[…]

In the new blog post, Google’s Matthew Forsythe confirms that the developer verification system is slated to come online on September 30 of this year. The initial deployment will be limited to countries with a high level of app scams: Brazil, Indonesia, Singapore, and Thailand.

[…]

Google released its new developer console back in March, inviting external developers the opportunity to pay $25 and verify their identities early. Developers who don’t register will find that their apps cannot be sideloaded on Google-certified Android devices once verification has rolled out. Google says that almost every app in the Play Store is now ready for the change, and a “large majority” of apps outside Google Play have completed verification.

[…]

Google says it will verify the apps in the following stores when it begins enforcing the new restrictions.

Google (Google Play)
Honor (HONOR App Market)
OPlus (OPPO App Market)
Samsung (Galaxy Store)
Transsion (Palm Store)
vivo (V-Appstore)
Xiaomi (GetApps)

[…]

The next step toward verifying apps will come this month as Google deploys a new system service on most certified devices. The package (com.google.android.verifier) will appear on phones and tablets running Android 8 or higher, allowing Google to block the installation of unverified apps. It will remain dormant until verification is activated in your specific region.

In July, Google plans to roll out the new developer APIs and begin testing for “limited distribution” accounts. This is Google’s solution for hobbyists who want to make their own apps and share them with a small group. Limited accounts won’t require a fee or government ID verification, but you can install these apps on up to 20 devices.

In August, the advanced flow will become available globally ahead of verification becoming mandatory in the first markets. As detailed a few months ago, the advanced flow will allow users to bypass verification, but the process isn’t easy. You’ll have to navigate to a buried menu, confirm you understand the risks multiple times, and wait a whole day before completing the process.

And that brings us to September, when Android devices in Brazil, Indonesia, Singapore, and Thailand will begin checking verification status before installing apps. However, things get murky after that. Google will undoubtedly monitor how verification works as millions of users are suddenly limited to verified apps, which could affect how it moves forward. Google says it intends to expand developer verification in 2027, eventually making it a global device policy.

      • plutopos@lemmy.zip
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        I don’t know, I’m not hopeful.

        Stallman played a BIG role in the insurgence of Linux (and FOSS in general), but he famously disregards smartphones as he thinks people should just not use them.

        Plus, phones are built different: many have a locked bootloader, and there is no standard like BIOS/UEFI, meaning you must compile a slightly different OS for each model.

        What I’m saying is the mobile ecosystem is built in a way that makes it very difficult for a serious AOSP ecosystem to build up, let alone a different kind of Linux

      • partofthevoice@lemmy.zip
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Should be a challenge, “how can I help Linux get there?” If more of the general public tech enthusiasts were interested in developing this out, I have no doubt it could be done in months time. Ref: be the change you want to see in the world.

        • warm@kbin.earth
          link
          fedilink
          arrow-up
          0
          ·
          20 days ago

          For sure, but all I can do is report bugs and donate money here and there. I don’t have the skills for such advanced development myself.

          • partofthevoice@lemmy.zip
            link
            fedilink
            arrow-up
            0
            ·
            20 days ago

            The bar for entry for contributing to these projects is too high. Can we instead do work to lower the bar? I don’t want to accept that there’s nothing we can do beside open our wallets. Not that I’m against donating, it’s just that money isn’t my strongest asset.

            • ProdigalFrog@slrpnk.net
              link
              fedilink
              English
              arrow-up
              0
              ·
              20 days ago

              You could perhaps contribute to their documentation if you can’t contribute code. Or simply help spread awareness (where appropriate) that it is our best long-term alternative.

            • dreamos82@lemmy.world
              link
              fedilink
              arrow-up
              0
              ·
              19 days ago

              I can talk about my experience, i tried to port pmos mainline for my galaxy a40 for a while, until the phone died :( it was not easy of course, but ppl on their supoort channels have always been helpful , and tried to help and even if i didn’t finished the port because my phone died, i did my luttle contributions to the wiki adding missing infos, improve some of the steps, adding deatils, etc. I think that every little contribution will help them.

              Also now there is a started port of a40 if anyone is interested to continue it, and also the code for uniloader to boot (kr if u have a spare a40 to donate :) )

              So even if not technical, helps with visibility, donations, documentation upgrade, installation attempts i think will be all welcome.

              About the bar level. Big problem is the lack j of standardization of those devices, and all the different and various lock they put around, so for this one I think the main issue is there should be more standardization or more regulations among various devicee producers , like is with pcs (i. e. Bios, uefi) . Where there aren’t locked bootloader, or for installing alternatives u need to go through a satanic rite and sacrifice your youngest relative to unlock the bootloader. And tbh i think they are making a big effort in making all the process at least doable. Maybe if they will get enough attention, or a consortium of producers will try to co e with a standard, thjngs could be better

  • WhyJiffie@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    0
    ·
    20 days ago

    does anyone know why would anyone use any of the mentioned stores instead of the play store? using f-droid has a clear benefit (they are also not on the supported list). but what is the purpose of those mainly manufacturer specific stores?

    • considine@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      If you buy a mainland China phone the app store will be local, for example Oppo store, and Play will be only available as a workaround. I think mainland China phones will be unaffected by Google’s sideloading restriction.

    • marxismtomorrow@lemmy.today
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      Money, and monopolistic behavior. Samsung, for instance, constantly pushes the “Samsung Account” on all their devices. Constantly. For the first two weeks after getting a new Samsung device you will be spammed with “finish setting up your phone” notifications that just want you to sign up for their tracking, and conveniently, when you’re logged into a Samsung account, their app store is the default. And you will get notifications from their app store to download or buy whatever app they recommend. I can only assume the other stores mentioned do similar things.

      • Lumidaub@feddit.org
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        I think they’re asking why a customer would (actively) choose those app stores over the Play store.

        • brucethemoose@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          20 days ago

          The answer is they don’t choose.

          Most people just use whatever the default is, and don’t really know a better option is available until it’s presented explicitly.

  • akwd169@sh.itjust.works
    link
    fedilink
    arrow-up
    0
    ·
    20 days ago

    Sooo if I just use adb to disable that service

    com.google.android.verifier

    I wont have to put up with google’s bs?

    • quick_snail@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      Or just reinstall the OS without google.

      We’re about to see a bunch of cell phone repair shops offer this service.

        • quick_snail@feddit.nl
          link
          fedilink
          arrow-up
          0
          ·
          20 days ago

          AOSP is lacking google.

          It actually requires an extra step to install Google when you install an OS on an android device.

          Just go through the process of installing the OS yourself, and skip the “install gapps” step. You’ll have a phone without google, and this app blocking shite will have no impact on you

          • akwd169@sh.itjust.works
            link
            fedilink
            arrow-up
            0
            ·
            20 days ago

            If thats one of the fixes available to grapheneOS users then yes Im pretty sure thats how you can get push on GOS

            Not super sure you can strip google out of your android install and replace it with MicroG though (id love to be proven wrong though) and my bootloaders locked down (fuck you Semensnug you filthy animals)

      • Lumidaub@feddit.org
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Maybe at first, until their customers realise that all their apps need those services. And this is assuming the average person even notices the change in the first place and cares about it.

        • WhyJiffie@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          20 days ago

          and who exactly will benefit from the hard fork? those few who already run a degoogled android and won’t be affected anyway?

      • akwd169@sh.itjust.works
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Oh I didnt mean anyone else should I was just trying to confirm my thoughts on whether this would work

        Trust me fuck Google and this is horrid news for FOSS so I hope there can be some fight back against this dictatorial censorship… Google is evil for trying to create a walled garden like Apple’s out of android

        • Pommes_für_dein_Balg@feddit.org
          link
          fedilink
          arrow-up
          0
          ·
          20 days ago

          That’s not what I meant. I meant that yes, there are technical ways to get around this garden wall.
          But only a very small percentage of users will know of it, or dare open a terminal to issue adb commands to their phone.
          So the majority will be locked out of open and free app stores despite the technical possibility to keep using them.
          And with fewer users, there will be fewer developers and fewer apps available.

      • plutopos@lemmy.zip
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Installing F-Droid (or anything outside of “official” stores) already gets you a bunch of scary warnings that non-techy users would perceive as “omg malware!!” and withdraw from. I’m confident that the Venn diagram between F-Droid users and people who would be willing to use ADB to keep it is a circle. The real problem is that this cuts off anyone without a computer

  • irotsoma@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    0
    ·
    20 days ago

    I hope this leads to the death of Androud and the rise of something more open to replace it. There was a huge market for it when Android came out in competition with Apple’s closed model, but now that Google is closing up Android, let’s hope alternatives get some attention. Unfortunately, alternatives will mean no tap to pay, no RCS, etc., for a long time, since Apple, Google, et al., turned these things as proprietary as possible, but I’d still like a decent alternative to get enough power to eventually change those things.

    • jabjoe@feddit.uk
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      Problem is things like corporate banking requires an Android or iOS app. Or a GPU with traffic info. There are problems the lack of anti monopoly laws enforcement.

    • bagsy@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      This is a crazy thought, we could elect people willing to enforce anti monopoly laws that are already on the books.

      • pucker4676@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Fantastic idea. As soon as we have that option, that’s what I’ll do. Until then I suppose I’ll watch the two parties full of right wingers ruin everything.

    • ProdigalFrog@slrpnk.net
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      Ehh, if they had foresight, they wouldn’t be putting a hardcoded block for all web browsers on the Commodore phone. Instead, it’s mostly just Peri commercializing his personal ideas of what a phone should be based on his past videos.

      • zod000@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Considering the hardware in it and that it is a flip phone, I’d definitely call it over priced. I realize that it is going to be a low production run and they want to make some money, but $500 is too much for what it offers IMO. I am quite literally the prime market for such a phone, but the price and the forced browser block are stopping me.

  • asdasd201@lemmygrad.ml
    link
    fedilink
    arrow-up
    0
    ·
    20 days ago

    So just because I refuse to forfeit my soul to the Satan’s company, I won’t be able to use my phone? Fuck this and fuck Poogle, I’d rather switch to Nokia 3310!

  • Grimy@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    21 days ago

    So is there a way to bypass this or is basically everyone using a phone that isn’t one of the fancy Linux ones essentially fucked?

    • quick_snail@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      Just reinstall the OS without google.

      Or you could buy a new or used device that’s already degoogled. Or go to your local phone repair shop and pay them to do it for you.

        • quick_snail@feddit.nl
          link
          fedilink
          arrow-up
          0
          ·
          20 days ago

          Yeah, you just go into settings and unlock the bootloader.

          If you have some really shitty phone that you can’t unlock the bootloader, then you don’t own the phone. Put it in the nearest electronics recycling bin, and buy one that you can own. You can buy phones that are already degoogled for a few hundred.

          Fortunately its illegal in many countries to sell a phone whose boot loader can’t be unlocked.

          • plutopos@lemmy.zip
            link
            fedilink
            arrow-up
            0
            ·
            20 days ago

            Then “reinstall without Google” isn’t a solution you can suggest universally to everyone even if you don’t know their phone model

    • plutopos@lemmy.zip
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      Android is open source (and also Linux), so there are many custom OSs that aren’t “fancy linux”, but just Android without Google apps. See: LineageOS, GrapheneOS, e/OS. You might be able to install one of them on your phone if it’s compatible!

    • FunnySalt@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      0
      ·
      21 days ago

      https://github.com/woheller69/FreeDroidWarn#solutions

      Here’s a copy/paste, sans hyperlinks:

      Developer verification will be enforced on certified devices with Google Play Services installed, which is the majority of Android devices. There are options to bypass the restriction:

      • Use a free, uncensored Android system like /e/os, LineageOS, or GrapheneOS that does not preinstall Google Play Services.
      • “Degoogle” by removing Google Play Services. If it is a system app, you can uninstall it using ADB.
      • Install apps via ADB. Google has already confirmed that ADB will continue to work in the future. You can either use ADB from a PC as described below or use a wireless ADB based installer like anyapk.
  • StellarExtract@lemmy.zip
    link
    fedilink
    arrow-up
    0
    ·
    21 days ago

    Hey Google, could you not dictate what I’m allowed to install on my own damn device for my “safety”? I don’t need a third parent, and if I had to pick one it wouldn’t be you.

  • Anberibaburia@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    0
    ·
    21 days ago

    How can I stop it from happening on a Samsung s25? Can I just not update Google services somehow? Atleast until I can import a phone with graphene or Motorola releases one? I dont care about the apps from outside store but I do about the verified device shit.

    • quick_snail@feddit.nl
      link
      fedilink
      arrow-up
      0
      ·
      20 days ago

      Reinstall the OS without google.

      Or you could buy a new or used device that’s already degoogled. Or go to your local phone repair shop and pay them to do it for you.

    • FLD@retrolemmy.com
      link
      fedilink
      arrow-up
      0
      ·
      21 days ago

      I really just hope that this “com.google.android.verifier” package won’t become a system app so i can just uninstall it whenever it appears on my device.

      • dieTasse@feddit.org
        link
        fedilink
        English
        arrow-up
        0
        ·
        20 days ago

        I can almost garantee it will be part of the secure safenet or how is it called (can’t remember the name now) - the shit that all banking apps and stuff listen to and don’t allow to run them if it returns issues. One time I had some debug flag on (it was on lineage), flag that doesn’t do harm and can be only removed by rooting the phone and my bank verification app just refused to work because the device was insecure… If I rooted it would still said its insecure because its rooted…

  • helpImTrappedOnline@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    21 days ago

    This is like if Walmart started policing what products Target can sell and policing what products can go into your house, while not bothering to police their own store.

  • whatiswrongwithyou@lemmy.ml
    link
    fedilink
    arrow-up
    0
    ·
    21 days ago

    I’m not happy about this but they really have no choice.

    The android app marketplace is infested with spyware and Android devices were recently found to be the vector for one of if not the worlds biggest botnet (super/bad box).

    If you wanna be able to keep using your os to make ad money you gotta lock it down and since Android is largely open source and used by tons of oems that means locking down some part that you could conceivably do without but no one really will.

    • Allero@lemmy.today
      link
      fedilink
      arrow-up
      0
      ·
      21 days ago

      Google already does what it should: sideloading apps requires you to manually approve the source, and when you do, a popup appears warning user of potential dangers. No need to play daddy any more than this.

      Having a locked ecosystem is very convenient and profitable for Google, but terrible for its users. Google wants this walled garden not out of safety, but to get a tight grip on the app stores - and get a solid buck while doing it.

          • whatiswrongwithyou@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            20 days ago

            And someone can either disable the system service that does this and go without play services (which is their store) or get a “limited” developer account and keep doing whatever they’re doing.

            • WhyJiffie@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              0
              ·
              20 days ago

              you have no idea what you are talking about. almost every statement in your comment is incorrect.

              • the system service cannot be disabled
              • the system service does not need to be disabled
              • the system service doing the verification is not the play services component itself, that just installs the verifier
              • “going without play services” is easier said than done, that would break tons of apps, including mandatory banking and gov apps, just to regain your agency of deciding for yourself what apps you want to have
              • disabling play services does not fix the issue
              • disabling play services is not possible on all phones without bricking it
              • a limited or any kind of developer account wont do any good to the user
              • a limited or any kind of developer account would still require you to submit your private info to the advertising giant. even if that actually woukd be required to keep being install apps, it wouldn’t be acceptable

              you have also ignored the other user pointing out that with this change they are going much further than policing their own store (something they have been consistently failing at for many years).

              • whatiswrongwithyou@lemmy.ml
                link
                fedilink
                arrow-up
                0
                ·
                20 days ago

                This, again, is what policing an application marketplace looks like.

                The point isn’t to protect you the user, but to protect the reputation of their platform. Right now, and I know this isn’t easy to hear, Android is the scam/insecure platform.

                I am a user of Android devices everyday, btw, not just some random hater.

                From googles perspective it doesn’t matter if users are unable to anonymously install whatever they want if the various marketplaces and therefore the Android platform gains trust in the eyes of consumers (and law enforcement/security professionals).

                They aren’t policing their platform to protect you, they’re doing it to protect themselves.

                • WhyJiffie@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  20 days ago

                  This, again, is what policing an application marketplace looks like.

                  do you have issues with reading comprehension? the marketplace stops right at the google play store. that is their marketplace, nothing more.

                  From googles perspective it doesn’t matter if users are unable to anonymously install whatever they want

                  I’m sure about that, and they are also happy for the increased amount of analytics. apps a user knows is a good way to make an advertising profile more accurate.

                  if the various marketplaces and therefore the Android platform gains trust in the eyes of consumers (and law enforcement/security professionals).

                  google can only thank that for its own false advertising, promising “security”, lockdown against the owner for the advantage of the businesses. android phones should not be about the device owned by your bank and your government, but the thing owned by the individual who uses it.

                  They aren’t policing their platform to protect you, they’re doing it to protect themselves.

                  and that’s a huge problem, because they are trampling on ownership rights. they are making money out of nullifying the right to privacy, and actually by convincing people that it is an obsolete right, and that they should criticize their peers who want privacy.
                  they can only protect themselves in such an abusive manner because they have an effective monopoly. if google did not become too big, people could just say no to all this bullshit.

        • Ferk@lemmy.ml
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          21 days ago

          This is what it looks like when they try to police the software that’s NOT from their store (or their partners).

          All the Google-verified malware that infests Google’s marketplace will continue to be a problematic vector after this change. But this change will put obstacles in my attempts to install safe alternatives that are free of malware and not part of Google’s junkyard or spyware full of anti-features.

    • zarenki@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      21 days ago

      None of this even attempts to address the problem of Google Play (the primary android app marketplace) being filled with malware. Every single app that’s being distributed through Google Play today already has a “verified” developer by the same criteria they’re applying system-wide. That malware can continue working as it already does without any changes.

      This is exclusively about Google imposing control on all apps distributed through channels that otherwise used to be outside Google’s control.

      Google’s claimed reasoning is that this control is a good thing and makes them be able to block apps made by malware developers in the same way they already do in Google Play, even for users who install apps from other sources. Critics disagree because Google forcibly taking personal information and money from all software developers and wielding the ability to remotely kill any app they don’t like for any reason have far wider consequences than protecting users from malware, and the proliferation of malware on Google Play shows how (in)effective Google’s measures against it are. Neither side believes or claims this can or will make Google Play any safer.

      • whatiswrongwithyou@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        20 days ago

        Yes it does.

        It forces developers to register if they wanna distribute software. Now they can’t just pivot to a new identity whenever they’re under investigation.

        It prevents devices from running software from unverified developers. Now the malware developer can’t just use a third party store to bypass the verification requirements.

        That’s both sides of the coin, but wait, there’s more:

        End users can disable it if they’re willing to go without play services or can do their own sideloading and support with a “limited” developer account.

        The end result is not a panacea that fixes every problem with Android but a move to bring the various official android marketplaces in line with the ios app store.

        • WhyJiffie@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          20 days ago

          It prevents devices from running software from unverified developers. Now the malware developer can’t just use a third party store to bypass the verification requirements.

          they didn’t need to use a third party store to begin with. the play store is filled with malware.

          End users can disable it if they’re willing to go without play services or can do their own sideloading and support with a “limited” developer account.

          that is wrong on multiple counts, fortunately they did not lock it down that much (yet). that wouldn’t just be very complicated but that would alao disable a couple of unrelated features of the phone.

          The end result is not a panacea that fixes every problem with Android but a move to bring the various official android marketplaces in line with the ios app store.

          as if that’s a good thing.

          • whatiswrongwithyou@lemmy.ml
            link
            fedilink
            arrow-up
            0
            ·
            20 days ago

            Part of what made badbox/superbox so successful (along with the marketing, mlm stuff, glut of cheap arm/risc decoders, environment of 69 fucking subscriptions a month your average person has to maintain just to watch terminator when they get home from a shift) was the presentation of malware payload apps from third party marketplaces alongside “legit” apps from the first party ones.

            It’s the gas station effect. Of course you can trust the Tamriel rebuilt branded rhino pill, it’s on the same rack as the goodys powder and tums!

            That same mixing made it very difficult for everyone trying to figure out what was happening to actually get something taken down. Apps on the play store would be barely legal or skirting the law but interacting with or funneling data around apps from third party stores that were definitely doing something “wrong”.

            When takedown notices were sent for the play store apps they didn’t have any effect on the third party hosted ones.

            So for the whole thing to run how it did, yeah, they needed third party repositories.

            You might not see this as a good thing, but Google does. And tbh they’re right. It’s bad for the minuscule number of users who actually load stuff from third party sources, but its incredibly good for them as a company and a brand.

            • WhyJiffie@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              0
              ·
              20 days ago

              You might not see this as a good thing, but Google does. And tbh they’re right. It’s bad for the minuscule number of users who actually load stuff from third party sources, but its incredibly good for them as a company and a brand.

              oh, sure they are right. it was almost harming their profits! they were on the brink of the current quarter performing worse than the last one! oh, no, the shareholders… we couldn’t want them be starving!

    • gndagreborn@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      20 days ago

      look, I trust F-droid and open source apps more than I trust the sponsored garbage on play store alongside shit like kalshi and candycrush. The security point is moot. The call is coming from inside the house.

      As for ad money, being one of the most grossly profitable corporations in the world isn’t enough? Must line go up always? At what point is having an absurd amount of profit enough? Where is the line?