This change has served me well! I have been a Mac OS X users for years who used an android phone. As soon as google announced their impending walled garden status, I went out and bought into the ios eco system. I have really been enjoying my iphone, ipad, and apple watch.<p>You see, the only value that Android really offered me was the ability to run my own code on my own device. Since they are taking that way that just makes it a crappier shadow of the vastly superior apple experience. And, as it turns out, ios is less restrictive than it was 18 years ago when I left them for Android!
So you moved into a walled garden in an attempt to escape what's essentially a 3 foot picket fenced garden.
I'm on this path too. Waiting a few more months to see what happens. If they indeed block my 4 apps on my phone (which aren't published anywhere), I will simply move to Apple.
>Android's openness was never just a feature. It was the promise that distinguished it from iPhone. Millions chose Android for exactly that reason. Google is now revoking that promise unilaterally, on devices already in people's pockets, because they've decided they have enough market dominance and regulatory capture to get away with it.<p>This is why I've stuck with Android for the past 15 years.
For you, is the openness of Android appealing as a matter of principle or does it enable you to do things you couldn't otherwise do?
I actually <i>use</i> the ability to install custom software on Android. I actually <i>use</i> the ability for Android apps to bundle JITs, and language interpreters, and other things that allow you to extend the app at runtime. The Apple walled garden would be unusable for me. And moves like this one to turn the Android ecosystem into the Apple ecosystem will generally be regressions.<p>If anything, I'd like <i>more</i> openness in Android. For instance, apps should not have any control over what data I can back up; I should be able to back up every aspect of every app, restore it to a new phone, and apps should not be allowed to care.
The openness of Android also acts as a check of sorts on how restrictive the walled garden can get. If google were to clamp down on useful functionality in the play store, then you could always install apks yourself. But if the latter is no longer an option, then there's much more temptation to google for the former.
You can download torrents on an android and plug usb media devices into it. When I was bicycle touring Europe with my wife a couple years ago we constantly downloaded books for direct input into our kobos and shows and movies to fall asleep to at night you could play from random, often old and crappy, hotel and airbnb televisions. You can’t do any of that on an iPhone.<p>That said; iPhone is my main phone, has been for a decade or more. But I deeply appreciate what you can do with an android.
Yes.
I'll chime in with a really basic example. On my Android phone, I can have syncthing run as a background task. I can point other applications to use a data folder, in my syncthing share, and store their persistent state there. The Camera app, for example. Or Obsidian, my current favorite note taking app. Syncthing, by virtue of being always on and manipulating a decades old, very well understood filesystem concept, "magically" syncs all of these changes to every other device I own. Entirely offline, even if the internet is out, because the devices can just talk to each other.<p>So far, I have been utterly incapable of getting my iPad to do anything remotely similar. It can run syncthing, technically, but not in the background. Apps don't have a shared filesystem structure, so it's difficult to get anything else set up to "save within my shared folder" in a way that would work, and that disregards that the syncing cannot occur when anything else is open. There's all sorts of cloud backup options, but those require the internet and even when they're working, there's this awkward import/export flow that adds friction to the whole dance.<p>In isolation this would just be a small papercut, I guess, but these sorts of limitations are all <i>over</i> iOS. It's just terribly hostile to anyone not fully committed to the Cloud-first, Apple-hardware ecosystem. Android doesn't care, and doesn't have to care, because it lets me run the software I want. It's a really small set of programs too, at the end of the day. (Firefox with real extensions is the other one.)
There's no point anymore.
There is still a point to making a choice. Inconvenient sideloading is still better than no sideloading.<p>In principle I could never reward Apple with my business for having originated and normalized this.<p>And pragmatically, I'd like to hold on for as long as I can to the next set of rights that Apple will take away five years before Google does.
You have been able to sideload on iOS for years; I first did it in 2021 but I think it was earlier than that. You just needed to create a server on a Mac and you could easily load apps on, all without any kind of special jailbreak. When Delta got released on the App Store, that was cool and all, but I wasn't as impressed as others because I had already been playing emulators on my iPhone for years.<p>Was it convenient? No, of course not, but it's been an option for quite awhile; to me the biggest advantage for Android was the fact that it <i>was</i> relatively easy to sideload apps.<p>To be clear, I don't like that Google is doing this, and I think arguing that it's for security is a half-truth at best. I could make my phone 100% "secure" by pointing a nail through the NAND chip; no one is getting into my phone after that.<p>With the advent of vibe coding, a part of me wonders how hard it would be to hack together my own phone OS with a Raspberry Pi or something and a USB SIM card reader. Realistically probably too much work for me, but a man can dream.
From what I can tell, Graphene OS will be unaffected. Some of the app stores like Aurora and F-Droid may run into problems during the verification process. Best I can tell (and read from other sources) is an inconvenient 24 hour wait period and many have said the Graphene team will overcome that in short order.<p>I would say keep the faith as I'm in the same boat and have made my choice for privacy and control. Giving up everything when it could very well be a minor setback is worth holding the line.
> Millions chose Android for exactly that reason.<p>Millions? Are you sure?<p>Even so, Android has billions of users who want secure app management by default.
Let me play out a scenario, imagine to use a Desktop Hardware like a complete built rig, you would need a specific OS like Windows 11 and you could not run Linux on it, just because it's a vendor lock-in.<p>Why is this acceptable for phones but would not for the case above?<p>I know a lot of people don't care, and that's ok, but we should root for an open choice for the users.
From the state's perspective, probably along the same lines as why long guns are allowed with permit in many countries where handguns are banned.
If computers were invented by the Silicon Valley of the 2020s, this would absolutely be the case.
[dead]
"Tap the build number 7 times" ... "wait 24 hours"<p>Throw a pinch of salt over your left (wait, no ... right) shoulder. Spin around clockwise 3 times. Read the Rosary twice.<p>AHA! So, they <i>are</i> allowing users to keep doing what they want.
To be sincere, they were never truly ours. A proof of that is they were able to come up with this, and you don't have a way to reject it.<p>What we actually need are (open) alternatives, not to double down on Google's ecosystem and Google-controlled OS. We need to control the device we bought and be able to run whatever we wish on it. Just like we do on PCs.
Is it time to bring back the Windows phone?<p>I keed I keed!<p>But unfortunately there really isn't a great alternative. I painfully attempted to use Ubuntu Touch and its always the same thing. The lack of available apps, the lack of app development in general for the platform was pretty eye opening. Add in having it only run on <i>really</i> old devices isn't much help either. Its promising, but a long ways off even from some of the non-standard roms I've used like Evolution X which is a Lineage fork.<p>If this really does cripple a lot of the known custom roms out there without any solid alternatives other than Graphene? It could really be a huge turning point.
I don't care, I run Graphene, and my phone is definitely mine. Most Android apps just work, and the ones that don't are the kind of malware I am happy to do without.
I use GrapheneOS too. Most of the time it works great, with some weird bugs around group messages and needing to restart every now and then to get to a fully functional state between the browser and keyboard properly working with each other and the network connectivity going away. I do enjoy full control on network connectivity and notifications.<p>But beyond whether the OS is good or not, "fuck you, I've got mine" is not only sad as a position in general, it is also a bad tactical choice, because over long enough timeframes you can't assure that you can <i>keep</i> yours if others are deprived.
I have a pixel 10 pro and have tried no less than 5 times to get my apps to work on graphene, no luck.<p>I'm no slouch either, I've developed for android for almost a decade.<p>I'm not disagreeing with ya, just adding a comment so folks are aware that the "Graphene just works" crowd is sometimes a bit hyperbolic.
I've been using it for a bit over a year. Installed in a few minutes thanks to WebUSB. A bit of research needed to set the right permissions on Google Play Services.<p>After that? I only had one application fail due to Graphene's memory allocator. No weird bugs, no need to restart like some siblings are commenting. As close to the "Graphene just works" as it could be.<p>However, I'm not heavy into Google's ecosystem. Google Pay will not work but I'm not a user, some Google features won't tell you why they don't work but I'm not using them either (Quick Share for instance), none of my apps require the highest Play Integrity level. Maybe the person who say this are a specific type of person where use-cases don't overlap with what breaks on Graphene.
The interaction of secondary users with RCS is borked to all hell. It just plain doesn't work.<p>Firefox + stock keyboard stopped properly working three days ago, it's back to normal now. No idea what that was about. Restarting was the only way I found to get things working again during that period.<p>While on the stock Android keyboard, it is clear that the Google one is much better at correcting my taps than the stock one. My typo count has gone up significantly.<p>Every several weeks the mobile connectivity stops working and nothing short of a restart will get it working again. This might be a bad interaction of the very weird way Google Fi works with a secondary user account.<p>I've encountered one case of the phone shutting itself off to install an update overnight and not turning on, making me miss my morning alarm.<p>In the US, there's no way to side step the lack of tap to pay.<p>Getting apps to work with Android Auto requires some finessing.<p>These are the things I've encountered in the last 2 months of using Graphene.<p>Aside from all of that, I really like everything else about the OS. As it stands, it does lacks polish when straying outside of the common path. Not using a secondary account, nor Google Fi on an eSIM, and using the stock browser would likely improve my experience significantly.<p>I haven't encountered an app that wouldn't work yet (but have installed play services as I do want to use Android Auto).<p>I would <i>still</i> recommend Grapheme for normal-ish users, as long as you don't go "paranoid mode" with secondary accounts and skipping play services <i>or</i> don't want to use the phone for tons of things beyond phone calls and web browsing. The base experience is <i>that</i> much calmer than stock Android on Pixel.
What apps?<p>(idle interest; I use Graphene, but few apps, and everything worked so far)
I'm running GrapheneOS too and while I've experienced the same, I'm dreading the day any of my banking apps update and suddenly start demanding full Play Integrity API support (GrapheneOS only has Basic) causing them to fail to open. Hasn't happened yet but it could.
Devs have been warning F-Droid about this for years:<p><i>It's quite problematic that someone can currently upload a package name belonging to another organization to the Play Store and that should have been stopped years ago since it was used in many cases for scamming and squatting on package names clearly belonging to others. Package names are meant to start with a reverse domain belonging to the owner such as app.grapheneos for our grapheneos.app domain. They could enforce this based on domains authorizing usage without enforcing ID verification and that's what we would have proposed.</i><p><i>This is one of the ways F-Droid has ignored standard best practices including security practices in a way that's already causing problems but is now a massive issue for them. If they had started doing things properly many years ago when it was first brought up, then they'd be in a much better situation today. They're going to need to deal with this by renaming all their package names to org.fdroid. to avoid issues with the proposed changes. This is problematic because existing users will stop getting updates. It's better to use a prefix than a suffix where a developer could end up changing their mind about whether it makes sense resulting in conflict over the name, which is fair since they still own it if it's their reverse domain.</i>
Sadly it works only on Pixel phones.
Google could lock out Graphene too, whenever they like, with no warning. I hope Graphene has a plan.
That's a great attitude until slowly but surely 90% of apps used in day to day life won't function for you: banking, dating, social media, e-commerce, communication/messaging etc slowly freeze you out.
Are banks and e-commerce going to get rid of their websites? I imagine some will, but I can’t imagine using one that did.<p>Dating… well, the goal for most people is to exit the dating pool anyway.<p>Social media is bad.
A hidden benefit is having to decide now whether you actually need these things.<p>Messaging apps will continue working.<p>Banking apps made by reasonable companies will also. In days of banking being competitive and rather open with many providers offering good value, it's so easy to switch providers. Granted I am relatively poor and keep my banking simple, but I doubt card providers want to increase friction either.
After Revolut started requiring >basic integrity it took me appx 1 day to switch to n26 and nothing of value was lost.<p>Not being able to use socialmedia, e-commerce, and dating apps sounds great.
First they came for the stock Android users, and I did not speak out for I was not a stock Android user.
This is a wild misrepresentation of the situation. Saying there is no opt-out is just false, they even provide the information on how users can opt-out. The "mandatory 24 hour cooling-off period" is also misleading, it's easy to bypass the cooling-off period with ADB.
> Saying there is no opt-out is just false<p>I can't see where one can opt-out of this new behavior and into the existing behavior, only a description of the new behavior's bypass (which is not the same thing at all)<p>> easy to bypass the cooling-off period with ADB<p>I don't think this is a reasonable use of the term "easy". I should be able to give my non-technical friend an apk and they can use it right then, with the one "are you very sure" screen.
> I can't see where one can opt-out of this new behavior and into the existing behavior, only a description of the new behavior's bypass (which is not the same thing at all)<p>I don't understand this, the ability to bypass new behavior in settings menus is basically the defenition of a new feature having an opt-out. Can you elaborate?
I will say, an underrated use case for even small, local LLMs is making command line tools drastically more accessible to laypeople<p>I now know zero people I don't think should use linux, and people I know seems to run quite a gamut of technical know-how compared to most other technical folks I know
The way you give your non-technical friends an APK and they just install it is by you signing it.
And I kind of buy the intent behind the cooling-off period anyway. IIRC it's to prevent people from being pressured into installing apps by scammers that could then take their phones hostage
They mentioned that people like you would show up. "Push back on astroturfers. The "well, actually..." crowd is out in force. Don't let them set the narrative."
I think it's time to visit an Apple Store and try out the Apple ecosystem. I haven't used an Apple device in a long time.
So wait, does this mean that Google will forcefully uninstall the apps I currently have installed?! or disable? will the apps work again once I went through the 24h process?
I don't understand, there was all this regulation for force apple to allow alternative app stores, and now google are pulling this move?<p>How is this not the same walled garden approach apple was forced to change?
<a href="https://android-developers.googleblog.com/2026/03/android-developer-verification.html" rel="nofollow">https://android-developers.googleblog.com/2026/03/android-de...</a><p>Read every word on the linked page and then come back if you still do not understand.
The regulation has blatant loopholes, as usual. While it did force Apple to allow third party app stores, all apps still have to go through a review process by Apple themselves before they can be installed from any source, and they retain the ability to block any apps they don't approve of. Google is just following in their footsteps.<p><a href="https://support.apple.com/en-us/118110#notarization" rel="nofollow">https://support.apple.com/en-us/118110#notarization</a>
Okay, so buy a new phone I guess that <i>is</i> yours?
I imagine most of us here will look elsewhere when we next upgrade. But are those numbers large enough to form a viable alternative?
I'm doubtful, I for a bit bought a lot of the Pine64 devices thinking about this eg. not just Android/iOS... but the lack of feature parity eg. missing drivers, lack of apps, old hardware.<p>Unless people are paid to do it vs. volunteer
Phone is yours. Software it runs not.
This feels like something where the EU Commission should step in. This is directly counter to the Digital Markets Act, it's Google abusing its gatekeeper position.
It's not because you can still install apps outside the Play Store. The EU commission buys these "safety" arguments (also worked for Apple, they don't care that you still can't install IPAs) and the DMA is made for businesses, not for end-users. I once wrote them about the Chrome Web Store monopoly but they insist that everything is fine because businesses aren't impacted. They are of course also interested in centralized censorship because they can order Google to block apps they don't like.
The communication on this front page is excellent given the intended audience, with the right mixing of emphasis and punctuation for effect.<p>I'd like to see, if it can be found, some anecdotes about the nuts and bolts of writing any kind of material intended to persuade in this way. How do they a/b test the formatting and so on.
So what you're saying is that I have about 3 months to switch to Graphene? Really though, is this not the very definition of monopolistic behavior? Did they not just lose a lawsuit over this?
There is a negative network effect: The opt-out is so complex and time-consuming that it will deter almost all users (even if some on HN <i>say</i> they will do it).<p>With so few users, many fewer developers will release apps that don't comply with Google's requirements. Then the value of opting out will decline significantly, which will reduce the number of people doing it, which will reduce the number of apps released ...<p>How do corporate users distribute custom apps on iPhones? Must they distribute them via Apple's store or is there some corporate mode, maybe involving X.509 certs and device management, that enables large-scale professional users to sideload?
Yes, but not because of those changes in the GMS stock OS, but because the ability to unlock the bootloader (and install the OS you can actually control) is being increasingly limited.<p>Stock GMS Android was never yours, you only had access to basic permissions, privileged/signature permissions were only accessible to Google/vendors anyway.
Algorithmically removing words from a headline with confidence that what comes out will be better is the precise intersection of stupid and arrogant that defines the modern tech industry.
Some more discussions:<p>2 weeks ago <a href="https://news.ycombinator.com/item?id=47778274">https://news.ycombinator.com/item?id=47778274</a><p>February <a href="https://news.ycombinator.com/item?id=47139765">https://news.ycombinator.com/item?id=47139765</a><p>October <a href="https://news.ycombinator.com/item?id=45742488">https://news.ycombinator.com/item?id=45742488</a>
On one hand, having a free for all is very good, especially for developers, and for programmability of our devices as such. Screw iPads.<p>On the other hand, malware which coaxes normies into installing unverified apks, is an undeniable fact of life. It's nice to be pontificating as a power user who has never been phished or whose devices never became botnet zombies in their life.<p>On yet another hand, higher-end malware (made by those who can afford the store fees) is there on the freaking play store and app store, so, I guess, <i>shrug</i>
The opt out is graphene os yeah?
Not much, as it only works on very few high end phones not sold in most countries. Hopefully their Motorola partnership will expand its availability but I'm not confident that'll happen anytime soon.
Sadly forget about it - GrapheneOS will only work on Motorola __flagship__ devices, and most of their budget phones are not even made by Motorola, but rather by the odm such as Tinno, where it's not even possible to unlock the bootloader without exploits.<p>GrapheneOS will sadly stay unaffordable for many.
Yes, but there are issues.<p>You can’t use stuff like banking apps on a modified device and losing access to normal android devices would be a big blow to the momentum of the F-Droid community. GrapheneOS might not be a big enough community to sustain work on the projects delivered by F-Droid.
>You can’t use stuff like banking apps on a modified device<p>IME such apps are few and far between. The most trouble I ran into is play store refusing to show apps because they claim the app isn't compatible with the device, but that can be worked around with aurora store.
I think parent is talking about Play Integrity being integrated into banking apps. It's a hit or miss depending on the bank, some will be fine without, some with integrate it but not rely on it to directly refuse login, some will require a lower integrity level, and some will actually require the highest integrity level leading to issues on custom ROMs.
They really aren't. The number of apps requiring Play Integrity grows every day, my own bank's app hasn't worked in years and I've long given up on it, I just use it on a second stock device now.<p>And Google has an answer to the "just install the APK from somewhere else" workaround, too. Many apps now integrate a check that prevents them from running if they're not properly linked to the Play Store.
> losing access to normal android devices would be a big blow to the momentum of the F-Droid community.<p>For me it seems the opposite - if these "normal" (GMS spyware) Android devices lose the access to F-Droid and it will only be possible to install malware/adware from Google Play, then maybe that will push more people to value unlocking the bootloader..
[dead]
Better to share how to install apps and alternative app stores instead of fearmongering around very reasonable security measures.
Isnt the title a bit dramatic? I remember reading you can still install apps but you just need to click a few buttons.
In addition to what others have said, it means some developers who were building for Android are going to stop. You can't install an app when someone is obstructed from building it in the first place.<p>> every Android app developer must register centrally with Google before their software can be installed on any device. Not just Play Store apps: all apps.<p>> Registration requires:<p>> Paying a fee to Google<p>> Agreeing to Google's Terms and Conditions<p>> Surrendering your government-issued identification<p>> Providing evidence of your private signing key<p>> Listing all current and all future application identifiers<p>Google is not an entity you can can trust with this.
From TFA:<p><pre><code> Delve into System Settings, find Developer Options
Tap the build number seven times to enable Developer Mode
Dismiss scare screens about coercion
Enter your PIN
Restart the device
Wait 24 hours
Come back, dismiss more scare screens
Pick "allow temporarily" (7 days) or "allow indefinitely"
Confirm, again, that you understand "the risks"
Nine steps. A mandatory 24-hour cooling-off period. For installing
software on a device you own.</code></pre>
You left out the crucial bit:<p><pre><code> Worse: this flow runs entirely through Google Play Services, not the Android OS. Google can change it, tighten it, or kill it at any time, with no OS update required and no consent needed.
And as of today, it hasn't shipped in any beta, preview, or canary build.
It exists only as a blog post and some mockups.</code></pre>
Sounds a bit like trying to transfer my own money to myself at the bank. I.e. it seems designed to prevent old people getting scammed.
That's exactly what this is: Google is trying to prevent tech illiterate users from installing malware.<p>(Or at least, that's their take on this. You can choose to read between the lines, or not, as to whether they have other motivations also.)
Yes! That is because banking malware is specifically what is being targeted here: <a href="https://android-developers.googleblog.com/2026/03/android-developer-verification.html" rel="nofollow">https://android-developers.googleblog.com/2026/03/android-de...</a>
To be fair, that's a one time process. You do not need to do that for every app you want to sideload.<p>The malware issue that the flow is designed to mitigate is a very real problem. Perhaps there is a better way, but it's not immediately clear what that is.
>Wait 24 hours<p>Somehow bank vaults and heroin storage boxes don’t take this long.
I see zero trouble as long as it requires no additional identification, no additional payment, and no mandatory time limit for the sideloaded apps.<p>That is, fine by me. I can wait for 24 hours once in a few years when I acquire a new mobile phone.
You are thinking about it from the point of view of an enthusiast/hacker who wants to put their homebrew stuff on it. But this is also tightening around developers who may want to distribute their applications to lay users.
Lay users use Play Store.<p>Users who use F-Droid are already not as lay. If you distribute stuff that Play Store would ban, your users are likely not as lay, too.<p>Yes, it's inconvenient, but I see it as a good-faith attempt to limit exposure of lay users to scams, not some power grab.
Those developers will pay $25 for identity verification and have no issues.
Unless they do something google doesn't like, or trip one of their many automated systems that ban them without recourse. Or they are compelled to revoke a key by a government.
Revocations are for apps being malware and nothing else, much like macOS Gatekeeper (Apple doesn't even revoke certs used by Warez groups to sign cracked apps).<p>Automated bans can be an issue, but that's an edge case. Google already had the functionality to 'revoke' an app if ordered to do so by a legal authority.<p>It is much more important to make a real world attack - something that is draining wallets of ordinary people across Thailand/Brazil/SEA in general - harder to achieve. One thing is a political goal of some people in the west, the other is an ordinary person not having the money to feed themselves because a scammer stole it all.
I can't trust Google will keep to that, sorry. Nor can I accept harms being twisted into a further centralised accumulation of power (especially when Google, with all their resources, could likely do much more to prevent these scams than grabbing that power for themselves)
Well, the very good news is that Google is not seeking your trust. You have no say at all. This is the new system, it benefits actual real people over HN commenters and you will just have to deal with it.<p>Google doesn't have the ability to change the way banking apps work with regards to transferring money from one account to another in Malaysia/Brazil/Thailand. That would be a matter for the national Governments. This is the best approach available.
Drivers license leaks are surging.
Why would you do all that to install an app in a device that you own? It's bollocks.
Because grandmas all over the world are getting swindled by scam apps.<p>Look, I can't locally install a web extension I wrote on an open-source Firefox browser, because security. I have to install a Developer Edition, or get the extension reviewed and signed by Mozilla, for the very same reasons of thwarting scammers. Is this stifling, or is it making my browser not mine? Is anybody making a big deal out of that?<p>The world we inhabit is not always friendly. It has a ton of determined and sophisticated bad actors, and a lot of people with less technical savvy than you and me. We have to deal with that, instead of being cantankerous.
This isn't referring to the efforts Google has gone to try to thwart sideloading.<p>It is another requirement of Google's, where all developers must be registered to them and apps must be signed by them and anything that isn't will be blocked.
From NewPipe : <a href="https://github.com/woheller69/FreeDroidWarn?tab=readme-ov-file#solutions" rel="nofollow">https://github.com/woheller69/FreeDroidWarn?tab=readme-ov-fi...</a><p>I wouldn't consider this "a few buttons", it's enough to turn off the less savvy users
Ugh such overreaction. ADB is still a thing. Apple doesn't even have an official command like tool where you can just push an IPA to your phone. Goodness.