Mastodawn

www.androidauthority.com/android-developer-verification-requirements-3590911/

I must reiterate. I really like open systems.

This is the opposite of that. It's yet more infrastructure for Google to force dependence on Google Play Services in the wider Android ecosystem.

It's also a great way to kill off a bunch of independent developers that make zero money from their project from publishing software for your platform.

This idea needs to be canned.

Google wants to make sideloading Android apps safer by verifying developers’ identities

Google wants to make sideloading safer on Android by verifiying the identities of developers who distribute apps outside the Play Store.

Android Authority

Software should not require permission to be written.

Software should not require permission to be distributed.

Software should not have a central entity controlling it.

The future is decentralized, fuck your centralized signature verification checks.

Ryan Hyde Aug 26, 2025

@alexia @bigzaphod What’s cool about anarchy is that it always works because everyone is altruistic. See also libertarianism.

leah & tigers & bears, oh my!Aug 26, 2025

@RyanHyde @alexia @bigzaphod and what's cool about relying on big centralised bureaucracies to make sure everyone plays nicely is that they're always benevolent, always hyper-efficient, never make mistakes, and never leak confidential information. see also the US government.

(this *is* how we play this game, right?)

Ryan Hyde Aug 26, 2025

@thamesynne @alexia @bigzaphod Not really, to answer your last question. A repudiation of one dumb idea isn’t an endorsement of its inversion. What’s fun about middle ground is that it always exists, and there’s more of it than you’d think!

Enys (Yao)Aug 26, 2025

@RyanHyde the middle ground already exists, and it's the current side-loading process, which requires you to *explicitly* choose a somewhat obscure setting, to allow installation of apps of "unknown sources"

someone who is sideloading will generally already know what they're doing, since they have to flip this permission on. even if done permanently, it's not a global option but a per-app option to allow such installs from, say, the file manager. malware detection via Google Play Protect is *also* already a thing, mentioned in the linked article

you appear to have assumed that arguing against centralized signature verifiers to be *allowed to develop for Android,* means arguing against *any* attempt at verification. instead, it's really just: "Android, let's not do exactly what Apple is doing to wall in the garden, thanks"

seems like the best middle ground would be for Google to simply, not do this thing

@yaodema That’s not what I’m arguing about. Go to my original post. I’m just saying that advocating for the tearing down of all regulation is dumb. I get that the statement I responded to was in relation to this side loading question, but the statement itself went far beyond that context.

Serenus Aug 26, 2025

@RyanHyde So basically, you’re arguing an entirely separate point from the OP?

OP said that systems should not require (emphasis on require) software to be approved for creation or distribution. That’s different from the idea that there shouldn’t be any approved source or sources of software, which is the strawman you seem to have set up. Having signed software is fine, the critique is that you should have the choice to run whatever you want to run, approved or otherwise, on your own hardware.

Ryan Hyde Aug 26, 2025

@Serenus I don’t see the original comment I responded to as being this nuanced. If you do, that’s fine, but it stood out as a pretty stark “gtfo of here with all of your regulation” statement, and I think that stance is very very dumb.

You can call this a strawman if you want, but I disagree with the assessment.

Serenus Aug 26, 2025

@RyanHyde I’m just reading the posts as written. First one says that the idea linked (preventing sideloading of apps) should be disposed of. Second one says that software creation and distribution shouldn’t require permission from any single (or centralized) entity. Neither of them calls for the abolition of signature authorities or signed repositories.

Ryan Hyde Aug 26, 2025

@Serenus That second statement is the one I disagree with. It’s too broad. If you want to run Linux, then sure, do you, but on mainstream platforms, I just do not agree.

Serenus Aug 26, 2025

@RyanHyde Windows, Linux, MacOS - none of the major desktop platforms require software to be approved to run, and that’s been the situation for most of computing history.

Some form of trusted distribution system is a good thing, and every platform has it at this point. Making it impossible to distribute things outside of that system isn’t so good, especially when the interests of the people running the system are at best coincidentally aligned with the interests of users.

Ryan Hyde Aug 26, 2025

@Serenus I don’t disagree with that. I think our only actual disagreement is how we each read OPs comment. If I’m in the wrong about that, I apologize, though she’ll never know that, and I can’t interrogate their reasoning, so I can’t be sure if my interpretation matched their intent or not.

But for you and me, I think this conversation has reached a natural conclusion. Have a good day!

Edit: pronouns

@RyanHyde @Serenus PersonalIy, I don't read it as too broad.

Consider this scenario:

I write code and sign it with my own certificate. It's not Google approved because I don't want to dox myself, so it won't be on the play store. People have been using it and it's passed third party audits.

People should be able to sideload this and run it on their phone. I should be able to do that as well, I wrote the thing! Google says no, you didn't fill out the pile of paperwork for us to approve it. A green light from some other foundation doesn't matter here.

This scenario is dumb, right? People should have the option to run the code regardless of what Google says. They don't have to allow it in the play store which is their managed distribution system. But different distributions shouldn't be disallowed. That was my reading of it.

Ryan Hyde Aug 26, 2025

@h3mmy @Serenus Yep, I agree with all of that.

Again, if my particular read on OP’s comment was wrong, then mea culpa, truly. Added context: I saw it as a standalone repost and didn’t even notice the first post until the debates set in. But for the most part, the various debates have been good, so… at worst, process failed successfully? At least from my point of view. Not to say there weren’t some nasty words here and there, but I did wade into an online debate, so I knew what I was getting into, lol.

Anyway, I appreciate your response. Thanks for taking the time to read through most of this thread!

Ryan Hyde Aug 26, 2025

@Serenus Though I’ll also throw out there that I can’t see the original post because OP blocked me. Which is fine, but I can’t check the logic. I just have to go from memory.

Enys (Yao)Aug 26, 2025

@RyanHyde in context, no, it really didn't, because the original post *was not about "deregulation of everything".* it's not an extreme viewpoint to not want Google fully control what you're allowed to install on your phone. but to me, and likely to everyone else who's responded, *that* is what you are apparently objecting to, with such strange hyperbole

sounds like it might be a good time to step back from this

Ryan Hyde Aug 26, 2025

@yaodema We disagree about OP’s original point then. And as a she’s blocked me, I can’t go back to the source to see if my interpretation was wrong.

Which is fine, they don’t owe me anything of course.

Edit: pronouns

Enys (Yao)Aug 26, 2025

@RyanHyde for what it's worth, she is addressed as she or they

sail safe. these ships likely will not pass again for a while

Ryan Hyde Aug 26, 2025

@yaodema Shit, so sorry, truly. I was being lazy on that one for sure. I appreciate the correction.

Have a good one.