Google has been on a bit of a marketing blitz to try and counteract some of the negative feedback following its new developer verification requirement for Android applications, and while they’re using a lot of words, none of them seem to address the core concerns. It basically comes down to that they just don’t care about the consequences this new requirement has for projects like F-Droid, nor are they really bothered by any of the legitimate privacy concerns this whole thing raises.
If this new requirement is implemented in its current form, F-Droid will simply not be able to continue to exist in its current form. F-Droid builds the applications in its repository themselves and signs them, and developer verification does not fit into that picture at all. F-Droid works this way to ensure its applications are built from the publicly available sources, so developers can’t sneak anything nefarious into any binaries they would otherwise be submitting themselves.
The privacy angle doesn’t seem to bother Google much, either, which shouldn’t be a surprise to anyone. With this new requirement, Android application developers can simply no longer be anonymous, which has a variety of side-effects, not least of which is that anyone developing applications for, say, dissidents, can now no longer be anonymous. Google claims they won’t be sharing developer information with governments, but we all know that’s a load of bullshit, made all the more relevant after whatever the fuck this was. If you want to oppose the genocide in Gaza or warn people of ICE raids, and want to create an Android application to coordinate such efforts, you probably should not, and stick to more anonymous organising tools.
Students and hobbyists are getting the short end of the stick, too, as Google’s promised program specifically for these two groups is incredibly limited. Yes, it waves the $25 fee, but that’s about the only positive here:
Developers who register with Google as a student or hobbyist will face severe app distribution restrictions, namely a limit on the number of devices that can install their apps. To enforce this, any user wanting to install software from these developers must first retrieve a unique identifier from their device. The developer then has to input this identifier into the Android Developer Console to authorize that specific device for installation.
↫ Mishaal Rahman at Android Authority
Google does waive the requirement for developer certification for one particular type of user, and in doing so, highlights the only group of users Google truly cares about: enterprise users. Any application installed by an enterprise on managed devices will not need to have its developer certified. Google states that in this particular use case, the enterprise’s IT department is responsible for any security issues that may arise. Isn’t it funny how the only group of users who won’t have to deal with this nonsense are companies who pay Google tons of money for their enterprise tools?
The only way we’re going to get out of this is if any governments step up and put a stop to this. We can safely assume the United States’ government won’t be on our side – they’re too busy with their recurring idiotic song-and-dance anyway – so our only hope is the European Commission stepping in, but I’m not holding my breath. After all, Apple’s rules and regulations regarding installing applications outside of the App Store in the EU are not that different from what Google is going to do. While the EU is not happy with the details of Apple’s rules, their general gist seems to be okay with them.
I’m afraid governments won’t be stepping in to stop this one.
The only way we’re going to get out of this is if we develop an independent libre fork of Android, together with a few decent quality devices that support it.
The open source software movement wasn’t created by people trying to “mod” windows, but rather by visionary individuals who were willing to build independent projects such as GNU, Linux, and Mozilla from scratch.
Companies that currently design computers for Linux users should be able undertake the hardware side of things. We can have Framework Phones and Framework Tablets, for instance. Or TUXEDO InfinityPhones. Given the tens of millions of free software users and privacy-focused individuals out there, there won’t be a lack of customers for such devices.
The problem is that some essential apps likely won’t work on the fork. Like banking apps. Most companies won’t develop for the fork. It’s why Microsoft lost.
It’s going to be dire. I will never buy Apple, so I think I will move to the cheapest Android phone I can find that I only use for banking and the odd essential app and another great phone without Android or Apple for the rest.
Maybe I will finally try Ubuntu Touch or Postmarket OS rather than a degoogled Android phone?
> Isn’t it funny how the only group of users who won’t have to deal with this nonsense are companies who pay Google tons of money for their enterprise tools?
I don’t enjoy the idea of giving Google any money in this situation, but couldn’t we just have F-Droid itself be an enterprise? I’m sure Google would prefer not to approve this, but it’s one of the only ways I can see out of this without Google just dropping the idea entirely.
Another option might be making it so we can all build applications for ourselves in a controlled, easy way. It would require compiling on demand for each device (a little like Gentoo?) but that could be okay.
I’m still looking really hard at the Fairphone to get away from this situation with Google, but we do need an option for all the people who aren’t going to do anything like running libre Android.
benjaminoakes,
We need to consider all such possibilities, so it’s good that we’re talking about it. But don’t android enterprise customers need per seat licenses like on windows? It’s not just a matter of buying windows for the server and desktops, you need “client access licenses” too. For example this reseller sells a 5 pack windows server 2025 CAL for $190…
https://www.trustedtechteam.com/collections/microsoft-windows-server-2025-client-access-licenses
If it works the same way here, it could become prohibitively expensive to run fdroid as an enterprise just so they can reverse these new android application restrictions.
Also, are there side effects of joining an enterprise account? Would this deny admin/policy/privacy rights to the real owner once joining fdroid’s enterprise account? If anyone knows more about this stuff, let us know.
Google could make the process arbitrarily difficult to the point of automation being futile, but in theory you could try and use automation to install software under developer accounts. IIRC apple limited the number of applications that could be installed under developer accounts precisely so that developer accounts wouldn’t be used this way. Google will probably do the same.