After the news cycle recently exploded with the announcement that Google would require every single Android app to be from a registered and verified developer, while killing third-party app stores …
Installing the third party stores would be way harder than it is right now if they do that though. No way the devs of e.g. f-droid are getting a verification on an app that bypasses Google’s new ‘safety measures’
That’s only if the apps distributed are unverified. Mind, the EU already requires app stores to document the identities of devs, but there are loopholes for Small enterprises. In 2027, manufacturers need to document the identities of their suppliers. There are still exceptions for non-profit open source projects, but that’s not what Google is. Surely, no one here wants Google to avoid regulations by investing in open source.
I believe F-Droid signs the packages it distributes so that creates a painful choke point. Revoke F-Droid’s key and it will break all of F-Droid instantaneously. The only exception for F-Droid’s signing is if the build is reproducible, which is a high bar for a lot of projects, and then F-Droid will use the upstream signature.
I expect phones in the EU are going to become a lot more locked down in the next 14 months, like Samsung is already showing. But also think that Google will try its best to make developing for Android easy to get into.
So now 3rd party app stores need an ADB loopback to work around that.
Not hard to do, but uselessly annoying.
Installing the third party stores would be way harder than it is right now if they do that though. No way the devs of e.g. f-droid are getting a verification on an app that bypasses Google’s new ‘safety measures’
I could imagine something like Sidequest happening on Android.
That’s only if the apps distributed are unverified. Mind, the EU already requires app stores to document the identities of devs, but there are loopholes for Small enterprises. In 2027, manufacturers need to document the identities of their suppliers. There are still exceptions for non-profit open source projects, but that’s not what Google is. Surely, no one here wants Google to avoid regulations by investing in open source.
I believe F-Droid signs the packages it distributes so that creates a painful choke point. Revoke F-Droid’s key and it will break all of F-Droid instantaneously. The only exception for F-Droid’s signing is if the build is reproducible, which is a high bar for a lot of projects, and then F-Droid will use the upstream signature.
Also, they’re trying to close the ADB loophole.
I expect phones in the EU are going to become a lot more locked down in the next 14 months, like Samsung is already showing. But also think that Google will try its best to make developing for Android easy to get into.
I think you can already do that with shizuku and dome fdroid clients. It also makes using 3rd party appstores more convenient just in general.