Android's sideloading limits are its most anti-consumer move

Original Article ↗ Hacker News Discussion ↗

What Google’s New Policy Changes

  • Android will require all apps installed on certified devices to be tied to a verified developer identity, even outside Play Store.
  • APK installs will still be possible via adb (e.g., from Android Studio), and there is mention of a free, low‑volume dev tier without ID, but bulk distribution and “just share an APK link” workflows break.
  • Many see this as shifting from “you can install what you want” to “you can only install software from people Google has approved.”

Security vs. Control Debate

  • Pro‑change side:
    • Argues the main goal is to slow malware iteration by forcing attackers to burn real identities and accounts, making cleanup and attribution easier.
    • Frames it as analogous to ID checks at airports or code‑signing prompts on macOS/Windows: annoying for power users but safer for the vast majority who don’t understand security.
  • Skeptical side:
    • Notes Play Store already hosts scams and malware; sandboxing and permissions, not central vetting, are the real defenses.
    • Sees “security” as cover for business goals: protecting ads (e.g., NewPipe/ReVanced), data collection, and cementing gatekeeping power.
    • Emphasizes that restrictions ratchet in one direction; “temporary workarounds” are boiling‑the‑frog.

Impact on FOSS, F-Droid, and Developers

  • F-Droid warns this effectively kills anonymous/open distribution on stock Android: every package ID must be tied to a verified developer Google can ban.
  • Solo devs cite opaque account terminations and permanent bans as already career‑threatening; this raises the stakes and eliminates low‑friction hobby/experimental distribution.
  • Some say this makes Android unsuitable for private/internal apps or niche hardware tools where only an APK exists.

Alternatives and Workarounds

  • Custom ROMs (GrapheneOS, LineageOS, /e/OS) are widely discussed as an escape hatch, but:
    • Hardware support is limited and getting harder (e.g., Pixel device trees, Play Integrity attestation).
    • Banking/government apps increasingly refuse to run on rooted or uncertified systems.
  • Linux phones (postmarketOS, Ubuntu Touch, Sailfish, PinePhone, Fairphone‑based options) are mentioned but seen as immature, with poor app coverage and banking support.
  • Some argue that if Android loses sideloading as a USP, many will just move to iPhone for better hardware/UX and similar lock‑in.

Ownership, Language, and Antitrust

  • Strong sentiment that “if you can’t freely install software, you don’t own the device.”
  • Several argue that even the term “sideloading” is manipulative; they prefer “direct install” or simply “installing software.”
  • Calls for stronger regulation (EU DMA‑style or new laws) and even breaking up Google/Apple; others counter that current US law likely permits these moves, so only new legislation would help.