Google Restricts Android Sideloading—What It Means for User Autonomy and the Future of Mobile Freedom – Purism
-
Yikes this really doesn't look good. Is there any reporting on it from independent journalists (or anyone else who isn't also advertising their own competing operating system)?
Not that I've seen and I'd take what Purism say with a grain of salt: they've acted like pretty shitty gatekeepers themselves. Nothing they mentioned in the article seems too egregious in truth and they're exaggerating the scale of it: Play Store app DRM exists already, and the restrictions on browser-downloaded apps they mention can be bypassed (albeit by having to go into settings) and don't apply to apps installed through other apps stores (F-Droid, etc).
-
Well, but where do you get F-Droid? Or stuff like ReVanced Manager.
Or Epic's stuff. Wasn't Google just now sued for this shit and nobody understood why Google lost and Apple didn't because you can easily sideload on Android.
I completely agree. Unless Google is forced to install more than one app store by default, or forced to have multiple app stores downloadable on Play Store, three is no realistic way to install a third party app store on a phone. In both cases, Google's cooperation is required.
-
effectively pushing users to install apps only through the Google Play Store
I wonder what this will mean for Aurora and Fdroid etc.
Well, both will be unable to install certain types of apps.
-
This post did not contain any content.
well, it sucks
-
Purism is sketchy btw:
(Louis Rossman videos explaining how a customer was denied a refund for a "pre-order" and then they tried to coerce Louis to take down the video.)
Edit: typo
As a person who experienced the customer support regrading preorders I can confirm this firm is extremly sketchy.
-
Not that I've seen and I'd take what Purism say with a grain of salt: they've acted like pretty shitty gatekeepers themselves. Nothing they mentioned in the article seems too egregious in truth and they're exaggerating the scale of it: Play Store app DRM exists already, and the restrictions on browser-downloaded apps they mention can be bypassed (albeit by having to go into settings) and don't apply to apps installed through other apps stores (F-Droid, etc).
Nothing they mentioned in the article seems too egregious in truth
Doesn't it? To be honest, if the article is telling the truth and not exaggerated, I find this pretty egregious. How you installed an app should be irrelevant, so the idea of an API to say "did this come from the Play Store" is fucking shit. And the ability to block installation of apps that call certain APIs entirely is even worse.
-
This post did not contain any content.
In Singapore, lots of boomers are downloading scam apps from facebook lured by promises of discounts and free gifts, handing out accessibility privileges, and they'll even argue vehemently against loved ones and bank staff when confronted. When it all inevitably blows up, they blame absolutely everyone except themselves, including praising Apple for some reason.
Being the largest voting block, they managed to get banks responsible for reimbursing their losses and there was even an idea floated of getting everyone to contribute to a shitty scam insurance fund. Many major banking apps are paranoid af and block usage from simple things like usb debugging turned on.
Absolutely stupidity. And there's nothing we can do about it when the politicians love them so much.
-
This post did not contain any content.
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
All of this while EU forbids Apple to do the same, what is the idea here? Measuring how EU reacts?
-
Well, but where do you get F-Droid? Or stuff like ReVanced Manager.
Or Epic's stuff. Wasn't Google just now sued for this shit and nobody understood why Google lost and Apple didn't because you can easily sideload on Android.
The article says it only applied to apps requesting certain permissions. I agree I'm an ideal world it would be nice to get f-droid directly from the Play store but at least according to the article the ability to install it isn't being blocked here.
-
effectively pushing users to install apps only through the Google Play Store
I wonder what this will mean for Aurora and Fdroid etc.
This is my immediate first thought seeing this. This fucking sucks. Part of the whole benefit of something like LineageOS or e (OS?) was being able to use Fdroid to stay away from Google as much as possible. Now this is going to potentially make things weird.
-
Well, both will be unable to install certain types of apps.
That doesnt appear to be true, the restriction seems to be on apps being installed from file managers, web browsers, messaging, etc.
F-droid and the like are not part of that list.
This still isn't good, but it doesnt stop you from having F-droid manage your messaging apps it would seem.
Edit: If you're down voting because you think its using the same method as a file manager as the user that replied to me, this is incorrect. This is also an issue going back several versions.
F-Droid uses a session installer method for 3rd party app stores, it does not use the same method as a file manager.
For an article about a similar issue brought up by similar restrictions in previous updates, you can refer to this article:
Android 15 cracks down on sideloaded apps even harder to protect users
Android 15 places new restrictions on what permissions sideloaded apps can be easily granted. Here's what you need to know.
Android Authority (www.androidauthority.com)
You can also refer to this thread in the F-Droid forums which covers this as well, from 2 1/2 years ago:
Sideloading restrictions or removal in future, how it effects fdroid?
recently there is rumour or fact about sideloading apps in android 14. google is making mandatory of minimum api or os version for all apps on google play store [ gps ] and perhaps it will give toast message [ warnin…
F-Droid Forum (forum.f-droid.org)
Which also includes a merged discussion from the last time this came up 9 months ago.
F-Droid has been using the session installer method for quite some time.
-
In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.
All of this while EU forbids Apple to do the same, what is the idea here? Measuring how EU reacts?
Is it the same though? Google is allowing the developers to choose to prevent sideloading. I thought Apple's issue was that they prevented side loading completely.
-
This post did not contain any content.
One of the reasons why I got a Android over ios
-
This is my immediate first thought seeing this. This fucking sucks. Part of the whole benefit of something like LineageOS or e (OS?) was being able to use Fdroid to stay away from Google as much as possible. Now this is going to potentially make things weird.
I hope f-droid has nothing to do with Google play store, thought they are their own store without connection to Google.
-
Maybe for the Singapore thing. For the play integrity thing, it applies to apps from anywhere except the play store directly. I use Aurora to install apps that say "not compatible with your device" for no reason. But a week or two ago ago, they started blocking access and saying I needed to install from the play store.
Fortunately I was able to downgrade and they kept working, but I don't know how long that will last. At some point the server side will change the API.
So you can't use banking apps, or you mean like you cant even use F-Droid FOSS apps at all?
-
The article says it only applied to apps requesting certain permissions. I agree I'm an ideal world it would be nice to get f-droid directly from the Play store but at least according to the article the ability to install it isn't being blocked here.
one could argue that installing packages is a dangerous permission
-
This post did not contain any content.
From what I can tell, all of this shit is on Google versions of Android. If you are on AOSP such as lineage or graphene, from what I understand this has no effect whatsoever.
-
Yikes this really doesn't look good. Is there any reporting on it from independent journalists (or anyone else who isn't also advertising their own competing operating system)?
I haven't seen proper reporting but the Play Integrity install source thing is accurate. There's a reasonably good overview straight from the devil himself.
Lots of things that have very valid reasons on paper that also just happen to give Google a stupid amount of control and will backfire for a somewhat small percentage of people in very bad ways. We've been at "you can't use pretty much any bank unless you agree to either Google or Apple terms" for quite some years now, now we're giving those same app developers ways to detect if their device has accessibility APIs enabled (useful to protect against bot farms, but also a functional check for "you're able-bodied") or is in security support (also a functional check for "not reliant on hand-me-downs").
-
From what I can tell, all of this shit is on Google versions of Android. If you are on AOSP such as lineage or graphene, from what I understand this has no effect whatsoever.
But this is not the only aspect of Google's autocratization; Apps who's developers have enabled the Google Play Integrity APIs will not run on custom roms.
-
This is my immediate first thought seeing this. This fucking sucks. Part of the whole benefit of something like LineageOS or e (OS?) was being able to use Fdroid to stay away from Google as much as possible. Now this is going to potentially make things weird.
doesn't do anything to f-droid, but probably kills aurora a bit. the developer can prevent their app from being sideloaded. why would one prevent that if they are distributing via f-droid too?