Aggregates

Evidence: High: 7 Medium: 15 Low: 9 No Data: 0

Theme Radar

pmdr 2026-02-24 17:43 UTC link

The undersigned are basically a list of entities Google would like to see disappear.

dfabulich 2026-02-24 17:44 UTC link

The most controversial claim in this letter is in the section that "Existing Measures Are Sufficient."

In Google's announcement in Nov 2025, they articulated a pretty clear attack vector. https://android-developers.googleblog.com/2025/11/android-de...

> For example, a common attack we track in Southeast Asia illustrates this threat clearly. A scammer calls a victim claiming their bank account is compromised and uses fear and urgency to direct them to sideload a "verification app" to secure their funds, often coaching them to ignore standard security warnings. Once installed, this app — actually malware — intercepts the victim's notifications. When the user logs into their real banking app, the malware captures their two-factor authentication codes, giving the scammer everything they need to drain the account.

> While we have advanced safeguards and protections to detect and take down bad apps, without verification, bad actors can spin up new harmful apps instantly. It becomes an endless game of whack-a-mole. Verification changes the math by forcing them to use a real identity to distribute malware, making attacks significantly harder and more costly to scale.

I agree that mandatory developer registration feels too heavy handed, but I think the community needs a better response to this problem than "nuh uh, everything's fine as it is."

A related approach might be mandatory developer registration for certain extremely sensitive permissions, like intercepting notifications/SMSes...? Or requiring an expensive "extended validation" certificate for developers who choose not to register...?

kelp6063 2026-02-24 17:46 UTC link

why anyone thinks "open letters" and petitions to a trillion-dollar company will get them to change their mind is beyond me

jonathanstrange 2026-02-24 17:47 UTC link

For me this change is a problem not just because of the ID upload to Google but mainly because it's another nail in the coffin of native software solutions. It increases friction and anything that increases friction is bad.

Concretely, my original plan was to provide an .apk for manual installation first and tackle all this app store madness later. I already have enough on my plate dealing with macOS, Windows, and Linux distribution. With the change, delaying this is no longer viable, so Android is not only one among five platforms with their own requirements, signing, uploading, rules, reviews, and what not, it is one more platform I need to deal with right from the start because users expect software to be multiplatform nowadays.

Quite frankly, it appears to me as if dealing with app stores and arbitrary and ever changing corporate requirements takes away more time than developing the actual software, to the detriment of the end users.

It's sad to watch the decline of personal computing.

drnick1 2026-02-24 17:50 UTC link

Isn't the obvious solution to use an AOSP fork that does not have to comply with the registration requirements? Distributions like Graphene and Lineage are completely unaffected.

dvh 2026-02-24 17:55 UTC link

Wrong approach. Vote with your wallet instead. My next mobile phone will not have OS from Google (not from Apple).

rm30 2026-02-24 18:12 UTC link

Registration just creates friction for legitimate developers (thousands) while bad actors simply rotate shell companies and fake/stolen IDs.

This conflates identity verification with criminal deterrence, they're not the same thing.

EmbarrassedHelp 2026-02-24 18:29 UTC link

The problem with mandatory developer registration, is that it gives Google and Governments the ability to veto apps.

It would not be unsurprising for a government to tell Google they must block any VPN apps from being installed on devices, and Google using the developer requirements to carry out the ban.

exe34 2026-02-24 19:05 UTC link

Does anyone know if this will affect Lineage OS with root?

iamnothere 2026-02-24 19:34 UTC link

Just here to register my disapproval of this, and to remind everyone that you should support Linux phones if you’re against it. Or Graphene OS, at the very least, even though this still supports Google due to the requirement for a Pixel phone.

Also, I’m going to coin a new term for the recurring names that I see promoting this kind of thing here: “safety fascists.” Safety fascists won’t sleep until there is a camera watching every home, a government bug in every phone, a 24/7 minder for every citizen. For your safety, of course.

I think I may hate safety fascists more than I hate garden variety fascists. That’s an accomplishment!

btreesOfSpring 2026-02-24 20:01 UTC link

Would rather a more robust and distributed app store system that figures out how to police these edge cases of fraud rather than one vendor (Apple or Google) whose monopolies push developers into subscriptionware across the board. Something more akin to how internic moved from one domain name registrar to what we have today, chock full of competition and new top level domains.

It feels like independent development on devices has slowed in recent years. More stores appealing to different developer models/tools and monetization strategies please.

pserwylo 2026-02-24 20:03 UTC link

Many people online and in person telling me "Google backed down" or "Google has an advanced flow" are typically referring to these two statements from Google staff:

> Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified. [0]

> Advanced users will be able to"Install without verifying," but expect a high-friction flow designed to help users understand the risks. [1]

Firstly - I am yet to see "ongoing conversations with the community" from Google. Either before this blog post or in the substantial time since this blog post. "The community" has no insight into whether any such "advanced flow" is fit for purpose.

Secondly - I as an experienced engineer may be able to work around a "high-friction flow". But I am not fighting this fight for me, I am fighting it for the billions of humans for whom smart phones are an integral part of their daily lives. They deserve the right to be able to install software using free, open, transparent app stores that don't require signing up with Google/Samsung/Amazon for the privilege of: Installing software on a device they own.

One example of a "high friction flow" which I would find unacceptable if implemented for app installation on Android is the way in which browsers treat invalid SSL certificates. If I as a web developer setup a valid cert, and then the client receives an invalid cert, this means that the browser (which is - typically - working on behalf of the customer) is unable to guarantee that it is talking to the right server. This is a specific and real threat model which the browser addresses by showing [2]:

* "Your connection is not private"

* "Attackers might be trying to steal your information (for example, passwords, messages or credit cards)"

* "Advanced" button (not "Back to safety")

* "Proceed (unsafe)" link

* "Not secure" shown in address bar forever

In this threat model, the web dev asked the browser to ensure communication is encrypted, and it is encrypted with their private key. The browser cannot confirm this to be the case, so there is a risk that a MITM attack is taking place.

This is proportionate to the threat, and very "high friction". I don't know of many non-tech people who will click through these warnings.

When the developer uses HSTS, it is even more "high friction". The user is presented all the warnings above, but no advanced button. Instead, on Chromium based browsers they need to type "thisisunsafe" - not into a text box, just randomly type it while viewing the page. On Firefox, there is no recourse. I know of very few software engineers who know how to bypass HSTS certificate issues when presented with them, e.g. in a non-prod environment with corporate certs where they still want to bypass it to test something.

If these "high friction" flows were applied to certified Android devices each time a user wanted to install an app from F-Droid - it would kill F-Droid and similar projects for almost all non-tech users. All users, not just tech users, deserve the right to install software on their smart phone without having to sign up for an "app store" experience that games your attention and tries to get you to install scammy attention seeking games that harvest your personal information and flood you with advertisements

Hence, I don't want to tell people "Just install [insert non-certified AOSP based project here]". I want Android to remain a viable alternative for billions of people.

[0] - https://android-developers.googleblog.com/2025/11/android-de...

[1] - https://x.com/matt_w_forsythe/status/2012293577854930948

[2] - https://wrong.host.badssl.com/

cyanydeez 2026-02-24 20:05 UTC link

When do we think PWA and WebRTC will be attacked and degraded as insecure?

tsoukase 2026-02-24 20:13 UTC link

Banning apps installation outside PlayStore will be a disaster for power-ish users and will start a fight between Google and community. I abandoned rooting my devices because I could achieve all I wanted through apps (mostly ad- and nag-freedom, it's impossible to be online without ad blocking). But all these were downloaded as APKs. I cannot imagine how the first day without these will be.

WarmWash 2026-02-24 20:26 UTC link

The judge told Google that Apple is not anti-competitive because Apple has no competitors on it's platform (this all stemming from the Epic lawsuits).

Google listened.

Blame the judge for one of the worst legal calls in recent history. Google is a monopoly and Apple is not. Simple fix for Google...

Same comment I made a few days ago, I feel it bears repeating as much as possible until it's really driven home how detrimental and uninformed that decision was.

arjie 2026-02-24 20:30 UTC link

If I'm being honest, I suspect this

> Disproportionate impact on marginalized communities and controversial but legal applications

applies more to the elderly in third-world countries who are constantly scammed through fraudulent side-loaded apps than it does to hackers who want to install whatever software they want but do not want to use a non-Google AOSP distribution.

jdlyga 2026-02-24 20:33 UTC link

To be honest, if both Android and iOS were walled gardens, I'd choose iOS every time. I choose Android specifically because of its openness. But if that weren't the case, I'd prefer the smoother UX and stronger Apple ecosystem.

asim 2026-02-24 20:38 UTC link

I think we're about to see an explosion in "mini apps". It's taken 10+ years for us to catch up to WeChat and China but this regulation and other issues are going to block a lot of innovation and we're better off surfacing tiny PWA or SPA like apps that get loaded in native apps or we just do away with that entirely. The time has come.

TZubiri 2026-02-24 21:50 UTC link

If I may advocate for the non HN partisan position here.

Let's consider that Google's Android was and is a huge improvement in security in terms of OS design (even if inspired by iOS) over the previous incumbent (let's call Windows that). That difference in security still exists today (probably due to Window's Backwards Compatibility prioritization, and its later positioning in the market as a cheap powertool (cheap compared to iOS, powertool compared to android).

That security advantage, by the way, was not just the result of initial design, but it required a lot of maintenance, in the form of the 'Play Store' App Store equivalent (at no cost to the user no less).

All this to say that let's consider this context, and consider what alternatives are proposed.

1- The windows 'install whatever you want model' (Now with OS approved certificates): As mentioned, worse, with almost no sandboxing. 2- Linux package managers + install whatever you want: Valid model for powerusers and programmers, not really relevant for massive personal computing. 3- Keeping the old Android system: This would imply simply ignoring the problem of growing professional and untouchable malicious actors that seem to be growing in power with the advent of anonymous financial tech. Is this the actual proposal? Do nothing about the problem? Pretend there is no problem? I don't think the problem is necessarily malware, but to take a specific example, suppose a Casino from Isle of Man is allowing underaged and users from jurisdictions where it is illegal. Regardless of whether you think this is ok, or debatable or it depends on the circumstances. Isn't the ask to identify the developer rather trivial? Just a little bit of paperwork, you want to be a developer? Install code that someone else will use? Put your name in it, have skin in the game.

I think there's also a contradiction between the need for developer privacy and user privacy. Most HN users are privacy-sensitive. Well I propose there's a tradeoff between the privacy of the consumer and the producer. In order to provide privacy and rights to the user, the producer needs to come forward. There's no way to have the cake and eat it too, if both producer and consumer are shy, they will never find each other, if both producer and consumer stay anonymous, they won't trust each other, if both producer and consumer stay anonymous, they don't give any guarantees to the other party that they won't go rogue.

You know this if you've tried to start a business, you can either put your face, your name, register with the state, put your actual address. Or you can use an anonymous brand, a Registered Agent Address, etc... The latter is a harder sell than the former, and you only don't notice it if you are completely absorbed in your own world and cannot put yourself in the shoes of your customer.

tl;dr: Google has an impeccable data security track record. And User/Developer privacy is a tradeoff. Google is right to protect user privacy and not developer privacy.

atlgator 2026-02-24 22:55 UTC link

"Don't be evil" → "Don't be evil without registering first and uploading your government ID."

The most telling detail is the sequencing. Google spent years in court arguing Android is open to fend off antitrust regulators, won key battles on that basis, and is now quietly closing the door they swore under oath was permanently propped open. The antitrust defense was the product roadmap's cover story. And framing this as security is particularly rich from the company whose own Play Store routinely hosts malware that passes their review. The problem they're solving isn't "unverified developers distribute harmful apps" — it's "unverified developers distribute apps we can't monetize or control."