Why my apps will soon be gone from the Google Play Store

197 pointsposted 9 months ago
by grodriguez100
(frozenfractal.com)

175 Comments

alexey-salmin

9 months ago

> And even if you don’t want to update the app, Google will eventually start hiding apps from users if the app doesn’t target some minimum API version. This means you can’t just publish an app and leave it at that; it’s several days of work per app per year to keep up with the latest rug-pulls from Google.

That's something I just can't understand. If the old API is insecure or whatever, then surely the OS can put some sort of a secure emulator sandbox around old apps. You can run 35 years old NES games but not a 5 years old app? This doesn't make sense.

I never particularly liked Microsoft but userspace compatibility is something they got right and Google got wrong.

aniviacat

9 months ago

Take for example an old gallery app that request complete file access.

Now the new API adds fine-grained access and removes complete access.

What are they gonna do? Give the old gallery app fake file access, making it completely useless?

This would make for a very bad user experience. It works for emulators, because noone expects emulators to be well integrated with the system. But it doesn't work for native apps.

Many features cannot be preserved. They could preserve some features, but doing so would result in some weird 50% support for old APIs, which wouldn't be great either.

In my view, dropping old APIs entirely makes sense.

> I never particularly liked Microsoft but userspace compatibility is something they got right

With the result of having absolutely zero sandboxing.

londons_explore

9 months ago

> Give the old gallery app fake file access, making it completely useless?

Yes. When any API is used for the first time, pop up a toast saying "this legacy app is trying to use File Access permissions. [Allow access to whole device] / [ Restrict to apps own files ]".

If the user hits 'allow', grant the legacy API. If the user hits 'restrict', give a fake filesystem.

The dialogue box should be provided by the OS, and if the threading model doesn't allow pausing the app to wait for user interaction, simply kill the app to ask the question, and restart it with the permission.

parl_match

9 months ago

Except that legacy app owners regularly get offered money by bad actors, to purchase the apps and take over. Which means that anyone who "Allow access to whole device" suddenly gets a malicious update that cryptolocks them or steals their files.

Real scenario, real problem, semi-common attack vector. Enough that it's a serious problem for Google.

alexey-salmin

9 months ago

You don't have to give access to whole device. Ask the user what he wants to share, then present the app with a skeleton directory tree where only allowed parts are visible. App can as well think that is has a "full access" whatever that means, it's a matter of terminology.

growse

9 months ago

Most users will click on the option that they think will lead to the fewest number of future prompts.

alexey-salmin

9 months ago

Yes, but it has nothing to do with API versions.

If the new API can give a sensible way to restrict file access without too many prompts, then the old-over-new API layer can do exactly the same.

growse

9 months ago

How can the new API know this?

You've got an old app that uses an API that assumes full access to the device. A new API that restricts that access _cannot_ just guess what the app actually needs / uses - the only sane thing to do is to ask the user what the app actually needs.

The problem there is that the user is not incentivised to precisely curate the permissions boundary of the app, they're incentivised to _make the damn popup go away_.

This stuff is highly non-trivial.

alexey-salmin

9 months ago

> You've got an old app that uses an API that assumes full access to the device. A new API that restricts that access _cannot_ just guess what the app actually needs / uses - the only sane thing to do is to ask the user what the app actually needs.

No. It knows which actual paths the app tries to access. They can be grouped into exactly the same permission bundles (access to camera images, access to downloads etc) which are used for newer apps. Then presented to the user for approval, like they are with newer apps.

The only difference is, you may not get all permission popups at once -- but that's already the case with many newer apps. They only ask for permissions to e.g use camera when you actually need it. And I like it so much better than the old approach when the apps would refuse to run without camera even though I don't need this particular feature.

> The problem there is that the user is not incentivised to precisely curate the permissions boundary of the app, they're incentivised to _make the damn popup go away_.

Right, and exactly the same problem applies to new apps natively built against the new API. The app can request unreasonably wide permissions and the user will make the damn popup go away. It's not relevant to the problem of maintenance of old apps.

out_of_protocol

9 months ago

Except tou can't upload new app version targeting old API version

exe34

9 months ago

updates have to use the new api. boom.

dietr1ch

9 months ago

But will implementing this secure you a promo? What about saying that most apps migrated to the newer and safer api for users?

Also, TBH dev convenience is secondary to user safety

alexey-salmin

9 months ago

How about user convenience? I'm pissed off that I can't install Euclidea for my kids and it's from 2020, not from 2000.

And anyway it's a false dichotomy. If the old API is implemented on top of the new API then it can be as safe as you want it.

user

9 months ago

[deleted]

bambax

9 months ago

>> I never particularly liked Microsoft but userspace compatibility is something they got right

> With the result of having absolutely zero sandboxing.

With the result of having useful machines that do useful work, instead of toys that "protect" users and prevent them from ever doing anything interesting.

slau

9 months ago

Doesn't the operating system show you a prompt to show which files you want to give the app access to? From the app's perspective, nothing has changed. It gets a handle to a directory and can list files in it. Whether that directory contains 1 or 10000 items makes no difference.

Just to be clear: I don't disagree with you. I think it's completely normal to have APIs be deprecated, and this means eventually your app will break and be removed from the store. I just don't think this specific example was entirely justified.

ristos

9 months ago

Deprecating an API doesn't mean you have to break work already done. It can just mean that _newer_ apps can't use the deprecated API.

aniviacat

9 months ago

Yeah, good point.

I actually use GrapheneOS which does exactly that. I don't know why I didn't think of it.

xprn

9 months ago

For the file system, the OS could do something similar to what iOS is doing when you want to share a picture - giving the user control over which pictures the app has access to. Yeah, for a gallery app it could render the app quite useless because of the UX, but it would solve the issue itself IMO.

ristos

9 months ago

> Now the new API adds fine-grained access and removes complete access. > What are they gonna do? Give the old gallery app fake file access, making it completely useless?

Can you elaborate on your example here? Couldn't they just do something like replace oldGalleryAppOpensOrWritesToAnyPlace() to askPermissionsForWhichFilesAndFoldersCanBeWrittenTo() or ifSensitiveDirIsNoLongerAccessibleAskPermissionOnWhichFolderToUseForCompat() ?

shaky-carrousel

9 months ago

They could intercept file access to common folders, showing you a pop up with the files you would like for the app to see and show only those files to the app.

seba_dos1

9 months ago

> Take for example an old gallery app that request complete file access.

This applies even to apps that don't request any permissions. I have some plain OpenGL games there and they still require this useless maintenance for them, which I'm probably won't be bothering with anymore.

alexey-salmin

9 months ago

> Many features cannot be preserved

Could you present a concrete example, outside of the "system configuration" apps? These are expected to break as the "system" moves on.

I fail to see though why 100% userspace apps that often have no permissions whatsoever can't be maintained.

lordnacho

9 months ago

Sure, but why is the API still changing now, after nearly two decades? It should be more or less locked down whether you do "file system is a free-for-all" or "every app is sandboxed".

I don't think people are complaining about API deprecation being a thing, either. They complain about it being a thing that happens too often.

johnnyanmac

9 months ago

>I never particularly liked Microsoft but userspace compatibility is something they got right and Google got wrong.

they both have their ups and downs. Windows 11 still has parts of the base OS that feel like they never updated from XP. and I'm sure there's a lot of legacy cruft that ultimately slows down the boot process or many low level OS management. you add a .lot of cruft to make sure you can support 30+ years of legacy software.

raincole

9 months ago

> You can run 35 years old NES games but not a 5 years old app? This doesn't make sense

If you are willing to fill your phone with emulators of every single version of Android, then yes, you can run any old app. This is how we run 35 years old NES games.

ristos

9 months ago

Would you need every single version of Android? or just a much thinner compatibility layer for deprecated APIs? Newer apps wouldn't be able to use the deprecated API but older apps don't just disappear either

raincole

9 months ago

You can (in some cases), but it's completely unrelated to "we can run 35 years old NES games".

alexey-salmin

9 months ago

It's all related. Emulation, compatibility and compatibility-through-emulation are very old and well-studied topics. The reason why it's not present on Android is because Google doesn't want to, not because they can't.

johnnyanmac

9 months ago

>The reason why it's not present on Android is because Google doesn't want to, not because they can't.

Sad as it may be, I imagine that lack of desire also comes from consumer demand. Most people don't care about running those 15 year old games, so what's the motivation?

For archival's sake, you should be able to seek old APKs and run older ROMS through an android emulator. So the minority of those who care have options.

yjftsjthsd-h

9 months ago

It seems perhaps more relevant to point out that WINE can run 30 year old win32 apps. I suppose that does include code that could be described as emulators for every single version of Windows, but it's less work because Microsoft, for their many other faults, preserves backwards compatibility so old APIs tend to just keep working.

eviks

9 months ago

Even if emulator was the only option, why would you need every single version instead of a few old ones that those older apps use?

2-3-7-43-1807

9 months ago

according to the post you reply to it's anyway not about being able to run an app. it's about not having it listed in the play store. and that won't change even with an older android version.

theshrike79

9 months ago

NES hasn't been updated and upgraded 35 times after the game has been released. That's the difference.

It doesn't make sense to keep supporting APIs only a fraction of the user base needs, progress means leaving some users behind.

bad_user

9 months ago

If apps get removed from the store as a consequence, that's going to be many more users left behind.

It's been mentioned time and time again, but it's worth mentioning again — Windows maintaining backwards compatibility is what maintained its hegemony, as compared to it, Linux and macOS look like hobby projects. For the young as well, because games still run on it, without worrying that Apple will invalidate their library due to not being in the mood to maintain 32-bits APIs.

theshrike79

9 months ago

The US Navy was paying $9M to keep Windows XP updated and patched just for them.[0]

I bet if you pay Apple similar amounts of money per year, they'll keep specific APIs available just for you.

And it's not like updating the app to a new iOS version is a massive undertaking, in most cases it's just a matter of opening the project in XCode, adjusting the OS version, compiling and publishing it again.

[0] https://money.cnn.com/2015/06/26/technology/microsoft-window...

bad_user

9 months ago

I can't speak about iOS, but when I open Steam on macOS, I see more than 2/3 of my library unavailable since macOS Catalina, which entirely ruined macOS for gaming for me. Clearly, updating those wasn't so simple.

And also, it's unreasonable to expect all software projects to need updates, forever. My hammer doesn't need updates.

theshrike79

9 months ago

IIRC this was a switch from 64/32 bit to only 64 bit executable support.

Something that just has to be done, and not doing it has a clear cost.

majewsky

9 months ago

If it "has to be done", then why have Windows and Linux etc. not done it?

theshrike79

9 months ago

Microsoft gets paid to support old versions.

Linux has dedicated people working for free to support the weirdest hardware and software

rini17

9 months ago

Because MS sells to business. They never hesitated to break compatibility to developers and non-commercial users if it won't affect business.

lynx23

9 months ago

All the smartphone vendors do that. I have lost several iOS apps I once bought, because the developer chased to regularily update his app, which eventually killed it.

fsflover

9 months ago

> All the smartphone vendors do that.

Except those selling GNU/Linux phones running desktop operating systems. Sent from my Librem 5.

stackghost

9 months ago

I don't think the Librem 5 is good enough at being a phone to be properly referred to as a phone.

fsflover

9 months ago

It depends on your needs. Far from an iPhone but good enough to be my daily driver.

stackghost

9 months ago

How's the battery management these days?

fsflover

9 months ago

One day in suspend and 4-5 hours screen time. Not much, but usable. Also the battery is replaceable without tools.

exe34

9 months ago

yes, my needs for a phone includes phonecalls and 5G. it's quite a niche to be fair.

fsflover

9 months ago

Phone calls are basically flawless on the Librem at this point. 5G is indeed lacking.

herbst

9 months ago

I always assumed that's their algorithm mostly and not related to the API levels. Apps that stand out most when you open the play store now are often these with heavily inflated user numbers through scummy ads or practice.

p0w3n3d

9 months ago

Related article: never build your castle on someone's ground

https://howtomarketagame.com/2021/11/01/dont-build-your-cast...

This happens so quickly: 1. you are not allowed to root your phone or your bank apps will stop working

2. you are not allowed to take the screenshot of a move/cartoon (for meme purposes) because of policy

3. you are no longer allowed to use MHL to send video to your HDMI screen (use some smart-sh* itv)

etc.

if someone has his new kingdom filled, they will quickly build walls, introduce taxes and start oppression — same with Spotify artists, youtube ads etc etc.

raincole

9 months ago

That article reads almost like a comedy/parody piece, considering it is posted on a site mostly about Steam marketing strategies.

kelseydh

9 months ago

This advice reads as easier said than done. They have the eyeballs and the distribution channel.

S0y

9 months ago

You're not supposed to stop using other peoples castle, You're just supposed to have a castle of your own to bring people to.

sschueller

9 months ago

Even if you want to comply. Google's system is broken: https://support.google.com/googleplay/android-developer/thre... --> https://news.ycombinator.com/item?id=41647234

I spent days trying to get my numbers verified. I tried using 3 different internet providers (init7, Swisscom, Yallo/Sunrise) and still received the 429 (Too many requests). It took me a 4th connection (cyberlink) and using my private cell phone which is now publicly visible on my Google play company profile. I still have an open case at Google Support which is over a week old with no reply. When I try to edit my number now to set my business phone number I still get 429.

On a second note. DO NOT PAY for your DUNS number. DnB does not charge for this number, only 3rd parties do. Contact DnB directly and they will issue you the number or send you your current number. I am in Switzerland and I can not lookup my number online but I can fill out a form at DUNS at which point a few days later you get your number via email. I used this link: https://www.dnb.com/en-ch/duns-request.html

As for official company document. Google accepted a PDF copy my Swiss Companies registration entry in the official register which you can just download online at no cost.

And as a final note. Google will re-review your apps. One of mine has now been removed from the app store and I am waiting for the appeal..: https://news.ycombinator.com/item?id=41667488

miohtama

9 months ago

Duns is a scam.

Once I had to register my company there and they wanted to "verify" the information. They did it by randomly calling me 2 weeks later and asked if it is real and asked me to give a phone to someone next to me to confirm I am not lying.

silverliver

9 months ago

How would responding to a phone number, one given by the initiator himself, verify that he represents a company? Couldn't a fraudster just give them his or her a own phone number?

I would have expected that the money they siphon thanks to the likes of Apple and google would be sufficient for them to verify the numbers with a reputable third-party broker.

miohtama

9 months ago

> Couldn't a fraudster just give them his or her a own phone number?

Shh.

acka

9 months ago

IMO nothing can ever be as bad as having to deal with Broadcom's Support Portal (after finding out that this is the place you 're supposed to get VMware software). An hour fighting the account registration process because it refuses to play ball with your password manager, followed by the site insisting that you "build your profile" in order to receive the proper entitlements to download the software. Building your profile then sticks you in a loop where you have to provide a "Site ID" which is totally unneccessary and indeed not available to non-corporate users who just want to get their free for personal use copy of VMware Workstation Pro.

mckn1ght

9 months ago

They’re basically a data broker for businesses, like Experian/Equifax/Transunion except more self-reporting based. The amount of spam I received after registering with them was so annoying.

openrisk

9 months ago

The digital economy is supposed to benefit from the "long tail" effect, where countless niche operators provide all sorts of diverse products that serve potentially only very small audiences.

The long tail concept was conceived before the development of central gatekeepers. As this post demonstrates, frictions introduced at these choke points (for valid or invalid reasons) can demolish that long tail in an instant.

antman

9 months ago

I am personally very happy that developers need to add a phone number and contact email. Most of the apps I use on a daily basis are Google apps looking forward to start calling them for support, thanks Google!

KetoManx64

9 months ago

Google is a big believer in "Rules for thee but not for me"

FerretFred

9 months ago

Would F-Droid work for you? I'm installing an increasing number of apps from there and donating as well.

bambax

9 months ago

Yes the OP should try alternative app stores. I wonder why he doesn't mention it.

2-3-7-43-1807

9 months ago

because those options are not relevant if you intend to make some money with apps.

bambax

9 months ago

But he does mention webapps, which are arguably worse if your goal is to make money.

rini17

9 months ago

He would have to implement payments. Which is another nightmare.

eviks

9 months ago

Don't understand this comparison

> While [paid company ID] may be just some paperwork and a small expense, the next requirement is more insidious: “a phone number and email address for Google Play users to contact you”. I’m fine showing an email address, but I absolutely do not want my phone number to be available to anyone on the internet.

It's exactly the same, only cheaper and faster - some dumb extra cost/paperwork: get an extra phone number for this form and never use it/forward everything to voicemail, keeping your main phone private. The same goes for email, although that one would be free

lordnacho

9 months ago

So if I have a problem with the OS itself, there must be a Google phone number I can contact? Right?

eviks

9 months ago

Of course there is a phone number, it's even available on the first page of results if you, wait for it, google it. They also have an email. You'll be ignored, of course, but that'd be no different from what I'm suggesting the dev could do

johnnyanmac

9 months ago

> You'll be ignored, of course, but that'd be no different from what I'm suggesting the dev could do

I wonder what would happen to their metrics if they are reported to ignore support? And I wonder what would happen when Google ignores support?

eviks

9 months ago

Only thing left is to wonder, we don't have many examples of companies/individuals ignoring support to know for certain

johnnyanmac

9 months ago

Not ignore per se. But I've never had a pleasant experience trying to get insurance to do its job.

Tor3

9 months ago

Same - I never need to give my personal number to anyone. It's not even listed, so I avoid 99.9% of scam/phishing calls (unlike my work phone). Only family and friends use this number[1].

I have another number which I only use for the local pay-with-phone system. Second sim in a cheap dual-sim phone. And then there's a phone number which I only use for handing over to those services requiring a phone number ([1]the only exception to this whole thing is that my local bank actually has my personal number, but that's a voluntary exception).

There's no rule that "phone number" should equal "my personal phone number".

Except for the phone number thing though, I completely sympathize with the author.

londons_explore

9 months ago

In some countries, phone numbers require a phone plan or service to stay active, sometimes at a not-inconsiderable monthly fee.

Tor3

9 months ago

I use charge card plans for those phones - I pay only for the usage. I push what amounts to about ten euros into the plan and that lasts a long time. To avoid non-activity I send a text message a couple of times a year.

user

9 months ago

[deleted]

kreyenborgi

9 months ago

Can Europeans get Google Voice numbers?

sschueller

9 months ago

The issues with those is that google will prompt you if you don't use them. I lost my within a week because I didn't see the email.

I keep my numbers at didww.com now where I pay a small fee but they won't just delete my number.

eviks

9 months ago

Google and many other services reject voip numbers, though

sschueller

9 months ago

I have numbers there that have been ported from local providers. There is no way for Google or anyone to determine if a number is a voip number. All google knows is which numbers they provided and this list may also be available to others.

eviks

9 months ago

Or there is a simple database lookup way to determine that the number doesn't belong to the local provider:

"Superfast Response Times As we access the entire mobile number portability (MNP) database in every country where number porting is in operation, Velocity can truly live up to its name, providing answers at lightening speed (typically less than 5ms)"

https://tmtid.com/velocity/

djweis

9 months ago

That's not accurate - when a telephone company registers a block of numbers (at least in the US), you specify if it's landline, pager, VoIP, cellular, etc.

eviks

9 months ago

Does it have to be a Google voice number?

thekevan

9 months ago

I also wondered why not just use a Google voice number. I have about 3 of them out the 10 or random gmail addresses I own.

mikelward

9 months ago

OP is in the Netherlands. GV is US only.

But yeah, good idea if you're in the US.

thekevan

9 months ago

I was not aware of that

resonious

9 months ago

This is quite sad, but thankfully it is still fairly easy to just download an APK and install it. This is the primary driver keeping me away from Apple devices. I'll be very sad if Android stops supporting not-from-the-app-store APK files.

thefounder

9 months ago

Well chances are that Apple will start accepting out of AppStore installs as well. At least in the EU so you don’t have to worry much about Google stopping apps being installed outside of google playstore

wruza

9 months ago

Few days ago I bought a modern ceiling lamp with bluetooth control. Connected it to my iphone and that was it.

My relative had an android though.

No playstore option. Downloaded the apk from their site, launched it. Access to your location? Photos? File system? Wifi networks? Etc? ETC? E.T.C.?

The thing is, it asks it every time you tap “connect” or “on” despite everything being disabled in settings. And of course it doesn’t work without permissions (bluetooth was on). Idk which are critical because none of them are acceptable.

That’s basically my average experience with apks. When you guys celebrate wins over apple, I wonder what future will look like and something tells me I’ve already seen it.

chii

9 months ago

> Connected it to my iphone and that was it.

either the iphone app already asked for perms and you granted it all, or they didn't try to invade your privacy in iphone land at all (since an app review might scrutinize it).

But an apk might want to extract from you maximally, and there's nothing stopping them. That's why the android version is the way it is.

The problem isn't android itself, but that an open system is more vulnerable to being abused. However, i still prefer that over the closed garden.

wruza

9 months ago

they didn't try to invade your privacy in iphone land at all (since an app review might scrutinize it).

Exactly.

I prefer my lights to not know my location and photos, and to not even ask for it. With the fall of apple scrutiny, almost everything will work as described above. Cause it demonstrably does when allowed.

The problem isn't android itself

Android could (1) disallow repeating permissions popups, (2) feed empty or arbitrary data to apks because of the nature of their “habitat”.

F-droid and other non-standard firmware is incompatible with banks, other apps and hardware, so this is out of question.

an open system is more vulnerable to being abused. However, i still prefer that over the closed garden.

I respect your preference. In my case I should explain the situation to my relative and suggest to choose between the two approaches.

But I don’t see mutual respect when reading happy celebrations about destroying the protective garden. Not a thing in our conversation, but I hear it often and dread the results, where there will be nothing to choose from.

johnnyanmac

9 months ago

>I prefer my lights to not know my location and photos, and to not even ask for it.

deny it then. They want location to help with voice commands. Photos are to label your light profile. If you did either on IOS, you already gave permission. If not, you miss those features. I prefer the explicit choice.

better yet, Andoid can let you grant the permission for a short time then disable it on demand.

>F-droid and other non-standard firmware is incompatible with banks, other apps and hardware

Then make those exceptions or don't use them on your phone. This isn't rocket science. Just because there's choice doesn't mean some apps won't choose to stay stuck on google.

> I don’t see mutual respect when reading happy celebrations about destroying the protective garden.

because that perspecive isn't respectful in and of itself. Your garden isn't damaged, other peple are tilling new land. No one's making you go out of your garden, and if suddenly some killer app isn't in there you have a choice. You're not forever tainted from downloading another store and downloading one more app while 99% are from the App store.

Put it another way: jailbreaking has been a thing since IOS was a thing, there are already homebrew and unofficial apps (e.g. emulators) that you cannot access on IOS because you are in the garden. Nothing will change from then to later except Fortnite will not be in the App store. But if you were fine without Fortnite on IOS for 7 years, you aren't suffering now.

wruza

9 months ago

I wouldn't even post this if denying it once was a solution that makes it work. There was no real choice here. The choice of surrendering privacy vs getting tfo-ed is not practical.

Nothing will change from then to later

Jailbreaking is a process an average consumer won't do, so it disincentivizes app makers from making jailbreak-only ios apps. Forced regulation will make sideloading a regular thing which will shift incentives to what happened to my relative (please note: not to me). This directly affects the garden. The logic you're using here is naive at best.

noirscape

9 months ago

F-Droid isn't "non-standard firmware", it's just an app store like the Play Store is and can in fact exist alongside the Play Store just fine. You don't need to do any fancy trickery to get it working (download APK from their site, install and that's it) and rather notably, due to (good!) changes by Google to comply with EU law, is basically an indistinguishable installation experience from the Play Store when it comes to updates.

As for faking empty/arbitrary data: this is a thing in Android, and has been a thing for several versions now. The unfortunate problem is that for reasons that I'm sure aren't tied to the big G's economic interests, the UI around "granted but not really" is complete dogwater (it's basically only functional for the gallery permission these days).

You can use something like appops[0] to forcibly override these permissions options, but it really should be made more user friendly.

I think the main problem with the closed garden is that it expects Apple to be a fair and unbiased steward of their ecosystem, when it's been proven over and over again that they absolutely aren't. They allowed the app store to be flooded with ad-riddled junk, allow for paid search results that make it harder for people to install government apps[1], press smaller app devs into adding more payment schemes and even on the most basic level demand a continuous resource drain with their licensing schemes that ensures that "just make a good app and sell it once" is eventually an unsustainable business model. And that's just the stuff that ends up hurting the customer; the dev experience from what I've been told is even more miserable.

This isn't to defend Android as being superior (the Play Store also has many of these issues), but at least with Android I can substitute the Play Store for F-Droid when it comes to non-government and non-banking apps. F-Droid at least ensures that I don't wake up one morning to realize that I have to plan a full week of support for relatives because an app decided to start milking it's userbase for money and ruin the experience; when Simple Mobile Tools went to shit, I was able to just spread that stuff out over a couple weeks at my own pace since F-Droid never shipped that version. (And it helped the fork get off the ground too.)

[0]: https://appops.rikka.app

[1]: Probably one of the most frequent requests I got when I did tech stuff for the elderly was just "help me set up the government app to see [some service they were using]"; invariably the App Store would push some healthcare insurance nonsense or other vaguely related thing as the first result, which confused the hell out of them. It's unacceptable and I don't get where the "my low-tech relatives like it" idea comes from.

wruza

9 months ago

Oh, I confused f-droid with some firmware I’ve read about then.

Yes, I understand development issues for apple, but at the same time the end result is my lamp

- works on iphone

- sort of does work on android iff I accept the unacceptable

This is probably not a very “tech” case, but in my view it is pretty consumer-average, and it’s not the first app which does that (I had an android for a while). As a developer, I understand and share your concerns. As a consumer, my vote goes to the status quo. I think that developers interesrs shouldn’t go ahead of consumers.

resonious

9 months ago

I'm not trying to comment on the average quality of apps available for Android or iPhone. I'll even agree that Apple products tend to be better than their competition for average use. It's more just a personal thing where I feel uncomfortable when I buy a general purpose computer that limits my ability to install and distribute software.

oniony

9 months ago

Quite why anyone wants ceiling lights that don't just switch on and off with a switch on the wall is beyond me.

ssl-3

9 months ago

Remote control and automation.

Remote control: While climbing into bed, I notice through the window that the lights in the garage are still on. Not a problem: I can turn them off from where I am.

Automation: I get up, get around, and leave for work. Did I remember to turn the coffee machine off? The light in the kitchen? Did I remember to dial the thermostat back? I don't have to go back home and check because it doesn't matter: Those things were done for me, automatically, by virtue of leaving.

Later, I get home from wherever I went for work today. It's been a long drive, and it's dark outside, and it's dark inside, and my bladder senses the proximity of a familiar toilet and starts screaming at me before I even start to open the door. By the time I set foot inside of my home, the pathway from the back door to the bathroom has become illuminated so I can get there in a hurry without tripping over a cat.

wruza

9 months ago

It is a LED light with dynamic color temperature, brightness, quick predefined modes (i.e. dim night light mode, evening mode, etc) and a timer.

NoGravitas

9 months ago

I have an LED light with those things, but it uses a simple IR remote control. No need to sign away my firstborn to use it.

johnnyanmac

9 months ago

that remote conrol will be like all others. disappear until I need it least.

I just needed to link a google account and permissions are minimal. nearby devices for the bluetooth/NFCand nothing else. other 5 permissions disabled. worth the convinience since I have control over what it can/'t do.

wruza

9 months ago

My buddy has a similar story with a boiler control app. First thing the app did was sending an sms to a chinese number.

xandrius

9 months ago

I'm also a solo dev and while I understand the nuisance the changes are often slow and spread out.

It's annoying if you have 1 app but if you have many, it's still the same amount of work.

I built a little offline, no frills app for mushroom picking for my dad's birthday and every 2/3 years I need to rebuild it with a new target API. No big deal and it keeps making me think whether it's worth it being there or not: until my dad or I go to mushroom picking then the answer will be yes.

hu3

9 months ago

Perhaps a PWA web app would be a good fit?

It allows for offline functionality and icon on home screen.

Much lower maintenance too. Could even host in GitHub pages depending on requirements.

xandrius

9 months ago

Maybe but then you're supporting X default browsers instead of 1 platform.

I'd still rather open the project, change the minSDK and rebuild than having to mess around with Samsung Browser, UC Browser from hell or else.

eviks

9 months ago

You're supporting exactly one browser - the one you use and switched your dad over to (at least for this one activity of mushroom picking)?

xandrius

9 months ago

My comment is in general for my apps. As I said, for my mushrooming app I'm using a native app.

CalRobert

9 months ago

Are they that different since it’s basically just chrome reskins and Firefox?

fakedang

9 months ago

And Firefox is 3% of the browser market, and god knows what fraction of the mobile browser market. You only need to worry about Chrome and Safari.

xandrius

9 months ago

This depends on your user base: their age, their country, etc.

If someone with a cheap Xiaomi with a weird default browser comes and tells me that they have an issue with my app/game, I can't get back to them and tell them to fck off because they are not respecting the stats. Or rather, I definitely could but I don't want to.

fakedang

9 months ago

I'm typing this from a cheap Xiaomi. You're good to go. (Default browser seems to be Chrome, though I use brave)

xandrius

9 months ago

Yep, they are mostly similar but not exactly the same.

I developed a small web-based game and even that one required quite a bit of testing and debugging from players' reports as it seems every manufacturer uses a different default browser.

I have a check specifically for UC Browser (had no idea of its existence) as it has a bug regarding dates. Go figure.

And then people downvote me because they think all is Chrome and Firefox, while that's not the whole picture at all.

Evidlo

9 months ago

For an informational static page, it's almost surely going to work on all major browsers out of the box.

erremerre

9 months ago

I imagine that is what Google wants. They don't want solo developers. They just want a company making apps. And dealing with companies is easier than with a solo developer. One could argue that a single employee company and a solo developer is the same, but again, the intention is to burden a solo developer single company, so that only small companies are the ones creating apps.

If they have not gone to the route of directly banning solo developers is just to avoid the pushback.

jonathanstrange

9 months ago

The problem is how much founding a company varies by countries. For example, I live in Portugal. Setting up a one-person company (Unipessoal LDA) is fairly cheap and easy here, but you're still required to have a certified accountant with certified accounting software. This increases the costs to around 100 €/mo minimally, just for running the company even if it has zero income. That's quite some bullshit if you just want to publish an app. But I guess Google doesn't care.

erremerre

9 months ago

Yes, but they don't want unipersonal companies either. They want companies with certain size, and legal department, so if any issue arises, it will be between the legal teams to resolves, rather than support.

clumsysmurf

9 months ago

> the next requirement is more insidious: “a phone number and email address for Google Play users to contact you”.

It's even worse: if you are an individual with paid apps, Google will publish the physical address from your merchant account to your Storefront page. You will not be able to use a PO box / UPS Store box etc.

tekeous

9 months ago

Absolutely ridiculous, to require a DUNS number when so many apps are published by a single person, often for fun or hobby.

KomoD

9 months ago

Then you don't need a DUNS number... just like the post says:

> The D-U-N-S number is only needed if your Play Store publisher account is for an organization, not an individual.

Same with the requirements for public email and public phone number, these are only requirements if you are an organization

mschuster91

9 months ago

The problem is, legally in some jurisdictions as soon as you're earning money, and even if it's just ko-fi or small scale ads, directly via a Thing, you're now running a commercial enterprise with that Thing, and you better comply with all the regulations.

cynicalsecurity

9 months ago

Would you trust Google with a scan of your passport?

sanswork

9 months ago

More than almost any other company in the world. I trust Google to protect my data well from external and internal snooping. I don't have that faith in many companies.

xbmcuser

9 months ago

Yeah to me this is something people don't get about Google. Google was built around the notion that data is valuable so they do their best to keep it to themselves and not share with anyone. They do know who is who by tracking you but it is in their interest to allow their customers to utilise the data but not access it directly.

Funnily enough all the actions against Google advertising business monopoly if work out would probably make privacy on the web worse in my opinion.

sulandor

9 months ago

realization that data is valuable does not imply a privacy consciousness.

google is in the business of selling access to that information.

though, i can see the wisdom in painting the alternative even worse.

xbmcuser

9 months ago

I never said anything about privacy but rather about profits its in google interests to let and help you target high earning 26-36 year old using it ad tech rather than telling you who those 26-36 year high earners are. So your data not privacy is more important to them to keep from everyone else directly but through their ad tech.

KomoD

9 months ago

Last I checked I don't use Google for any travel so I have no reason to give it to them.

If they wanted to verify my identity then I would give my national identity card. I'd definitely trust them with my ID card more than most other companies

user

9 months ago

[deleted]

miniBill

9 months ago

My apps will be gone because Google wants to publish my home address for the world to see. What the hell, I'm an individual, not a company.

welder

9 months ago

Hope author decides to open source the apps if they no longer plans to make money from them and they're going to be delisted anyway

stackghost

9 months ago

>Again this is no problem for a company for whom the app is their core business, but bad news for indie and hobbyist developers who just want to make something cool, put it out there, and move on to the next project.

Is it not obvious that Google does not want "indie developers who make something cool, out it out there, and move onto the next project"?

jonathanstrange

9 months ago

I suspect this is another symptom of a universal slow "Myspace" death of native applications. Apple's compliance rules become more and more strict, Windows flags basically every executable as virus unless you pay for the most expensive types of signatures, and now Google is requiring all kinds of documentation including phone numbers and home addresses. Are those companies not aware that they're slowly destroying their own infrastructure?

I'm planning to build a small software company but so far everyone I've asked has strongly suggested to create web applications instead. Can a solo developer publish an app for all major platforms in 2025, or is this a completely crazy idea?

sschueller

9 months ago

The problem is that for certain things you can not get away from an app. With MySpace you could visit another website.

For example I make an IoT device (https://www.stationdisplay.com/) that gets configured via Bluetooth LE. I can not access BLE via mobile browser because most don't support it (https://developer.mozilla.org/en-US/docs/Web/API/Web_Bluetoo...).

Of course there are alternative methods like starting a wifi access point and having users connect to that but this makes it a lot more complicated for the end user. That results in un-happy customers and a lot of extra support costs.

jonathanstrange

9 months ago

I totally agree. My software is essentially a digital asset manager, though with a bit of extra functionality and project management built-in. I don't see how a web app could efficiently index millions of files on the local file system.

However, based on all the horror stories I've heard, I'm seriously thinking about re-considering my approach and settling for a different, simpler web-only product. It's frustrating to think that the majority of development time is not going to be spent on the app & cool technology but rather on bureaucracy, platform distribution,integration into app stores, and setting up cross-platform CI.

jemmyw

9 months ago

This. I built a cross platform app. You pay the yearly dev fee to apple and you can sign your apps for macos in and out of the store. MS do let you do signing for their store, but for outside distribution you need EV certs that are very expensive and a pain to manage. For a small business it's probably fine but for a solo dev it's really shit. And yeah, it flagged one version of my installer as a virus leaving me scrambling and anxious thinking my build could have been compromised and then oh no it's just based on predictive ml and it's actually fine.

lun4r

9 months ago

You can find your DUNS number for free through Apple.

sschueller

9 months ago

DUNS numbers are free, anyone charging for lookup is not DnB but a 3rd party trying to bank from it.

> If your organization does not yet have a DUNS number, or no one knows it, visit the Dun & Bradstreet (D&B) website or call 1-866-705-5711 to register or search for a DUNS number. Registering for a DUNS number is free of charge, so if you encounter any organizations or websites soliciting a fee to acquire a DUNS number it is likely a scam or fraudulent.

[1] https://www2.illinois.gov/epa/Documents/iepa/grants-loans/st...

Jnr

9 months ago

Yes, I signed up for DUNS as I was creating a developer account for Apple. If I remember correctly, a year ago it did not cost anything when going through apple systems. And I think it was before the step where you have to pay the Apple developer fee.

Havoc

9 months ago

The official document is pretty standard KYC/AML.

Number for users to phone sounds like a nightmare though

ramshanker

9 months ago

Last I looked into publishing on App/Play Stores, the thing scarring me away most was some verbose declaration on exporting encryption from US etc. Couldn't wrap my head around it.

newaccount74

9 months ago

It's the same thing with Apple App Store.

And with 3rd party merchants like Fastspring, Mycommerce, Paddle, Paypro, etc.

It's not just the EU, the US money laundering KYC rules are also pretty annoying.

sdk77

9 months ago

Mine as well. Sucks that I just went through the required updating of the build (minimum sdk) of my only app on there, a 2016 Java string art app below 2MB with no data collection, advertising or monetization whatsoever.

Now they want to publish my full address too, because they believe I make money off of it, and I can't contest this in any way. Fine. I'll let them delete my account and I'll open source that app and put it on F-Droid then.

joshstrange

9 months ago

The requirement to publish phone/email suck but can be worked around with something like Google Voice and any free or very cheap email provider.

The more galling aspect is the home address. I just went through this as well and I don’t at all like my home address being available on the Play Store for my apps. Especially since my apps are local (specific to events in my city).

daniel1969

9 months ago

Open source your apps, publish them on F-Droid, or allow downloads from your website—that's what I've been doing.

silverliver

9 months ago

Very much a tangent, but is it still impossible to build apps for android using 100% open source tools?

I haven't jumped on the android bandwagon, but I've been thinking about developing an android app and host it on f-droid provided that I am not forced to use proprietary/NDA crap.

gsck

9 months ago

When have you ever been required to sign an NDA to make an Android app?

silverliver

9 months ago

Fair point, but doesn't answer my question. Is it still impossible to practically develop apps, even basic ones, using only open source tools/libs?

johnnyanmac

9 months ago

I mean, nothing in particular is stopping you. the IDE is the obvious bottleneck but someone this adamant can make VS code work.

Everything else is trivial. Fork AOSP for an environment to test in, find a non-Oracle Java to build the app for (if that fails, the NDK in c++ will work, but complicate matters), figure out the buildchain to produce your APK, and upload to a store like F-Droid.

Your limitations will come based on potential phone features you require. I imagine camera access or permissions may hit a few pitfalls, and I'm unsure in 2025 how easy those are to overcome (they were nearly impossible the last time I professionally developed in 2013). But Google open sources more than you'd think, so you have a lot of tools at your disposal.

-------

Now, is it practical? No, not really. You're playing on hard mode and will probably fall into a lot of non/underdocumented behavior. You're gonna be a trailblazer for all sorts of issues only the largest, most ambitious companies run into (and probably fix inhouse, so good luck researching others' solutions). Monetization opportunities will be shot, and any attempts to expand platforms will have you hit brick walls as Windows/Apple OS's require non-FOSS apis.

You would only be doing this either for a hell of an impressive portfolio piece, or for ideaological reasons. Otherwise you're shooting yourself in the foot.

silverliver

9 months ago

I'm pretty sure I could also manually flip bits in memory to get something that runs on Android but I wouldn't call that practical.

So the answer is: No, no practical way exists for people to freely (as in speech) develop android apps. I hope Google gets regulated out of existence.

alex_duf

9 months ago

> Maybe it could be in the form of a web app. We’ll see.

I think this is, (and maybe always has been) the way forward.

With more and more languages being able to either compile down to js or even wasm, I feel like the bar might be a little lower than before.

pabs3

9 months ago

You could release them on F-Droid instead, or even just your personal site.

rockskon

9 months ago

Removing apps pegged to an old API version as opposed to only apps that use a no-longer-supported API call needlessly removes useful apps that don't need regular maintenance and updates.

anal_reactor

9 months ago

It's a feature, not a bug. Of course Google would rather partner with five companies bringing a billion dollars than a billion indie developers bringing five dollars. From business perspective, there's no need to host all these indie apps when 99% of your users only download TikTok and Facebook. Sure, the 1% of users will get mad, but these people actually cost Google more money than they bring in, so having them mad and potentially leave the platform is a good thing.

Times have changed.

2-3-7-43-1807

9 months ago

wasn't there also something about very strict requirement with regard to having an app (that is applying for being listed in gps) being tested by a dozen or so people over something like 3 weeks?

IvanK_net

9 months ago

I am the creator of a photo editor www.photopea.com, used by around 1 million people every day (of which 300,000 use Android, 150,000 use iOS). After reading this article, I am so happy that I never spent a single hour trying to publish my tool at the "mobile stores" :D

zwnow

9 months ago

Amazing tool, use it every week! Buuuut reading the main article it just sounds like the autor didn't want to take responsibility for their games. Like it's even required by law to provide your address, email and so on in Germany if you only own a website. Continuing, it's to me very obvious to target the latest Android releases. I don't see the issue this person has.

johnnyanmac

9 months ago

many obvious reasons (I'm in the US and the last thing I want to provide to the world is my phone number for MORE stupid spam. My address is absolutely out of the question, not in these times. It sounds alarmist until you get physical death threats from people that may or may not have to even do with your app).

But for reference, this author is in the Neverlands and things that seem trivial for US businesses are apparently more involved over there. These small 30 euro costs aren't worth it to update some 10 year old app you'd only update if you just needed some trivial migration updates.

immibis

9 months ago

This is only for commercial websites.

zwnow

9 months ago

Sure but it's considered a commercial website pretty quickly. It's enough to recommend something to make it possibly commercial.

ioulian

9 months ago

Can't thank you enough for photopea. Very good (and impressive) job that you've done with it! It's very useful as a frontend developer that wants to quickly edit an image!

jasonvorhe

9 months ago

Just a quick thank you for making and running photopea. Back when ChromeOS didn't run anything but web apps, Photopea was a godsend. I haven't used or thought about it since but I'll check it out again if the need ever arises.

akww

9 months ago

Like the others, thank you! We would use it in our introductory collage class in College (per the professors recommendation)

napolux

9 months ago

you're one of my heroes :)

HenryBemis

9 months ago

TLDR: I nag a lot, the rules change so I don't want to play any more. Why does bureaucracy happen?

I don't know where the writer writes from (don't care to look it up). From experience, in the UK there are companies were you can outsource (at little cost) most of your admin stuff, and/or you can also mark them as the 'HQ' of your company, using their address instead of yours. I will go ahead and assume that everywhere in the civilized world similar companies exist. Also "is only right morally, but not legally" is very BS. These are the rules, take them or leave them. You can escalate, but not break them, otherwise if YOU pick which rules YOU want to break, then I will pick the rules that I want to break, and then it goes only downhill.

DUNS: I remember when I created an app for Apple Store, they were requesting the same. I did it. It took me 10mins, nothing to see here, move on.

For reference, I had my own Ltd in the UK, I was contracting and was using the same Ltd for my app, so I've actually done this.

Doing business has costs. If the writer doesn't want the costs of doing business, perhaps he/she is in the wrong business (?). But "screw the rules" is not cool.

johnnyanmac

9 months ago

> I don't know where the writer writes from (don't care to look it up).

didn't care to read the article either but provided a dismissive TLDR. The article mentions they are from the Netherlands.

>in the UK there are companies were you can outsource (at little cost) most of your admin stuff, and/or you can also mark them as the 'HQ' of your company, using their address instead of yours.

for a minimimal update on an app you finished 11 years ago that probbably isn't making money? No thanks. I think it's important to remember that this isn't some active business, but a hobbyist that made something at a completely different phase of life.

>DUNS: I remember when I created an app for Apple Store, they were requesting the same. I did it. It took me 10mins, nothing to see here, move on.

Also in the article. Feel free to correct me since you're closer, but apparerntly the Netherlands needs to pay to find the DUNS number that was already registered to the CoC.

>Doing business has costs.\

They aren't a business past adding migration updates to an old app. Yes, it is a big deal to give a private middleman your passport and let them post your address/phone number to the world. It's absurd to get on a high horse to a single dev, especially in a community that I thought valued privacy.

hacsky

9 months ago

I have a larger question. I know there is no answer now but i'll leave it here for posterity.

Everyone seems to have a love/hate relationship with app/play stores and these stores have a stranglehold on developers. "This is our new policy. Accept it or we'll kick you out."

The TOS we enter into with app/play store is fully in their favor with no rights to the developers.

For android, worstcase, i can have people download the apk from my website. For iphone there's no way around.

fsflover

9 months ago

But where is the question?

eviks

9 months ago

"There is no answer"

johnnyanmac

9 months ago

nor was there a question. This was just an odd comparison framed as curiosity.