Our Farewell from Google Play

Original Article ↗ Hacker News Discussion ↗

Google Play SDK Requirements and Maintenance Burden

  • Many SECUSO-style apps are small, offline, “finished” utilities that don’t inherently need updates, but Play Store rules force regular target SDK bumps.
  • Developers report that “just changing targetSdkVersion” is rarely trivial: newer SDKs and tooling can break layouts, libraries, storage access, permissions, notifications, and UI (e.g., edge-to-edge rendering, gesture navigation).
  • Some argue that in minimal apps with few permissions a manifest tweak and rebuild with an older toolchain can suffice; others counter with real examples where this failed and required invasive rewrites.
  • Result: some devs abandon Play, self-host APKs, or move to other tech (e.g., PWAs) because maintenance adds no user-visible value.

Security Rationale vs. Overreach

  • Supporters of Google’s policy note that older SDK targets allowed broad, abusable permissions and aggressive notifications; requiring modern APIs is framed as essential for privacy, security, and power efficiency.
  • Critics say Play’s enforcement is blunt: even harmless, offline apps are hidden from new users if not updated, while scammy, ad-heavy apps flourish.
  • Suggestions include more targeted measures (e.g., special prompts for risky permissions) instead of de facto annual rebuild requirements.
  • Android’s progressively rising minimum installable target SDK means that even outside Play, old apps eventually stop working on new OS versions.

App Store Power, Walled Gardens, and Alternatives

  • Several commenters see this as part of a broader trend: app stores optimize for revenue-generating, frequently updated apps, not small community or free tools.
  • F-Droid and Aurora Store are praised as ways to install privacy-oriented apps and even Play apps without a Google account; experiences differ on how easy it is to set up Android without any account.
  • iOS is viewed as stricter: essentially no sideloading and removals of long-stable games; some say both platforms are hostile to niche or indie software.
  • Some devs avoid official marketplaces entirely, or move to PWAs to escape constant policy churn and approval friction.

Screenshot Blocking and “Security Theatre”

  • Strong pushback against apps (especially banking/brokerage) that use Android’s FLAG_SECURE to block screenshots, seen as anti-user and harmful for record-keeping and dispute evidence.
  • Others defend it as a mitigation against malware harvesting on-screen data, even if imperfect.
  • Several note that checklist-driven pen tests routinely demand screenshot blocking, obfuscation, and similar measures, which some practitioners regard as low-value “security theatre.”