Google details new 24-hour process to sideload unverified Android apps (opens in new tab)

The part in the flow where you select between allowing app installs for 7 days or forever is a glimpse into the future. That toggle shows the thought process that's going on at Google.

I can bet that a few versions down the line, the "Not recommended" option of allowing installs indefinitely will become so not recommended that they'll remove it outright. Then shrink the 7 day window to 3 days or less. Or only give users one allowed attempt at installing an app, after which it's another 24 hour waiting period for you. Then ask the user to verify themselves as a developer if they want to install whatever they want. Whatever helps them turn people away from alternatives and shrink the odds of someone dislodging their monopoly, they will do. Anything to drive people to Google Play only.

At this point I'm convinced that there's something deeply wrong with how our society treats technology.

Ruining Android for everyone to try to maybe help some rather technologically-hopeless groups of people is the wrong solution. It's unsustainable in the long run. Also, the last thing this world needs right now is even more centralization of power. Especially around yet another US company.

People who are unwilling to figure out the risks just should not use smartphones and the internet. They should not use internet banking. They should probably not have a bank account at all and just stick to cash. And the society should be able to accommodate such people — which is not that hard, really. Just roll back some of the so-called innovations that happened over the last 15 years. Whether someone uses technology, and how much they do, should be a choice, not a burden.

This is going to hurt legitimate sideloading way more than actually necessary to reduce scams:

- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?

- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need. This kills the pathway for new users to sideload apps that have similar functionality to those on the Play Store.

The rest -- restarting, confirming you aren't being coached, and per-install warnings -- would be just as effective alone to "protect users," but with those prior two points, it's clear that this is just simply intended to make sideloading so inconvenient that many won't bother or can't (dev mode req.).

It is way past time to build a 'people's phone', funding it through a platform like LiberaPay [1][2] or Open Collective [3][4], with a requirement for the device to be completely open-source.

[1] https://liberapay.com/ [2] https://en.wikipedia.org/wiki/Liberapay [3] https://opencollective.com/ [4] https://en.wikipedia.org/wiki/Open_Collective

If we start today, we could have a new phone in 2-3 years. Future generations will thank us.

It's not just phones. There is a concerted movement by massively-moneyed folks to destroy the fabric of open society, so there are a number of different areas that need attention. A coordinated effort across the breadth of society to restore, maintain or improve the foundations of open society.

The forced ID for developers outside the Play store is already killing open source projects you could get on F-Droid. The EU really needs to identify this platform gatekeeping as a threat. As an EU citizen I should not be forced to give government ID to a US company, which can blacklist me without recourse, in order to share apps with other EU citizens on devices we own.

Welp, I guess my current Android phone will be my last one.

At least half of the apps I use on a daily basis come from f-droid. This enforced 24-hour wait is simply not acceptable. Android has always been a far inferior overall user experience compared to iPhone. Android's _only_ saving grace was that I could put my own third-party open-source apps on it. There is nothing left keeping me on Android now.

I'll probably get an iPhone next, but I do sincerely hope this hastens progress on a real "Linux phone" for the rest of us. Plasma Mobile (https://plasma-mobile.org) looks very nice indeed. I'll be more than happy to contribute to development and funding.

Death, taxes and escalating safety are the only certainities in this tech dominated world. So, be ready for more safety in the next round few months/years down the line. Eventually Android will become as secure as ios. We need a third alternative before that day comes.

It's not a win by any means. I hope that we don't stop making noise.

I'm generally OK with this, but the 24 hour hang time does seem a bit onerous.

Most of the apps on my phone are installed from F-Droid. I guess the next time I get a new phone I'll have to wait at least 24 hours for it to become useful.

I'm seriously considering Graphene for a next personal device and whatever the cheapest iOS device is for work.

The "protective waiting period" of 24h is what kills it. For people like me, who rely more and more every day on OSS apps not necessarily in the Play Store, installing a new phone will mean waiting a full day for almighty Google to allow me to do so. It reminds me of the same annoyance of carrier phone unlocks.

I wonder how this will play out in the phones coming out of the Motorola+GrapheneOS partnership.

This 24-hour wait time nonsense is a humiliation ritual designed to invalidate any expectation of Android being an open platform. The messaging is very clear and the writing's on the wall now, there's nowhere to go from here but down.

Anytime I open the Play store it feels like I am getting hustled to install Scam Software I don't want. With Scam I mean either it is overblown with Ads or wants a subscription.

I really extremely rarely open the Play Store.

F-Droid is my place to. Even if the tools are simple, they are reliable.

Maybe Google is also scared, that with coding agents some OSS Tools improve that much that commercial alternatives don't matter.

>And what is malware? For [Android Ecosystem President], malware in the context of developer verification is an application package that “causes harm to the user’s device or personal data that the user did not intend.”

Like when Google, Facebook, Apple, Microsoft, et al. cooperated with¹ the unconstitutional and illegal² PRISM program to hand over bulk user data to the NSA without a warrant? That kind of harm to my personal data that I did not intend?

If so, I'd love to hear an explanation of why every Google/Alphabet, Facebook/Meta, and Microsoft application haven't been removed for being malware already.

¹ https://www.theguardian.com/world/2013/jun/06/us-tech-giants...

² https://www.reuters.com/business/media-telecom/us-court-mass...

There will no any benefit from using Android instead of iPhone if there's no sideloading.

As for the IDs, I think what happens is that Google sees no need to have hobbyists anymore in the ecosystem. Companies are easier to deal with, easier to change ecosystem to what's needed for Google. While for app development companies, there will be a single enterprise account with some ID used for many developers. And companies just shut up and follow almost any non-financial requirements Google wants to add.

In contrast, opensource developers frequently go public advocating for user privacy and data prorection, while companies tend to be on the same side as Google squeezing any bit of personal user data to sell it for any margin possible.

Is any open mobile device and OS ecosystem possible at this point of time, other than the hobbyist one? With closed gates of LTE/5G ecosystem it seems there's no such possible at all.

Although I'm slightly relieved there is a way out of Googles verification system, it's still pretty wild if you compare this to installing software on a Windows pc. I'm sure Microsoft is heading in the same direction with Windows, but today its still "only" a few confirmations to install anything.

This will sadly still put a major damper on adoption of open source apps, while giving a false sense of security that apps from the Play store are safe.

Years down the road, the low usage of apps installed from outside the Play store will be used as an argument for removing the functionality completely.

In addition to a enabling it in this onerous way, this should be a thing you can set when you first set up the phone after factory default: "I am technologically literate and I accept the risks of side loading indefinitely." If it's set once during set up then none of the vulnerable people will have it set for the lifetime of their phone. A scammer would have to factory reset their phone which would defeat the purpose of gaining access.

That's a lot of words to explain how to install things on the device I supposedly own.

Wondering how long the blogpost would be if it explained what the flow for corpoloading applications approved by Google's shareholders would be?

> Restart your phone and reauthenticate: This cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.

This is smart.

But putting my design hat on here: couldn't this be the whole approach? When enabling the "unverified apps" setting, the phone could terminate all running apps and calls before walking the user through the process.

Why do you even need the rest of the complexity -- if the fear is that non-savvy users are being coached into installing malware,then preventing comms while fiddling with the settings seems pretty OK?

You could even combine this with randomised UI, labels etc. so it's not possible to coach someone in advance about what to press.

It's getting harder and harder to be an Android enthusiast. Especially given the hypocrisy of Google Play containing an awful lot of malware.

As an idea, what about allowing the 24 hours to be bypassed using adb (edit: bypass to allow indefinitely, not just install a single app)?

I understand there is some problem trying to be solved here, but honestly this is still quite frustrating for legitimate uses. If this is the direction that computing is moving, I'd really rather there were separate products available for power users/devs that reflected our different usage.

The secret reason they are doing this is because governments want to be able to identify everyone online everywhere it matters at all time. They want to strip anonymity from computing.

Apple and Google can now credibly claim to governments to have nearly ubiquitous computing platforms that they can guarantee do not run any software that is not approved or antithetical to the goals of authorities. This makes the device safe for storing things like government IDs. OSs and Browsers will be required to present these IDs or at first just attest to them.

Before posting online, renting a server, using an app you will have to idenitfy yourself using your phone or similarly locked down PC (i.e. mac).

The introduction is under the guise as always of protecting the children. In reality they are removing your rights to privacy and free speech.

24 hour mandatory wait time to side load!? All apps I want to use on my phone are not in the Play Store. So I buy a new phone (or wipe a used phone) and then I can’t even use it for 24 hours?

Whoever worked on this: Thank you for your killing open computing. I hope you are proud and don't spend all the money at once.

This news confirms my thoughts to abandon Google's line of Android upgrades at the first opportunity.

Even before Google's edict I disabled enforced Android updates in case that at Google's demand manufacturers slipstreamed some restrictive code that cannot be later removed. One only has to look at the disastrous precedent with Windows 11 to see how insidious and ever-increasing lock-in works.

Fact is Big Tech cannot be trusted and there's a long lineage to prove it—MS Windows, Sun/OpenOffice and many others—and now Android. To avoid future calamities like this and to ensure survival of F-Droid, et al we urgently need to break Big Tech's nexus with open source independent of Big Tech's control.

I can only hope more manufacturers are prepared to fork Android to cater for the upcoming demand.

I'd urge everyone here to seriously consider switching to GrapheneOS. It's a far simpler transition than e.g. switching from Windows or OSX to Linux, and many people find that it has basically no friction vs android.

More people moving to GrapheneOS is the best tool we have against Google's continued and escalating hostility to user freedom and privacy and general anti-competitive conduct. (Of course, you could ditch having a smartphone entirely..., but if you're willing to consider that you don't need me plugging an alternative).

Calling "installing something without Google's or Apple's consent" "sideloading" is stupid.

I will die on this hill.

I'm not sure if I've heard this discussion from somewhere else and took it as my owm thought. Anyways, I consider this era the beginning of tech feudalism. I honestly don't think we'll be able to escape it. Please note I use Linux and GapheneOS as my two main daily drivers. Most normal people do not care and they think it's crazy I'd make my life so inconvenient. It's my perspective, but I believe users in general don't care, understand, and prefer convenience over choice. Which gives a lot of power to this push for max control. Wether we like it or not I think we won't be able to stop it. I'm not being negative about it or trying to demoralize anyone. We already have at least four basic tech-feudal states, Microsoft, Android, Apple, and Freedom-Software. Each one somewhat has a used base that reflects it's ideology.

> “In that 24-hour period, we think it becomes much harder for attackers to persist their attack,” said Samat. “In that time, you can probably find out that your loved one isn’t really being held in jail or that your bank account isn’t really under attack.”

I wanted to be negative about the whole idea, as due to my age I'm resentful of not being allowed to use my own computer as I see fit.

On the other hand, in principle I see what they're going for here. The only decent argument for these user-hostile lockdowns is the malware issue.

taps the sign: https://medhir.com/blog/right-to-root-access

They should let you skip the wait if you're setting up a device for the first time.

Even alternatives like GrapheneOS relies on AOSP. I wonder if it's possible for regulators in certain countries to pressure Google to kill it in the future.

Even if that's not the case, I'd imagine attestation apps like banking apps would require some kind of identity verification in exchange for trusting Graphene's keys.

In principle it doesn't make sense to leave any escape hatch, but I guess as always, it boils down to economy.

Am I going to have to wait 24hrs to have Google's malware and spyware forceloaded onto my phone, or is this a different category of malware?

> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.

I don't quite understand how those installs would be tracked. If I create a "hobbyist" account and share the apk, are the devices that install that app all reporting it to Google? To my knowledge, Google only does this through the optional Play Protect system, is that now no longer optional? I'd like to know if my computer is reporting every app I install up to Google.

"Android is one of the most open systems I've ever seen. What makes Android great is it's literally designed from the ground up to be customised in a very powerful way." -- Sundar Pichai

Oh, how times have changed. And so many believed this and repeated it.

24H forced wait time?!? WTF

When I side-load open-source apps for other people, I want to do it right in the moment, not activate the feature, and the next time I see them (like half a year later), install the app.

When Google announced there would be an alternative installation method, I did not expect such a mess...

> In addition to the advanced flow we’re building free, limited distribution accounts for students and hobbyists. This allows you to share apps with a small group (up to 20 devices) without needing to provide a government-issued ID or pay a registration fee.

What stops scammers from simply creating a new hobbyist account for every 20 people they scam?

To their credit, the 24hr hold would actually serve an important, legitimate purpose if the same malware weren't going to be on the PlayStore anyway. I was expecting to disagree with their public statements more than I actually did on this topic.

This still isn't a good idea. It's not going to materially improve security for anyone, so all the negatives (beaten to death here and elsewhere) are still top-of-mind.

'Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.' - Benjamin Franklin

Find the email address of the CEO/board members. When you get this on your device. Let your thoughts be known to them with a screenshot. Feel free to use language that will make them feel dumb and sad. Don't expect them to understand logical arguments or pleas.

Companies get away from this because they distance themselves from their customers and they have systems to hide feedback.

> Flip the toggle and tap to confirm you are not being coerced

This is just spreading fear. If you're being coerced to do this, then you're in a much bigger danger than what a rogue application sideloaded to your phone represents.

> Balancing openness and choice with safety

No, I'm afraid this is tipping the scale of control in Google's favor.

How exactly is this going to stop scammers from simply modifying their scam runbook to say "Turn this thing on, and get back to me in 24 hours.", and then continue on from the next step?

We know from Nigerian email scams that these things can stretch out days, weeks, months, all to get the victim to do the thing.

The goal seems to be breaking the real-time guidance scammers rely on. 24h probably works, but it feels like a heavy tradeoff for legit users.

Stop propagating the term sideloading like its some kinda dirty thing.

Its just installing an app.

So this means one can't just copy over unsigned apps from previous phone when transferring.

As others have suggested, there should be an option skip the 24hr wait when activating at setup time. Or, alternatively, when the previous phone one is transferring from has it enabled it should be without wait time on the new one.

It probably sounds like a nitty gritty detail here but who is enforcing the 24 hours and how are they enforcing it?

Because if that "enforcement" is Google then they are still engineering a situation where they hold the keys to the kingdom. They may benevolently let you install what you want, but the sword of damacles will hang over everyone forever, with the darth vader contract in full force ("pray we don't change the deal any further"). If nothing else, it will have a chilling effect. But more than likely, it will attract regulators like moths to a flame to coerce Google into banning their favorite open source apps that they don't like. In other words: it won't solve anything at all, really.

Honestly, if coerced sideloading is a real attack vector, then this seems to be a pretty fair compromise.

I just remain skeptical that this tactic is successful on modern Android, with all the settings and scare screens you need to go through in order to sideload an app and grant dangerous permissions.

I expect scammers will move to pre-packaged software with a bundled ADB client for Windows/Mac, then the flow is "enable developer options" -> "enable usb debugging" -> "install malware and grant permissions with one click over ADB". People with laptops are more lucrative targets anyway.

Hmm, as long as the waiting period is not per-app then maybe this is OK. Especially now that there is a well supported way to distribute alternative app stores without going through the sideloading process.

Is there an accurate, neutral third party link about this that we can make the primary link instead?

https://hn.algolia.com/?dateRange=all&page=0&prefix=true&sor...?

Edit: I've put one up there now - if there's a better article, let us know and we can change it again. I put the submitted URL in the toptext.

This is getting a ton of hate here, but I think it feels like a pretty reasonably balanced response to competing concerns: protecting literally billions of non-tech-savvy users from potentially malicious social-engineering attacks while allowing devs and tech-savvy a path to bypass that protection if they’re sure they want to.

What concrete change to the policy would be a strict Pareto improvement keeping just those two concerns in mind?

If this becomes widely successful and side-loaded crapware apps and Android phone scammers drop off a cliff, we will still be upset because we want a perfect world where everyone is above average in their digital security. Time boxing is a great compromise and you've lost none of your previous freedoms. Guaranteed convenience of side-loaded software was never in the Android terms of use.

Reminder that when you use terminology like "sideloading" you're accepting the premise that there's something inherently dodgy about installing your software onto your operating system.

Just call it "installing".

I get that its pretty clear with the straight sideloading case, but can anyone say for sure what this will look like for an f-droid user? Its hard to keep track but I thought something new here because of EU is that alternative app stores != sideloading? Something where app stores could choose themselves to get "verified," whatever that means, to become a trusted vendor? Or is this completely wrong?

The alleged inability of a company like Google to create an operating system that makes banking apps secure while allowing users to install whatever they like is very implausible. Android apps are already sandboxed and have fine-grained access control, and the operating system controls everything that is painted on the screen.

The security justification for this measure is not credible.

Could this be worked around by installing a single shell app which then loads other apps internally? I think it's possible to dynamically load Dalvik byte code in ART these days, right?

Obviously permissions would be a problem, as you can't update the app manifest, so there would either have to be one shell app per publisher (which would at least solve the problem of installing updates for their apps) or the shell would need its own internal system for managing permissions (like a browser does). Maybe it could also sandbox different apps from each other in different subprocesses, unless that needs root privileges, but maybe it's possible with Landlock?

Or we can always fall back to the "sweet solution" Steve Jobs offered us with the original iPhone, and just let the web browser be the shell.

Or implement everything as WeChat mini programs.

“sideload”, is installing software without some asshole preventing me.

Let’s be clear here.

tl;dr:

- You need to enable developer mode

- You need to click through a few scare dialogs

- You need to wait 24h once

I wonder how long this will last before they lock it down further. There was a lot of pushback this time around and they still ended up increasing the temperature of the metaphorical boiling frog. It still seems like they're pushing towards the Apple model where those who don't want to self-dox and/or pay get a very limited key (what Google currently calls "limited distribution accounts").

I am not happy about this, but as long as advanced Android users can still turn this off and keep it off, we're still in a better place than iOS.

Even though I understand the design decisions here, I think we're going about this the wrong way. Sure, users can be pressured into allowing unverified apps and installing malware, and adding a 24-hour delay will probably reduce the number of victims, but ultimately, the real solution here is user education, not technological guardrails.

If I want to completely nuke my phone with malware, Google shouldn't stand in my way. Why not just force me to read some sort of "If someone is rushing you to do this, it is probably an attack" message before letting me adjust this setting?

Anyone who ignores that warning is probably going to still fall for the scam. If anything, scammers will just communicate the new process, and it risks sounding even more legitimate if they have to go through more Google-centric steps.

They're treating users like toddlers. Having to wait 24 hours to use my phone how I want to?

The timing is interesting. With the measurable shift in quality of models and the agentic workflow becoming more popular (exacerbated by SaaS companies trying to democratise app building), there will probably an explosion of even more apps (as if there aren't enough already). The programmer in me likes that because I can easily build an app that is specific to my needs. But so can a person who doesn't have the technical background which combined with poor security track record of LLM generated code, is a risky combination security-wise. Not sure if that was actually the motivation or whether it was preserving the revenue from the developer ecosystem by creating another walled garden.

* enable developer options

* confirm that you are not tricked

* restart phone and re-authenticate

* wait one day

* confirm with biometrics that you know what you are doing

* decide if you only want unrestricted installs for 1 week or forever

* confirm that you accept the risks

* enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this

There are multiple apps that I know and want to use that are no longer available on Play Store, but only via Zapstore, Obtanium or similar. I'm just hoping that these changes don't affect solutions like GrapheneOS or that we will soon get linux based phone that's good...

It's not like the Google Play store hasn't been known to host malicious apps, yet you are not required to wait 24 hours before you install apps from their store.

I suspect they are hoping users just give up and go to the play store instead. Google touts about "Play Protect" which scans all apps on the device, even those from unknown sources so these measures can barely be justified.

Imagine if Microsoft said you need to wait 24 hours before installing a program not from their store, which is against the entire premise of windows.

Computing, I once believed was based on an open idea that people made software and you could install it freely, yes there are bad actors, but that's why we had antivirus and other protection methods, now we're inch by inch losing those freedoms. iOS wants you to enter your date of birth now.

The future feels very uncertain, but we need to protect the little freedoms we have left, once they're gone, they're gone for good.

they even say that you can allow sideloading temporary or indefinitely. Guess which option wont be available anymore in two years.

I switched to iOS in anticipation of this change. The reality is, if they are thinking about doing this, it's only a matter of time before they do it. If I have to choose between two walled gardens, apple will win every time.

Supported Android since the beta m3 SDK in 2008 (ok, I was in high school, but I still downloaded it!) Never considered abandoning it before now.

It's time to leave Android.

Call me naive, but despite the feeling in my gut I was holding out for Google's answer. Reading what it is, this is still going way too far. You essentially need to be a developer in order to sideload, which brings Android down to parity with iOS.

No, being able to sideload (on my phones, AND friends and family as-needed) is a fundamental computing right. This is my personal belief. And this move by Google is a step too far.

The search begins...

I've been slowly degoogling because of how Google is treating Android. It's slow, but I've been setting up emails on other providers, stopped using Google search, stopped uploading photos etc.

I feel like loading sideloaded applications it's locked enough, google created google protect (which I have disable) but it if you have it enabled you are unable to instal sideloaded apps, also you have to accept the prompt to accept the app you're installing from and the prompt from your android to let you install sideloaded apps, like how many prompts is enough? now also a fee and verification. Most of the apps I enjoy the most are in alternatives stores. Ankidroid,keeepassxc,revanced, newpipe,tubular.

This is destroying and devaluing the app ecosystem on all platforms, discouraging companies from treating it as a stable target, right when Apple is gaining dominant market share.

Is it really worth executing payments, maps, geospatial APIs, etc. on one platform if >30% of your customer base can't use it and it changes every 6 months (because that's what they've engineered)? No. Who wants to maintain that?

Then what is the interface people are pushed to? The browser, where Google historically dominates.

> Install apps: Once you confirm you understand the risks, you’re all set to install apps from unverified developers, with the option of enabling for 7 days or indefinitely. For safety, you’ll still see a warning that the app is from an unverified developer, but you can just tap “Install Anyway.”

If you can enable this once, forever, after a 24 hour cooldown period I don't hate this as much as I hated some of the other proposals from Google. It'll just be something you do as part of the setup for a new phone.

This is the main thing that Android users have been saying is the differentiator for them using Android, and they're butchering it in multiple ways. Wild.

I've stuck with Android despite privacy concerns because of the control I have over the device. If they're going to do this I might as well go Apple.

I feel like there's a big thing being missed in all of this, which is that F-Droid lives. I scrolled through hundreds of comments so far and not seen anyone make this observation.

Do I love it? Absolutely not. But F-Droid was facing an existential threat from the early early versions of the proposal and now will continue to live. Again, I don't love it but this is a huge change to the fate of F-Droid.

The 24 hour wait period is the largest of the annoyances in this list, but given that adb installs still work, I think this is a list of things I can ultimately live with.

At this point the meta for tech inclined people is to go full dumbphone, get a UMPC with SIM card support, cobble together a cyberdeck with a SIM module, or building an ESP32 powered cellphone (https://www.xda-developers.com/someone-made-a-4g-esp32-smart...). RIP F-Droid.

The measures seem a lot less restrictive than I expected. 24h wait time is nothing if you suppress your ego, developer options is already the first thing I enable, an open adb channel is and will be a constant choice and the one-time-forever option a neat convenience. They could kill user experience for all but it's more a friction and not a restriction.

Nothing screams being infantilised by your platform more than having to wait 24 hours to be allowed to install software on your own purchased computing devices.

I think this topic is not about safety, but about profit and responsibilities.

The reality is that users should take responsibility but are not allowed to, so Google takes over and makes a profit.

You don't need a CS degree to use a phone, but you can be a power user by time....but not anymore, the company needs you to stay fool and pay for "help" (not directly sometime).

This is a marketing tactic, similar to a side-load.

It'd be nice if they put a little sticker on the box or a flashing warning when you go to buy the phone noting that you'll be unable to use it as you desire for 24 hours if you are not willing to bend over to your corporate overlord.

Alternatives like GrapheneOS and Lineage are the way to go for right now, but I worry as things get more and more locked down that those options won't work with a lot of apps.

Funny how that post doesn't mention that a huge amount of malware is downloaded from Google (from the Chrome Web Store as well as from Google Play).

That's not entirely unreasonable. As long as there is a way to enable this in perpetuity for my device(s) and it works for all Android devices it's a compromise I could live with.

Again, can we, please, stop call it side-loading. I'm not sliding in anything "from the side" on the sly, I am simply installing an app of my choice on my damn phone.

Tbh, I love this flow. They truely think for users, all users not just advanced users. Unlike Apple, Apple just think for its ecosystem, its money.

  How the advanced flow works for users

  Enable developer mode in system settings: Activating this is simple. This prevents accidental triggers or "one-tap" bypasses often used in high-pressure scams.
  Confirm you aren't being coached: There is a quick check to make sure that no one is talking you into turning off your security. While power users know how to vet apps, scammers often pressure victims into disabling protections.
  Restart your phone and reauthenticate: This cuts off any remote access or active phone calls a scammer might be using to watch what you’re doing.
  Come back after the protective waiting period and verify: There is a one-time, one-day wait and then you can confirm that this is really you who’s making this change with our biometric authentication (fingerprint or face unlock) or device PIN. Scammers rely on manufactured urgency, so this breaks their spell and gives you time to think.
  Install apps: Once you confirm you understand the risks, you’re all set to install apps from unverified developers, with the option of enabling for 7 days or indefinitely. For safety, you’ll still see a warning that the app is from an unverified developer, but you can just tap “Install Anyway.”

Could the title say "process to install non-curated Android apps"? "Sideload" and "unverified" imply that the collection of centrally approved apps is the default way to install software.

Or maybe it is and android's promises about openness are dead.

Do you need a Google account to opt out of the restriction? It says something about authenticating.

I don't have a Google account on my Androids. But I can't remove play services on them, sadly. As an intermediate protection I just don't sign in to Google play, that gives them at least a bit less identifying information to play with.

I hope this can be done without a Google account.

This seems like a good solution that will put a sizeable dent in scam success rates while not actually removing options for developers and power users. The added friction will make some people bounce off F-Droid and the likes which is unfortunate, but the wins here in scam prevention are much bigger than the losses in onboarding power users.

This is great news for my wife and my parents, but it would really be nice to have the choice when it comes to my phone's OS. Just like I had with Linux. I boggles my mind how the components in a phone are somehow different to the components in a PC in that they are unaccessible to people who write drivers for them.

So if I have to reinstall my phone it won't be usable for 24h because I won't be allowed to install my F-Droid apps?

Android should be freed from Google. I know, I know, not realistic, not easy to do, but still. With that I mean there should be only open source software at all times, at the least for any base system to use (so, not only Google but ALL of them; this is a different focus than open source alternatives).

Since after doing this Google knows the user knows what they're doing (and officially they say they don't want to get in the way), why does this only enable installing unverified apps (still unprivileged), why is the system still insanely locked down? I thought the 24-hour delay solved the "security" problem?

Can you set your clock forward or does this also require phoning home to a central server to install an app on your computer?

People already have the choice between an ecosystem that offers the safety of a walled garden and one that allows the freedom to do anything you like, including shooting yourself in the foot.

Google's decision to walk back the supposed freedom to run anything you like removes user choice from the marketplace and harms consumers.

How is a 24 delay for manually installing apps going to combat malware on Google's play store?

A lot of people here are looking for compromises. Any compromise on this means giving ground to Google's monopoly and the war on open computing and ultimately freedom.

This is exactly what Google intended. This is why they started off by announcing completely removing device owner chosen installs (this is not side loading! It's simply installing.) and announced only apps allowed by Google would be available for install.

They knew it would cause backlash. They anticipated that and planned ahead faking a compromise.

They are trying to boil us like frogs by so slowly raising the temperature so we do not notice. Whenever the water gets so warm that people do notice they cool it down a little. But they will turn up the the heat again!

This 24h window is designed to make device owner controlled installs as unattractive as possible. They try to reduce it as much as they can while having plausible deniability ("You can still install apps not whitelisted by us"). They want to get the concept of people installing software of their own choice onto their own device as far away from the mainstream as possible. They want to marginalize it. They want to slowly and quietly kill off the open Android app ecosystem by reducing the user base.

The next step will be them claiming that barely anyone is installing apps not signed by them anyway. First they make people jump through ridiculous hoops to install non whitelisted apps, then they use the fact that few people jump through these hoops to justify removing the ability altogether.

Google does not care about preventing scams. If they did they would do something against the massive amount of scam ads that they host. Scams are just their "think of the children".

Do not play by their playbook!

Do not give them ground!

We must not accept any restrictions on the software we run on our own devices. The concept of ownership, personal autonomy and choice are being dismantled. Our freedom is the target of a slow, long waging war. This is yet another attack.

We must not compromise with the attacker. We must not give them any centimeter of ground.

Personally, I think they should at least drop the $25 fee if you publish outside of Play Store.

If this was truthful about security...

Google could make a mobile website to take an app apk and verify it if its secure and offer to install it back to android users ...

My bias, former Android app developer.

This is using the increase in attacks to do a business monopoly goal instead...

Coming soon:

- New toaster requires permission from manufacturer to toast bread from a local bakery.

- Car manufacturer to vet all passengers. Any unidentified and unvetted passengers will disable the vehicle.

- TV manufacturer requires 7 days advance notice of what you want to watch.

This is what I have with my bank. I need to wait 24h after adding a new recipient for wire transfers.

Being treated as a toddler by an organization that is itself completely disfunctional is mzking me angry.

I read several articles about this today, and surprisingly, found this video more clear and easy to understand what is the situation https://youtu.be/-WF34Sgq76c

Well, this sucks.

The fact that I can sideload whatever I need and stay out of Google's ecosystem is the whole reason I use Android. Given the miserable choice between two fully locked-down platforms, why would I pick theirs?

Developers could protest by changing our app icons to grayscale: https://news.ycombinator.com/item?id=47354917

I think the new solution is a good compromise.

The 7 days vs forever choice is still crappy and gives me a bit of bad vibes considering they are the ones that pulled the youtube promotions (shorts, games) you can never turn off forever, so there's the concern they will remove the forever option from Android in the future. But as long as they don't end up doing that, it's fine for me.

Also, I do think it would be a good idea to make an exception to the 24-hour wait time if the phone is new enough (e.g. onboarding steps were completed less than one day ago), and/or through some specific bypass method using ADB. Power users who get a new phone want to set it up with all their cool apps and trinkets right away, and it's not good user experience to have to use ADB to install every single sideloaded app. Meanwhile a a regular user getting scammed right after getting a new phone is statistically unlikely.

I think I would be fine with that if they also provided the option to check the box immediately when you first setup your account on a new phone. I don't want to wait for 24 hours every time I change phones.

The only reason I stuck with Android was to have the freedom to basically install anything I like. This is not a solution, much less to any problem which existed before. I don't think my next phone will be Android.

So what's the solution? Graphene OS? Let's convince everyone we know to buy the upcoming Motorola phone. If it's sales hit 10s or 100s of million devices, only then Google will listen.

So Google tightens its iron grip for "alternative" app stores.

So this effectively means, if you buy a new phone and want to set it up, you'll have to do it tomorrow, because of an arbitrary flow Google created to save their play store percentages...

Feels like one of those changes that makes sense from a security perspective, but will mostly hurt smaller devs who rely on sideloading.

Curious how this will play out for niche apps that aren’t on the Play Store.

How does it track time? Is it possible that user will just change current time to the future to instantly process the request? Is it possible to track time "safely"?

There are numerous alternative operating systems and variants out there that should get more of our attention now. There's a mobile ubuntu, e/os , and more.

Some years ago had a scam call about my "router connection error logs" and "I needed" to install TeamViewer from the PlayStore... So can't imagine what is this going stop

That's just friggin great, except for those who use newer phones from Cricket - who disables developer mode for until the phone's been active on their network for 6 months...

the best marketing apple has received in a long; death by self sabotage

I'll say it again: this isn't a problem for Android to solve. Scammers will naturally adapt their "processes" to account for this 24-hour requirement and IMO it might make it seem more legitimate to the victim because there's less urgency.

The onus of protecting people's wealth should fall on the bank / institution who manages that persons wealth.

Nevertheless, this solution is better than ID verification for devs.

They do it for your own good, to defend you from dangerous software.

Dangerous software is software that is not making Google money and that does not give Google control.

Calling for regulators, especially the EU, is futile. They want this. All you'll get is something that feels and sounds like pushback, at most.

Good guy Google must have published the numbers of scamming incident due to current software installation setup.

I appreciate if some good samaritan can link to it.

I'd rather not have to go through this ritual, but I appreciate that there is a genuine security problem that google are trying to address. I also suspect that they have other motivations bound-up in this - principally discouraging use of alternative app stores. But basically I could live with this process.

Yeah, I know... Stockholm syndrome...

Although I may not have to live with it, as none of my present devices are recent enough to still receive ota updates.

Context: I don't use alternative app stores. I occasionally side-load updates to apps that I've written myself, and very occasionally third party apps from trusted sources.

One gotta give it to them, advanced flow, what a great new double-speak-ism, would have made the ministry of truth very very proud.

As someone who has been forced at the Australian border to unlock my phone, and seen it taken away, maybe this isn't a bad idea.

Hey, the user doesn't need a Google account, that's good. Still a danger of frog boiling but not as bad as I was expecting.

This is the first thing I will be doing in my new Android Smartphone, in the very first hour.

Also, was this really necessary Google?

50 times more likely? Don't they need to supply the data for that when making an "advertisement"?

Any chance there is push from the carriers to implement something like this to cut down on hijacked devices sending spam?

SailfishOS / Jolla are unlikely to do this. Time to switch. Google's monopoly power over android is showing, badly.

What versions of Android will this apply to?

I hate it of course, but I think for once there is a solution: just go for an alternative AOSP-based OS. Preferably GrapheneOS (soon available on Motorola phones).

The truth is that 99.9% of the people don't care. The remaining 0.1% is perfectly capable to use GrapheneOS.

Huzzah! Our most gracious sovereign shall bestow his mercy upon us and allow us to install apps on our phones

I can see that majority of response is negative, being mobile developer myself I can understand.

What's the solution for 3rd world countries where 80% phones are android (and usually old/low spec) that balances freedom for knowledgeable users vs security/safety for the majority of users? you can roughly understand education level and tech literacy for the majority of people in 3rd world countries.

There is a way out!

https://grapheneos.org

Random thought, but doesn't disabling developer mode turn off all of the changes in there?

All these vibe coders and we're still stuck with Google and Apple. This is what you get with a duopoly

Selfhosted apps are going to start using PWA's in an even bigger way if this goes ahead.

That's similar to the process of enabling developer options on Xiaomi phones, for the last 5 years

I actually was kinda looking for a reason to give up phones. Thanks google.

They made a huge mistake with Dalvik and they seem to be doubling down on that mistake.

I'll repeat my question from a while ago. Is the official Temu app, available on the Play Store, still full of questionable malware / spyware code?

If so, it's clear that none of these changes are actually to protect users.

This instruction set should be linked in the Urbandictionary definition for Kafkaesque

If you login, log out they don't prompt you with the security warning on Android TV.

So can it be breached by turning off networking and setting the date forward a couple days?

It's a little inconvenient for someone setting up a new phone to have to wait a full day to install unregistered apps. But while I can't speak for others, it's a price I'm personally willing to pay to make the types of scams they mention much less effective. The perfect is the enemy of the good.

It fun to see how they know exactly that really no one is trusting them.

A king wanted to test the complacency of his subjects. He put a toll on a bridge. There were some noises but eventually everyone got used to it. He slowly kept increasing the toll, which came with increasing noises which would all eventually subside. He decided to take it a step further. He proclaimed that anyone crossing the bridge will be slapped by one of his guards. This time the protests were stronger and getting bigger. He thought "thank God my populace has woken up". He went outside to meet the leaders of the protesters and asked why are they protesting. The leaders said: "you started taking toll, we said nothing, you kept increasing it, we said nothing. But with this new policy, there's only 2 guards delivering the slaps, leading to huge line ups. So we demand that you employ more guards at the bridge to ensure faster slaps and smooth flow of traffic."

Switch to GrapheneOS

Newspeak is the trademark of oppressive regimes. Can we please not overexert ourselves in trying to please the global tech companies by pre-emptively changing our language?

Google details new process to install unverified Android apps. The sentence is much more clear using established language. Not "side-load", whatever that means.

Seems like a very reasonable compromise. What's the catch?

Those working in Google (AOSP) that write these code should be ashamed of themselves. Eventually they are doing a bad thing for the society.

Malicious compliance.

"Sideload", "unverified"!!! Woaa, careful now, we can't guarantee for anything!! Danger, danger!

How much can you twist words and language to engage in fear mongering? The headline could just as well have been "install", and "free choice" and "Google gatekeeps".

So convoluted... that's all I gotta say.

Judging by the comments sideloading plays a major part in everyone's life. What apps do you sideload guys? Why those apps are not in a store?

This is ridiculous, most malware is shipped by google itself through the playstore.

This is eminently reasonable.

Now if only Android would allow for stronger sandboxing of apps (i.e. lie to them about any and all system settings).

What? No requirement to personally bring in a form in triplicate to the Google office in Siberia, of course notarized by the Pope and Zendaya, and simply prove it was signed on the moon.

But you're not balancing anything, just saying that you are

Yet more reasons to keep using an old rooted Android for as long as possible and contribute to any efforts that make it easier to do so. I suspect the reason Android become dominant was the ease of modding and the community that created, and now they're trying to turn it into another authoritarian walled-garden like Apple. To paraphrase the famous Torvalds: "Google, fuck you!"

"Those who give up freedom for security deserve neither."

A big problem that causes gullible people to follow scammers guidance is that real software with legit and important functionality is often utter crap and requires regularly dismissing various big red warning screens like expired or misconfogured ssl certs on the web, etc. People are taught to not take warning screens seriously because they often have to be bypassed for legit reasons.

The criticism against this decision seem to often miss the point of it IMHO.

Let's be realistic, there IS a problem with sideloaded apps being downloaded by ignorant people, and they do get scammed/hacked or whatever.

This leads to unhappy people complaining to their banks, politicians and media, these in turn starts lighting a fire under Googles bottom.

So, my point being, how do we solve the ACTUAL problem with rogue apps then?

Imagine if Microsoft did that with Windows. Absurd. The difference between Microsoft and Google seems to be that Microsoft accepts a small fraction of not-so-bright users getting scammed, because this is obviously much less bad than locking down the OS for everyone. (I say this as someone who is usually much more positive about Google than about Microsoft.)

such a bummer man, might as well go back to apple i guess..

is it 24 hour per app or to enable sideloading at all?

I’m often annoyed at the 10 second timeout when installing Firefox extensions - 24 hours is beyond egregious. Telling me to come back tomorrow to install software on a device I own is a giant “fuck you”. Pretty sure I’d rather they banned side loading outright than this

So much hassle to enable sideloading that I just... don't want to use Android? Having to go through 5 different menus, 3 different warnings AND wait 24 hours to install F-Droid? fuck no.

I hate this. GrapheneOS all the way. I'll never purchase devices that force this on users without a simple way to opt out. I'm done with Google. Glad I cut all ties with that entity over the last few years. Just despicable.

They have now successfully turned the temperature knob from 2 to 5. I wonder what 7 will be.

"Don't be evil" how far we've fallen.

dear google: fuck off and die. May something worth the resources it consumes grow from your fetid corpse.

And now we see why Android never really was Linux.

Does it have a Linux kernel? Of course. But this isn't a free operating system.

A lot of you have never seen your loved ones get some shitty app on their phones and it shows.

If android security is so fucked that the 24 hours helps, why do they maintain it has security?

> Wait 24 hours

Man, fuck Google. I hope this bullshit is struck down by government regulation as malicious compliance to 3rd party app stores.

I wonder if GrapheneOS will have the same level of user-hostile bullshit. That may be my salvation board right now.

Sailfish OS would be great, but unfortunately my banks don't seem to play along with it.

I hate to say it, but I'm somewhat in agreement. I don't know why there's a allow 3 days/allow forever option. That's the only thing that's suspicious.

Assuming the requirements are actually justified, this seems like a tolerable compromise.

We need to get Epsteinist Interests out of our tech.

Corry's enshitification is in charge

The constant sociopathic nudging from Google to do this or that to use something that was absolutely normal before or to enable something I didn't want and slowly removing reasonable options in favor of their dark pattern preferences was what made me to degoogle ~10 years ago, and they just seem to continue on the march to their dark side unconcerned.

stopped reading at "combating malware"

I think most people here live too much in their tech bubble and don't realize how dumb the vast majority of people are when it comes to tech. I know that feeling myself that you lose the grip to "reality" when you are too much into tech, but after dealing a bit with "ordinary" people, I do understand why Google wants to do that. Most people have absolutely no idea about tech at all. So many people don't even know what exactly a browser is, what a "tab" means or can't even get to install an iPad. Google mainly has to take care of these people, not people who install apps using F-Droid. Go to the streets and ask strangers if they know what F-Droid is, and if they don't, try to explain it to them. The 24 hour wait period looks like a good trade off to me. Still allowing experienced users to install apps, but the majority of people will be protected, and it won't even affect most people.

And no, I'm not a bot or some pro Google activist, check my github account, I even use GrapheneOS myself.

I'm not in agreement with most of you, hn. They've found a decent compromise that works for power users and the general population. Your status as a power user does not invalidate the need to help the more vulnerable.

Having to wait a day for a one off isn't a big deal, if they kept it looser then you'd be shouting about the amount of scams that propagate on the platform.