Google: “Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified. We are designing this flow specifically to resist coercion, ensuring that users aren’t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands.”
Thank god. I would’ve ditched Android for good if this went through, and while it sounds like it would be annoying for casual users to enable unverified apps, at least we can still install them.
Wait, so Google listened to our feedback, and we’re still mad? What would a positive outcome have looked like?
because they haven’t? We don’t want any changes to our ability to install software. This would still kill f-droid, and the “flow” they talked about isn’t a system wide setting. You have to do it per app. And you, the owner of the divice who just wants to install something on your device, would have to register. So if too many people install the app, the dev would be forced to register as well.
How is any of that “listening to user feedback”?
Once user trust is burned it’s not coming back.
There are no positive outcomes available now - it’s time to abandon Google.
Linux phones arriving sooner? Hopefully that’s the silver lining.
Because no one believes that Google (Evil Corp) did this to deteer scammers, as they claim their reasoning was. If that was the case, they would take a much better care about the virus apps that gets released on Play Store, or the phishing ads that gets served through games.
This was always about monopoly.
I genuinely believe that it was motivated by the desire to deter scammers. What leads you to believe it’s not? There are many gullible people out there who will follow, precisely as you pointed out, phishing links that encourage them to sideload an unverified app.
No system is perfect, and I also believe that Google Play does a fair job of removing malicious apps.
I’m sorry to try to bring some nuance into this thread as I know that discourse isn’t welcome on Lemmy, but I’m just trying to wrap my head around the outrage. Providing a way to let experienced users continue to sideload apps while safeguarding the more gullible seems like a good idea and I still genuinely don’t understand what your preferred solution would be.
I understand that thoughtprocess, I really do because I’ve thought the same at one point. Most who are angry and frustrated at Google have.
To explain it a bit, it’s pretty much what I said before. If it really were to deteer scammers, they would implement better security and safety in their Play Store first. There’s also ways they could block phishing attempts through there, but instead they use a bulldozer to hammer a small nail to a wall when a hammer would do just fine. I’m sure if you do a search for articles there’ll be news covering this, and surely son statistic if you are more curious on numbers.
What they need is better checks in the very first step, because locking down sideloading won’t fix their inherently flawed Play store security and vetting. It’s like putting a patch of glue on a crack in the wall, but right next to it there’s already a gaping hole.
Ironically, in my attempts to find any kind of information about this, it only resulted in news articles reporting on the number of developer accounts banned and announcements from Google warning users about scams and providing recommendations to safeguard themselves.
I don’t agree that Google has taken a singular approach to this problem; there are numerous ways in which they are combating scams, of which this piece is just one.
I believe people in this thread are (deliberately or not) looking at this from a very narrow point of view and not seeing how (1) there is a risk that is mitigated by preventing gullible users from installing malware through sideloading, (2) Google has reconsidered this solution after hearing community feedback and (3) Google uses numerous mechanisms to eliminate bad actors from the Play store.
To touch on the last one, it seems many of those mechanisms are not done transparently as I’ve seen threads on /r/AndroidDev back before I left Reddit about individuals being lifetime banned even by association to a scammer.
At the risk of sounding insincere—such is the nature of an online discussion forum—I’d like to tap into the ways you see the safety and security of the Play store to be deficient. How are phishing attempts successful there? In the articles I’ve read about phishing through fake apps, they all went through the route of sideloading. One example was to get “special features” in WhatsApp by downloading an APK, and another was to enable developer mode to install an antivirus APK because “the device was infected.” While I found articles describing imposter apps, searching for those apps on Google Play didn’t surface any of them, so it seems from my spot checks that it’s working.
To me, this entire discussion is quite conflicting, because on one hand, we all recognize the risk of malware, but at the same time the community is furious about whatever Google attempts to do about it.
Call me naive, but my family and I are very content with our Android phones and have no qualms with the way Google Play functions today. I remain confused about why this comment section is so mad.
I wouldn’t say that you’re naive, you’re just asking questions about something you want more information on since the info you have seen doesn’t match up with the general opinion.
I found some articles, both in favour of Googles security and some that are not so you can read through them and decide for yourself if this can be considered Google being lax or if they are doing their best:
https://www.malwarebytes.com/blog/news/2025/09/224-malicious-apps-removed-from-the-google-play-store-after-ad-fraud-campaign-discovered
https://www.bleepingcomputer.com/news/security/over-200-malicious-apps-on-google-play-downloaded-millions-of-times/
https://www.cpomagazine.com/cyber-security/over-300-malicious-apps-on-google-play-store-engaged-in-ad-fraud-and-data-theft-installed-60-million-times/
https://edition.cnn.com/2023/07/11/tech/google-ai-lawsuit
https://en.wikipedia.org/wiki/Criticism_of_Google
https://www.creativefuture.org/google-scandal-timeline/
My own opinion: Google takes action sometimes, but as some of these articles says, many ads from scammers came through apps installed on the Play Store. Not by side loading or third parties. They do take action, but some may argue that they often don’t do that until it’s already widespread and argue about the morality of the company itself, but I’m going to focus on our original question - the side loading issue. After reading through these articles, I still find myself questioning why Google would block side loading and blame scammers, when it’s already a problem in the Play Store itself. The only reasonable answer I can think of is to keep their monopoly and remove projects like Aurora Store, microG, ReVanced and so on. Especially since it is well known that Google does not care about its users, only about its profits.
An sort of TLDR maybe, or side discussion - many does not trust that google do something with the intent of being good. Their history has been anything but good so far, and therefore oppose it out of fear of the actual intent behind their decisions. Blocking side loading takes away freedom to install whatever we want, and Google seems to blame malicious actors using third party sources when malicious apps already exist in the Play Store and their security gets bypassed.
I think it was fairly obvious that the move was going to piss people off, they just misjudged to what extent. Modern business strategy is to claim to listen to customer feedback and just quietly plan to implement it anyway, just do it more subtly, more quietly, and more slowly.
I would understand the outrage if Google didn’t stick to their word, but unless I’ve missed something, they’ve not, have they? Are we now protesting that they reversed their decision? Wasn’t this what we wanted?
…no? I’m not really protesting so much as offering what I think the other person is trying to say. I think they are saying that Google crossed a line, and walking it back doesn’t change that fact.
In my opinion, Google has crossed countless lines over the last 5-10 years. I’m looking for alternatives that meet my own needs. That search has accelerated over the last few years, when the things Google has done have been most egregious. This isn’t a protest. This is disillusionment. I’m abandoning ship.
That’s a unique perspective. Thanks for sharing.