- cross-posted to:
- degoogle@lemmy.ml
- cross-posted to:
- degoogle@lemmy.ml
You must log in or # to comment.
This kills Aurora store and other alternate play store frontends that are entirely based on spoofing your identity when you download an app. Of course, you can still install these things on Custom ROMs I assume, since those aren’t going to be verified Android or whatever google is calling this bullshit, right?
You guys keep misrepresenting things I disagree with and make me fact check them, then argue with me as if I’m agreeing with them.
Google isn’t killing Open Source Android apps, although it may very well kill F-Droid. Open source devs can definitely still register and provide their apps as a standalone APK.
This does open the door to Google refusing to grant an account to people they don’t like, although they haven’t done that yet, and it should be noted that as they present it once you have a dev account you can just sign as many apps as you want.
The real eff you from Google to F-Droid here is that they are presenting two types of accounts you can use for this: dev accounts, meant to publish on Google Play (although potentially you could just… not do that) and student/personal accounts that are free and they claim are meant for hobbyists. I’ve heard rumbings online about what the dividing line will be between them, so that may be a functional workaround for anybody who doesn’t want to be on Google Play, but I haven’t seen anything specific from Google on it other than “it’s coming”. It does stand out that “I’m an Open Source dev who doesn’t care about Google Play” is not part of the equation here, though, and “I’m F-Droid and I intend to build and verify a TON of apks” is also not accounted for at all.
And of course there now will be a direct paper trail between any signed app and an organization or individual, which is a legal liability issue for a number of app developers. At least on phones. Non-Google certified devices (think Android SBCs and handhelds) should still be able to load unsigned APKs, although those are residual.
I mean, that’s all really bad. Why do we need the hyperbolic “Google is killing Open Source” framing? The real thing is bad enough and it doesn’t make me show up to argue about it. Plus you could have accurately stated “Google kills anonymous apps, threatening alternate app stores” and that would have been 100% accurate and just as horrifying.
let’s be real, this is entirely to kill revanced
“Google refusing to grant an account to people they don’t like, although they haven’t done that yet”
I have no trust that they will play honest or cleanly with that. Google has a knack for banning accounts randomly, and that’s a ban for everything, gmail, YouTube, AdSense. Now give them a reason to ban me for any of the apps I choose to sign. Created an app for tracking ICE agents? Good bye gmail account. A VPN app to circumvent porn bans and the government said that’s a no-no? No, more account for you.
I don’t care who you trust, honestly.
I have no patience for slippery slope arguments to justify poor reporting or misinformation.
For what it’s worth, I do think there is a slippery slope and it’s reasonable to expect things to tighten down the line without regulatory intervention.
But that doesn’t matter, because this is bad even if nothing like that happens down the line, and even if Google can’t be trusted the coverage is misrepresenting the issue.
Man, I hate the Internet.
I’m with you on the misinformation bit. But while it wouldn’t be honest to report that Google is restricting developers now, I think it’s absolutely fair to criticise and react to them building the scaffolding for such abuse down the line.
Like the UK isn’t outright banning websites promoting trans rights or other “undesirable” political movements, but they now have the technical and legislative tools to easily expand on it.
I’m not equating the two, and I agree it’s important to differentiate between what’s currently happening and what could be.
It is absolutely fair to criticise them for the stuff they are actually doing, yes.
That’s why I wrote:
I mean, that’s all really bad. Why do we need the hyperbolic “Google is killing Open Source” framing? The real thing is bad enough and it doesn’t make me show up to argue about it. Plus you could have accurately stated “Google kills anonymous apps, threatening alternate app stores” and that would have been 100% accurate and just as horrifying.
Again, there is no need to slippery slope this crap, because it’s bad now. So why even point out how little you trust Google will do the bad thing they said they are doing for 100% real and imagine a worse thing they’ll do later, even if it’s likely that they will? All it does is invite pedants like me to argue with you, which can then be weaponized by Google to say you’re deliberately misrepresenting the issue.
I see you are getting some down votes, it’s not me, I swear! Your views on this are sound in my eyes.
I should have said I liked the rest of your post, it was only the bit I quoted I wanted to add in my opinion, but I kinda forgot to mention that :)
No worries, I appreciate that.
FWIW, I don’t really care about downvotes either way. I am clearly not here to pander, with my “NUANCED POINT IS NUANCED, YOU NAUGHTY, NAUGHTY CHILDREN” persona.
but app devs and users should be free to do whatever they want without anyone interrupting them.
IT’S THEIR PHONE AND NOT ANY OTHER ENTITIES’.
Cool.
So title the video like that and don’t misrepresent it and I’ll be here agreeing with you.
“But I disagree with what Google is doing” is a non sequitur here.
wdym “title the video like that and don’t misrepresent it”?
i did not make the video
???
I know. And I didn’t defend Google’s ownership of your phone.
See how annoying that is?
The second person is rhetorical there. I’m saying whether you believe that in all caps and bold letters is entirely irrelevant to whether the video title is misrepresenting the issue.
Reasons:
-
Mass surveillance
-
30% on app sales
-
Sell all your data
-
Remove any and all ad blockers
Etc
-
My man Blaze is having a rough time.
Next version of Android 14 Graphene OS flavored with desktop mode and Linux apps will give plenty of time to wait for my next phone.
Get Linux phone. There are some decent ones coming out.
To get more control and more money. Saved you a click.
Yeah it’s a real same thing we do every night pinky vibes.
Google made Android to get a foothold into the market. The free and open model was only because they were up against Apple. Don’t nobody kid yourself into thinking their intent was all along anything other than being able to rake it in and have total control just like Apple. They just needed an in to get big. Now Android is huge and now they wanna slam the door and lock everyone down and start really fucking the cash out of everyone’s asses.
Embrace. Expand. Extinguish.
I started using Android in 2011, IIRC, the enshittification has hit hard.
Is there any partition in the E U to stop Google from implementing their developer verification system?
Like Stop Killing Games?
When will this game of endless ping pong with big tech overreaching human rights end
As soon as big tech ends, no sooner.
Telling people to file DMA complaints may be a start, ostensibly it was passed to prevent monopolists from locking things down like this, a stick that has already been used on Apple with some success: https://digital-markets-act.ec.europa.eu/contact-dma-team_en
Done
The EU hasn’t even been able to stop Apple, who’s been doing this for 20 years.
And yet the EU did force Apple to goddamn finally use USB-C in their phones. It wasn’t out of their own goodwill.
And to allow installing non-market apps. Apple wasn’t happy about that in the slightest.
And implemented it in the shittiest way possible
And got away with it, which probably assured Google that they can do something similar (though coming from the opposite direction) without upsetting the EU…
Rumor has it that sideloading will still be possible using ADB, that is the shittiest way possibile
There probably will be an exception for the EU. I imagine.
Unfortunately, I think this plays into the EU Cyber Resilience Act, and the developer verification is how Google is trying to comply with it…
Distributors and importers must verify that products comply with CRA standards before selling them. They must review technical documentation, ensure that software does not have known vulnerabilities and comply with update obligations. They must work with vendors to report vulnerabilities and request patches. Finally, they must conduct audits to ensure continued security over time.
[…] Finally, the resilience of mobile apps must be verified through regular testing.
Iiinteresting.
Everyone is suggesting LineageOS, but my big questions are:
- Won’t ROMs/forks be affected too if this becomes mainstream? Google closed Android’s source (probably exactly for this)
- Should I just try going full Linux phone?
Few weeks ago google started messing with aosp. I don’t really remember what they did but I think it was either delaying security patches or something to do with firmware. The point is that they can lock apks while pointing at Roms to call the privacy users, then few years later, kill Aosp and we are done
They are withholding device trees and driver binaries for Pixel phones in addition to releasing security patches when they see fit.
-
Maybe - the community tends to patch out these kinds of things
-
probably not as they aren’t very mature
-
This is only affecting roms that are Google approved and have Google play services installed meaning that going to a custom rom will fix this but also that any device currently supported by GPS will be affected. Therefore even old unsupported devices which are no longer receiving updates from their manufacturer will be locked down without the user’s choice
Google “certified” is the proper terminology. But no, it will affect the entire Android ecosystem, because people won’t develop FOSS apps for the <1% of users on uncertified devices.
even old unsupported devices which are no longer receiving updates from their manufacturer will be locked down without the user’s choice
Source?
The lockdown is not in android itself but in Google services so if the device is on a new enough android version (not very new like marshmallow) the lockdown will apply. If the lockdown were in android itself it would affect(effect? Idk) all roms
Either we’re having two different conversations, or I completely don’t understand what you’re saying.
How would GPS services affect a roms ability to sideload 3rd party apps, and 3rd party app stores?
They call Google Play Services “GPS”, it seems. I was also a bit confused, thinking of the Global Positioning System.
deleted by creator
Gps ties into android at a pretty low level so it can control a lot of things
So is it worth investing time into something like LineageOS?
Yes definitely especially considering it’s not much time to invest at all you just install once then update like normal
Yeah, I’m fixing to move to either /e/OS or LineageOS. I’m leaning /e/OS, but I’m worried it’s less supported than LineageOS for a newbie like myself. On a side note, I also need to go through all my Authy 2FA keys and refresh them because Authy is too locked down to work on anything but a “real” android phone. That’s going to be another PITA.
On a side note, I also need to go through all my Authy 2FA keys and refresh them because Authy is too locked down to work on anything but a “real” android phone.
Oof. One of the things I love about Aegis is that I can export and import encrypted MFA configs, to recover from a lost or reinstalled phone.
Yeah, I really shot myself in the foot when I originally went with Authy. I remember looking around for an alternative to Google Authenticator back in ~2014 when I got my first smartphone, and Authy was recommended at the time. Had I been more worried about FOSS back then I might’ve picked a better solution.
I am enjoying /e/ on the Fairphone.
Im very tempted to just get a small cyber-deck setup and “call” it a day ;). https://www.clockworkpi.com/shop is VERY close to what I want.
Serously, the only people that “Call” me are spam callers. Everyone SMSs or something similar. A small linux device can do the same when you think about it. The only thing I am missing is a directions app and Ill personally be fine.
This is the first time I’ve seen a device like this, super cool. Thanks for sharing.
If by “directions app” you mean navigation, there are several on F-Droid. I keep seeing lots of positive talk about Organic Maps lately if you need somewhere to start.
Comaps… Organic maps had some drama about how they handle the money and control a single point of failure with the map server address. So it was forked to comaps.
I honestly don’t use my phone much either, it’s as you say, mostly for text based messages.
Luckily I don't get spam calls because in my country we have pretty good privacy laws still:
like my number is set to private and I’m on the “Robinson” list, and if someone calls that’s not in my contacts list I don’t pick up. Cold calls is how they get ya, and once they know there’s someone picking up, it’s like sharks smelling blood.
The app I use the most, besides my banking app (which I’ve confirmed works in waydroid aka LineageOS), is probably the Lidl app 😂.
I do still use Google Pay quite a bit, but I’m fine going back to card. I don’t even know if NFC works in LineageOS or /e/OS.
And like you said, as long as the phone can do some GPS stuff for navigation, that’s mostly all I need. And browse the internet (IronFox) every now and then.Yes, NFC works in custom roms. You can replace Google Pay with Curve Pay and others more local options. Some countries have independent payment systems that work ass contactless payment.
Yes, NFC works in custom roms.
That’s good to hear.
Google’s version of android isn’t the “real” one, it’s the (soon to be even more) defective one.
I would go Lineage OS since it is more mainstream
Yeah, that’s what I’m thinking as well. I just like /e/OS defaults better. But having tried LineageOS via Waydroid I think I’ll be fine using that. I can probably harden it manually if needed.
Try Iodé, try crDroid, ResurrectionRemix, Havoc, or Bliss. They all have nice features to offer.
I’m running /e on a Galaxy Note 4 and it’s nice but nothing magical.
Thanks for the suggestions. I’m on an older phone, Samsung A52 5G so there’s not a lot of options. Of the ones you mentioned I checked and crDroid was the only one that supported it for sure.
crDroid is a really good one. I have it on a few devices. Quite a bit older even than yours and it runs beautifully. One of my faves.
/e and others like it are just flavors. I happen to like Bliss and crDroid and several others as well. But they aren’t exactly unique, so whatever ROM will work for what you need is what you should go with.
Thanks, that’s actually great to hear. Otherwise I could’ve spent weeks looking into the differences. Surprisingly crDroid is offering a version based on Android 16 for my device, they seem ahead of the curve.
I’ve tested quite a few and most of the differences lay in what kinds of customizations have they built into the settings module. And most of them are aesthetic or things like easy switches. There’s really not much difference at the functional level, except for some come with MicroG integrated already which simply saves you time and occasional nuisance of installing it. But really, whatever you can find that works is good. Ironically, Lineage itself is the most vanilla and least gadgety; most of the others are built on either Lineage or Cyanogen. Understandable since they were early progenitors of the custom ROM if I’m not mistaken.
There used to be an exploit in an older version of the Authy desktop app that could let you export your 2FA keys, but i dont think you can sign in on the old desktop apps anymore (iirc the app was made in Electron and they left chromium’s developer tools enabled in it, which allowed you to run your own JS or something like that). It’s always a pain to move 2FA keys to a new app.
This right here is the biggest barrier for me. I have so many authentication keys that I need that are on my Android devices and I have no idea how to transfer them to something else.
I spent the whole weekend going through every possible step. I installed Android-x86, I installed Android Studio, I installed Waydroid. Authy will not run on a rooted device.
I downloaded the Snap version of Authy Desktop v. 2.2.3, but alas, they’ve closed all the loopholes.It’s always a pain to move 2FA keys to a new app.
Yeah. Sucks. But I’ve been registrering all new 2FA keys in both Authy and KeePassXC since I moved to Linux, so hopefully it’s not as bad as I think it’ll be, at least I’ll have KeePassXC TOTP setup for maybe >20% of my accounts.
rooted device
You can hide root and all other stuff. Only thing you can’t get long term is Google Device and Strong integrity.
Time stamp is about 7 minutes to 18 and a half minutes.
