          1·
          3 hours ago

          It’s my understanding that the changes that were made didn’t make things more or less proprietary. Some drivers are still open source, others are still closed source. The device trees mostly have other things in them like configuration files and stuff like that.

        • other8026@lemmy.mlEnglish
          1·
          3 hours ago

          It just won’t work on GrapheneOS. Not sure if disabling it will work on the stock OS. We will have to wait and see on that one.

      • other8026@lemmy.mlEnglish
        15·
        1 day ago

        The way Google will block apps with unverified developers won’t work on GrapheneOS. The change won’t be part of AOSP. On the stock OS, the functionality will be handled by another Google app that has privileged access. GrapheneOS won’t be affected directly.

    • ORbituary@lemmy.dbzer0.comEnglish
      7·
      1 day ago

      I hope so as well. This debacle with RCS not working on GrapheneOS has been a real dick-punch. I really don’t want to go back to a stock OS.

      • rhythmisaprancer@piefed.socialEnglish
        3·
        19 hours ago

        I have accepted no RCS. I miss some of the features, sure, but until I can get more than one person to use something like signal I’ll stick with insecure SMS thru a FOSS provider I guess.

      • other8026@lemmy.mlEnglish
        3·
        1 day ago

        It’s my understanding that RCS was fixed for most users after this update: https://grapheneos.org/releases#2025092700. You may need to grant permissions to Google Play Services first, then clear Google Messages’ storage, grant permissions to Google Messages, then try setting it up again.

        • ORbituary@lemmy.dbzer0.comEnglish
          4·
          1 day ago

          It was not. I have been on the Discord #Testing channel working with others to troubleshoot. Those steps do not work.

          It seemed to be fixed on the 20251003 release, a lot of people got it working for a while, including me. It died within 24 hours.

          • other8026@lemmy.mlEnglish
            1·
            3 hours ago

            I said “most users”. There are some who are still experiencing issues, which is being looked into. Other people have had issues that were fixed by clearing the storage for Google Play, Google Play Services, Google Messages, then granting all necessary permissions before launching Google Messages again.

      • Chulk@lemmy.mlEnglish
        3·
        1 day ago

        I thought the RCS thing was also happening on stock Android? Wasn’t it more of a carrier thing?

        • ORbituary@lemmy.dbzer0.comEnglish
          5·
          1 day ago

          It’s been largely fixed for stock with select regions still being affected. RCS is failing on GOS because the correct device ID isn’t getting reported and the verification services won’t authenticate the OS.

          It’ll work for about 24 hours, give or take, from a fresh installation, but after that RCS dies and no longer works. Any groups you were in will see you as departed and you will lose any future messages to that group.

          It’s pretty fucked.

          • Chulk@lemmy.mlEnglish
            6·
            1 day ago

            Thanks, I had no idea of the severity. I wonder if they’ll be able to fix it.

            I convinced my fiance to switch over to GOS because I’ve had moderate success with it for about a year now. So of course this happens as soon as she made the switch. Now she’s talking about getting an iPhone.

            • ORbituary@lemmy.dbzer0.comEnglish
              3·
              1 day ago

              Ain’t that how it always goes? Best I could do with mine was to get her to use Signal. Better than nothing, I guess.

  • nicgentile@lemmy.world
    16·
    1 day ago

    This will face legal hurdles, especially in the EU and China. It reminds me of the time Microsoft played shell games with Chrome and Firefox and then lost eventually. That being said, it will kickstart a new mobile OS arms race, not necessarily to beat Android but for choices.

    • ISOmorph@feddit.org
      9·
      1 day ago

      This will definitely not be challenged in the EU. It’s the whole basis that makes chat control possible on a technical level.

      • porous_grey_matter@lemmy.ml
        8·
        24 hours ago

        The markets authority and antitrust offices are different people than the chat control people, they aren’t a unified organisation, they will probably argue about it.

      • nicgentile@lemmy.world
        2·
        22 hours ago

        I’m surprises at how SailfishOS has a limited presence. This could be that moment. HarmonyOS is sick. I’ve seen it in action and it is on another league.

      • JBrickelt963@jlai.lu
        2·
        4 hours ago

        Above all, the organisation behind it must be or become sufficiently robust, like GNU/Linux, in order to take up the torch, but that requires a lot of financial backing.

        It’s not impossible, but in my opinion it won’t happen right away and is likely to take time to implement. Once that’s done, the only issue left will be installation (for users, that is).

        • Corridor8031@lemmy.ml
          1·
          2 hours ago

          I am not really sure, but i think i have read that google and android has to split up because of cartel laws at some point,

          and i hope this might make things better (considering that like a lot of different companys do rely on android after all), but it is a fragile hope

      • LedgeDrop@lemmy.zip
        1·
        17 hours ago

        … except for the binary os blobs, that’ll need to be reverse engineered to run it on… well… any real hardware /s

          • LedgeDrop@lemmy.zip
            2·
            6 hours ago

            As far as I understood from Graphene, when Google released the source code for Android 16, they also stripped all the reference code for Pixel devices.

            Historically, Google would ship the code for Pixel and a software emulator as “reference designs”. Now, it’s only shipped with the emulator.

            The Graphene Team needed to reconstruct the pixel code from the Android 15 release. Fortunately, the divergence between Android 15 and 16 was minimal, but I’m certain the division will widen as time goes by.

            • Corridor8031@lemmy.ml
              1·
              2 hours ago

              yeah i think i understood it like that too, but they sounded confident that this was a one time issue and that it wont really be a problem now for future releases

              but sry i am not really sure what you mean/ the connection is to the topic/ the os/ driver and firmware blobs?

  • NeedyPlatter@lemmy.caEnglish
    10·
    1 day ago

    sigh and here I was looking forward to switching back to Android since I missed being able to install APKS…

  • Flax@feddit.ukEnglish
    2·
    1 day ago

    Couldn’t f droid in theory request their own key?

    This is a terrible situation, but surviving for a few more years isn’t a bad idea

      • Ephera@lemmy.mlEnglish
        5·
        23 hours ago

        Here’s the relevant quote:

        The F-Droid project cannot require that developers register their apps through Google, but at the same time, we cannot “take over” the application identifiers for the open-source apps we distribute, as that would effectively seize exclusive distribution rights to those applications.

        I think that last sentence is saying that it would work, if developers decided to exclusively distribute to F-Droid and effectively gave up control over the app to the F-Droid team.

        I’m thinking there might be a possibility to register the same app under two different identifiers, one controlled by F-Droid, the other by developer.
        But yeah, this makes some things more complex and might be deemed malicious behaviour by Google.