Google's new developer verification requirements starting September 2026 will force ALL Android app developers to register with Google - even those avoiding the Play Store entirely. F-Droid, the tr...
I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.
I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.
Of course, this will only help those whose devices GrapheneOS can run on.
The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.
Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.
I think the issue is new hardware and google starting to close source android, so that Graphene devs don’t have the open source to work with. They’ll probably get binary blobs
It’s my understanding that the changes that were made didn’t make things more or less proprietary. Some drivers are still open source, others are still closed source. The device trees mostly have other things in them like configuration files and stuff like that.
The way Google will block apps with unverified developers won’t work on GrapheneOS. The change won’t be part of AOSP. On the stock OS, the functionality will be handled by another Google app that has privileged access. GrapheneOS won’t be affected directly.
Shouldn’t they be keeping bypass strategies a secret right now?
They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.
If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.
I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.
I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.
Of course, this will only help those whose devices GrapheneOS can run on.
The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.
Do you have source to this?
Just check the project’s X account. The OEM partnership is mentioned very regularly.
Hope it’s a Chinese phone
Hope it’s Fairphone.
It’s a bit of telephone, I originally heard it from this user.
https://lemmy.blahaj.zone/comment/16087016
Wdym a device that meets theur specs, as in a replacement for the Pixel? Or straight up a GrapheneOS device, standalone?
A device that meets GrapheneOS’s requirements to be installed on. I don’t think it will be exclusive or anything.
Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.
ROFL we got redstarOS on mainstream phones before gta6
I think the issue is new hardware and google starting to close source android, so that Graphene devs don’t have the open source to work with. They’ll probably get binary blobs
It’s my understanding that the changes that were made didn’t make things more or less proprietary. Some drivers are still open source, others are still closed source. The device trees mostly have other things in them like configuration files and stuff like that.
It sounds OK for now, but it seems Google is on a path of closing things up like Apple.
Soooo we just block that app, right?
It just won’t work on GrapheneOS. Not sure if disabling it will work on the stock OS. We will have to wait and see on that one.
And how long is it going to work?
Do we really want to play cat and mouse with Google? I don’t.
The way Google will block apps with unverified developers won’t work on GrapheneOS. The change won’t be part of AOSP. On the stock OS, the functionality will be handled by another Google app that has privileged access. GrapheneOS won’t be affected directly.
Shouldn’t they be keeping bypass strategies a secret right now?
They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.
If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.
and bloat default android devices even more! 🎉