Keep Android Open

Original Article ↗ Hacker News Discussion ↗

Security vs. Control

  • Many commenters see Google’s move as about centralized control, not genuine security. “Security” is framed as protecting cashflow, YouTube, and future censorship rather than users.
  • Others note that for many non‑technical users, a curated channel with verification does reduce malware risk, but argue that this should be optional and limited to the Play Store, not the entire platform.
  • The change is widely viewed as another step in the “war on general‑purpose computing” and a drift toward digital authoritarianism, with attestation as the key lever.

Impact on Developers and Sideloading

  • New requirements mean virtually all distributed Android binaries must be tied to a Google-verified developer identity, even outside Play. ADB installs still work, but casual APK sharing and third‑party stores (e.g. F‑Droid) are threatened.
  • Hobby and indie developers fear needing to register, expose identity, and stay in good standing with Google just to share apps with friends or small communities.
  • Comparisons are made to Apple’s $99/year dev program and seven‑day free provisioning limit; some see Android converging on the iOS model.

Alternative OSes and Hardware

  • Interest in Linux-based phones (postmarketOS, Mobian, Ubuntu Touch, Droidian, Sailfish) rises, but real-world reports highlight poor battery life, unreliable telephony, weak app UX and missing drivers (e.g. PinePhone considered “a mess”).
  • GrapheneOS on Pixels is seen by many as the best privacy/security option within Android, but still dependent on Google hardware and Play Integrity constraints.
  • Fairphone, murena (/e/OS), LineageOS, Droidian on Motorola, and refurbished Pixels are repeatedly cited as semi‑open options; bootloader locking by OEMs remains a major barrier.

Attestation, Banking, and Essential Services

  • Play Integrity/SafetyNet are already used by banks, government ID apps, and payment systems to block rooted or custom ROM devices; many expect tighter tying of essential services to Google- or Apple‑approved stacks.
  • Some advocate a “two‑phone” model: one locked device for banking/ID, one open device for everything else. Others see this as unrealistic for most people and a civil‑rights issue (access to payments and state services).

Android vs. Linux Security

  • Strong disagreement over whether AOSP/Android is more secure than traditional Linux distros. One side stresses modern sandboxing, permissions, exploit mitigations and isolation; the other stresses open ecosystems, repositories, and user control.
  • A recurring theme: security that cannot be disabled by the owner equals loss of freedom, even if technically robust.

Regulation and Rights

  • Multiple calls to involve regulators (ACCC in Australia, CMA and EC in Europe, FTC/DOJ in the US) under antitrust and DMA-style rules.
  • Broader proposals include: mandated unlockable bootloaders, prohibition of hardware-level reprogramming locks in consumer devices, and legal guarantees that essential services cannot require a specific proprietary OS or attestation provider.