This is unacceptable.

Google needs to be broken up. Apple too.

The lack of antitrust enforcement is a clown show.

We have no choice in the most important computing category in the world. It's a duopoly and they have everyone in straightjackets - consumers, companies, competitors, governments, ...

A huge percentage of the world's thoughts and economy flow through mobile. And two companies own it.

Ma Bell was nothing compared to this.

Yes! Android doesn’t need an USP. Not anymore now that we have a stable equilibrium of this perfect duopoly.

[dead]

Same here. F droid gives clean functional and reliable apps while playstore is a dumpsterfire.

It is not just that. In my case , everyone around me are using iphone . I made the sacrifice to not easily connect with them and use android so that i have freedom ( to install, customise what ever). Once that freedom aspect is taken away. There is no reason for me to make that sacrifice.

Until EU's cross compatibility between messaging apps is passed, we are forced to be in vendor lockin.

I have no idea why iMessage and FaceTime are draws when Signal is available.

I mean, we have mandatory Play Store services, so the experience on android is not significantly less locked-in.

Another road that leads to BBM it seems.

It’s utterly bizarre how BBM could have been the iMessage and WhatsApp and who knows what else. But rich out-of-touch people thinking exclusivity is a perk in a commodities market just shows how business savvy and wealth are in reality disconnected from eachother.

I glanced at Ubuntu Touch, but its device compatibility looked severely lacking (https://devices.ubuntu-touch.io/).... I have old Pixel phones I could potentially try it out on, but the last Pixel phone that is officially supported is the 3a. So that is a bummer.

"Refreshing" is an interesting adjective to use. I don't want a refreshing OS. I want a rock stable OS that sips battery.

I wonder if banking and messaging apps will work on it in the future

Yeah... Does it support WhatsApp? If not that's a deal-breaker in most of the world.

Ubuntu touch has a locked-down filesystem, like Android does. Mobian, PureOS and postmarketOS behave much more like regular GNU/Linux.

Not a lot of life left in Pixel 3 phones.

> I just switched to the iPhone with the new cycle, explicitly because of this news.

And guess what, sideloading has never been allowed on iPhones.

So you just went from bad to worse. The only rational option for tech-minded people nowadays is to buy a device that supports Lineage or Graphene (ironically Pixels are good for this) and to replace the stock OS.

It doesn't make any difference anyway, does it?

Then I might as well treat myself with better hardware & ecosystem.

I think this isn’t true at all, before the iPhone existed cellular carriers controlled software on consumer phones.

Remember when GPS navigation was a $5/month app that was a cellular plan addon?

So let's pick a random example app that might be popular on F-Droid today. Oh, I dunno...newpipe.

Given that Google both owns Android/Google Play Store and YouTube: what do you think they would do with the developer information of someone who makes an app that skirts their ad-model for YouTube?

Google is following the same game plan we saw when they decided that the full version of uBlock Origin (the version that is still effective on YouTube) should no longer be allowed within their browser monopoly.

The fact that there was a temporary workaround didn't change the endgame.

It's just there to boil the frog more slowly and keep you from hopping out of the pot.

It's the same game plan Microsoft used to force users to use an online Microsoft account to log onto their local computer.

Temporary workarounds are not the same thing as publicly abandoning the policy.

From a quick glance at /r/GooglePlayDeveloper/ it looks like Google is just as interested in killing playstore apps! It seems that they only want to support the existing larger apps now. I think they are giving a clear message to developers that its not really worth developing for that platform anymore. I think we will all agree that the playstore needed a purge but they seem to be making it impossible for any new solo devs at this point.

> currently this is far from 'killing' non-appstore apps for most of the market.

It means that Android is no longer suitable for my own private dev projects.

It also makes it easy for google to blacklist a developer, if for example the trump administration don’t like them (the same way apple removing apps documenting ICE).

Pretty sure virus creators could just pick a real ID leaked by the "adult only logins" shenanigans, whereas legit app developers probably wouldn't want to commit identity fraud.

Yeah... no. This is normal with desktop computers. Let's stop handholding people. If I trust the source, I trust the domain... I want to be able to install app from its source.

Googles/Apples argument would have been much stronger if their stores managed to not allow scams/malware/bad apps to their store but this is not the case. They want to have the full control without having the full responsibility. It's just powergrab.

> need for this to track down virus creators

I think they’re just going to track down a random person in a random country who put their name down in exchange for a modest sum of money. That’s if there’s even a real person at the other end. Do you really think that malware creators will stumble on this?

This has to be about controlling apps that are inconvenient to Google. Those that are used to bypass Google’s control and hits their ad revenue or data collection efforts.

It's killing F-Droid, which is the only place I want to sideload from.

It makes sense for average users to have identifiable traceability.

Developers, and power users often pre-date these kinds of smartphones.

What we really need is a fair alternative to both these abuse platforms. Choosing an unfamiliar abuse over a familiar abuse isn't exactly the smartest move. The switch over to a free(dom) platform like plain Linux must happen even if we have to make some temporary sacrifices like the loss of mobile banking facilities. It can't be worse than using a feature phone, can it? The app ecosystem will eventually attain parity if the platform achieves popularity.

> How will Google force Android users to "update" so sideloadinng can be prevented

Google has the Google Play Services, which can be remotely updated via the Play Store, as has been done for the COVID exposure notification system [0]. Google's Play Protect already hooks into the installation process and could be updated to enforce the signatures.

[0]: https://en.wikipedia.org/wiki/Exposure_Notification

What happens if the computer owner disables Google Play Services along with the Play Store and keeps the phone offline

(Own experients conducted over the years make this a "rhetorical question" meaning I already know the answer)

Not every app requires Play Services and internet access

(Online commentators sometimes try to argue that all apps, even offlines ones, "require" Play Services otherwise they cannot be updated automatically, highlighting the significance of "automatic updates" in steering debates about Android. Own experiments show that many if not most apps work fine without Play Services and can be updated manually if desired)

Not every phone is used for banking or other "government services"

(For example, some owners have mulltiple phones. Some owners may have phones with older versions of mobile OS that may be used for experiments)

Not every computer owner is the same

(For example, most phone owners do not install any apps at all. Of those that do, most use "app stores", not so-called "sideloading")

HN replies are likely to invoke "security" as a retort to any suggestion of decision-making and control being placed with the computer owner

Automatic updates are pretty unrelated. Google can just release an updated version of google play services or a device verification API and everyone's banking/government ID apps will stop working until you manually update anyway. They have a pretty big stick to whack you over the head with if you don't update to the new version "for security"

For me, mainly: no international cost, no metered cost (other than data), no extra app like WhatsApp to install (but other party needs iOS).

Edit: that said, nowadays, maybe because I'm back in the EU, I use WhatsApp way more often than iMessage.

“There are no good reasons” really? One of my favorite things about iOS/ipados is the incredible selection of music creation apps. My iPad is loaded with synths, sequencers, and effects. AUM in particular is an amazing program for live performances mixing both software and hardware using a touch interface.

Many, but not all, of the programs I use on iPad are also available on Mac and Windows at much higher prices. That alone is reason enough to use a iPad. Most of these apps can be run on the least expensive iPad and/or older ones.

Like it or not, computing appliances have led to really good software markets. The “clean and honest” software markets are either much more expensive or don’t exist at all. The optimist in me is hoping that Android losing some freedom might lead to higher quality software and some actual competition to Apple.

Firefox with UBO is still a huge win. But Orion browser is making progress. At this point I just don’t see a reason to go android anymore. If I have to be part of a walled garden I may as well choose the nicer one.

How long until AOSP deviates so much from features in 3rd party ROMs that it becomes infeasible to for amateur developers to maintain them?

But not outside of Apple's control, they have a very similar mechanism to this verification process with 3rd party app stores.

Thats a recent addition; hope consumer protection laws around the world become better.

What part of cheaper, better, and open source is shittier exactly?

Do you have a single friend who isn't a programmer who has installed a PWA in the last two years?

> PWAs

And I wonder when can we stop lying to ourselves pretending "web"-apps are real (native) apps?

There is a big difference between Websites and Applications. Websites are a smaller subset of capabilities.

If they need to be signed by Google, that's not side loading by definition; it's using an alternate Google channel.

What your describing isn't "side-loading". Doing that means the apps go through Google's chain of control. Please don't let them redefine the word.

With macOS you run "sudo spctl --master disable", and then you can run whatever you want without sending PII to Apple. Is that the case with the new Android stuff?

You can install full uBlock Origin in the Orion browser, on iOS. It also has decent built-in ad blocking (though uBlock Origin is still better).

I had been thinking for a long time to switch to Android (GrapheneOS, probably) when my current iPhone 13 dies, but this whole thing with "sideloading" on Android is making me reconsider. If I can't have the freedom I want either way, might as well get longer support, polished animation and better default privacy (though I still need to opt-out of a bunch of stuff).

> It's a similar limitation to macOS which won't let you run apps that Apple hasn't signed without command line or control panel shenanigans

Can you do something similar to load unsigned apps on Android?

Agreed. While I do not like this move, ti is weird to me how far people are going in their criticism.

The perfect should not be the enemy of the good.

Aside from everyone pointing out that you can't do that on most phones, there's also the fact that installing your own OS will block you from using many apps that check your secure status.

>you can install your own OS

https://github.com/zenfyrdev/bootloader-unlock-wall-of-shame

Not if you don't have permission to install your own OS...

Didn't Google recently kill AOSP and stop providing board support packages for their phones?

Can you, with SecureBoot?

Or just "install". This word was sufficient my entire life until the Apple App Store came along and hijacked it.

"Why should I change my name? He's the one who sucks"

https://youtube.com/watch?v=ADgS_vMGgzY&t=3s

There is, actually, but in a different context. The `adb sideload` command allows you to boot a device from an image without flashing it.

Yeah in the name of "security".

Unfortunately it also means giving the key to the Kingdom to a company like Microsoft or Google which are definitely adversaries in my book. Keeping them in check was still possible with full system access.

Even Apple I don't trust. They're always shouting about privacy but they define it purely as privacy from third parties, not themselves.

And they were the first to come up with a plan where your phone would spy on you 24/7.

> The vast majority of people on this site (especially those who entered the industry post dot-com crash) ridicule Stallman.

I've been in tech and startup culture for over a thousand programmer-years (25-30 normal years). It wasn't dot-com or the crash. It was mobile. The mobile ecosystem has always been user-hostile and built around the exploitation of the customer rather than serving the customer. When the huge mobile wave hit (remember "mobile is the future" being repeated the way political pundits repeat talking points?) the entire industry was bent in that direction.

I'm not sure why this is. It could have been designed and planned, or it could have evolved out of the fact that mobile devices were initially forced to be locked down by cell carriers. I remember how hard it was for Blackberry and Apple to get cell carriers to allow any kind of custom software on a user device. They were desperately terrified of being commoditized the way the Internet has commoditized telcos and cable companies. Maybe the ecosystem, by being forced to start out in a locked-down way, evolved to embrace it. This is known as path-dependence in evolution.

Edit: another factor, I think, is that the Internet had no built in payment system. As a result there was a real scramble to find a way to make it work as a business. I've come to believe that if a business doesn't bake in a viable and honest business model from day zero, it will eventually be forced to adopt a sketchy one. All the companies that have most aggressively followed the "build a giant user base, then monetize" formula have turned to total shit.

If you want a real blackpill (I think this is the right word), consider the famous Cathedral and the Bazaar.

I recently had a realization: I can name Cathedrals, that are 800 years old, and still standing. I can't name a single Bazaar stall more than 50 years old around any Cathedral that's still standing. The Cathedral's builders no doubt bought countless stone and food from the Bazaar, making the Bazaar very useful for building Cathedrals with, but the Bazaar was historically ephemeral.

The very title of the essay predicts failure. The very metaphor for the philosophy was broken from the start. Or, in a twisted accidentally correct way, it was the perfect metaphor for how open-source ends up as Cathedral supplies.

I get where you are coming from. However, language like this matters when it comes to legislation. People outside there space will be guided by the sideload language to think it's just "something extra on the side so why should I care?"

Sounds like "sidestepping" i.e. doing something illegitimately or at least outside the normal path.

Language strongly influences how people perceive things. For example, people shown videos of a car crash estimated higher speeds and falsely remembered seeing broken glass if the crash was described as "smashed" or "collided" rather than "hit" or "contacted"[0].

"Direct installation" sounds neutral to me, but "sideloading" sounds advanced or maybe even sneaky.

[0] https://www.simplypsychology.org/loftus-palmer.html

Why "first party app store"? You mean the play store with that? Why is that necessarily the "first party app store". I mean, for "Google Android" it might be, but not for AOS.

No I don't know.

But: "side talking" Is a worthwhile distraction to Google and look at Nokia N-gage memes.

I prefer the term "unlocked install". Consumers are already familiar with the terms: locked phones and unlocked phones.

Unfortunately not. They are calling it "phone" and ("rooted phone" or "unlocked phone").

Sounds too much like illegal jailbreaking. Direct install better IMO

Have you read anything about this? What you are proposing is exactly what is being disabled.

> which is something you don't buy nor own, you buy a license to use it on the provider's terms

The distinction between "own" and "license" is purely a legal one. If I buy a kitchen table I own it, I can chop it up and use the pieces to make my own furniture and sell it. When I buy a copy of a Super Mario game I cannot rip the sprites and make my own Super Mario game because I don't own the copyright nor trademark of Super Mario. But I do own the copy, and Nintendo does not get to march into my home and smash my games because they want me to buy the new one instead of playing my old ones.

> linux phones can't come soon enough GNU/Linux. I used to think Stallman was being petty for insisting on the "GNU" part, but nowadays I understand why he insists on calling it GNU/Linux. There is nothing less "Linux" about Android than Debian, Arch or any other GNU/Linux distro, but GNU/Linux is fundamentally different in terms of user freedom from Android.

> linux phones can't come soon enough ...

That would require a lot tighter and broader (but not corp-controlled) organization than what open source is accustomed to - making cheap and capable phones that aren't tied to a big corp is big challenge.

> "your point about the termn "sideloading" is spot on, though. perverting the language is the first step of manipulation [...]."

Precisely.

They are signed, though. Just not by Google.

It's certainly possible for the same company to create an open platform in addition to a separate platform that is a walled garden.

Microsoft Windows is an open platform that is open to running whatever software you want, while Xbox is a walled garden.

That doesn't mean that Google can fraudulently market an open platform and then close it after driving competing platforms out of the market without running afoul of antitrust law.

However, if Google wants to create a new platform that is a walled garden, as long as they are honest with users about what they are selling, that would be perfectly legal everywhere except the EU.

embrace, extend, extinguish

Sorry, but when you create an open platform, you are choosing to create a new market where antitrust law will apply.

Google has to live with the consequences of it's decisions.

Open platforms mean more growth more quickly, but they also place restrictions on what you are allowed to do in the future.

> why did TSA recently start requiring REAL ID

Immigration politics

I think you still have the right to travel without ID. The TSA may demand it, and may tell you it's legally required, but that doesn't make that true. If you show up at the airport without an ID, you'll still be allowed to fly domestically. Of course, how easy that is probably depends on whether you frame it as a "woops!" or as a "fuck you guys!". They'll put you through extra "security" screening and try to confirm your ID other ways.

"In fact, the TSA does not require, and the law does not authorize the TSA to require, that would-be travelers show any identity documents. According to longstanding practice, people who do not show any identity documents travel by air every day – typically after being required to complete and sign the current version of TSA Form 415 and answer questions about what information is contained in the file about them obtained by the TSA from data broker Accurint…."

https://papersplease.org/wp/2020/05/19/tsa-tries-again-to-im...

https://papersplease.org/wp/2024/03/18/buses-trains-and-us-d...

https://en.wikipedia.org/wiki/Freedom_of_movement_under_Unit...

Thank you for taking your time to list all the options!

I have no requirement to use apps other than calls, navigation, something to let me view pdf, take photos and maybe browse HN :) (already a big bunch)

Bought a used iPhone 7 for a specific project requiring a supported OS (iOS15) and having a hardware security module and the phone worked fine for that but Microsoft Authenticator refused to install below iOS 16 for no obvious reason.

That's the thing, they don't review their apps, and they actively ignore people flagging apps that are scams or otherwise malicious. Much like their ad empire, its all bots and people making money for pretending to care.

It's not "let's not do any checking whatsoever", it's just "let individual users choose between Google's ineffective checking and alternative app sources that users can trust or not trust with zero involvement from Google".

That would make sense except they aren't doing any app reviews lol. They're just scanning your government ID. It is a farce.

It's not even about power users. The article describes this pretty well: It is about the fact that this action will destroy or at least severely harm the open source app ecosystem. What I can see is that this already has a chilling effect on app developers releasing apps on F-Droid. You might say why should I care about that when I am one of the 99 % of normal users. But it all comes down to freedom. If you destroy alternatives to the Play Store, you remove the freedom of choice that even the 99 % of users would have if they were willing to switch to proper open source solutions.

Does anyone know if there is a concrete evidence that bespoke measure violates the EU's digital markets act?

> in the name of preserving the rights and capabilities of the tiny base of power users

These are the rights of all the users. Take that perspective.

Remotely pushing a code to billions of devices to lock their baisc function (running code user loads) unless the device owner pay and provide sensitive info is a full-scale global malware attack by itself.

Completely false dichotomy - you could release a separate android channel that would require flashing through fastboot but still be signed, don't require unlocked bootloader and fully pass "Play Integrity".

But those 99.999% of users won't be using F-droid or direct-installs to begin with.

> How much risk do you expose typical users to in the name of preserving the rights and capabilities of the tiny base of power users?

Rights and capabilities are for everyone, even if they're not currently using them due to not being a "power user". They're an important "escape valve": if things get bad enough, normal people become power users out of necessity.

In that case, an ID-gated play store and a developer settings toggle with a scary warning message would serve the same purpose for that 99.999% while leaving the rest minimally affected. Clearly that's not enough for google.

Link: https://www.gnu.org/philosophy/right-to-read.en.html

Meta: https://en.wikipedia.org/wiki/The_Right_to_Read

No - I'm not saying it will be soon, or fast. I am saying only it will now come, just as Linux did.

Wouldn't people just fork AOSP? Seems like GrapheneOS has a running start?

> If that actually were the case, the iPhone would've died in 2007.

But there was Android. If you cared about loading, you could ditch Apple. You had something else to go to.

Now there's nothing.

> If that ever does happen I really hope they just focus on making a proper phone, not trying to make it a hybrid phone and workstation.

It's not a zero-sum game in that regard. The entire point of Linux phones is to get Linux distros working in phone form-factors. Getting them to work as general-purpose computers is the easier, already finished part. Getting them to work as phones is the harder-part, the new work. Removing the easy, already finished part doesn't make writing the camera drivers, modem-handling software, etc. any easier.

> But I’d rather just have a fully functional phone that happens to be Linux.

Without the "workstation" stuff? That's Android.

You've been able to do this on android since the Motorola Atrix.

I certainly want that. I use DeX all the time. It's amazing.

> we cannot “take over” the application identifiers for the open-source apps we distribute, as that would effectively seize exclusive distribution rights to those applications.

Since these are open source apps, couldn't f-droid maintain their own fork of each app with a different application identifier?

It would give Google the ability to shutdown F-Droid at will by baning their account and thus far more power to control what F-Droid publishes and how it operates. However, it seems like anyone could fork an open source app and use their own account and setup their own unique identifier for their fork.

No question this increases Google's power but it doesn't seem like it technically makes it impossible to operate a store like F-Droid.

Thanks! Macroexpanded:

Google's requirement for developers to be verified threatens app store F-Droid - https://news.ycombinator.com/item?id=45507173 - Oct 2025 (152 comments)

F-Droid and Google’s developer registration decree - https://news.ycombinator.com/item?id=45409794 - Sept 2025 (564 comments)

Open platform would be better, I agree. In the meantime until said open platform actually catches up to the current garbage duopoly, I may have no other choice but to be inconvenienced.

Principle > convenience. I am okay with that. Right now, GrapheneOS works properly and doesn't compromise my principles in exchange for the convenience.

"But as long as the masses value convenience over privacy and freedom, nothing will change, and Apple/Google will happily keep selling them devices that are now primarily designed to spy on them."

When I have taken the time to educate someone on a very personal level about privacy, the person understands the value and will change some of their habits. We can win this.

PinePhone

https://pine64.com/product/pinephone-beta-edition-with-conve...

> versus Pin64 selling a device to tinker with.

PinePhone Pro sure, but PinePhone works AFAIK. Similar specs as Purism's (though weaker cameras), and 4 times cheaper.

I also use Sailfish OS - its not perfect, but useable. :) And the way Android and iOS goes to shit, its current state might already be better than them soon. ;-)

(Sailfish OS is improving over time, if a bit slowly. :) )

PostmarketOS, Mobian, and GrapheneOS all seem to be good choices. Or simply not carrying a phone as I often do.

Let's see what will the future of Graphene be, since Google is not publishing the device tree anymore for Pixel devices...

It's kind of ironic that you have to actually give Google money in order to not use Android. I'm still amazed that there's no Graphene support for any other device.

Does anyone have a rough estimate for how many installation of GrapheneOS there are?

It's logical, and comes down to accuracy and comfort. It's the same reason why mechanical keyboards are best on desktop, not those silly flat Apple butterfly keyboards.

What I'm sad about is the fact that the QWERTY format was completely abandoned to cater to the entertainment-focused users on Android and iOS. Those are also the people who "don't care about privacy" and are fine with walled gardens, as long as their TikTok, Facebook and Netflix work.

Is typing on a touchscreen phone really that difficult for people? I did a Monkeytype test just now on my iPhone. I got 50WPM in the 30 second test. For comparison, I get about 100WPM when I type on a regular computer keyboard.

I feel like getting 50% typing speed isn't so bad, and I doubt I would get a lot better than that with physical buttons. Generally I'd rather have more screen real estate.

That said, I definitely prefer physical buttons for games.

https://android-developers.googleblog.com/2025/09/lets-talk-...

> Android Studio is unaffected because deployments performed with adb, which Android Studio uses behind the scenes to push builds to devices, is unaffected.

Paying Google $25 for the privilege of giving them a picture of your face and license to save in their cloud.

I believed the EU specifically ruled that Apple's rules which include this are NOT ok. And they're currently fighting Apple about it. Unless I missed something.

Almost all of the pushback I have seen is on the notion of "developer registration", not the cost. That's what I was responding to.

I don't know how much it costs. But if there's any pushback that it costs too much, my comment is not about that.

>Is the population too stupid to be permitted general purpose computers?

I'm strongly against this Android change (for a simple reason written below) but the answer to this is a resounding yes! The general population is a complete security disaster with unsigned software! The latest generations being brought up within abstracted mobile ecosystems are no improvement either on that front (probably worse).

That said - and I think this is a key point in this debate - sideloading apps is already a fringe part of the Android ecosystem. The vast majority of average Android users will never interface with this functionality. Well there is still obviously a security risk as with any time unsigned software is offered, it doesn't seem to me to be a major issue in the ecosystem. This is clearly about control, not security. Let's say there is more antitrust action and Google loses more control over their preferred forced storefront monopoly within the ecosystem. With this change, at least according my understanding of it, they are still the arbiter of what is allowed on the platform and not even if an app comes from another app store.

No, I am not flexing. I am just stating a fact.

FWIW, I am also pissed that there are only two mainstream options.

> have empathy for people who haven't the faintest idea how their gadgets work and no curiosity about learning that.

I sincerely hope that a lot of people are actually better than how the stereotypes may make one think. Empathy (or lack of it) doesn't change the issue: users are deprived of choice and forced to go along a corporate decision, whenever it benefits them or not.

Ultimately, it all boils down to lack of informed consent and power/voice disparity between casual users and large corporations, especially when the choice is limited (and we have a de-facto duopoly). What you're seeing here is users expressing their dissatisfaction with a major decision that goes against their interests and that they had no say in. Have some empathy for those folks too.

I'm pretty sure most people who are unhappy about the news don't want to harm anyone and find no enjoyment if someone is harmed by lacking informedness. I'm very confident there are ways to present the issue and give a choice in a manner that is comprehensible to anyone, without requiring any technical knowledge. Every competent adult should be able to decide if they want to risk a thief gaining access to all their accounts at the benefit of ability to have extended control over their phone. Or be unable to install applications not blessed by the vendor, at the benefit of vendor promising to keep them safe from malware. I might not do the best job here, but I strongly believe that such things can be explained to anyone regardless of their life choices.

That's not what Google is doing, and their disrespect for user autonomy should not be confused for a lack of empathy towards those who don't understand computers.

Consider this framing: there's a controversy whenever it's acceptable that one could be punished for their choices on how their devices behave. I.e. whenever users willing to have better control over their devices should be punished by a refusal to access a lot of popular apps, sometimes even resulting in social awkwardness. I'm sure that empathetic people can see how this can feel unfair.

I have empathy for them, that's precisely why I made them much more secure by recommending mobile Firefox with uBlock :)

Yes, these big corporations are truly benevolent entities who are only looking out for the common man, and us software engineers are out of touch and "lack empathy".

It couldn't possibly be a frustration and concern that this is blatantly anti-competitive and serves to make Google considerably more money and leaves us with little/no options for people who actually know how to use a computer.

Frankly I think the security argument is largely a smokescreen to avoid discussions of anti-trust.

> now Google has stopped providing device trees for the newer ones which I therefore won't buy

Yeah, that sucks. I don't know if they made any official statement on that. I hope they will continue releasing device trees. It's a feather in their cap that the best mobile device to use for de-Googling so far was a Pixel device (with alt OSes). I hope they won't lose that distinction.

Or you can try not updating Android or continue using a device already EOL. Can't have your cake and eat it too on releases and security patches.

But Apple will change those "warnings" into straight-up lies, and fail to mention the user can override them, and hide those overrides in non-discoverable places:

Whenever I try to open an unverified app, this popup comes up saying "[AppName] Not Opened" "Apple could not verify [AppName] is free of malware that may harm your Mac or compromise your privacy." Then there's only two options to either press "Done" or "Move to Trash." - https://old.reddit.com/r/mac/comments/1ekv55h/cant_right_cli...

Your only option is to click on OK button, which won’t open the app. So how do you do it? - http://www.peter-cohen.com/2016/12/how-to-open-a-mac-app-fro...

Apple knowingly falsely claiming unsigned apps are "damaged": https://appletoolbox.com/app-is-damaged-cannot-be-opened-mac...

That's only sorta how it usually works. The developer has to check with a singular US tech company before they can sign the software they've given you.

Except yeah, the way this android stuff works is closer to that way. Instead of Google giving out a key for signing, they instead ask for one and tie a developer to a namespace, so yeah, I guess your Android phone has to check whether or not that namespace is "in the clear"

Thats a false equivalency. I didnt say that software was safe because its been checked. Just that at the least, one can somewhat figure out where the software came from.

Getting a DUNS number obviously doesn't make it so that you cant publish malware. It just provides a level of traceability/obstacle that slows down the process of distributing malware.