Google's new developer verification requirements starting September 2026 will force ALL Android app developers to register with Google - even those avoiding the Play Store entirely. F-Droid, the tr...
I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.
I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.
Of course, this will only help those whose devices GrapheneOS can run on.
Shouldn’t they be keeping bypass strategies a secret right now?
They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.
If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.
The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.
Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.
I think the issue is new hardware and google starting to close source android, so that Graphene devs don’t have the open source to work with. They’ll probably get binary blobs
It’s my understanding that the changes that were made didn’t make things more or less proprietary. Some drivers are still open source, others are still closed source. The device trees mostly have other things in them like configuration files and stuff like that.
The way Google will block apps with unverified developers won’t work on GrapheneOS. The change won’t be part of AOSP. On the stock OS, the functionality will be handled by another Google app that has privileged access. GrapheneOS won’t be affected directly.
I have accepted no RCS. I miss some of the features, sure, but until I can get more than one person to use something like signal I’ll stick with insecure SMS thru a FOSS provider I guess.
It’s my understanding that RCS was fixed for most users after this update: https://grapheneos.org/releases#2025092700. You may need to grant permissions to Google Play Services first, then clear Google Messages’ storage, grant permissions to Google Messages, then try setting it up again.
I said “most users”. There are some who are still experiencing issues, which is being looked into. Other people have had issues that were fixed by clearing the storage for Google Play, Google Play Services, Google Messages, then granting all necessary permissions before launching Google Messages again.
It’s been largely fixed for stock with select regions still being affected. RCS is failing on GOS because the correct device ID isn’t getting reported and the verification services won’t authenticate the OS.
It’ll work for about 24 hours, give or take, from a fresh installation, but after that RCS dies and no longer works. Any groups you were in will see you as departed and you will lose any future messages to that group.
Thanks, I had no idea of the severity. I wonder if they’ll be able to fix it.
I convinced my fiance to switch over to GOS because I’ve had moderate success with it for about a year now. So of course this happens as soon as she made the switch. Now she’s talking about getting an iPhone.
I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.
I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.
Of course, this will only help those whose devices GrapheneOS can run on.
Shouldn’t they be keeping bypass strategies a secret right now?
They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.
If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.
The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.
Do you have source to this?
Just check the project’s X account. The OEM partnership is mentioned very regularly.
Hope it’s a Chinese phone
Hope it’s Fairphone.
It’s a bit of telephone, I originally heard it from this user.
https://lemmy.blahaj.zone/comment/16087016
Wdym a device that meets theur specs, as in a replacement for the Pixel? Or straight up a GrapheneOS device, standalone?
A device that meets GrapheneOS’s requirements to be installed on. I don’t think it will be exclusive or anything.
Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.
ROFL we got redstarOS on mainstream phones before gta6
I think the issue is new hardware and google starting to close source android, so that Graphene devs don’t have the open source to work with. They’ll probably get binary blobs
It’s my understanding that the changes that were made didn’t make things more or less proprietary. Some drivers are still open source, others are still closed source. The device trees mostly have other things in them like configuration files and stuff like that.
Soooo we just block that app, right?
It just won’t work on GrapheneOS. Not sure if disabling it will work on the stock OS. We will have to wait and see on that one.
And how long is it going to work?
Do we really want to play cat and mouse with Google? I don’t.
The way Google will block apps with unverified developers won’t work on GrapheneOS. The change won’t be part of AOSP. On the stock OS, the functionality will be handled by another Google app that has privileged access. GrapheneOS won’t be affected directly.
Right… I want to see Linux distros.
android is the linux distro
I hope so as well. This debacle with RCS not working on GrapheneOS has been a real dick-punch. I really don’t want to go back to a stock OS.
I have accepted no RCS. I miss some of the features, sure, but until I can get more than one person to use something like signal I’ll stick with insecure SMS thru a FOSS provider I guess.
I have like 40 people on Signal and regularly chat with a dozen of them there. Some people see the benefits, others don’t. I am lucky.
That sounds great! So far, after five years, I have won a single person. Even back when Signal worked as a more regular messenger. Happy for you 🙂
Hopefully we can all get more people on it. I adopted Signal almost ten years ago, so that helped. Keep spreading the word and it’ll grow.
Thanks for the encouragement! The one person is a key player in that network so maybe! Hard to fight with the apple folks.
The kool-aid is sugary.
It’s my understanding that RCS was fixed for most users after this update: https://grapheneos.org/releases#2025092700. You may need to grant permissions to Google Play Services first, then clear Google Messages’ storage, grant permissions to Google Messages, then try setting it up again.
It was not. I have been on the Discord #Testing channel working with others to troubleshoot. Those steps do not work.
It seemed to be fixed on the 20251003 release, a lot of people got it working for a while, including me. It died within 24 hours.
I said “most users”. There are some who are still experiencing issues, which is being looked into. Other people have had issues that were fixed by clearing the storage for Google Play, Google Play Services, Google Messages, then granting all necessary permissions before launching Google Messages again.
I thought the RCS thing was also happening on stock Android? Wasn’t it more of a carrier thing?
It’s been largely fixed for stock with select regions still being affected. RCS is failing on GOS because the correct device ID isn’t getting reported and the verification services won’t authenticate the OS.
It’ll work for about 24 hours, give or take, from a fresh installation, but after that RCS dies and no longer works. Any groups you were in will see you as departed and you will lose any future messages to that group.
It’s pretty fucked.
Thanks, I had no idea of the severity. I wonder if they’ll be able to fix it.
I convinced my fiance to switch over to GOS because I’ve had moderate success with it for about a year now. So of course this happens as soon as she made the switch. Now she’s talking about getting an iPhone.
Ain’t that how it always goes? Best I could do with mine was to get her to use Signal. Better than nothing, I guess.