Does anyone here actually support Google’s Developer Verification?

I don’t. I’ve put a warning about it in my repo because I’m against policies like sideloading restrictions, forced ID verification.

Curious what other devs here think. Is Play Store still worth the hassle i?

  • artyom@piefed.social
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    1
    ·
    edit-2
    2 hours ago

    Is Android Studio forcing you to register?

    Does anyone here actually support Google’s Developer Verification?

    At best some are indifferent but I’ve never heard of anyone who actively supports this.

    Is Play Store still worth the hassle i?

    Never has been 🔫

  • ViatorOmnium@piefed.social
    link
    fedilink
    English
    arrow-up
    61
    ·
    6 hours ago

    I think if Google (or Apple for that matter) wants to play this game, then everyone from the reviewer to the CEO should be held legally responsible when malware ends up not only verified but distributed by them. And by legally I mean also as accessory to the crime.

  • forbiddencherry@lemmy.today
    link
    fedilink
    arrow-up
    20
    ·
    6 hours ago

    I paid the fee for a dev account near the beginning of Android. Haven’t had any apps published in over a decade, but from what I understand my account is grandfathered in so I don’t have to jump through as many hoops to get something published if I chose to, compared to newer accounts. Anyhow, since I have an account I suppose I’m unaffected by this decision. Still, it goes against the original spirit of Android as a free and developer-centric platform and I condemn it.

    • jksalcedo@lemmy.mlOP
      link
      fedilink
      arrow-up
      13
      ·
      5 hours ago

      I think you still need to register/verify since it will require a valid ID and app IDs (package names).

  • thingsiplay@lemmy.ml
    link
    fedilink
    arrow-up
    9
    arrow-down
    1
    ·
    6 hours ago

    Does that mean this app won’t be available on app store, but can be installed from other places? I know there are on going changes regarding this topic, but I’m not fully informed. And researching will bring probably ton of Ai generated articles I’m not willing to look into. Could F-Droid still be used on a “regular” Android?

    • artyom@piefed.social
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      1
      ·
      2 hours ago

      No it means you won’t be allowed to install the app on any certified devices at all. Regardless of where it’s obtained.

      • thingsiplay@lemmy.ml
        link
        fedilink
        arrow-up
        10
        ·
        edit-2
        6 hours ago

        Holy mother of duck! This is worse than I thought. I assume custom firmware like LineageOS or e/OS don’t have these restrictions. But most people have stock Android off course.

        • Magiilaro@feddit.org
          link
          fedilink
          English
          arrow-up
          6
          ·
          edit-2
          4 hours ago

          This rules are part of and enforced by the google play framework, so I would assume that as soon as Google Play and/or Google Play Services are installed on Lineage or other custom roms that then the same limitations come in effect. This is only an assuption by me, based on how I understand it, so I may be, and I hope that I am, very wrong.

          • thingsiplay@lemmy.ml
            link
            fedilink
            arrow-up
            4
            ·
            4 hours ago

            There is an alternative service called microG, an Open Source alternative to Google libraries to replace Google Play Services in example. This makes it possible to use the Play Store without Googles proprietary stuff. However I don’t know how compatible it is, but it is big part of alternative custom roms to replace Google as much as possible. I don’t use the Play Store, so cannot say first hand how good it works. More info on https://en.wikipedia.org/wiki/MicroG .

            Maybe this new policy and stuff could affect this alternative implementation of Google Services?

    • lime!@feddit.nu
      link
      fedilink
      arrow-up
      16
      ·
      6 hours ago

      they’re going to make it more difficult too. you basically need to enable dev mode a second time, then for every application that can install ap, you need to re-approve then wait 24 hours.

  • vapeloki@lemmy.world
    link
    fedilink
    arrow-up
    7
    arrow-down
    47
    ·
    edit-2
    4 hours ago

    Yes I am.

    I spend a long time of my career in IT Sec.

    80% of android users will freely install whatever APK from wherever.

    Info stealer infected fake apps are a massive risk to a huge part of the user base.

    Yes, it will get a little bit more complicated to sideload. But nobody is prevented from it.

    And everybody that is against user protection (and yes, this is fucking user protection, just not for you) is invited next Christmas to de-worm the android devices of my family without wiping them.

    EDIT for all those that only read the memes. Sideloading will NOT be disabled. You have to jump though extra hoops.

    Yes, the way they do this is not even testable yet and we can argue over details.

    I support the principal idea, as someone who had to live with the fallout of people who installed “it support apps” because someone told them to

    • hneerqe@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      31 minutes ago

      80% of android users will freely install whatever APK from wherever.

      I should care because? Do they care about me not wanting google shoved in every aspect of my life?

          • vapeloki@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            8 minutes ago

            How about an apple phone?

            Or how about that: projects like Linux and Ubuntu phones died because there was no interest in it, because there was Google. And now, everybody wants an alternative.

            They are out there, you can use opensource Android forks, you don’t have to use Google

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      arrow-up
      3
      ·
      2 hours ago

      for all those that only read the memes.

      For someone who possibly considers themselves better informed than others, you’re seem to be missing the fact that Google’s plan had no option for sideloading unverified apps until a sizeable outcry from us (a lot of professional developers and users). Unverified app installation was only allowed (via new hoops) after this action. For now. The fact that Google’s plan did not have an option for installing unverified apps shows us what they really want. Therefore it won’t be surprising if they make it increasingly difficult or impossible in the future.

      • loutr@sh.itjust.works
        link
        fedilink
        arrow-up
        1
        ·
        2 hours ago

        I’m pretty sure they originally planned to allow sideloading through ADB, but I might be mistaken.

        • Avid Amoeba@lemmy.ca
          link
          fedilink
          arrow-up
          2
          ·
          edit-2
          2 hours ago

          I think I recall the same. Otherwise development would be a nightmare. But then again, that isn’t remotely equivalent to sideloading (as colloquially understood) and would still kill F-Droid. Not saying you’re saying it’s equivalent.

    • TrickDacy@lemmy.world
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      3 hours ago

      80% of android users will freely install whatever APK from wherever.

      A ridiculous and absurd lie. 90% have zero clue what one is, let alone go into the developer settings (there are one, maybe two settings you have to enable) to change the settings to even make that possible. Why are you lying about this? It’s weird.

      • vapeloki@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        3
        ·
        3 hours ago

        I am lying? OK, so is:

        I have over 2 decades of background in hardcore IT-Sec, i know my stuff. And you? What is your qualification, where are your sources?

        • TrickDacy@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          edit-2
          1 hour ago

          I have over 2 decades of background in hardcore IT-Sec, i know my stuff. And you? What is your qualification, where are your sources?

          I wonder if a statement like this ever once convinced anyone of anything. My guess would be it nearly always has the opposite effect. You basically told me that whatever I know doesn’t matter because “trust me bro”. For all I know, you’re the worst source ever for literally every topic. Your articles didn’t back you up. Why do people bother with shit like this? “I’m an expert so what I say goes” is idiotic and in no way addresses the common sense point I was making: the average person definitely doesn’t know or install apks because of fucking course they don’t. If you said 80% would if scammed, that’s at least plausible but I’m not even sure I could believe that. The well is poisoned now in any case so you’re not convincing anyone here after this… Whatever masturbatory shit this was. Or just shilling for a corporation? Who the fuck knows

            • TrickDacy@lemmy.world
              link
              fedilink
              arrow-up
              1
              ·
              10 minutes ago

              You do, actually.

              I have over 2 decades of background in hardcore IT-Sec, i know my stuff. And you? What is your qualification, where are your sources?

              This translates to anyone who isn’t you to:

              I know a lot, you know very little. Trust me, not you.

              And again if you’re going to make this 80% claim and then say you sourced it, don’t link shit that’s sort of related but in no way backing up that claim. No one here is saying malware isn’t a problem. You’re getting downvoted for making specific claims which are absurd.

          • zod000@lemmy.dbzer0.com
            link
            fedilink
            arrow-up
            1
            ·
            edit-2
            1 hour ago

            He just using the old “Argument from Authority” logical fallacy. I’ve worked with tons of people, even those that did in fact “know their stuff”, that thought it was perfectly valid to dismiss others because of their experience being more extensive than others. Ironically, after I’d prove these people wrong in serious matters (usually several times), I somehow got added to the nebulous authority whitelist in their head. I don’t want to just be believed became I’m dammit, believe me when I’m correct and provide evidence!

        • TrickDacy@lemmy.world
          link
          fedilink
          arrow-up
          3
          arrow-down
          1
          ·
          3 hours ago

          Given that your first article says nothing about 80% I’m not continuing to click your links.

          I was being generous when I said 90%.

          Source: I have ever spoken to another human.

          • vapeloki@lemmy.world
            link
            fedilink
            arrow-up
            1
            arrow-down
            1
            ·
            2 hours ago

            Because people do not know what apps are and that they can be installed via sideloading, faked appstores and more, they are vulnerable.

            If I ask a “normal” person if the ever drunk di-hydrogen-monoxid they would say no, because they have no idea this is water

            • TrickDacy@lemmy.world
              link
              fedilink
              arrow-up
              2
              arrow-down
              2
              ·
              2 hours ago

              Okay either you’re trolling or clueless. Because you just made my argument for me. How exactly are people who don’t know what an app is going to enable side loading and then do it? That makes no sense whatsoever.

    • curbstickle@anarchist.nexus
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      2 hours ago

      So with your career in ITSec, you’re aware of the massive amount of malware found in the play store? That it has historically been the main distribution vector for malware?

      You have to jump though extra hoops.

      You are downplaying the hoops here by a lot. To install software on my own phone.

      Stop calling installing software “side loading”. Its nonsense.

      • vapeloki@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        12 minutes ago

        I k ow that the Playstore is also full of crap, I don’t deny this.

        But, just because our back window does not close correctly, do you leave the front entrance open?

        Not the best analogy maybe, but a visual one

        • curbstickle@anarchist.nexus
          link
          fedilink
          English
          arrow-up
          1
          ·
          3 minutes ago

          Except you have it backwards. The play store is the primary vector. The play store is also pre-installed on Android devices, and even without the whole verification nonsense, you still need to allow a different app repository to install.

          Not cleaning their own play store up first means it has nothing to do with what they are claiming. And lets be candid - they have absolutely not.

          The analogy is bad specifically because its not reflecting the issues anywhere near accurately. This is closing a window on the second floor while the front door is wide open with a sign that says “Come on in!”.

    • skyline2@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      3
      ·
      3 hours ago

      Alternate stores like Accrescent and FDroid are blocked by this policy, and Google refuses to implement any mechanism for authorising at the store level either. Store level authorization is an obvious alternative to verification of each individual app.

      Both Accescent and FDroid have some oversight processes in place, and do not contain “random” APKs. Googles actions show the real motive, which is control… not security.

        • skyline2@lemmy.dbzer0.com
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 hour ago

          They are de-facto “blocked” for developers that refuse to submit their identity to Google. I think you might not be understanding the implications of Google’s policy, please read this open letter to learn more: https://keepandroidopen.org/open-letter/

          If a developer doesn’t submit to identify verification, under the new system their app could not be installed regardless of what store it is distributed on.

          Needing individual devs to identify themselves directly to Google is invasive. Stores, however, could identity themselves to Google (or the world) as having security processes in place. Then they could be allowed as official 3rd party stores, similar to how the Linux repository system works.

    • Pollo_Jack@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      4 hours ago

      At least make it a toggle, like you need to request access for your account for your phone.

      Kneecapping everyone because idiots exist is idiotic.

      • Pika@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        1
        ·
        15 minutes ago

        It is a toggle. they just locked said toggle behind a 24 hour time lock. It’s ridiculous. I think if they kept it the way it was without said time lock it wouldn’t be anywhere near as controversial.

      • flyingSock@feddit.org
        link
        fedilink
        arrow-up
        6
        arrow-down
        1
        ·
        6 hours ago

        maybe because it was to easy to upload to the googleplay store. Maybe there should be some kind of verification of the person uploading. How could this be accomplished?

        Joking aside I don’t think side loading should be encoumbered like this, but for the official app store it makes sense.

      • vapeloki@lemmy.world
        link
        fedilink
        arrow-up
        1
        arrow-down
        3
        ·
        4 hours ago

        Because I think we should protect people that are not tech savvy. I am open for a debate

        • dubyakay@lemmy.ca
          link
          fedilink
          arrow-up
          1
          ·
          2 hours ago

          Your heart is in the right place, but your mind is not.

          Google et.al. is pushing for IDV in every segment due to lobby pressure from meta to build REAL user database for advertisement purposes in the age of LLM drivel. Every “protect the *” has meta’s government lobbyists behind it.

          There could be alternative approaches, but meta’s goals just so happens to align well with a fascist government’s that thinks they need to stamp out dissenting voices and anonymity.

        • thingsiplay@lemmy.ml
          link
          fedilink
          arrow-up
          5
          ·
          4 hours ago

          Total control and taking away freedom is not negotiable. Not literally, but: “Maybe we should ban programming languages on Windows and Linux too, because it could be used to program viruses. We should protect the not so tech savvy.” See what I mean? Instead we should look forward to a better way of helping them. The proposed way of Google is not acceptable.

    • lime!@feddit.nu
      link
      fedilink
      arrow-up
      16
      ·
      edit-2
      6 hours ago

      so the real-world id requirement is also user protection? play store is basically an info stealer at this point.

    • Cassa@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      13
      ·
      6 hours ago

      so your family’s devices get their apps from outside the play store?

      people are effectivly prevented from sideloading. not “just a little more complicated”

      • iByteABit@lemmy.ml
        link
        fedilink
        arrow-up
        10
        arrow-down
        1
        ·
        4 hours ago

        of course nana uses adb exclusively to install apps on her smartphone, after all this is a totally real story about user protection right?