Opening my weather app this morning I was greeted by this warning:
Google has announced that, starting in 2026/2027, all apps on certified Android devices will require the developer to submit personal identity details directly to Google. Since the developers of this app do not agree to this requirement, this app will no longer work on certified Android devices after that time.
It’s the first time I hear about this, seems to be about:
Cirrus app: Github
Was this a big thing I somehow missed? I hope more devs will follow suit.
Was this a big thing I somehow missed?
It’s one of the many small things that hide the big thing. In 2027 android will be fully locked down, unnecessarily.
The big thing is whatever the lockdown is for.
This news makes me actually sad. I have had high hopes in the last years in the FOSS world, having myself and three other persons move to use Linux as daily driver on Desktop/Laptop.
My phone has FOSS apps only except for banking, health, transport tickets and 2/3 work rekated stuff. My messaging, files and pictures are handled by FOSS apps installed from third parties (F-Droid, Obtainium) on selfhosted servers… I was finally seeing the light at the end of the tunnel.
This news sound to me like the tunnel ahaead is collapsing.
I got the same alert on Gmaps WV (google map wrapper found f drood) Google is giving us more reasons to switch to a custom ROM
They’re not “pulling” the app from anywhere, it’s just simply not going to work on “certified devices”. This is the end of Android as we know. It’s been a good run.
When one thing dies, another thing is born.
UBPorts is ready to go and isn’t tied to Google hardware like Graphene.
Doesn’t have manufacturer support
Volla, Fairphone, and Pine offer devices with it preinstalled and it works on a wide variety of others.
I think you’re aware of the size of those manufacturers compared to the ones shipping Android.
And what’s being born?
It should die first
Yes you’re right. I’ve worded that wrong in the title!
You can edit it 🙂
Done! for the curious, original title, “Cirrus App dev pulling app from certified android devices in '26/'27” new, “Cirrus app dev informing the app will stop working on certified android devices in '26/'27”
Only works for those of us who own a pixel or bought one for the reason but this won’t effect Graphene users
Except it will, because developers aren’t going to bother maintaining an app where the install base is just pixel users with Graphene
Yep. We’ll be fine for a while but Google’s seriously axing the platform for foss projects and security-minded users. In no more than half a decade I anticipate Android’s open-source development scene will begin looking very similar to Apple’s.
It’s going to affect 100% of Android users because no one is going to develop apps just for the 10 people using uncertified devices.
We’re at least a dozen!
affect
I believe you can sideload with ADB.
Nope, from how Google puts it, play services will block any and all apps without a valid signature from working at all on play certified devices.
You’ll be able to install them via adb probably, but when you run them play services will stop you.
Play services already prevents certain apps from starting until you say a yes/no on a popup, so the framework for this is already in place.
This is completely wrong. I asked this exact question to google in their poll and I got an answer from them saying it would always work with adb. It’s for devs so you can run those apps of course. This means F-Droid can implement a Shizuku backend to install apps and the UX will be even better since it will bypass popups. However, initial setup will be far more complicated
You can but that’s REALLY not a solution. How many times/day to plan on plugging in your phone and running a couple dozen commands to update your apps?
Yes, you must have missed it. And so it begins.
Google is moving to make Android less open source. I’m not sure more devs following suit is going be good for them or their users. The G doesn’t give an F.
What we need is an OS fork that gets maintained. If not that, some other workaround that fools the Google servers. Because you can bet money that nobody made from flesh and blood is going to look at this inside Google.
Maybe devs can band together and form Middle Finger Corp. and designate one willing person as their contact to serve as registered dev for a gazillion apps. Follow the letter of the law, not the misguided spirit of it, in a manner of speaking.
If you are sitting on a mobile OS and you were afraid to fail like Windows, maybe now is the time to give it a go?
GrapheneOS
are you kidding? only available for google phones. are we supposed to give money to google for this situation?
I think they are looking to partner with a phone manufacturer to move graphene platform to other brand of phones.
Specially since it’s unlikely that google pixels will keep providing the spec info and openness that GOS need to work.
Well yeah, since device trees are no longer available going forward from Google, they’d be dead in the water otherwise.
LineageOS has good support for other devices
e/OS too, if Graphene fails or isn’t available. Or Murena.
Murena has had questionable policies…
And what policies would that be?
Kids these days won’t search answers on the internet…
You’re the one stating something as a fact, so you should have already provided the sources for your claims, especially if its something not in the major consensus nareative…
I’m an adult, and promise you I’ve been using computers longer than you’ve been alive, and I still don’t care to waste what little time I have on this planet to look into shit that sounds completely made-up.
Put up, or shut up.
Kids these days is a classic thing to say. Nowadays it doesn’t impjy that the listener is a kid
Edit: I can offer you https://grapheneos.social/@GrapheneOS/114880919351954282 and https://sopuli.xyz/post/21908818
I searched for Murena’s policies and found a privacy policy page, and it seems fine?? You give them information for transactions, they don’t sell your information, and you can delete your account which will delete the information they have on you.
What more do you want?
Murena is the company developing/e/os
graphene only works on a very limited set of devices though
Pixels. That’s it.
Will graphene be able to avoid this?
Well for this case in particular yes, the dev will continue to develop the app on f-droid, the platform as a whole takes a hit through this though, so who knows how long they will continue out of goodwill.
Thanks. This really is a big deal.
Yes, all custom ROMs without Play Protect won’t be affected.
Hopefully this leads to a lot more development of and for Ubuntu Touch. Biggest issues it faces are lack of compatibility and lack of apps. I think the core is solid though. I used it for a week when switching from iOS (so no Android background) and enjoyed it, but a few too many minor issues built up and I ended up going to Calyx.
Wording of the message implies it’s possible to have uncertified version of Android… Such a thing possible?
Yes, like GrapheneOS
any version of android that’s not vendor or downloaded from the official android website
- like https://lineageos.org/
- https://e.foundation/e-os/
- or the aforementioned GrapheneOS
calyxos.org (paused)
Adding iodé to the list, cocorico !
Why everybody always forget about iodé ?
first time I hear about it, seems to be based on lineageOS?
What’s with the premium tiers? Seems a bit sketchy to be honest.
yes
Yes, think cheap android tablets that are so shit google store can barely run on it. Those devices are usually chinese knockoffs and do not ship with google services, google store or any gapps.
I don’t believe the certified android means hardware, I believe it’s only about if you have an official android build running, since if your hardware can run a custom ROM, you can get around this issue.
I think it has to do with the google certification you have to go through to sell hardware shipping with android. All devices need to be certified by google or they are not allowed to run gapps or connect to the playstore. This is what huawei lost after trump banned them, so they had to make their own shit as a replacement
It is a big thing at least in developer circles. It made the front page of Hacker News multiple times.
https://news.ycombinator.com/item?id=45087396
Thank you for these links they are fantastic! I was aware of the procedural lock in via play integrity services and also the lockdown on side loading so that didn’t get past me, but I wasn’t aware google also wants to alienate developers now by requiring ID. It seems to me google want to now fully commercialize the platform, transforming it into the ad infested network that web2+3.0 already became. I think their plan, by alienating non commercial devs, is that all apps will run on their ad models and non without them will be left.
And so it continues… Google trying to shoehorn themselves into a position of authority of the internet. Imagine they get as much sway as the banks now have? Private entities controlling the masses for massive profits. Fuck off Google.
I’m going to look into adding this to my app https://git.allpurposem.at/mat/Sudoku Indeed I do not agree with this, so it will become unavailable when the terms go into effect. I will look into making it available for Linux Mobile.
First of all thank you for providing a foss app!
I think it’s a big difference if the platform tolerates you or actively wants to stop you from doing it. You got my fullest sympathy.
Thank you so much for the kind words! It’s indeed a bad time to be an app delevoper. At least the framework I use is portable-ish, so the work won’t be fully lost.
Yet another possible antitrust lawsuit series. Some day maybe a judge will do something to help the consumers.
Google just came out of the biggest antitrust suit since 1998 completely unscathed so you can expect this sort of anticompetitive measures to continue.
Aaand the reason’s called ✨c o r r u p t i o n ✨
Whenever a politician comes from a big company or goes to one after retiring from politics, that’s when you know they’ve been bribed.
I mean when the entire tech industry has front row seats at your inauguration, that’s a pretty good indicator as well.
don’t count on the system’s judicial system to save us. it won’t.
Where are you linux hardware manufacturers ?
Syatem76? The same company that made POP OS are making PCs and laptops They claim that they made the laptop with the longest battery life
deleted by creator
deleted by creator
How easy is it to convert an Android app to a Linux mobile app of you’re the developer? If it’s written in JVM languages it shouldn’t be that hard right?
End-users can use e.g. waydro.id to run Android apps on Linux.
I’m not deep into Android development, but I doubt it’s possible to just port an app without basically a complete rewrite. Android has an own layer on top of the JVM, called Zygote, and there’s presumably lots of system libraries which the Android apps implicitly depend on, for handling graphics and whatnot, which make tons of assumptions about running on an Android device.
Just use a custom ROM. This sadly will affect app developers. But if you are on a custom ROM without GMS it will continue to work just fine.
Google is trying to kill custom ROMs too. Also I thought the majority of modern phones aren’t bootloader unlockable.
You can unlock the bootloader on just about every phone, just depends on how much effort you want to spend.
Ehhhh… sorta maybe. Ultimately they can’t, but they can make development more difficult.
Also Google has nothing to do with whether or not you’re bootloader is unlockable. Get a phone that is.
If you rally want to go down the whole FOSS path it does ultimately become a bit of a lifestyle.
Just to clarify:
Will my apps installed from F-droid be unaffected by this?
Even apps installed outside the Play Store will need to have a “verified developer”, and this change will affect any devices that use Google Play Services, so it will be a problem even to old devices.
I don’t personally have Google Play Services installed but I can see how devastating this could be to open source on Android.
If you don’t have Google Play Services installed, then you’re not affected. Of course, how many custom ROMs will live to that day is unknown.
The Mihon dev team has already announced that they’re going to get authorized and continue their work.
It’s… an interesting choice given what they’re working on, but they also took steps to stay legal
There won’t be Fdroid on Google OS phones period
From what I gather, yes. But will you be allowed to install F-Droid? No.
I’ve heard that it will still be possible to install unverified apps via ADB, so theoretically it wouldn’t be hard to make an app installer that uses Shizuku (tool that allows you to ADB into your own device) and have a website that automatically installs that using WebUSB or something
You’ll be able to install them, but play services will very probably stop them from starting.
They already have the framework for this in place, “unrecognised” apps get blocked by Play services already asking you if Google can scan the app before you start it, the app will not start at all unless you click yes or no.
Maybe yes. Maybe not. I think from now they won’t push that far, among other things because even developing for android platform would become a burden. Not being able to even test some app concept without a verified signature…
Maybe eventually they’ll go that far. But as of now I do think is unlikely they’ll completely block the adb way.
Anyway many current users won’t go adb. And third party stores will take a massive hit. That’s google’s goal.
app manager can already work as an app installer, but it needs wireless debugging enabled which can be a security risk. and you have to install app manager too somehow.
Unclear, but they are saying it will affect side-loaded apps, and no way to bypass with Developer Options, so I would assume so.
Depends on your OS. Most likely no.
Does anyone know if this will affect Android TV?
Wait you could install arbitrary apks on android tv?
You have an android tv and not smarttube? Your youtube experience will increase ALOT.
A lot. Two words. You don’t write alittle, do you?
What a Huge Nerd thing to say.
Wellplayed.
I am dyslexic and not a native speaker, but thanks for the correction! The example with a alittle is actually a good one. If you loose the unfriendly vibe, your comment would be more appreciated.
Yup. I’ve installed a few that way
deleted by creator
Would people be able to circumvent this by downgrading their version of Google Play Services? …or not updating it in the first place?
I think you could still adb install unverified apps into your phone.
That untill they’ll block that path too.
Also I suppose that you’ll need to adb every update. So apps that would want to go this way should self check updates instead of relying on an external store.
Do you think obtanium + shizuku could help uptating the apps with less attrition?
What’s adb?
Android Debug Bridge. It is a way to control the device via command line, mainly from an external computer. Among other things allows for app installation. It’s one of the main ways to test and debug apps while being developed.
Oh okay, thanks.
They’re baking this right in the package installer of android, it goes beyond play services. I have my doubts that this will pass in the EU
But that begs the same question. If you never update your existing phone with google’s malware, you should be ok.
Obviously if you buy a new phone that’s already infected you’re screwed unless you can flash a new ROM on there.
My point is. People’s current phones do not have this malware on it yet. If you disable updates and/or degoogle, your device should continue to work as is. Perhaps without being able to use Google Play Store, but honestly that’s not huge loss for anyone that cares about this stuff in the first place.
True, but using a phone and never updating it likely leaves you open to other malware/attacks sadly.
That’s a bet I would rather take given the alternative.
I don’t want any big tech shit on any of my devices. Microsoft, Google, Meta, X, etc can all eat a dick. I have zero trust in any of em.
Don’t think so, bud
