49 comments

  • transcriptase 4 hours ago
    I think the most fun part with Google is that if some wayward algorithm decides it doesn’t like you, along with nuking your app and developer account it will probably nuke your 20 year old gmail, your kids Google Drive accounts, your wife’s YouTube premium, the Adsense account of some company you worked for in 2008, and disable your Nest cameras.

    And you’ll never reach a human to sort it out.

    • devsda 2 hours ago
      What happens if you "accidentally" become persona non grata with both Google and Apple?

      If you want to participate in the society, you will forever have to resort to shady tactics. Shady can be defined something as arbitrary as using GrapheneOS.

      A temporary workaround like using alternatives like GrapheneOS for those affected will only delay the inevitable but it doesn't stop it at all.

      • dachris 2 hours ago
        If you've accidentally become a persona non grata, then obviously because you've not exercised sufficient self-censorship.

        This is real already. Recently saw a petition for EU to rein in big tech (there are several initiatives advocating this). Had this nagging voice at the back of my head ... what if signing that gets your Google Account terminated.

        I'll leave it open to you whether I signed it.

        For developers relying on any type of Google services, you'd be in for lots of pain.

        • sixtyj 1 hour ago
          Google had Don’t be evil motto just between 2000 and 2018. Other companies don’t even try to pretend it. You are owned by them.

          „Power tends to corrupt, and absolute power corrupts absolutely.“ - Lord Acton, 1887

          • artisinal 1 hour ago
            Like how Tony Chocolonely dropped their 100% slave free claim after finding out just how difficult that is to achieve.

            Nowadays they are using the slogan “Crazy about chocolates, serious about people”

      • pimeys 2 hours ago
        It's a great question to send to the DMA authorities: https://digital-markets-act.ec.europa.eu/contact-dma-team_en

        More of us ask this question, the better we are heard. Except if this is exactly what they want, then we need to vote better.

      • jerieljan 43 minutes ago
        It's terrifying, yeah.

        To some degree, the closest we have to these situations besides getting flagged with TOS violations (whether real or false-flagged) in these companies are residents of countries that are either trade or economically sanctioned by the USA.

        Thankfully we haven't seen something like an account ban and deletion incident for such cases, but the severe ones I can remember usually prohibit access entirely and that'd be scary if it extended to primary services that others rely on for auth.

        You will be effectively locked out to services if it's all that's linked and that identity provider just decided you'd be persona non grata.

      • Grimblewald 1 hour ago
        At least we dont have a social credit system... hey wait a minute
      • artisinal 1 hour ago
        iOS can be used without an account. iPhones can be acquired outside of Apple. The EU has the alternative App Store option that doesn’t require an Apple account.
        • birdsongs 1 hour ago
          But I can't use my Norwegian BankID unless I have an apple store or play store account. This is required for every aspect of society. Heathcare, banking, taxes, driving, using my debit card online.

          They removed SMS 2FA options recently, the only non-tech monopoly method is a 2fa codebrick that's getting harder and harder to acquire (there are new ridiculous facial ID and passport scanning requirements, run by a private corporation, in order to get one).

          It's garbage and getting worse. And it seems no one cares our entire lives exist at the whim of two US tech monoliths.

          • duskdozer 10 minutes ago
            That's much worse than I expected. Is it a hard play store requirement or can you install the apk? Are there really no other workarounds?
          • BetterThanSober 12 minutes ago
            That's on your bank and not necessarily because of Apple/Google duopoly. I think it is crazy to put the whole banking system on foreign, private company though
        • tempodox 40 minutes ago
          > The EU has the alternative App Store option that doesn’t require an Apple account.

          I cannot install any iOS software without being logged into my Apple account, not even an alternative app store.

          It would be perfect on my older iDevices, but they don't let me log in anymore “because the OS is too old”. And guess what: I cannot update the OS without being logged in. I never logged out of those iDevices, Apple did that from their end.

          • givinguflac 21 minutes ago
            You can update the OS using a Mac or PC.
        • pfortuny 1 hour ago
          Wow, I did not know this and -despite its drawbacks, like not being able to install apps from the Apple App store- this seems like a great way to have a powerful dumb-phone.
          • malfist 8 minutes ago
            Why do you need a powerful dumb phone?
      • Imustaskforhelp 2 hours ago
        Over the long term, we definitely need something like Linux phones. I find it bizzarre by how little companies support this mission of Linux phones.
        • birdsongs 1 hour ago
          It's not Linux phones that we need. We already have alternatives, like graphene and other AOSP forks.

          We need corporations and governments to stop locking down and gatekeeping vital software to closed ecosystems.

          A Linux phone doesn't help me when my government's 2FA system (BankID) only runs on Android and IOS phones and can only be acquired with an app store account.

          • type0 7 minutes ago
            Speaking from experience, it's not only ID systems but if you run non-Android (some AOSP) they might still require you to install an App only available with Play Services or on iOS to do business with government agencies or even apply for funds in some European states. In other words if you are using GrapheneOS, from gov. agencies point of view you might as well be a criminal. Actually given how frequent ID-theft is nowadays, it's actually easier for criminals to launder their money than privacy preserving individuals or companies to pay taxes in EEA.
          • Avicebron 44 minutes ago
            > We need corporations and governments to stop locking down and gatekeeping vital software to closed ecosystems.

            If you can't get the government to do this for you in Norway the US has very little hope currently.

            We need some standard of minimal digital accessibility. Too much of our lives mediated by digital interactions with capricious systems.

            • vintermann 4 minutes ago
              You say that as if Norway is somehow super civilized and enlightened when it comes to these things, that's not the case. Norway is best in class when it comes to compliance.

              The new base agreement with the US, for instance, for practical purposes declares several areas in Norway to be US territory. It's rampantly against the Norwegian constitution of course, but that doesn't matter because the parliament seems to have agreed to just unanimously consent and not talk about it further.

              Sea bed mining was a farce. Everyone said it was a terrible idea, including Equinor itself. Approved anyway. My assumption is that someone from US/NATO whispered "strategic minerals" into some party leader ears, and they suddenly decided to fast-track it without further discussion.

              It would surprise me a lot if there weren't similar fast-tracked, no discussion, "it has been decided" deals about digital sovereignty. Norwegian politicians may not like the guy currently in charge over the Atlantic, but they view him as a temporary aberration and an occasion to prove their loyalty (to the crown, rather than the guy currently wearing it).

            • hparadiz 26 minutes ago
              The irony is none of this is a problem in the US. We still have a ton of banks that you can use without a smartphone. Even my bank's app works fine on a rooted Android or GrapheneOS.

              Europeans are doing this to themselves.

              • vintermann 2 minutes ago
                Competing to be best in class at US loyalty, more like it.
        • echoangle 1 hour ago
          I don’t want to be too pedantic but Android uses the Linux kernel. Degoogled Android is basically what you want.
        • microtonal 1 hour ago
          Why do you need a Linux phone (as if Android is not a Linux phone), when there is also AOSP. If Google closes it up, it can be forked, but I don't see any fundamental benefit of throwing away decades of development done on AOSP.
      • exe34 2 hours ago
        "If you had learned to wash lettuce, you wouldn't have had to pay court to Dionysius" - Diogenes.
      • llm_nerd 51 minutes ago
        > What happens if you "accidentally" become persona non grata with both Google and Apple?

        https://www.theguardian.com/law/2026/feb/18/international-cr...

        The US made a Canadian judge a persona non grata for any firm domiciled in the US. All because she works for the ICC, and the ICC declared Netanyahu a war criminal (which is indisputible). Why is the US destroying worldwide trust in US businesses on behalf of a reviled nuclear armed hermit nation on the other side of the planet? Good question, but it is what it is.

        This example that the US will spuriously use sanctions like this is why many nations are investigating ways to purge American financial systems and tech.

      • shevy-java 1 hour ago
        You are right - now greedy corporations decide who is an "acceptable" human and who is perma-banned.

        Governments need to wake up to this insane level of Evil. And other governments also need the US government responsible here, since they allow this to happen.

        In objective terms this can be called a fascist system.

        > A temporary workaround like using alternatives like GrapheneOS

        The issue still is that so many services and functionalities are tied into private companies. States simply need to wake up now.

        • nanis 43 minutes ago
          > Governments need to wake up to this insane level of Evil

          Governments are made up of people. People who have at best median level understanding of the things they are ruling about but great self-interest in following the biggest purse to which they can attach themselves.

        • DrewADesign 1 hour ago
          > Governments need to wake up to this insane level of Evil.

          I’m not even being cynical — it would probably just increase the amount of government contract cash awarded to them. Control makes governing a lot easier, control is what tech companies have, and to varying degrees, it’s for sale.

    • seviu 1 hour ago
      One of my best friend has a Jolla phone.

      He never had WhatsApp. He refuses to use google. Only till recently he started using signal. He has been using an old Nokia phone till he was forced to upgrade by his operator. He is European and here in Europe WhatsApp dominates. Despite all that and having a very social life, driven by work, he manages.

      I recently ordered a Jolla phone. I don’t want to know about android. I might tolerate iOS. But shelling thousands of $ for a phone that is controlled by an external company…

      I am looking out for messaging alternatives. I am at a point where I think linking your identity to a phone number is not right either.

      Let’s say we should all wake the fuck up. This is not right. Having a phone with such spyware is a potential attack vector I don’t want to have on the most important device I own.

      • trinix912 42 minutes ago
        It's all good until your European bank starts requiring unrooted Android and iOS for their mobile banking app, then tries to force you to use that app instead of letting you sort things out at their building. Then the government starts requiring you use unrooted Android or iOS to sign into their website for administrative tasks, and so on.
        • seviu 3 minutes ago
          If that ever happens (what am I saying we all know it’s happening). Then just a phone in the drawer I use it just for such administrative tasks.
        • pmontra 18 minutes ago
          The endgame is that I will keep a phone in a drawer next to a 20 yo hardware token I still use to access a bank. When on the move, we will see.
      • a022311 16 minutes ago
        Not sure Jolla deserves to be trusted, you'd be much better off with GrapheneOS. In any case, try out SimpleX for a messenger. You can also take a look at https://xn--gckvb8fzb.com/an-overview-of-privacy-focused-dec...
        • seviu 3 minutes ago
          Thanks for SimpleX it looks like a great solution for a longstanding problem.

          Why would you not trust Jolla? It was born from Nokia employees. GrapheneOS is a great alternative. Still Android though.

    • MSFT_Edging 11 minutes ago
      I've seen multiple stories of people buying phones from Fi, the phones never arriving, google refusing a refund, and on a chargeback, their entire google account gets shut down.
    • avaer 3 hours ago
      The blast radius is far worse than any "malware" Google could protect you from.

      TFA is playing it up, but it is arguable that this is a real virus, except the shady hackers are Google.

      • microtonal 1 hour ago
        I don't think 'virus' is the right term, since it should self-replicate. 'Malware' or 'spyware' are probably better terms.
      • saagarjha 1 hour ago
        Malware on Android causes more harm, both to individuals and collectively to all Android users, than Google locking people out of their accounts. These aren't even in the same order of magnitude. There are countless examples of people who have lost their life savings, all their data, etc. Losing access to your Google account sucks too, and I don't necessarily agree with what Google is doing here, but you're completely off base here.
    • matheusmoreira 2 hours ago
      > And you’ll never reach a human to sort it out.

      Unless you blog about it angrily enough that you somehow make it to the HN front page and some insider sees it and solves the problem for you.

      Getting my own domain and setting up email on it is one of the best things I've ever done.

      • daakni 46 minutes ago
        About to go down that route as well, just need to find a email provider with ideally servers in the EU
    • orian 2 hours ago
      All service providers above some scale should be obliged to create a transparent processes or be taken for external jusges.

      Even better: all providers of services with more than 100K users or 10% of country internet users should be forced to provide API to export / import data in open format.

    • powerapple 1 hour ago
      That happened to me, lost 16 years old gmail account, which is my main account for my digital life. It happened after I disabled some tracking, and Google was no longer able to recognize me, even though I had my phone number registered, it was not enough.
      • duskdozer 3 minutes ago
        I suspect this will happen to me soon, though all I do with it is occasionally sign in just to keep it registered. It now refuses to log me in unless I am on a specific IP address, no matter how many MFA steps it requests and I pass.
    • sylware 5 minutes ago
      You go self-hosted and try to stick to real small alternatives, subset of technical standards, etc.

      I am not a US citizen, but a EU one (well, since we have seriously rogue and toxic EU states, I dunno how long it will last).

      And guess what, the handling of the issue of technical interop for administration online services is done... at the top of the top of the political power: in my EU country, only the president and prime minister do define it. Yep, you read well, it is THAT MUCH important: parliament, no power over it, 'technical authorities' have actually no real power over anything, etc. It requires the same level of power than deciding to make more nukes.

      Basically, in 2015/2016 our president/prime minister at that time literaly gave all the administration (and dependencies) online services to big tech (a technical document which is basically 'law' with a content 'opening the gate' for big tech). Well, I say 'they gave it', but they could have 'sold it'... we have a department in our DOJ to monitor past politicians who could have set up some public money channels in order to benefit from it, often indirectly, afterwards. The following president and prime ministers did change nothing... how deep the rabbit hole goes? Brain washing via hardcore lobbying? Corruption?

      IRL, you had country administration related web sites, working more that fine with "any browsers", small and big, citizen made, small company made, now it is over, they were all broken for web apps which do work only with whatwg cartel web engines with their abomination of "computer language" requiring an even worse SDK. Same with file formats.

      There is light though, if this document of technical 'law' is properly modified, the whole administration and dependencies have 3 years to restore simple web sites and support minimal and subset of file formats.

    • techpression 4 hours ago
      We experienced this with Anthropic, not the same blast radius obviously, but out of nowhere account was terminated. No support available. It was via someone’s 30+ year old classmate via LinkedIn the account got reinstated.

      As a counterpoint to the right to the repair there should be a right to recover.

      • Gigachad 3 hours ago
        There was a more direct case where someone’s child had been interacting with Gemini inappropriately resulting in Google nuking the entire families Google accounts.
        • bayindirh 2 hours ago
          I still remember how uploading photos of man's own child created the catastrophic chain of events.

          Kicker? The photos were requested by a doctor.

          Ref: https://www.koffellaw.com/blog/google-ai-technology-flags-da...

        • trashb 1 hour ago
          Google has been nuking accounts since their inception.

          I have seen people being locked out as early as 2011 of accounts that could only be unlocked by sending a copy of an ID. Due to regulatory change of saving of information based on age (first 13 and above was ok, then became 16 and above).

          • rjmunro 16 minutes ago
            > Google has been nuking accounts since their inception

            Google has been dealing with accounts opened for fraud, spam and other evil bots since their inception. They should be nuking those. What's needed is some way of reverifying an account that was closed incorrectly, maybe some kind of independent ombudsman service or something to get the account back.

        • alexp11223 2 hours ago
          It was a fake story on reddit.
        • techpression 3 hours ago
          That’s quite insane, especially considering how Google is pushing Gemini into every single product.
    • m00dy 4 hours ago
      it's a nightmare.
    • heroku 19 minutes ago
      [dead]
  • krunck 0 minutes ago
    Would this also be a strategy to get all Android users to have a Google account? Once you are locked in to using Google's Play Store then can then require login to even install apps. I don't have a Google account. I never will. If I am required to get one to use my phone(Fairphone4, eOS) then I will cease using the phone. There is nothing in my life that requires me to have an Android phone.
  • linuxhansl 4 hours ago
    What Google is doing is shameful. One of the promises of Android was being more open than the restrictive Apple ecosystem.

    Now that they reached penetration they do the switch - under the guise of security.

    Just let me do with my hardware what I want to do it. Let it be my responsibility to install whatever I want (and stop calling it "side-loading", as if I am doing something shady from the "side").

    We need to resist this! Alas, from the broader response it seems that most people just do not care.

    • matheusmoreira 2 hours ago
      It's not just shameful, it's stupid. Freedom was the whole point of tolerating the shittiness of Android. If they get rid of that, then there is no point, and I'll just buy an iPhone instead. If I must be in a walled garden, I'll choose the better kept garden, and it sure as hell isn't Google's.
      • VeejayRampay 38 minutes ago
        you think it's shitty, but it's a personal opinion that you're phrasing as some kind of widely accepted view

        be sure that it's not, lots of people actually PREFER Android

    • sscaryterry 4 hours ago
      This is worse than Apple. With Apple you knew where you stood day 1.
    • ankurdhama 2 hours ago
      AFAIK you can still install any random APK but the process will require enabling developer mode and one time 24 hour wait period. But the problem is many stupid Apps check that developer mode is on and refuse to work.
      • Liquid_Fire 49 minutes ago
        > many stupid Apps check that developer mode is on and refuse to work

        Do you have some examples? I have developer mode enabled and have never seen any apps complaining (and I have used a lot of different banking apps).

      • geokon 2 hours ago
        An FDroid desktop client that adb installs APKs would actually be lovely. I pretty much exclusively use FDroid, but I gotta say I unfortunately find all their frontends to be rather buggy and with very little user feedback when things break (repo updates are hard to observe, downloads hang, updates mysteriously fail)
        • greeniskool 2 hours ago
          I feel you about the frontends being buggy. Right now I've settled with Droid-ify[1] for doing my F-Droid browsing.

          [1] https://droidify.app/

      • AussieWog93 45 minutes ago
        I'm not aware of any apps that check for developer mode, that's mainly root.
      • nutjob2 2 hours ago
        How long before they take that option away?
    • avra 3 hours ago
      > We need to resist this!

      I agree. What do you suggest? How can we contribute to the resistance?

      • linuxhansl 2 hours ago
        Not much one can do I fear...

        Install f-droid and all kinds of 3rd part apps now.

        Install GrapheneOS. (I'm guilty of not having that done that,yet :( )

        Sign the petition (https://keepandroidopen.org/).

        • black_puppydog 2 hours ago
          Wow, the link to the petition is buried halfway down the page. How is this not part of the first visible content?
          • lta 31 minutes ago
            Fwiw it's also linked in the article, so it's not exactly a surprise :)
      • devsda 2 hours ago
        Raise it at whatever level we can.

        I've seen more outrage on HN posts about license changes than those related to this. I mean we are in the midst of one of the biggest rug pull of our lifetime and the response was not even remotely proportional. I wish it was a atleast a fraction of what it was during the SOPA act.

        Not even businesses that could be hurt by entrenching Google more in the mobile space are acknowledging the issue.

        That makes me think may be all the outrage at the SOPA time was probably "promoted" because it aligned with their commercial interests or may be Google is all too powerful and too deeply entrenched that nobody wants to upset them.

      • rahidz 36 minutes ago
        I'm sure there's plenty of Google employees on here, some quite high up.

        Push back against these types of decisions internally. Rally your coworkers against them.

        And if you're brave enough, talk to a journalist, or pull a mini-Snowden. Lord knows the company has secrets. I bet there's at least one email chain from some exec bragging about how this policy will squash Revanced, ad-blockers, etc.

        • murderfs 7 minutes ago
          I guarantee you that there are zero email chains from execs bragging about a policy that'll block the dozens of users running Revanced.
      • microtonal 1 hour ago
        If you are in the EU, send a message to the DMA Team. Be polite, explain how Google is using its oligopoly power to shut out competing app stores and applications that can be installed outside the Play Store. Explain how it affects you.

        An app becoming unavailable through remote attestation? New recaptcha? Document every case and send an e-mail to the DMA team.

      • Arnt 3 hours ago
        This started with phishing, poor people being tricked to install apps that then drained their bank accounts. So to resist, maybe focus on that evil? Better international cooperation, better prosecution?
        • stymaar 3 hours ago
          > This started with phishing

          It didn't.

          Phishing is just a pretext. Google didn't care about Phishing for the first 20 years of Android. Why do they now? Because it serves as argument to close their platform a little more (which is a trend that has been going on for years).

          • Arnt 1 hour ago
            I think they care now because of pressure from the governments of the countries involved.

            And perhaps because ten and twenty years ago, the sums stolen were small. Now they're in the billions.

            • LtWorf 12 minutes ago
              How do you explain that all the scammers I've entertained used apps that are already on the store?
          • frollogaston 2 hours ago
            I do think it's about Google trying to squeeze profits out of Android, but is there more direct evidence of this? Cause I always have to wonder if it's something else like KYC.
            • Arnt 1 hour ago
              Of course Google generally tries to squeeze profits out of… whatever it does, but eh, by closing something? Google is the company that makes a million in profit from the openness of the web in the time it takes me to write this paragraph, why would that company think that closing something improves its competitive stance?
        • LtWorf 24 minutes ago
          All scams attempt I received from "hot asian ladies" involved putting my savings in apps that are already on the google app store.

          The scam apps are already in there. Please stop repeating google's propaganda.

        • iririririr 2 hours ago
          or how about don't allow government and banks and telcos to use abusive apps to provide essential services?

          those people fall for this because for everything poor people do, they need an app that is provided by sleazy vendors and that require tons of permission, and face scan and what not. they were primed so those business could save in operating costs.

          that's the problem. won't solve it with slightly less sleazy vendors.

        • mschuster91 3 hours ago
          We can't even get India and Turkey sanctioned for evading the anti-Russian sanctions... good luck holding them accountable for the scam callcenters.
      • geocar 1 hour ago
        Stop using Android.
        • lta 29 minutes ago
          We don't have a lot of choices right now, especially regarding banking apps :'(
    • altairprime 3 hours ago
      Shame isn’t an applicable concept for a corporation.
      • nehal3m 3 hours ago
        Maybe we need an economic system where it is. Shame should come packaged with legal personhood.
        • altairprime 2 hours ago
          Better to pass state bills modifying all of that state’s articles of incorporation to compel adherence to B-corp standards.
      • stymaar 3 hours ago
        Shame has ceased to be an applicable concept for anyone “important” enough to get free media attention.
  • RandyOrion 1 hour ago
    Android developer verification program, together with recent reCAPTCHA push [1], and Manifest v2 force depreciation on chrome [2], make one thing crystal clear. When companies like GOOGLE talks about things in the name of "your security", it's a sign that they want you to sacrifice your own things, e.g., privacy, freedom, etc., for their own security. And if you trust them and show your consent by doing nothing, you pay the price.

    [1] https://news.ycombinator.com/item?id=48067119

    [2] https://news.ycombinator.com/item?id=48555244

    • geocar 1 hour ago
      Google has been attempting to license the right to write.

      There are a lot of poor people, mostly brown people, who do not have the ability to get one of these licenses.

      Some of them are feeding themselves with their ability to write, and Google is literally stealing that food from their mouths.

      • birdsongs 1 hour ago
        Can I ask what you mean when you say "write"? Are you talking about literature / articles, or software?

        This is new to me, want to stay on top of it.

        • MSFT_Edging 6 minutes ago
          I think the commenter is alluding to writing software, as software is considered speech in some places.
  • sambuccid 3 hours ago
    It doesn't solve the current issue, but in case we don't manage to push back on this, some people might not know that there are various actual linux OSes for mobile:

    - SailfishOS: still linux based and seems fairly community inclusive, but the UI part of the stack is closed source. Is the only one officially allowed to run android apps, via emulation. Has existed for a very long time, it's lightweight and I think the most stable/bug-free in this list.

    - Ubuntu Touch: fully open source and community driven, it uses snap packages for security, you might be able to run android apps. Last time I run it also seemed fairly stable/bug-free.

    - PureOS: fully open source and privacy focused. I think it's the only one that, released with the Librem 5, can avoid using proprietary blobs for interfacing with the hardware. Seems less stable than SailfishOS and Ubuntu Touch. You would need to buy a fairly expensive-but-old phone(librem 5) to run it.

    - PostmarketOS: fully open source, focused on being lightweight and revive old phones, has a huge amount of phones it has been tested on, is based on Alpine.

    - Mobian: mobile version of Debian, it's fairly new on this list.

    There are many more linux mobile OSes, but as far as I know these are the main ones. There might also be some inaccuracies on this post, I tested some of these a long time ago, and I never actually run the last 2.

    • hollow-moe 2 hours ago
      And all are useless because you can't use your mandatory bank or gov id app.
      • karussell 1 hour ago
        Not useless. It is like the missing printer driver for Linux Desktop. It makes the experience ugly, but this is not the fault of the Linux OSes.

        Also the bank should not require apps (instead they can offer hardware key support or desktop apps) and in fact some - at least in Germany - offer a different authentication possibility. Also the app for the German ID is published on fdroid and does not rely on Google services.

        • trinix912 38 minutes ago
          Good for Germans then. Slovenian banks won't let you use physical 2FA authenticators (for personal accounts and maybe even business ones at this point) anymore and will also require you to constantly update their stupid app (I've had to replace some otherwise good phones because the OS version wasn't supported anymore).
        • mr_mitm 32 minutes ago
          There are plenty of banks in Germany which offer over-the-counter services, if you prefer to do banking as if it's 1999. Most of the time, when people say it's impossible to live without a smartphone, it's actually only impossible to enjoy the conveniences of the internet without a smartphone (at least in Germany). Besides these rentable scooters, I can't think of anything that actually requires a smartphone. Sure, you'll miss out on a lot of conveniences, but I remember a time where that was the norm, so it's not like it's unreasonable.
      • RegW 1 hour ago
        I don't have a mandatory bank or gov id app. Where are you living?
      • throwburn202605 1 hour ago
        Might be worth trying to get your gov to pin down the number of users or process to get gov id supported on any new platform.

        They likely wont specify 100k people or 10% of population or whatever email/petition but it at least records the requirement that other OSes exist and requires a process to support

    • hypfer 2 hours ago
      There's also FuriOS with the FuriPhone.

      That's debian based with gnome and seems to be built by capable people. Also, it can run android apps.

    • einpoklum 1 hour ago
      Which phones are supported by which of these operating systems? And can you provide some relevant links?
  • khurs 5 hours ago
    Android users need to switch to Graphene.

    Someone needs to create a Linux based mobile OS foundation - Google's domination is contrary to many large companies interests, and if Meta and many other such companies were approached, they may well donate large sums of money in their own strategic interests.

    • throwburn202605 3 hours ago
      GrapheneOS is currently the blessed child. Like CyanogenMod previously. They are "permitted" to access to Google Play Services because their work hardening Android currently benefits Google.

      Once Google feels like there is sufficient stability and compatibility with hardened memory allocator and tagged memory (and when they can get Qualcomm to support it across their range), they will make harder, until impossible, for Graphene.

      An old article [1] but:

      > Google’s Android—and [Open Handset Alliance] members are contractually prohibited from building non-Google approved devices

      So to compete you'd have to create a compatible Google Play Services as well as find a supporting manufacturer. Samsung managed their own competing apps and store [2] for a while along with Tizen, likely for leverage or theoretical pivot. But has since dropped that effort.

      [1] https://arstechnica.com/gadgets/2018/07/googles-iron-grip-on...

      [2] https://arstechnica.com/tech-policy/2021/07/google-bought-of...

    • dryarzeg 3 hours ago
      > Android users need to switch to Graphene.

      Doesn't GrapheneOS supports only Google Pixel smartphones now? For most of the users, that would mean changing their phones beforehand. And if we're talking about common people (especially not in US), it's not even everyone who can afford that. Moreover, in my opinion, by buying Google phones you're feeding Google, and I, personally, would like to avoid that.

      • khurs 2 hours ago
        Yes but they have signed up with Motorola so that is changing

        https://www.androidauthority.com/grapheneos-motorola-partner...

      • preisschild 3 hours ago
        > Doesn't GrapheneOS supports only Google Pixel smartphones now?

        For good reasons. Most other devices arent secure enough to guarantee privacy. Especially not if loaded with a custom operating system (most devices don't allow to verify the boot chain with a custom OS)

        > And if we're talking about common people (especially not in US), it's not even everyone who can afford that.

        You can get a new Pixel 9a here in europe for around 350€ and it will be supported at least until April 2032

        > Moreover, in my opinion, by buying Google phones you're feeding Google, and I, personally, would like to avoid that.

        Google phones are surprisingly open and work well. Google takes a pro-user stance here that is extremely rare in the ecosystem, so why not support this product?

        • spaqin 3 hours ago
          It's alright, whatever the reasons might be, but let's not pretend there are no other ways out. I'm content with newest LineageOS on my 7 year old mid-range Xiaomi. I don't mind the loss of privacy guarantee. I don't have to spend any extra 350 euros and lose the headphone jack in the process.
        • secult 3 hours ago
          So to avoid google's android I buy google phone to not run android?
        • Forgeties79 3 hours ago
          > Google phones are surprisingly open and work well. Google takes a pro-user stance here that is extremely rare in the ecosystem, so why not support this product?

          Because they will pull the rug here one day too. Why on earth should we trust them to keep this approach to their hardware?

          • cadamsdotcom 2 hours ago
            Don’t defeat yourself in a one person battle.

            After all, it might rain tomorrow - but you should still go outside today.

            • Forgeties79 1 hour ago
              My stance isn’t “give up.” My point is we should explore and expand non-Google alternatives for hardware.
    • kalx 4 hours ago
      I tried. But then I didnt get access to essential services like banking and national resources.
      • AlexAltea 3 hours ago
        FWIW, I submitted an EU DMA complaint (Art 27 report) against Alphabet for unfair gatekeeping against third-party distributions like GrapheneOS via Play Integrity. More info: https://github.com/AlexAltea/blog/blob/master/posts/2026-06-...

        Convincing developers, especially bank and gov apps, is near impossible and won't scale well. Going after Alphabet for not meeting DMA obligations seems the easier path. Might not go anywhere but worth a shot.

        • phantomathkg 18 minutes ago
          I can tell you it has NOTHING to do with developer, but more the business/content protection people say unlocked bootloader is not secured.
        • frm88 3 hours ago
          Is there something we can do to support your efforts?
          • AlexAltea 2 hours ago
            Only two things come to mind:

            1. Provide or find pro bono legal resources deeply familiar with EU DMA and similar antitrust regulations, willing to proof-check and improve this report, and perhaps advise on better channels to submit it.

            2. Locate more affected end-users, including applicable members of the GrapheneOS Foundation and developers behind other distributions, make them aware of these efforts so that hopefully we submit a joint complaint. (Might get more traction, though AFAICT reporting is limited to EU citizens).

            Happy to fork this into its own repository if it helps with collaboration.

            • frm88 2 hours ago
              1. I will look into that.

              A heads-up: the FSFE has already submitted a case for device neutrality regarding both, the ability to completely uninstall AI features and the unlimited interoperability decoupled from ADV: https://fsfe.org/news/2026/news-20260615-01.en.html

              “Interoperability must be decoupled from developer verification procedures. We need clear, precise, and inclusive rules to prevent circumvention by gatekeepers and to ensure that interoperability becomes a concrete reality in practice” states Lucas Lasota, FSFE Legal Programme Manager

        • preisschild 3 hours ago
          > Convincing developers, especially bank and gov apps, is near impossible and won't scale well

          Not impossible though, my bank and govt eID app did do safetynet, but after enough users complained in both apps you can now skip a warning and use it without issues

      • zerof1l 4 hours ago
        Graphene OS user here. Almost all of the apps I tried work fine. All the banking apps I use work. Have you tried reaching out to the app developer or the service and explaining what Graphene OS is and asking them to support it? I was able to persuade one app to do it.

        [1] https://privsec.dev/posts/android/banking-applications-compa...

        • kalx 4 hours ago
          Problem is that all banks require a national centrale controlled service for login (BankID in Norway). And it is this service that I cannot get to work running GrapheneOS. It worked a couple of months ago, but not anymore. And all customer services and complaints are directed to your bank who 1) has no idea what i am talking about and 2) no control over BankID verification requirements.
          • edb_123 1 hour ago
            I did actually alert BankID about this potential lock-in issue back when they announced they would be abandoning the SIM-based (and thus phone-independent) solution, to little understanding and just general comments about the cost of keeping the SIM-based solution alive. I guess now with eSIM being prevalent it wouldn't have made much difference anyway.

            But just the thought of the potential to be completely locked out of everything from banks to online payments, logins to the public health system, tax filings (and basically all public sector services) just at the whim of Google or Apple's automated algorithms misunderstanding some random account activity, is a thought that should make everyone (and especially those in countries dependent on systems like BankID) afraid and demand at minimum:

            Rights to:

            - Due Process

            - Accountability from Google & Apple and fines for when they do wrong

            - Multiple warnings (with a right to know what you're being accused of) before being locked out

            - Well-functioning complaint procedures with strict time frames

            - Make the mere concept of banning users "for life" illegal

            ...from Google and Apple (and strict fines for them not adhering to them). Feel free to add more to the list.

            Else we as a society can't depend on a smartphone as the main key to our lives anymore.

          • tremon 2 hours ago
            Raise the issue with both the consumer protection watchdog and the trade watchdog. This is a monopoly issue that's impacting consumer choice.
          • LadyCailin 3 hours ago
            I’ve nearly decided to switch back to the code brick instead of BankID app. It’s less convenient, but with the way things are going, I’m just not sure I want to exist in the digital world much longer.
            • kalx 2 hours ago
              Good idea. Maybe it wouldn’t be too bad to just attach the code brick to my keyring anyways.
              • tedodor 2 hours ago
                I switched to GrapheneOS a couple months ago, and the only real downside is that MitID (danish verison of BankID) doesn't work. I got the code brick and attached it to my keyring and it's honestly not that bad, I usually have the keys close by anyway. Also most apps that need MitID allow you to create a pin to log in without reverification once you've logged in once.
      • kalx 4 hours ago
        Correction: i did get bank access. I just couldnt log into the bank without a google or apple controlled device.
      • feelamee 3 hours ago
        lol, this problem stopped me from installing GrapheneOS early. But now.. I removed banking apps by myself because my state require room them to collect phone fingerprint and access to location EACH time they opened. So... looks like now nothing stops me
    • aquariusDue 4 hours ago
      I keep hoping for something more radical like Jolla and SailfishOS taking off or postmarketOS becoming a true viable alternative but as things are looking like now there's a better chance we'll ditch phones altogether in 10 years when smart glasses will replace them instead.
      • pbmonster 3 hours ago
        > we'll ditch phones altogether in 10 years when smart glasses will replace them instead.

        Billions are spend right now to make sure the glasses also run Android or iOS. So far, Google, Samsung, Magic Leap, RealWear and Vuzix are working with/on Android XR, and obliviously Apple is working on AR/VR iOS.

        Meta and a couple of smaller startups are doing something in-house, but I don't give them much chances to get an ecosystem going.

      • DaSHacka 4 hours ago
        Honestly don't think that would be so terrible, with how bad and locked down the mobile ecosystem has gotten.

        Rolling the dice on a new technology could wind up being much more favorable.

        • GuestFAUniverse 2 hours ago
          What /new/ technology? The basically same platforms. Just smaller phones with more cameras recording everybody without consent.
    • xandrius 3 hours ago
      I would say Ubuntu Touch + a Fairphone. Graphene is too reliant on Google.
    • hkgvk 4 hours ago
      The only reason I have not switched Graphene is because for reasons I do not understand, Graphene OS is very closely tied with Google hardware.

      I bought a /e/os Fairphone instead.

      • defrost 4 hours ago
        Give it a year, we may have GrapheneOS/Motorola then ...

        * (March 2026) Motorola announces a partnership with GrapheneOS Foundation - https://motorolanews.com/motorola-three-new-b2b-solutions-at...

      • petu 2 hours ago
        Pixels are consistently "third party Android builds friendly", plus GrapheneOS has a list of required security features (beyond their control): https://grapheneos.org/faq#future-devices

        e.g. first one in the list:

        > Support for using alternate operating systems including full hardware security functionality

        GrapheneOS wants users to lock the bootloader (≈enable Secure Boot) after install by providing user signing keys (avb_custom_key) -- that already seems to leave only Pixel, Nothing and Fairphone.

        https://github.com/chenxiaolong/avbroot/issues/299

      • cromka 4 hours ago
        Those reasons are explained clearly and openly. Ironically, your /o/OS is way less open than GOS on Google hardware.
      • microtonal 1 hour ago
        Sigh, /e/OS.

        Your phone is running proprietary Google DroidGuard blobs in a privileged process every time an app initiates a Play Integrity request.

        If you install some Google apps like Google Maps, they are run with more privileges than other apps (their microG fork gives apps elevated privileges when they match certain Google signing key fingerprints).

        Also, your device is running a firmware bundle provided by Fairphone's Chinese ODM, including TCL image processing blobs. Your phone will soon run an ancient kernel and firmware tree with many known critical CVEs.

        But this all doesn't matter anyway, because security hardening is only for spies and pedophiles according to the CEO of Murena (the company that makes /e/OS).

      • gf000 4 hours ago
        It's because only Pixel devices have proper hardware security to build anything secure on top.
      • prmoustache 2 hours ago
        I bought a second hand pixel when I had to buy a new phone. Still better for the planet than buying a new fairphone anyway.
    • Arnt 4 hours ago
      I know Graphene has innovative security measures, do you happen to know whether that includes anything wrt. phishing or social engineering?

      (For those who haven't been following along: this whole affair started with phishing. People were social-engineered into installing an app and a little later their bank accounts were empty. A big issue in various poor countries.)

      • Aachen 3 hours ago
        That's one of its primary arguments: besides the hardening against exploits, they're considered such a safe OS because you cannot access your data either and give the wrong app root access. Everything lives in a sandbox. Whether not being able to grant full access to e.g. adb shell, Termux, or Restic is what you want is a personal choice, but it adds a layer of security against any malware that tries to get you to grant them root access

        This is also the argument they use to try to convince app vendors to add their keys to the allowlist, because the app makers can trust that their DRM will be active (if Netflix sets a "no screen recording" flag, you the user cannot circumvent it by e.g. reading /dev/fb0). It should have broader compatibility than other FOSS Android builds (when running the officially signed version of course, you can't compile it yourself and expect such apps to run there)

        • kuschku 3 hours ago
          So it doesn't actually do anything to give control of the device back to the user?

          One of the core tenets of truly free software is that I as user must be able to run, access, edit, and view everything.

      • jabwd 3 hours ago
        It is not an OS with bubblewrap, you can still mess up your privacy / security if you want to, that includes phishing and social engineering.
        • Aachen 3 hours ago
          Is anything bulletproof against the user signing away their data? I think the question was whether it has any measures in this regard, not whether it's impossible to get phished
      • preisschild 3 hours ago
        > do you happen to know whether that includes anything wrt. phishing or social engineering?

        Yes. For example if you install an apk from an unknown source (like a random website via browser or messenger) it will warn you what you are about to do and what effects that has.

        You don't need to block stupid behavior. Just make sure users are well aware of their actions as long as they actually read warnings.

      • vlian2088 2 hours ago
        my brother in Christ, people who root their phones don't fall for "Hello sir, I'm sir John from Microsoft, you have virus sir, please do the needful install antivirus and send gift card sir."
    • delta_p_delta_x 1 hour ago
      > Linux based mobile OS

      So, Android?

    • hulitu 2 hours ago
      > Android users need to switch to Graphene.

      Which supports only Pixel devices.

      • dolmen 1 hour ago
        The resason is that only Google bothers to put enough hardware security features to build software on top that allows to make a really secure device that blocks tampering.
        • einpoklum 50 minutes ago
          That's not a reason. When the hardware doesn't have those "security features", then don't "really secure", just run without being "really secure".

          I never treat my (Android) phone as secure anyway.

    • Pacers31Colts18 3 hours ago
      I get it, but it really sucks that Graphene only works on Pixel hardware. I switched to Samsung with my last phone.
      • BLKNSLVR 1 hour ago
        Out of the frying pan into the fire...
      • GuestFAUniverse 2 hours ago
        Korean manufacturers are even worse when it comes to privacy violations.

        I use a Samsung too. The bloat, dark patterns and enshitification with every update are even worse.

    • Timshel 3 hours ago
      Not really a solution at the moment if you do not want to give money to Google by buying a Pixel (hopefully the deal with Motorola will work).

      Long term I would probably have more hopes in https://postmarketos.org/

    • preisschild 5 hours ago
      I wonder if it makes sense to create an independent hard-fork of AOSP in the future. But probably the only option to keep this somehow maintainable is to replace many android-specific components with other userspace linux components that are already well maintained (systemd, networkmanager, wayland)
      • kalx 4 hours ago
        Would this not require some control over the hardware? Which would be difficult for the FOSS community?
        • preisschild 3 hours ago
          maybe not, heck people reverse engineered apple hardware and implemented it in various FOSS driver stacks

          But yeah, vendors maintaining their drivers upstream in FOSS projects would obviously make it easer

    • darig 4 hours ago
      [dead]
  • nusuth31416 5 hours ago
    I use Android because it lets me install whatever I want on my phone, which it does not seem to me, controversial. The phone is either mine or it is not. I don't want Google's protection. Particularly, if I can't refuse it.
    • kalx 4 hours ago
      Well… you can run android without google? The problem is that essential security services require apple or google devices and you as a member of society need the security services.
      • karteum 3 hours ago
        > Well… you can run android without google?

        You can only run LineageOS on smartphones that allow unlocking the bootloader (which is more and more rare), and properly release the kernel source-code (many still don't, especially low-end MTK-based phones...)

      • Aachen 3 hours ago
        Yet on LineageOS you're not affected. It seems you can build Android that isn't affected by Google, at least if you're willing to personally adjust the code to do what you want. You'd have to get exceptionally busy before it's not recognisable as an Android distribution anymore
      • realusername 3 hours ago
        Let's call them anti-competition services since there's nothing in these increasing security.
  • schnatterer 52 minutes ago
    Meanwhile in Luxembourg: Google loses fight against EU’s $4.7 billion Android fine https://www.msn.com/en-us/money/other/google-loses-fight-aga...
  • anilgulecha 7 hours ago
    I understand the frustration (I'm an avid fdroid user across many many devices). But this article comes off as childish with the virus/trojan/"malware vendor".

    With such an article, many (including perhaps google) get the ammo to disregard what fdroid says, by branding them as childish/not to be taken seriously. for eg: no reputable news org is going to post this.

    PS: https://keepandroidopen.org/ is better done.

    • econ 5 hours ago
      I thought the same thing but he apparently has a point. The stated purpose covers only a tiny sliver of the capabilities. The agreement points to the TOS where it (last time I looked) says service may be terminated at any time without stating a reason. Nothing guarantees it won't be used for things other than security. And finally he has a point where it also doesn't really do much for security.

      If we ask their fine search engine, the AI helpfully explains malware to be software designed to gain unauthorized access to disrupt, extort payments and/or hijack devices.

      If you still think the shoe doesn't fit, imagine what would happen if one managed to create an app with the same capabilities. Google would remove it immediately for being malware. Obvious malware.

      • r_lee 4 hours ago
        I'd usually say it'd be far fetched

        but I can totally see Google banning developers and removing their apps for political reasons, where some lobbying group bombs them with emails

        because with this they're explicitly saying they're now choosing who gets to be in or out, there's no way for them to say we can't do anything about it

        I do think this would improve security, but I also think it's sort of a Trojan horse to lock down the ecosystem

      • stingraycharles 5 hours ago
        Isn’t Google going to do what Apple has been doing since forever? Or is Google somehow doing something worse?
        • RobotToaster 4 hours ago
          I bought an android instead of an apple because I didn't want the kind of malware apple has always shipped with idevices
        • jb282 5 hours ago
          Apple's policies were established when you purchased the phone. Apps come through registered developers and their vetting.

          Google has changed the game on something you already own. I'm sure their lawyers have done their homework, but in some jurisdictions this is certainly actionable.

          • someonebaggy 4 hours ago
            They already lost a lawsuit and were fined a hundred billion dollars in the EU for locking down Android. Maybe they think since they already lost once, they can't lose again.
            • hurfdurf 3 hours ago
              Hundred billion would be a quarter's revenue, that can't be right. The lasest I've read is a threat of a fine of around 500mil wrt app store issues back in December, but nothing has been decided yet.
            • r_lee 4 hours ago
              hundred billion?
      • nok22kon 3 hours ago
        nothing guarantees the Microsoft/Apple/Ubuntu/RedHat will not push an update through their infrastructure to delete some software from your computer

        all OSes have malware level capabilities. it's literally the definition of an OS

        • kuschku 3 hours ago
          > Ubuntu/RedHat

          That still wouldn't affect projects like Debian or Arch, but going even further, they can't push through updates anyway. Nothing forces me to install updates, it's an active choice to do so.

    • 0x53 5 hours ago
      I think the point they are trying to make is that in the terms of service Google says they get to define what is malware (halfway through article) so the author is trying to point out that exact danger: what happens when Google gets to randomly call things malware.
    • PufPufPuf 1 hour ago
      The article provides enough evidence for that label. Unlike Google, who can arbitrarily call anything "malware". This is the contrast the article attempts to point out.
    • realusername 4 hours ago
      I have the opposite opinion, Google is doing a lot of garbage in the name of "Security", time to play their game and report their control on Android as security vulnerability
  • willtemperley 4 hours ago
    > In computing, a trojan horse or trojan is a kind of malware that misleads users as to its true intent by disguising itself as a normal program. [1]

    Google is Trojans all the way down. What is the true intent of almost every Google product? Data harvesting.

    Every single product is spyware of some kind. They've even managed trojanize TVs by subsidising manufactuers to ship their spyware.

    [1] https://en.wikipedia.org/wiki/Trojan_horse_(computing)

  • nirui 2 hours ago
    Emotional talk aside, there's not many good solution to this problem, unless of course F-Droid starts to make their own phones.

    But then, Librem 5 Phone was just failed few years ago, telling the story that people who care about their rights are still sensitive to how much they would pay (which is a form of rights too).

    Also but, there is the thing, making a phone is not easy. If you reach deep enough, you'll eventually reach the layer where you realize how solid the monopolization has become. The global telecom standards if you read them is in the hands of few companies, Boardcom, Motorola, Huawei, Nokia and such. They'll control whether or not your phone can access the network. Then there's telecom companies who runs the network, and they might have to approve your device/modem as well since they got their channel allocation from the government.

    It's not easy, and it's not just the software problem.

    Oh and yes, we also have the software problem. Linux, if you want to go that route, cannot be used as a mobile OS, as least not for the public, because the average people don't know how to properly secure their system, and Linux is not a restrictive-by-default system. It will be a malware nightmare if you ship Linux on a phone as is.

    The best hope for now I think is for geek vendors to make more mobile/4/5G enabled Fairphone or uConsole-like product to the enthusiast market, and then you can load whatever OS on it as you want.

    • grosswait 26 minutes ago
      I was surprised to hear Librem failed, but a quick search show this is not true. Quite alive and hopefully well.
    • KJs6ZxELzQM37O 1 hour ago
      There is a good solution. A big disclaimer and the user accepting the risk of running the software they want. The same solution they've been doing for years that did not need change. The new developer program is only here because it is more convenient to Google and governments.
      • IshKebab 1 hour ago
        We've known for literally decades that that doesn't actually work, for several reasons:

        1. People are conditioned to ignore warnings. There are way too many benign warnings in the world; you can't read them all.

        2. Even when people wouldn't ignore them, in cases where they are being tricked by scammers it's easy for the scammer to talk people into accepting them.

        3. Those sorts of warnings aren't actionable. You're installing a new app. It appears legit. You want to use it. You get a warning like "this app hasn't been verified; it might be malware!". What can you do with the information? Absolutely nothing. 99.9999% of users have zero way of doing any deeper check to see whether it actually is malware. Their only options are to give up and go home, or just hope that the warning is wrong. Even I - a highly technical user - get zero value from things like Windows' smart screen. "The app you're running hasn't been signed! It might be malware!". Err yeah sure. I'm not going to reverse engineer it to check am I?

        I think their solution of allowing you to disable the restriction with a one-time one-day delay is actually a really reasonable solution. As long as they don't go further than that - the risk is that it is just a temporary placation and they'll ditch that option in a few years.

        • jonathanstrange 52 minutes ago
          The problem is easy to solve by making 99% of all apps normal apps that don't get any special privileges and don't require any developer certification, and having a certified developer program with heavily locked down run mode for the 1% of high security apps like banking and payment apps. It's not hard to attest unambiguously to the user in some way whether they are running one of these rare secure apps or a normal one, a restricted API suffices but you could also just add an LED for it.

          You can't possibly convince me that Google couldn't develop something like that if they wanted to.

    • m4rtink 1 hour ago
      The Librem phones do exist and people use them.

      Did it take the world by storm ? No.

      But it exists, has users & is building the case (together with Sailfish OS and others) that having an abusive mobile OS duopoly is not the desirable state of matters.

    • einpoklum 48 minutes ago
      > because the average people don't know how to properly secure their system, and Linux is not a restrictive-by-default system. It will be a malware nightmare if you ship Linux on a phone as is.

      Linux is a kernel. A Linux-based distribution decides what the defaults would be. Why, in your opinion, would a Linux distro targeting phone-ish ARM64 hardware be problematic? Why would it be a "malware nightmare"?

  • sinuhe69 1 hour ago
    While attribution is a strong weapon in fighting malicious software, persevering the ability to install and run anonymous software is essential to fight authoritarian regimes and corrupt systems. If we accept that only signed, permitted software can be installed and run on users’ phones, democracy and our freedom are doomed. Regardless if it is in the West or the East, or it’s against an AI overlord.
  • StingyJelly 3 hours ago
    We finally live in an age when I can tell a clanker that I want an app that does something that I need, connect the phone with adb and in half an hour have a working solution for my tiny problem while knowing little about android development. This is something google should embrace, not kneecap.
    • cryptonym 2 hours ago
      What's their interest in you building side-loaded apps instead of using their data hungry services?
      • titzer 25 minutes ago
        Or buying some crappy app off the app store, from which they take a cut.
      • zeumo 2 hours ago
        They do also sell the data-hungry side-loaded app builder.
    • hurfdurf 50 minutes ago
      Installing via adb is not affected.
      • StingyJelly 2 minutes ago
        That's great but I want to be able to share such app with my family members coleagues
  • wolfi1 4 hours ago
    I'm still a little bit confused why the EU does not take action in this. This is definitely a monopolist overreach which has to be shutdown from the beginning
    • hurfdurf 4 hours ago
      But they did. EU formally allows all these measures by Google in the name of "security" as described in Digital Markets Act Art. 6 (4) fourth paragraph.

      https://www.eu-digital-markets-act.com/Digital_Markets_Act_A...

      • IshKebab 2 hours ago
        They're allowed to do it "to the extent that they are strictly necessary and proportionate ... provided that such measures are duly justified".

        It remains to be seen whether the EU decides that this measure is strictly necessary, proportionate and duly justified. They sometimes do the right thing but I'm not getting my hopes up.

    • ajb 4 hours ago
      Indeed. I wonder if it falls foul of labour law. Blacklisting is illegal and whitelisting (certification) is normally done with multiple competing third party certifiers.
    • Aachen 3 hours ago
      They'd have had to start with Apple which is more locked down and has comparable market power. Apple fans (iirc like 30% of the voter population) already scream bloody murder when compatibility increases due to legislation and Apple pushes some marketing about how terrible this is

      We've accepted that OS vendors can do this for decades. I think that was our mistake: relying on Google as the only available vendor. We can't make a law that punishes Google for having been open all these years. Yes, of course I (like any 'HN' hacker, I'd think) would be in favor of forcing Apple to be open as well, but then it seems that the powers that currently run the EU (and a lot of voters) kinda likes their remote DRM attestation for this digital identification project that you'll soon need for anything not suitable for toddlers and not reachable via a darkweb

      • FabCH 2 hours ago
        They did? There is the whole "alternative app stores" kerfuffle going on right now between Apple and the EU.
    • r_lee 4 hours ago
      this is something the EU would love, it's part of the whole Transparency thing where you dox yourself to everyone

      HNers (especially Americans) are super naive and think the EU is some bastion of freedom. no. it just wants to be a huge nanny state but in a wholesome way, where you can do whatever you want as long as it's approved

  • gadders 4 hours ago
    I just launched an app in the Google Play Store. I did find it a bit weird that I had to provide my physical home address to get my app listed. Not sure what I would do if someone turned up to complain. Make them a cup of tea?
    • r_lee 4 hours ago
      well they can swat you, order pizza, send you packages (who knows with what inside), spread false info about you if you've given out more info etc...

      all it takes is one guy who gets too mad for some reason

      and it's gonna be a lot more costly for you to do anything about it vs. that guy who gets to be completely anonymous about it

      • gadders 2 hours ago
        Not sure how well swatting works in the UK, and pizza deliveries are all pre-paid.

        But yeah, you could have a loony turn up.

      • Arnt 3 hours ago
        How? I don't see the address published.

        They can sue you and Google will give your address to the court, clearly. But swat? Send packages? How?

        • wiseowise 3 hours ago
          Don’t know about US, but in EU you legally have to publish your address and it will be shown on the store page if your app has ads or in-app purchases.
        • gadders 3 hours ago
          You need to put a literal physical address and not even a PO Box is allowed.
    • Izkata 3 hours ago
      It's because of a law in California. Don't remember the reason behind it, but Google decided to apply it everywhere. It's also why I let my app die years ago instead of publishing the updated version.
    • einpoklum 46 minutes ago
      You should not distribute apps via the Google Play Store. Using alternative means, including F-Droid as relevant. And it was a mistake of you to register, because you're helping Alphabet exert more pressure and control on others.
    • someonebaggy 4 hours ago
      This is so that you can be sued or prosecuted if the app is malicious.
      • Imustaskforhelp 2 hours ago
        This is a somewhat good reason to make an US LLC with a mailbox rather than sharing your actual address. It can be much more privacy oriented.
      • realusername 4 hours ago
        There's no such requirement for publishing a website
        • someonebaggy 3 hours ago
          There is - every server host does KYC and so does every domain registrar (by law). If you're found to have provided incorrect details, it allows them to immediately remove your server or domain without notice.
          • Natfan 1 hour ago
            does GitHub require KYC for .github.io pages? does neocities? does 111freewebhosting?
          • realusername 3 hours ago
            No there isn't, Google's requirement is to put that information publicly for everybody to see. That's not nearly the same thing as being available on court request.

            With that policy, Google encourages stalkers and put developers in danger.

  • 1970-01-01 33 minutes ago
    All talk, no solutions from F-droid. What are they actually doing to solve it? Why not stand up their own vetting system? I'd love some technical solutions, instead this is just childish.
    • titzer 26 minutes ago
      By analogy, would complaining about any organization ridiculously more powerful than you (e.g. a government) without having a complete alternative ready to go also be "childish"?
  • geokon 2 hours ago
    > looming requirement that all Android developers register themselves centrally

    Does this somehow also apply to developers in China? Are Chinese OSs (Vivo/Honor/Oppo/etc.) entirely forked off of Google's Android?

    Is the solution to just a Chinese phone without the Play Store?

  • foxrider 5 hours ago
    This would be the line for me. If at some point I'm unable to build an .apk and install it on my phone without Google letting me, I'm moving to Huawei.
    • aerzen 4 hours ago
      Does Huawei not use android or Google play services?
      • animuchan 4 hours ago
        It's Android but without Google's services, there's an alternative app store.

        The irony of Chinese vendors providing a breath of fresh low-DRM air.

        • aerzen 3 hours ago
          It seems like China is becoming the "freedom superpower" while USA is getting "corporate superpower" vibes. Huh
        • pjmlp 3 hours ago
          Partially true, HarmonyOS NEXT is its own thing, with a Typescript based language ArkTS.

          https://developer.huawei.com/consumer/en/arkts/

          And now they are adding yet another one, AOT compiled, Cangjie

          https://cangjie-lang.cn/en

          Using Android fork has been a transition step.

          • animuchan 3 hours ago
            Neat, thanks for this correction! Interesting, an entire new programming language.
            • pjmlp 2 hours ago
              And a microkernel based OS with capabilities.

              Another example that microkernels actually do have market share.

        • Aachen 3 hours ago
          Low DRM? I looked at Huawei devices because I figured they'd have to sell them here super cheap because of this downside most Europeans people will even see as a showstopper ("how will I install my precious WhatsApp??"), but

          - they're among the most expensive (I could afford that if needed though)

          - they don't allow hardware unlock (ehh.. what's the point, then, if I get a locked-down device with Chinese surprises!)

          • animuchan 3 hours ago
            OK yeah I didn't know they stopped allowing to root. Normal levels of DRM then, my mistake, you're right.
      • tsimionescu 4 hours ago
        No, Google is barred from providing any services to them by the US government.
      • koolala 4 hours ago
        not like that no, some US carriers don't allow them though like AT&T blocks you to google or apple phones. for them only pixel supports a way out with graphene.
      • foxrider 4 hours ago
        No, they use AppGallery and HMS.
  • pimeys 1 hour ago
    Btw. This whole debacle made me to stop installing any Android updates. I've done my best to avoid installing even the security updates, so my diabetes apps continue working in the future.

    I really need to take the time and go with Graphene OS in this device. My bank N26 kind of still allows it, but they made it harder and harder to use with certain custom checks. Looks like in the future I need a separate banking phone and my daily driver.

    The device works right now how I want it. I don't want anything to change.

    • 0x000xca0xfe 51 minutes ago
      I have an old $70 test device with stock Android/Google that hasn't seen security updates in half a decade yet all banking apps, electric car charging, Google services, you name it, work absolutely fine.

      Meanwhile the daily driver phones of my privacy-aware family members running up-to-date Lineage or Graphene OS with recent kernels and frequent updates constantly run into apps refusing to work for "security" reasons. It's a complete joke.

    • patcat007 21 minutes ago
      [dead]
  • bouncycastle 4 hours ago
    Does this mean that apks that i've built and installed through adb will stop working? That would be a real damn shame.
  • 3r7j6qzi9jvnve 7 hours ago
    related: https://keepandroidopen.org/ previously on hn

    - https://news.ycombinator.com/item?id=47935853 (2 months ago, 889 comments)

    - https://news.ycombinator.com/item?id=47139765 (4 months ago, 378 comments)

    - https://news.ycombinator.com/item?id=47778274 (3 months ago, 68 comments)

  • WarOnPrivacy 7 hours ago
    My Android 15 handset doesn't have com.google.android.verifier process. It could be a Ulefone thing. They're especially pro-user (ex:root friendly).
    • EspadaV9 7 hours ago
      Checked my Pixel 7 XL Pro and the app is installed and running (Version 1.0.866414232 com.google.android.verifier). I was able to force stop it, and disable it. Will check later to see if reenables itself.
    • Aachen 3 hours ago
      Ex means "example" here right? Or do you mean ex as in the dictionary meaning of ex, as in, "formerly"?
  • Timwi 2 hours ago
    How does this affect the Fairphone? If I buy a Fairphone now (which I've been considering for months now) will I continue to be able to run F-Droid and load arbitrary apps, or does it come with “official” Android that will contain the restrictions?
    • microtonal 8 minutes ago
      I would in general recommend against getting a Fairphone. They traditionally have a lot of hardware issues. Some of the early issues on the FP6 (fried logic board while charging and broken volume button) are not user replaceable. Many people have had to wait a month before they get a reply from customer support and even longer to get their hardware fixed. They also completely fail to communicate about issues.

      They also have a bad reputation when it comes to updating their software. E.g. their initial Android 15 builds for FP4 had bad memory management issues, with a result that many people could only have one app in memory at the time, which made it impossible to switch between e.g. an app/browser and a password manager/payment app. Some of their updates would cause boot loops when there were fingerprint reader issues, etc. Currently a lot of users are dealing with an issue where apps hang when used over WiFi because IPv6 gets misconfigured when a router sends an IPv6 router advertisement with lifetime 0 (which e.g. Fritz!Boxes that are popular in Europe do). The issue has been there for over three months without any acknowledgement or fix from Fairphone.

      Also, even though they do Android Security Bulletins and major releases (though very late), their phones often run ancient kernels and firmware with many known vulnerabilities. This is also the case if you run an alternative OS, because pretty much all of them use upstream trees. Also their firmware has Chinese TCL image processing blobs (might be a security/privacy issue for some people).

      I think many of these issues stem from the fact that the development of both the hardware and the software is largely outsourced to a Chinese ODM (T2Mobile), who maintain everything, so there is a lot of delay in everything. My guess is that Fairphone as a company is mostly a PR/support/supply chain auditing (as in minerals/labor, not software supply chain) company, with all the development outsourced.

    • boudin 2 hours ago
      It depends of the operating system you install. Fairphone by default comes with a pretty standard Android version with Google Play serices, so it will be impacted.

      If you either buy a Fairphone from Murena (with /e/ OS) or from Iode (with Iode OS) or if you buy a standard one and install a version of Android without Google Play Services (like /e/ os or Iode), then you can still use FDroid.

  • jzer0cool 1 hour ago
    As user wouldn't you like knowing there is a non-verified app? Is it restricting And still providing way to override if you choose?
  • pjmlp 3 hours ago
    This kind of speech will only go with fellow technical users, most folks buying phones at the usual phone operators won't care less.
  • scotty79 57 minutes ago
    As a user how do I opt out? Can I root my phone and excise this crap with some tool?
  • johnathan101 3 hours ago
    The frustrating part is that security features often look like malware from a technical perspective. The intent is different, but the capabilities can overlap.
  • vrighter 1 hour ago
    isn't this like the ps3's otheros thingie? Where the advertised functionality of the device was crippled after the customers bought them?
    • charcircuit 1 hour ago
      In the PS3 case the feature was removed fully where in this case you just have to go through a new flow with warnings to reenable sideloading unverified developer's app.
  • stavros 5 hours ago
    I don't understand how this is legal in the EU under the DMA, does anyone know?
    • murderfs 3 minutes ago
      This is arguably required by Article 30 of the EU Digital Services Act.
    • pimeys 5 hours ago
      I already contacted the DMA authorities and complained how this has an effect on German diabetes communities and they replied that I am not the first one who approaches them on this and they are already investigating it.

      Google is just trying how far they can push this.

    • hurfdurf 4 hours ago
      https://www.eu-digital-markets-act.com/Digital_Markets_Act_A... Art 6 (4). Read it to the end. That's how.
      • tsimionescu 4 hours ago
        I don't get what part of that your think enables them to deny access to third parties distributing their apps on alternate stores. If you're referring to the last paragraph, that very explicitly says that any such security must be an optional setting that is not default. So unless users opt into verified only apps, Google can't force that, according to the DMA.
        • hurfdurf 3 hours ago
          Maybe not, but reading their blog posts about ADV next to the DMA text, that's certainly the angle they are trying. And it will be years if it ever comes to a court hearing.

          And the setting is "optional", just do the 24h-waiting song and dance to change it, or use ADB. /s

  • nsim 3 hours ago
    So, what's a good Linux tablet? I was thinking of trying an old Surface Pro.
  • einpoklum 1 hour ago
    The temerity of Alphabet to claim to protect users from malware/spyware, when they are known to share all of your personal information and communications with the US government (Snowden revelations), is the epitome of hubris. And, also, in the world we live in, just another Thursday.

    But even ignoring this - it is not for Alphabet/Google to decide whether, and how, I want protections. I want to be able to pick a sequence of bytes and install that as an application on my phone, without Alphabet having any say in whether that happens or not, and in fact without them knowing about it. It's my phone, not theirs, and the software should help me do what I need/want, not help them provide me their often-questionable services.

    • titzer 20 minutes ago
      It's even worse when Google believes they have a legally defensible justification that your data has been "anonymized". E.g. "anonymized" location data directly from your phone that just so happens to be accurate to the meter. Such data just cannot be anonymized.
  • dwoldrich 3 hours ago
    This is more than enshittification, it feels like purposeful brand destruction.

    Are governments going to institute more lockdowns? Is this some topdown control thing?

    I will root this POS android phone I have and forego any Google Play services and just use it as web browser and a phone. Fuck these guys!

  • spwa4 3 hours ago
    So wait ... Google intends to enforce this on old versions of android?
    • prmoustache 1 hour ago
      I guess it becomes a part of Play Services.
  • shevy-java 1 hour ago
    It is time to dismantle - and subsequently forbid - Google. Too much Evil is now concentrated in this greedy adCompany. Mass-infecting so many devices on purpose is beyond compare now.
  • wazoox 3 hours ago
    I've already disabled Play Protect ages ago because it kept removing apps I had installed through F-Droid. Actually, I almost only install apps via F-Droid. I wonder if the ADV will install with Play protect disabled ?
  • slowmovintarget 8 hours ago
    > Disguising itself as the innocuously-titled “Android Developer Verifier” (ADV) process, this trojan horse runs surreptitiously in the background as a system service with full root privileges, quietly awaiting an activation signal. The service cannot be blocked, disabled, or removed. Unlike a commonplace bit of malware, this extraordinary strain won’t be detected and neutralized by Play Protect (the malware scanning and remediation service that is installed on all Android Certified devices). In fact, Play Protect is itself the vector through which this virus is transmitted and installed.

    > That is because it is Google themselves who is propagating ADV. And once activated, this malevolent process has exactly one goal: to block you from running software by developers who haven’t been approved centrally by Google.

    The rest of the article is a claim that Google's new terms of service amount to "malware is any software we [Google] don't like."

    It seems like Google is aiming for its own walled garden.

  • RIshabh235 2 hours ago
    we need to create a new os
    • prmoustache 2 hours ago
      We already have the OS, what we need is a company that is willing to take a bet on it, support it and convince hardware vendors to provide upstreamed drivers for their stuff.

      PostmarketOS may not be perfect as of now, but it would advance and progress so much if people were hired to work on it and if people could buy a smartphone with it preinstalled. Bug reports and corrections would come much quicker as well as supported apps. Right now it is just a confidencial toy OS because of the lack of hardware support really, only a small number of smartphones are supported, only 2 of them are still sold and available as new (pinephone and pinephone pro), their specs are nowhere close to what you would expect for the price and they are only sold through a rather confidential online store.

  • modzu 3 hours ago
    how is graphene these days, or is there a better alternative that can run map apps that depend on google play services (like waze)?
  • yunohn 1 hour ago
    While I sympathize with the general negative outrage towards this change, I truly believe that people here fail to empathize with the mainstream users of Android phones.

    I personally have seen every single older relative and non-tech friend, end up installing bloateare, spyware, and malware inadvertently - because they have no idea how anything in the tech domain works. And given the widespread popularity of Android (globally 70% vs iOS at 30% market share) and even moreso in lower income demographics, it also leads to rampant piracy of obviously non-essential apps like games and streaming (eg Spotify). In fact, even here on HN, almost everyone who has given their parents an iPhone has extolled the virtues of a secured AppStore/device and the peace of mind it brings.

    While there may someday be a way to support both the average user and the HN power user, we are not there yet. It’s hard for me to outright reject Google/Android attempts to secure people’s devices.

    • Zak 50 minutes ago
      The only time I've actually seen Android malware in the wild, it was because my mother installed a homescreen flashlight toggle widget from the Play Store that also displayed ads on the lockscreen. That was forbidden under Play Store rules, but there it was. I replaced it with something from F-Droid.

      The Play Store still has a problem with shady apps years later. If Google wants to be more like Apple, they should start with better curation in their own store.

    • rtsil 1 hour ago
      They can lock down the Play store completely, that's what 99% of people and the people most vulnerable to malware are using. The problem is extending that to F-Droid and other alternative services.
  • mpfect 2 hours ago
    This is exactly why I use Android over iOS, for software freedom. If Google forces ADV and locks out F-Droid, they remove the single biggest differentiator between the two platforms. Making Play Protect into a forced gatekeeper instead of an opt-in security scanner is a massive bait-and-switch for users who care about digital sovereignty.
  • ciefa 27 minutes ago
    [dead]
  • selectively 3 hours ago
    [dead]
  • Rekindle8090 8 hours ago
    [dead]
  • p0w3n3d 4 hours ago
    [flagged]
  • ranger_danger 8 hours ago
    > How long before they designate all ad-blocking software as malware, block installation on all Android certified devices worldwide, and permanently designate all developers of this class of software as malware creators?

    Classic slippery slope fallacy.

    https://en.wikipedia.org/wiki/Slippery_slope

    History shows that when a "slope" appears... regulation steps in, technology evolves to solve the problem, or the culture shifts to reinterpret the thing.

    In almost every case, the feared "bottom" of the slope was never reached because humans constantly built ramps or bridges along the way.

    • weikju 7 hours ago
      > In almost every case, the feared "bottom" of the slope was never reached because humans constantly built ramps or bridges along the way.

      Perhaps it happens because the slope is called out...

      • acters 2 hours ago
        Plus, it is not the bottom I fear, it's the precedent from letting companies slide down the slope.

        Regulation may try to stop it but history has shown some have slid to the point of no return or past a point where people can care enough to build out of.

        Prevention is better than retroactively fixing stuff.

      • Terr_ 3 hours ago
        Much like the fallacy behind: "The Y2K bug was was a total hoax, you can tell because nothing much happened on 2000-01-01."
    • thinking_cactus 5 hours ago
      I alternate my thoughts frequently (which I believe is healthy), and sometimes I think we should let things take their course a bit more before reacting. It's certainly tiresome and can be pointless (some people claim 'hysterical') to fight lots of changes, not necessarily this one but some like it.

      But I've come to realize there are serious downsides to letting things run their course too. Some changes are very hard to roll back (famous 'cat's out of the bag') just taking a lot of time to reverse if ever. For example, once there is a long term contractual agreement, if one parties decides to roll back they may just not be able to until the contract expires (like renting land; or worse, selling). A change in software systems for example that need backward compatibility can be quite difficult in technical and nontechnical ways.

      I think people need to also keep some sympathy for the protests and let people protest more. I'm leaning more toward: if in doubt, provide visibility to a cause (even if not full support). It's okay to save yourself some energy (in particular for the most important causes). Some things might have to run their course for people to understand they were valuable, and we will probably have to eat some frogs as a consequence. Don't lose you sanity ;) (As the saying goes, "Don't you dare go hollow.")

    • RedComet 4 hours ago
      "or the culture shifts to reinterpret the thing"

      Yes. You see it already.

      "Actually it is good that I can't run programs that haven't been approved by Google on my own device."

    • aerzen 3 hours ago
      There is precedent of Google making changes in light of "security" that break ad blocking Chrome extensions. See chome extension manifest 3.

      So this concern cannot be dismissed with just "slippery slope falacy", it's a new vector of the same power grab strategy.

    • ozgrakkurt 5 hours ago
      This is a useless argument since there is no way to measure what case is this and what is not.

      You can say "Classic slippery slope fallacy." to whatever seems like that to you.

      This is an antipattern to scientific thinking as you can frame something x and then say all x are like this, look I created this framework to think about x. But in reality there is no empirical basis for this thought. And it serves no purpose other than doing more argument or winning arguments.

      In the end what you wrote equates to "I don't think all of this will happen".

      Chaning many possibilities makes the outcome less and less likely obviously.

      Also the same principle applies to most religions I know of, for example:

      - Assume there is God

      - Assume it did create universe.

      - Assume x

      ...

      Then this also fits the same pattern and be called the "x fallacy" but it is useless to create an argument like this. This is useless mainly because this thinking pattern is ubiquitous in any world view.

      More productive discussion might be to pick some steps in the theory they chained together and argue on that imo.

    • loconut 1 hour ago
      Just look at the world around you, the slippery slope "fallacy" stopped being a fallacy long ago.
    • dminik 4 hours ago
      Is it a fallacy if you've said before that Google is aiming to create a walled garden, Google itself has already started saying it wants a walled garden and they've already implemented several such steps?
  • charcircuit 4 hours ago
    This is not malware. It's an official part of Google Play Services.
    • ale42 4 hours ago
      It all depends on how you define malware. If malware is software doing something that is contrary to the user's interests, then for many users it is indeed malware.
      • someonebaggy 4 hours ago
        Too much hedging in this comment.

        Malware is something that maliciously breaks your computer.

        This maliciously breaks my computer so it's malware. There's no difference between this and the ILOVEYOU virus, except the delivery mechanism.

        • spaqin 3 hours ago
          Can I install some software on your computer to send me over your bank details? It won't break your computer, I promise, it's not malware.
      • charcircuit 3 hours ago
        >this malevolent process has exactly one goal: to block you from running software by developers who haven’t been approved centrally by Google.

        This claim is made by FDroid with no evidence. They make this scary claim which goes against everything Google has claimed so far. They are a biased party, and I can't trust their opinion. I would appreciate if they shared a more in depth investigation or a way to verify there big claim.

        • psd1 3 hours ago
          Trust is not binary; we can process data with a level of confidence. We do not need either Google or F-Droid to be sanctified before we evaluate their claims.

          The claim is that a repeat monopolist is doing monopolist things. Feel free to make the case for the trustworthiness of Google's opposing claim, as I don't see anyone else doing that.

        • notrealyme123 3 hours ago
          Google wrote their plans as blog posts.
          • charcircuit 2 hours ago
            But the plan doesn't include blocking developers who are not verified. You can still sideload such apps once you enable sideloading for them.
    • vrighter 1 hour ago
      it is malware when everyone is explicitly asking to not have it.
    • mdp2021 4 hours ago
      The point is that it is said to tamper with your installations. If it does, it is malware.
      • charcircuit 3 hours ago
        It doesn't tamper with your installations.
        • Aachen 3 hours ago
          Oh? Maybe you could comment on what part of the f-droid article is wrong
          • charcircuit 1 hour ago
            >If you are running Android 8 or higher, a virus has been installed on your device and is silently awaiting remote activation.

            I have such a phone and the "virus" has not been installed to it. There is no evidence behind this claim.

            >with as many as 4 billion Android handsets and tablets estimated to have already been contaminated

            This is misleading wording. It's just as true to say that as many as 1 trillion devices have been contaminated. It is state an impossible upper bound to drum up fear.

            >this trojan horse runs surreptitiously in the background as a system service with full root privileges

            Services in Android do not run with root privileges. Android practices the principal of least privilege where individual permissions are granted instead of giving it blanket access to everything.

            >The service cannot be blocked, disabled, or removed.

            This is unlikely to be true. You can most likely use "am" to disable it.

            >In fact, Play Protect is itself the vector through which this virus is transmitted and installed.

            This is probably false. Realistically it's going to be transmitted via the google play store like all other play service components.

            >There are many things we don’t know about what to expect on September 30

            >What will happen if I try to install or launch the F-Droid app?

            Once active if FDroid not verified the user has to use adb or have enabled sideloading by unverified developers. If it's already installed the user can launch it.

            >What will happen to all the apps I’ve installed through F-Droid? Will they be disabled? Deleted?

            Nothing will happen to them.

            >If apps that I rely on are suddenly disappeared, what happens to the data they contain? Can I still retrieve it?

            Nothing will happen. But if Play Protect were to flag malware it manually asks you if you want to delete the app. If you delete the app the data will be lost.

        • psd1 3 hours ago
          False
    • RobotToaster 4 hours ago
      Those are not mutually exclusive.
    • someonebaggy 4 hours ago
      Which is malware.
  • skybrian 4 hours ago
    I understand not being happy about what Google is doing, but it seems like F-droid can’t be trusted not to heavily spin things.
    • cuvert 4 hours ago
      If the companies would keep their own word and never overreach maybe nobody would overreact. How many times did we hear in the past "It's just for..."
      • skybrian 4 hours ago
        If companies play nice, people will stop making stuff up about them? I don’t believe that for a second, and it’s a poor excuse for making stuff up.
        • xboxnolifes 2 hours ago
          People's only complaint with Valve seems to be lootboxes and their inability to make a 3rd game in a series, and thats true. So... maybe?
    • echelon 4 hours ago
      There is no spin here. Google is pulling up the ladder.

      There won't be an open web, there won't be user installs, there won't be anonymity.

      Everything will be identified, attested, and allowed only when Google permits it.

      Nevermind them choking startups and small biz out of the oxygen they need to survive.

      • skybrian 4 hours ago
        What are talking about? Android Device Verification has nothing to do with what websites browsers can access.
        • Timshel 4 hours ago
          • skybrian 4 hours ago
            Yes, Google could do a lot of things, in theory. Doesn’t mean they’re doing it.
            • 0x_rs 1 hour ago
              They are doing it now. You can already see that captcha around online, and cannot get past it without surrendering your identity to them.
            • notrealyme123 3 hours ago
              As android shows: they are doing it
            • Hugsbox 1 hour ago
              The point is, they are doing it...
        • kuschku 3 hours ago
          Recaptcha already requires a Google-certified Android device today. That does heavily restrict what websites a browser can access.