197

Last month, "Google unilaterally decreed that Android developers everywhere in the world are going to be required to register centrally with Google." (infosec.exchange)

submitted 5 days ago by AAKL@infosec.exchange to c/fdroid@lemmy.ml

19 comments fedilink hide all child comments

Last month, "Google unilaterally decreed that Android developers everywhere in the world are going to be required to register centrally with Google."

F-Droid and Google's Developer Registration Decree https://f-droid.org/en/2025/09/29/google-developer-registration-decree.html @fdroid

PC Mag: F-Droid Warns Google’s New Rules Could Kill Third-Party Android App Stores https://www.pcmag.com/news/f-droid-warns-googles-new-rules-could-kill-third-party-android-app-stores @PCMag #Google #Android

you are viewing a single comment's thread
view the rest of the comments

[-] Ferk@lemmy.ml 4 points 5 days ago* (last edited 5 days ago)

That's why it's a paradox. They are claiming to do something for security, where in actuality their stricter policies are doing the opposite. This move essentially renders apk's built-in signing mechanisms worthless. Android is going down the path now of being as insecure as MS Windows when it comes to app installation.

This is not gonna stop rogue apks from outside Google's store, it's just gonna make them less secure.

This is not gonna stop alternative stores, it's actually gonna make them more important for further security checks.

This is not gonna give Google more control over Android, it's gonna make it easier for abusers to gain control.

I suspect a step Google could take is start adding extra warnings and layers of confirmation when it comes to installing apps making use of debug keys to try and deter users from doing it.. but this could then annoy developers, numb users to the warnings, and strengthen the case regarding anti-competitive behavior.

[-] Aqarius@lemmy.world 3 points 4 days ago

Is it a paradox, or is it just lying?

[-] Ferk@lemmy.ml 1 points 4 days ago* (last edited 4 days ago)

I'm just calling it a paradox because they are making it less secure by enforcing stricter security.

It's like how creating stricter regulation against drugs sometimes results in more problems with drugs than when the regulation was more relaxed. To me, that's a paradox.

Generally, a stricter security policy results in more security, but there are times it gives the opposite reaction when the stricter policy causes a trend that popularizes alternative methods that are actually less secure. There's always the social factor, and that one is not easily predictable... in fact, it could be that I'm wrong and most devs will decide to register with Google, or simply stop supporting official Android firmware, instead of relying on insecure debug keys. We'll see.

this post was submitted on 29 Sep 2025

197 points (99.0% liked)

F-Droid

9683 readers

7 users here now

F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

Website | GitLab | Mastodon

Matrix space | forum | IRC

founded 4 years ago

MODERATORS

fossdd@lemmy.ml

testman@lemmy.ml