Google: “Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified. We are designing this flow specifically to resist coercion, ensuring that users aren’t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands.”
Thank god. I would’ve ditched Android for good if this went through, and while it sounds like it would be annoying for casual users to enable unverified apps, at least we can still install them.
It’s not sideloading, it’s installing. Stop giving into this idea that installing other apps is somehow bypassing normal methods!
deleted by creator
Err, that’s not true on the last fee devices I’ve used, Pixels and a Fairphone. Installing apps from APK files doesn’t require me to enable dev options. In fact trying to install an APK from say Files brings me straight to the permission setting. It’s also per-app. It can be accessed under Settings > Apps > Special app access > Install unknown apps.
That’s not what the phrase “dark pattern” means.
On Samsung it’s: download APK, run it, see the warning, tap “allow third party installations”, flick a switch, tap “install”.
In some ROMs at least, unknown sources for specific apps is not in the developer options.
That’s not a dark pattern…
dark pattern
This is not what dark pattern means.
Also, I don’t think enabling developer options is required to install arbitrary APKs.
that warning was not at all prominent, and as others have said, t does not exist anymore on modern android
Google: "Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified.
And we will NEVER trust you again because we know you’ll retry this next year or so in a few smaller steps that all have cutesy innocent names that are supposed to lull us in a false sense of security
Fuck Google, stop paying them for anything, stop using their services wherever possible.
Wait, so Google listened to our feedback, and we’re still mad? What would a positive outcome have looked like?
deleted by creator
I genuinely believe that it was motivated by the desire to deter scammers. What leads you to believe it’s not? There are many gullible people out there who will follow, precisely as you pointed out, phishing links that encourage them to sideload an unverified app.
No system is perfect, and I also believe that Google Play does a fair job of removing malicious apps.
I’m sorry to try to bring some nuance into this thread as I know that discourse isn’t welcome on Lemmy, but I’m just trying to wrap my head around the outrage. Providing a way to let experienced users continue to sideload apps while safeguarding the more gullible seems like a good idea and I still genuinely don’t understand what your preferred solution would be.
deleted by creator
Ironically, in my attempts to find any kind of information about this, it only resulted in news articles reporting on the number of developer accounts banned and announcements from Google warning users about scams and providing recommendations to safeguard themselves.
I don’t agree that Google has taken a singular approach to this problem; there are numerous ways in which they are combating scams, of which this piece is just one.
I believe people in this thread are (deliberately or not) looking at this from a very narrow point of view and not seeing how (1) there is a risk that is mitigated by preventing gullible users from installing malware through sideloading, (2) Google has reconsidered this solution after hearing community feedback and (3) Google uses numerous mechanisms to eliminate bad actors from the Play store.
To touch on the last one, it seems many of those mechanisms are not done transparently as I’ve seen threads on /r/AndroidDev back before I left Reddit about individuals being lifetime banned even by association to a scammer.
At the risk of sounding insincere—such is the nature of an online discussion forum—I’d like to tap into the ways you see the safety and security of the Play store to be deficient. How are phishing attempts successful there? In the articles I’ve read about phishing through fake apps, they all went through the route of sideloading. One example was to get “special features” in WhatsApp by downloading an APK, and another was to enable developer mode to install an antivirus APK because “the device was infected.” While I found articles describing imposter apps, searching for those apps on Google Play didn’t surface any of them, so it seems from my spot checks that it’s working.
To me, this entire discussion is quite conflicting, because on one hand, we all recognize the risk of malware, but at the same time the community is furious about whatever Google attempts to do about it.
Call me naive, but my family and I are very content with our Android phones and have no qualms with the way Google Play functions today. I remain confused about why this comment section is so mad.
deleted by creator
deleted by creator
I think it was fairly obvious that the move was going to piss people off, they just misjudged to what extent. Modern business strategy is to claim to listen to customer feedback and just quietly plan to implement it anyway, just do it more subtly, more quietly, and more slowly.
I would understand the outrage if Google didn’t stick to their word, but unless I’ve missed something, they’ve not, have they? Are we now protesting that they reversed their decision? Wasn’t this what we wanted?
Are we now protesting that they reversed their decision?
…no? I’m not really protesting so much as offering what I think the other person is trying to say. I think they are saying that Google crossed a line, and walking it back doesn’t change that fact.
In my opinion, Google has crossed countless lines over the last 5-10 years. I’m looking for alternatives that meet my own needs. That search has accelerated over the last few years, when the things Google has done have been most egregious. This isn’t a protest. This is disillusionment. I’m abandoning ship.
That’s a unique perspective. Thanks for sharing.
Once user trust is burned it’s not coming back.
There are no positive outcomes available now - it’s time to abandon Google.
Linux phones arriving sooner? Hopefully that’s the silver lining.
If you think that Google listened and did the right thing out of the goodness of their heart, then I have a bridge to sell you
Google cancelled because of the backlash but they WILL be back for more, they always do
Trust has been broken and that won’t come back. Software companies, in the end, are all the same, they all enahittify over time and always will talk pretty to lull you into a sense of security. I’m not buying it
because they haven’t? We don’t want any changes to our ability to install software. This would still kill f-droid, and the “flow” they talked about isn’t a system wide setting. You have to do it per app. And you, the owner of the divice who just wants to install something on your device, would have to register. So if too many people install the app, the dev would be forced to register as well.
How is any of that “listening to user feedback”?
That’s not good enough. They’re just going to keep lightly pushing against the bad publicity until everything not controlled by Google on your phone goes away.
We need an alternative made without googles shitty hands in the mix. This forced duopoly between Apple and Google sucks. No phone competition in the US also sucks. Overpriced Samsung or a Google phone, while companies Like Red Magic have fan and liquid cooled phones with huge batteries, more ram, and more storage, for less than a grand being sold around the rest of the world outside the US.
… continues to make Play Integrity an integral part of Android and making all the stupid banking and govt apps requiring having it on your phone thus making it harder to de-google.
still no… fuck you.
Degoogle now before they install their malware on your device(s).
If you can get your hands on a pixel, get grapheneOS. If not, get LineageOS or degoogle your phone. With LineageOS you’ll have to make do with internet banking instead of banking apps.
Depends on the bank.
This is what I’m struggling with. I use an app-only challenger bank, so I feel a bit stuck unless I change everything…
Aren’t there challenger banks that have website interfaces?
Yep. Monzo implemented an emergency-use website about 5 years ago, Revolut shortly after (and I think they have a desktop app now). I’m with neither (though I can SEE my accounts online, I cannot DO anything with them).
For now. You just wait. Evil corp is gonna evil corp it all up.
I miss the days when their slogan was “Don’t be evil”
Yeah, Google used to be the “Cool” company back then. I used to root for them.
Lots of companies feel the need to serve their users on their way up.
Once they feel they got much or most of the market on lock, they no longer need to justify themselves to their users, and a cycle of pure valueless exploitation begins, aka enshittification.
Google: “Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified.
I’ve been side loading apks since I bought my first Android phones and am much more concerned about malware “safe” apps from Google’s Play store. Google’s quality control is shit.
Yes. I wonder how many people unknowingly updated Simple Mobile Tools apps after the new owner’s buy-in.
The number of apps that I’ve had to unistall because they got quietly sold and turned into malware is alarming.
Quality control is not the words. They are unethical garbage pieces of shit who make the world a worse place. These big companies buy smaller ones just so they have the good devs and no competition. Then they make everything in the market insufferable as fuck.
No freaking way this was because of “feedback”. This was because the European Commission will keep escalating their fines if Google keeps at it with the monopoly bullshit.
The EU is just a bit behind being maliciously lobbied to death (eyeroll).
(See Digital Omnibus Act)
Easing is not removing.
Anything more than a warning and disclaimer popup is too much.
I’m OK with jumping through more hoops – once.
Once I told the device that I know what I’m doing, it shouldn’t be more than a pop-up per install.
I’d agree that the option is inportant to turn it off but one and done shouldn’t be the default cuz people fucking dumb, yo.
Uh-huh, sure, just about protecting the users. Nevermind that actual malware is regularly found on play store, and exactly 0 times – on f-droid they’re “protecting” the users from.
Check your sources, we have had issues on F-Droid. Better than google play store though, because the average F-doid user is more tech savvy than the average GPlay user.
Haven’t heard of it, personally, except the case with introducing a vulnerability similar to the case with the xz backdoor that wasn’t merged. Would appreciate the link, tho
$100 says they’re just going to make it require adb.
I’m guessing they’re going to hide it in developer tools with a bunch of warnings and no explanation on how to get there so regular users don’t turn it on by accident.
Which would actually make sense.
Did you read the article?
The company is building a new ‘advanced flow’ that allows these users to accept the risks of installing unverified apps. Previously, the only permitted method for experienced users to install apps from unverified developers was to use ADB.
Google never actually mentioned ADB, so the article and you are misinformed.
It is you who is misinformed, because they did specifically say you will be able to bypass it with ADB (which now is going to be made easier, presumably).
One place they said so is here: https://android-developers.googleblog.com/2025/09/lets-talk-security-answering-your-top.html
If you need to use adb to set a flag once that’s not too bad I suppose…
Oh no nothing so user-friendly. They’re gonna require them to be loaded via adb every time. And they’ll say that’s the only way they could do it for security or some shit.
That was the plan before this latest announcement. Presumably this will be something different, hopefully allowing F-Droid and friends to keep working on-device somehow.
What? Can you please make an effort to learn something, anything, about what you’re discussing before commenting on it?
Adb was always going to remain a viable method of installing “unsigned” apks. Google confirmed that pretty early on.
You now owe me $100.
They’ll make it requiring registration to enter a developer program or something to let you install crap.
I really hope you’re wrong
They are going to make this into a “1 step back 2 steps forward” type of situation. This is that 1 step back and in a few months there will be 2 steps forward where they will completely ban all non play store apps.
Something something “To bEtTEr pRoTeCt our users, please present your ID to enable sideloading”
Any day now…
They’ve already lost my trust. GrapheneOS or LineageOS are the only safe bets now.
It’s still worse than before. Really need to break mobile away from Google and Apple. Preferably as close to standard Linux as possible
AOSP makes a lot more sense to me. We just need to adopt Graphene or Lineage en masse and start contributing to support more devices, grow that out into a real alternative with support for the already existing android app ecosystem, and real alternatives to Google Play services
Graphene doesn’t fix the problem because it’s only available on Pixel devices
Try reading what I said
Literally idk why people are saying “If this happens I’ll switch to an iPhone”
Like bruh Apple is even a more closed off walled garden? What sort of sense does that make to switch to something twice as expensive and gives you absolutely no control?
Even if Google decided to implement this in the future, I will never switch to an iPhone and neither should you
This feels like Americans voting behavior. “The thing I liked has gone to shit, so as a protest I will take double shit with extra piss”
Lol its like the Americans going “I’ll just move to China”…
Me as a someone who was born in mainland China and gained US Citizenship:
(meanwhile my grandmother just obtained US Citizenship too lmao)
As opposed to what, buying a viable phone from those other guys?
What other guys?
At minimum a stampede of people moving to iPhones should theoretically cause Google to shit enough of a brick (providing capitalism actually works as advertised, and for the record I am trying like hell to keep a straight face as I type this) to correct their behavior in an attempt to win some of those users back.
Because at the end of the day most consumers are consumers, not nerds, and if neither platform is going to allow you control over your device and they’re both privacy nightmares you’re not much worse off with an iDevice if you plan on owning a smartphone in the first place.
What we really need is a viable third option. Hopefully an inherently non-shitty one. The barrier to market entry seems pretty high, though.
