[…]
In the new blog post, Google’s Matthew Forsythe confirms that the developer verification system is slated to come online on September 30 of this year. The initial deployment will be limited to countries with a high level of app scams: Brazil, Indonesia, Singapore, and Thailand.
[…]
Google released its new developer console back in March, inviting external developers the opportunity to pay $25 and verify their identities early. Developers who don’t register will find that their apps cannot be sideloaded on Google-certified Android devices once verification has rolled out. Google says that almost every app in the Play Store is now ready for the change, and a “large majority” of apps outside Google Play have completed verification.
[…]
Google says it will verify the apps in the following stores when it begins enforcing the new restrictions.
Google (Google Play)
Honor (HONOR App Market)
OPlus (OPPO App Market)
Samsung (Galaxy Store)
Transsion (Palm Store)
vivo (V-Appstore)
Xiaomi (GetApps)
[…]
The next step toward verifying apps will come this month as Google deploys a new system service on most certified devices. The package (com.google.android.verifier) will appear on phones and tablets running Android 8 or higher, allowing Google to block the installation of unverified apps. It will remain dormant until verification is activated in your specific region.
In July, Google plans to roll out the new developer APIs and begin testing for “limited distribution” accounts. This is Google’s solution for hobbyists who want to make their own apps and share them with a small group. Limited accounts won’t require a fee or government ID verification, but you can install these apps on up to 20 devices.
In August, the advanced flow will become available globally ahead of verification becoming mandatory in the first markets. As detailed a few months ago, the advanced flow will allow users to bypass verification, but the process isn’t easy. You’ll have to navigate to a buried menu, confirm you understand the risks multiple times, and wait a whole day before completing the process.
And that brings us to September, when Android devices in Brazil, Indonesia, Singapore, and Thailand will begin checking verification status before installing apps. However, things get murky after that. Google will undoubtedly monitor how verification works as millions of users are suddenly limited to verified apps, which could affect how it moves forward. Google says it intends to expand developer verification in 2027, eventually making it a global device policy.
I’m not happy about this but they really have no choice.
The android app marketplace is infested with spyware and Android devices were recently found to be the vector for one of if not the worlds biggest botnet (super/bad box).
If you wanna be able to keep using your os to make ad money you gotta lock it down and since Android is largely open source and used by tons of oems that means locking down some part that you could conceivably do without but no one really will.
They should police their own store then. Fuck this “oh they have to” shit.
This is what it looks like when they police their store.
This is what it looks like when they try to police the software that’s NOT from their store (or their partners).
All the Google-verified malware that infests Google’s marketplace will continue to be a problematic vector after this change. But this change will put obstacles in my attempts to install safe alternatives that are free of malware and not part of Google’s junkyard or spyware full of anti-features.
The phone someone purchased from Samsung isn’t “their store” bud. The play store is.
And someone can either disable the system service that does this and go without play services (which is their store) or get a “limited” developer account and keep doing whatever they’re doing.
you have no idea what you are talking about. almost every statement in your comment is incorrect.
you have also ignored the other user pointing out that with this change they are going much further than policing their own store (something they have been consistently failing at for many years).
This, again, is what policing an application marketplace looks like.
The point isn’t to protect you the user, but to protect the reputation of their platform. Right now, and I know this isn’t easy to hear, Android is the scam/insecure platform.
I am a user of Android devices everyday, btw, not just some random hater.
From googles perspective it doesn’t matter if users are unable to anonymously install whatever they want if the various marketplaces and therefore the Android platform gains trust in the eyes of consumers (and law enforcement/security professionals).
They aren’t policing their platform to protect you, they’re doing it to protect themselves.
do you have issues with reading comprehension? the marketplace stops right at the google play store. that is their marketplace, nothing more.
I’m sure about that, and they are also happy for the increased amount of analytics. apps a user knows is a good way to make an advertising profile more accurate.
google can only thank that for its own false advertising, promising “security”, lockdown against the owner for the advantage of the businesses. android phones should not be about the device owned by your bank and your government, but the thing owned by the individual who uses it.
and that’s a huge problem, because they are trampling on ownership rights. they are making money out of nullifying the right to privacy, and actually by convincing people that it is an obsolete right, and that they should criticize their peers who want privacy.
they can only protect themselves in such an abusive manner because they have an effective monopoly. if google did not become too big, people could just say no to all this bullshit.
“He who can destroy a thing, controls that thing.”
Of course, we don’t need to get into sci fi philosophy to recognize that Android is googles os.
Google has the ability to restrict who can install what from what repo and as such “the Samsung store isn’t the play store” isn’t much of an argument.
I don’t think anyone would say that the Android marketplace stops at the play store and Google certainly doesn’t say that. They’re in control of Android, they’re policing the Android software marketplace. Apologies if that wasn’t clear.
It would be really hard to prove that Google is trampling on ownership rights here considering you can install from third party sources by either registering a dev account or disabling the set of services and software that implements the system, going without play services and using whatever third party store you want.
(Or even just in the articles own words “ the advanced flow will allow users to bypass verification, but the process isn’t easy. You’ll have to navigate to a buried menu, confirm you understand the risks multiple times, and wait a whole day before completing the process.”)
And no matter how you feel about it at the moment there is no recognized right to install whatever you want on your phone. It’s unlikely there will be one in the near future either because such a right is counter to the interests of the surveillance state.
Its shocking how wrong you are in everything you’ve said. Give up on this conversation and let the grown ups talk
Point it out or stop breaking the rules of the com and instance.
None of this even attempts to address the problem of Google Play (the primary android app marketplace) being filled with malware. Every single app that’s being distributed through Google Play today already has a “verified” developer by the same criteria they’re applying system-wide. That malware can continue working as it already does without any changes.
This is exclusively about Google imposing control on all apps distributed through channels that otherwise used to be outside Google’s control.
Google’s claimed reasoning is that this control is a good thing and makes them be able to block apps made by malware developers in the same way they already do in Google Play, even for users who install apps from other sources. Critics disagree because Google forcibly taking personal information and money from all software developers and wielding the ability to remotely kill any app they don’t like for any reason have far wider consequences than protecting users from malware, and the proliferation of malware on Google Play shows how (in)effective Google’s measures against it are. Neither side believes or claims this can or will make Google Play any safer.
Yes it does.
It forces developers to register if they wanna distribute software. Now they can’t just pivot to a new identity whenever they’re under investigation.
It prevents devices from running software from unverified developers. Now the malware developer can’t just use a third party store to bypass the verification requirements.
That’s both sides of the coin, but wait, there’s more:
End users can disable it if they’re willing to go without play services or can do their own sideloading and support with a “limited” developer account.
The end result is not a panacea that fixes every problem with Android but a move to bring the various official android marketplaces in line with the ios app store.
they didn’t need to use a third party store to begin with. the play store is filled with malware.
that is wrong on multiple counts, fortunately they did not lock it down that much (yet). that wouldn’t just be very complicated but that would alao disable a couple of unrelated features of the phone.
as if that’s a good thing.
Part of what made badbox/superbox so successful (along with the marketing, mlm stuff, glut of cheap arm/risc decoders, environment of 69 fucking subscriptions a month your average person has to maintain just to watch terminator when they get home from a shift) was the presentation of malware payload apps from third party marketplaces alongside “legit” apps from the first party ones.
It’s the gas station effect. Of course you can trust the Tamriel rebuilt branded rhino pill, it’s on the same rack as the goodys powder and tums!
That same mixing made it very difficult for everyone trying to figure out what was happening to actually get something taken down. Apps on the play store would be barely legal or skirting the law but interacting with or funneling data around apps from third party stores that were definitely doing something “wrong”.
When takedown notices were sent for the play store apps they didn’t have any effect on the third party hosted ones.
So for the whole thing to run how it did, yeah, they needed third party repositories.
You might not see this as a good thing, but Google does. And tbh they’re right. It’s bad for the minuscule number of users who actually load stuff from third party sources, but its incredibly good for them as a company and a brand.
oh, sure they are right. it was almost harming their profits! they were on the brink of the current quarter performing worse than the last one! oh, no, the shareholders… we couldn’t want them be starving!
Yeah. The company cares about its identity and profits and is taking steps to protect them.
Google already does what it should: sideloading apps requires you to manually approve the source, and when you do, a popup appears warning user of potential dangers. No need to play daddy any more than this.
Having a locked ecosystem is very convenient and profitable for Google, but terrible for its users. Google wants this walled garden not out of safety, but to get a tight grip on the app stores - and get a solid buck while doing it.
look, I trust F-droid and open source apps more than I trust the sponsored garbage on play store alongside shit like kalshi and candycrush. The security point is moot. The call is coming from inside the house.
As for ad money, being one of the most grossly profitable corporations in the world isn’t enough? Must line go up always? At what point is having an absurd amount of profit enough? Where is the line?