Google plans to begin verifying the identity of all developers who distribute apps on Android, even if it's outside the Play Store, starting September 2026

⁨63⁩ ⁨likes⁩

Submitted ⁨⁨1⁩ ⁨week⁩ ago⁩ by ⁨Pro@programming.dev⁩ to ⁨technology@beehaw.org⁩

https://android-developers.googleblog.com/2025/08/elevating-android-security.html?m=1

cross-posted from: programming.dev/post/36316138

Comments
- Hackernews; - Lobsters.

source

Comments

Sort:hotnew top

javiwhite@feddit.uk ⁨1⁩ ⁨week⁩ ago
Hopefully this means we see an influx of development for Linux based mobile OS’.

I realise that’s a very pie in the sky dream to have. But damn it, I just want a native Firefox browser on UT.

source
- cupcakezealot@piefed.blahaj.zone ⁨6⁩ ⁨days⁩ ago
  linux based mobile os's don't mean much if the manufacturers of phones are making it harder and harder to unlock bootloaders
  
  source
  - javiwhite@feddit.uk ⁨6⁩ ⁨days⁩ ago
    True. Being mindful of which brand you buy is becoming ever more important for those of us who are privacy focused.
    
    Volla, Jolla, fairphone, pinephone etc… are good examples of companies that ship phones with native Linux support. You can buy them preloaded, I haven’t heard any ruminations of these bootloaders being locked away, but admittedly don’t know their stances on the subject. Locking down the bootloader to the point where it doesn’t seem worth it seems to be more of a mainstream approach though for sure. (I still remember trying to get lineageOS on my Motorola… Just, wow).
    
    source
- teri@discuss.tchncs.de ⁨6⁩ ⁨days⁩ ago
  It might not be ready for everything but more than a dream it is: postmarketos.org
  
  source
  - javiwhite@feddit.uk ⁨6⁩ ⁨days⁩ ago
    Ubuntu touch is Linux based also, which is my choice due to newer hardware support over postmarket. (Currently running a volla quintus) Though I can see myself moving over to sailfish, as the default browser in UT is morph based, and creating web apps can be something of a pain due to unsupported browser issues…
    
    All of these OS’ suffer from a lack of app development though, hopefully this Google nonsense helps change that, though mass adoption is usually the precursor to app dev, hence my pie in the sky comment.
    
    source
- Lem453@lemmy.ca ⁨5⁩ ⁨days⁩ ago
  Linux phone you can buy today and start using:
  
  furilabs.com/shop/flx1/
  
  source
  - javiwhite@feddit.uk ⁨5⁩ ⁨days⁩ ago
    UT stands for Ubuntu touch ;) I’m already on a Linux phone. I’m talking about app development.
    
    source
cupcakezealot@piefed.blahaj.zone ⁨6⁩ ⁨days⁩ ago
imagine what could have been if firefoxos took off

source
teri@discuss.tchncs.de ⁨6⁩ ⁨days⁩ ago
Can’t wait for PostmarketOS to be mature enough everyday use.

source
fwygon@beehaw.org ⁨6⁩ ⁨days⁩ ago
Looks harmless on the surface; but yet, is still in fact, boiling a frog.

Thankfully the rollout seems fairly slow; should be enough time for most of you who find this concerning enough to switch to a custom ROM which eschews this safeguard.

With luck this will be even something we can turn off. I certainly would demand the ability to turn this security setting OFF even if it ships “Default - ON” to protect normal users who do not have a need usually to sideload unsigned apps.

I don’t like it myself. If we are not given a choice; I will likely flash my device over to an Open Source ROM that respects my privacy more.

For developers; this might be a good time to make sure that there are people who can “register” semi-anonymously and share the signing keys. Genuinely, I think something could be figured out; and private registrations could become a thing; Where one person capable of registering simply vouchsafes a number of developers they personally know by sharing necessary signing keys where they too contribute to an app project.

I think the whole implementation can’t be immune to key sharing, and I do think it’s possible to have one dev deal with the devil…Google in this case.

While I understand some projects will rightfully not want to hand information over to Google; usually because they’re being legally attacked by Google; I believe it will be possible to simply use wider shared keys to misdirect and deflect any unwanted legal action.

source
Deemo@bookwyr.me ⁨5⁩ ⁨days⁩ ago
I wonder if this will lead to a signing service situation like ios where people pay others for certs to sideload apps.

Example:
Image

source
samc@feddit.uk ⁨6⁩ ⁨days⁩ ago
Before we all jump ship to linux phones, is it possible that custom ROMs can remove this feature?

source