Partly because of this, I moved to graphene.
Fuck google, simply. And I did like them 15-20 years ago. How far have they fallen…
I wish I could, but I don’t want to carry around a wallet, so I need Google Wallet :( and it doesn’t work on Graphene.
Yeah I’m a sucker for nfc payments, thats why I use an android watch with graphene
I don’t know much about Google Wallet what’s the benefits?
It can be used like a contactless card. On a visa (paywave) / mastercard (paypass) terminal, we can tap out phone to make payment.
in certain country, there is a scan qr code to pay functionalty.
there is also a peer to peer money transfer feature
but what if someone stole your phone? and what if your Google account locked?
i will have to re-setup the wallet on a new device and revoke access to the old device.
Google doesn’t store the money. If my google account is locked (or if google deactivate it), then i will have to set up a new google account and associate with my bank account again.
either way, I can’t use gpay/ google wallet now, because i am either running grapheneos or running a rooted android.
Yeah, same. I have considered a watch to solve this, but not sure.
15-20 years ago? I thought GrapheneOS was 6 years old
I think he means he liked Google 15-20 years ago.
Bye bye Android and hello Murena Fairphone.
I wish a have Fairphone, They are great
So, I will no longer be allowed to install APKs that aren’t from the Play Store? I thought they backed down on that.
not just play store it’s worse, if the developer didn’t pay to google and give ID to Google, no-one can install that app
Right now the best solution is using custom ROMs *without Google Play Services
That would only apply if Play services are involved.
I’ve installed many apps on devices with no play store, no networking, etc.
Google will need a mechanism to enforce this, that will be Play Services.
deleted by creator
A lot of people reported that they did. I don’t know why. Nothing in their statement said that. They did say they were going to add some “advanced workflows” but didn’t elaborate anymore than that. It says it right in the link in OP:
Update: Google has not “backed down” from developer verification: Contrary to a vague mention of a possible “advanced flow” that may eventually allow “experienced users to accept the risks of installing software that isn’t verified”, Google’s description of the program continues to state plainly that: “Starting in September 2026, Android will require all apps to be registered by verified developers in order to be installed on certified Android devices”. Until such time that they have shown evidence that it will be possible to bypass the verification process without undue friction, we must believe what is stated on their official page: that all apps from non-registered developers will be blocked once their lock-down goes into effect.
deleted by creator
Only if you have gapps installed. So just reinstall your OS. It’s absent by default.
Problem solved.
I have an Android device with a locked bootloader and no available custom ROMS. Am I fucked ?
You need to unlock bootloader first
I don’t think it’s unlockable. You see I’m using an honor device (huawei basically)
FuckGoogle
Is that a new ROM?
What is ROM state of development with locked bootloaders and pixle going down the drain. Not to mention broken VoLTE (last time I looked) now needed in a bunch of countries since 3g cutoff.
Like ideally yes.
But you think they’ll stop at the play store?
Use Custom ROMs with MicroG
Here is active and good custom ROMs
LineageOS (many devices) e/os (many devices) crDroid (many devices) GrapheneOS (only pixel)
that’s just it, they’re targeting custom ROMs with this too. the number of security updates for AOSP is being cut by Google in order to make custom ROMs less secure, so that they can then close down the project while claiming it’s to protect users. make no mistake, the end goal here is make everyone who uses Android have to do so on their terms.
it’s why Linux phones being mainstream is an absolute priority.
the number of security updates for AOSP is being cut by Google in order to make custom ROMs less secure
Please don’t spread misinformation. Google didn’t cut security updates. You can still get monthly security updates on Custom ROMs.
Also it’s just on certified devices
Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices. source
https://discuss.grapheneos.org/d/27068-grapheneos-security-preview-releases
This is probably where they got the 3 month number. It is fuckery and they are making the lives of custom rom developers more difficult than they need to be.
Here is a good information from LineageOS;
Over the last few years, AOSP has been shifting to a quarterly release cadence, meaning that new features and bug fixes are released every three months. link
misinformation and grapheneos, again?
https://www.androidauthority.com/android-risk-based-security-updates-3597466/
They’re not releasing the list of vulnerabilities each month but instead doing it quarterly, so how are custom ROM devs supposed to patch vulnerabilities if google isn’t reporting them to manufacturers and developers like they’ve done for over a decade now?
“Android Security Bulletins will still be released, and picked to all supported LineageOS versions monthly.” LineageOS
Given how large and complex the Android operating system and its underlying components are, it’s not unusual to see a dozen or more vulnerabilities documented in a bulletin. However, the July 2025 bulletin broke this decade-long trend: out of the 120 bulletins published up to that point, it was the first ever to not list a single vulnerability.
Instead of bundling all available security patches into the next ASB, Google now prioritizes shipping only “high-risk” vulnerabilities in its monthly releases. The majority of security fixes, meanwhile, will be shipped in quarterly ASBs.
Wow you’re completely full of shit aren’t you
what do you mean?
You are a slave
Please don’t spread misinformation.
it’s not misinformation, you weird little google fanboy.
Also it’s just on certified devices
which is every single major western brand that operates outside of china, and even some that are for that market specifically. you would know that if you had, I don’t know, actually looked at the list of certified devices on google’s own website.
Let me clarify myself.
I hate Google
I don’t even have a Google account I did 100% De-Google
I even think of blocking google.com (but it would also block ReCaptcha)
and you confuse by devices they don’t mean “the device itself” they mean device with their stock rom
here is a screenshot that show if you get a certificed device and flash a custom ROM
I just got my fairphone! It feels so free!
Good news on the GrapheneOS front: Graphene will be available on hardware other than Pixels.
I like my Pixel 6 Pro just fine, but I’m nonetheless thrilled about this.https://piunikaweb.com/2026/02/02/grapheneos-non-pixel-hardware-announcement/
good but I don’t have couple months
That’s just the announcement. The devices won’t be ready till 2027. 😖
Refurbished Pixels can be cheap nowadays. I got a Pixel 8a for less than 300 euros in great condition.
My girlfriend and I both need new phones from her failing and buggy Samsung A52 and my Xperia 5ii. We are not going Samsung anymore because they are putting unremovable Israeli spyware baked into their devices, fairphone 6 still seems very buggy and we had a friend with a fairphone 4 with 99 problems with it, and I don’t want to give google money and we want SD card slots instead of almost no memory to force cloud subscriptions.
2027 is starting to be a big ask though.
For what its worth, I’ve been daily driving a Fairphone 6 with /e/OS for over 4 months now and it seems quite polished to me. I’ve had a small number of issues that I’ve had to work through (as has been the case with every phone I’ve ever used), but I definitely wouldn’t describe it as “very buggy.”
Do you mind if I ask you a few questions about it? Especially on/e/? I think you are the first user I have seen.
Does android auto work, connect fast, and have all of your enabled apps on it? My girlfriend’s maps app just doesn’t work in android auto sometimes and the same with Antennapod for me and we have to reconnect. That is quite an important one.
How is battery life with screen off? On my xperia 5ii it has always been terrible with 1.5% per hour (accubattery) on WiFi or 3% per hour on 4G…
Does your microphone work well in calls, recording, and on speaker? I have seen a ton of bug reports for that.
Have you run into the common “terrible haptics/vibration” thing that people are saying with it barely being noticeable or not noticable in your pocket? I have heard that and that the haptics are really really bad in general.
Android Auto works well! I’ve used Finamp, Antennapod, CoMaps, and Google Maps with it and they all work great. I can voice search destinations with Google Maps while driving and it works. The only downside of Android Auto is that you have to install some Google apps for it to work, which feels icky on an otherwise-de-Googled device. No connection issues.
Battery life is great! I did an experiment when I first got it to see how long I could go without charging and got 3 full days (with plenty of use, since I was excited to play with my new phone). I’m ending most days around 50% now that I’ve got a bunch of stuff always running in the background (KDE Connect, Tailscale, etc.).
The mic and speaker aren’t amazing, but I haven’t had anyone say they’ve had trouble hearing me. I haven’t encountered anything I would describe as a bug, though I’d say that my previous phone (an iPhone 15 Pro Max) had noticeably better speakers.
And I actually don’t know about the haptics, since I leave my ringer on pretty much all the time. I’ve definitely had times when I’ve been in a concert or movie with it silenced and felt notifications, but I have no idea if I’d be able to detect them if I were walking around or something. I’ve always been a ringer-on guy unless I’m wearing a smartwatch.
Nope.
Just remove gapps. Problem solved.
I’m not sure but on same devices removing Gapps on stock ROM can result in soft-brick
Sounds like a huge market for degoogled phones is about to open. Stock up now.
This is only fuel on the EU open source initiatives.
But I’m pretty sure Google wont get away with locking down EU customers anyway, as this is clearly a breach of the DMA.
They could clam a web app is the “alternative” I guess.
They’ll shut that down too. Somehow. For “security” I’m sure, even as the Play Store is infested with scam apps.
Play Store is infested with scam apps
Last time when I checked most of the apps was scam
They mandate 3rd party app stores. I think we are passed that.
Google is just power grapping what they can towards everyone else to make up for lost profit.
this is clearly a breach of the DMA
Is it? I think the DMA should have been written so that it is, but Apple does essentially the same thing and EU regulators don’t seem to be claiming that it’s a violation.
They mandate 3rd party app stores for Apple also. You can “side load” in the EU on an iPhone.
And have you seen Apples rules for app stores? Its pathetic that EU allows it.
So, I guess this means that f-droid can only be installed via Google Play. /s
I’m getting flashbacks to using Internet Explorer to install Firefox.
edit: made sarcasm more obvious.
i was gonna try turning a steam deck into all-in-one device including phone, with portable GSM router of whatever i’d to use it for calls (it does have a mic, right?)
not sure if/how that’ll work out
You could feasibly replace the m.2 SSD with one of these bad boys: https://ebay.us/m/JgLTUU
You would have to then boot from SD card, not sure if that’s supported. There are also docks with extra m.2 slots.
I’m reading that the steam deck has 8 pcie lanes. Theoretically there are plenty of possibilities for expansion (at a cost to portability and practicality).
This… is intriguing
Locked down platforms don’t have opt outs for the locks. Though it is a concerning move in the wrong direction.
What opt outs are you referring to? Installing an alternative OS?
Not sure if you’ve been following but the app lockdown does not prevent you from installing apps. You can opt out of the controls they are implementing. They backtracked after the outrage.
Yeah but theyre obviously gonna try again once everyone has move on
Yup, which is why we have to be diligent and prepared. But false information doesn’t solve that issue because you get dismissed.
They didn’t fully backtrack. They haven’t given details but there are still questions about what “advanced flow” means and whether it’ll involve Google spying on what people install. Even if they backed off the worst part of it, this is still monopolist, anti-consumer, and likely privacy-violating behavior, and the correct action isn’t to go “eh they compromise a little so I’ll shut up and eat my slop”
Was that supposed to refute what I said? Because it didn’t.
Did you actually read the link? They address this in a big red box:
Update: Google has not “backed down” from developer verification
Contrary to a vague mention of a possible “advanced flow” that may eventually allow “experienced users to accept the risks of installing software that isn’t verified”, Google’s description of the program continues to state plainly that:
Starting in September 2026, Android will require all apps to be registered by verified developers in order to be installed on certified Android devices
Until such time that they have shown evidence that it will be possible to bypass the verification process without undue friction, we must believe what is stated on their official page: that all apps from non-registered developers will be blocked once their lock-down goes into effect.
You can always install with adb.
Not sure if you’ve been following but there’s no way to opt out. They did not backtrack on anything, despite widespread erroneous reporting. If you click the OP, it says as much. If you have a source that shows they did, please share it because I’d love to read it.
Here’s Google’s official blog where they back off from complete lockdown
Android Developers Blog: Android developer verification: Early access starts now as we continue to build with your feedback https://share.google/5jCv5uDMFcFnc11UN
that’s not backing down at all. they speak of a possible workflow, but they don’t say you’ll be able to install unverified apps. they still say they’ll require it, in fact.
Starting in September 2026, Android will require all apps to be registered by verified developers in order to be installed on certified Android devices
Empowering experienced users
While security is crucial, we’ve also heard from developers and power users who have a higher risk tolerance and want the ability to download unverified apps.
Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified. We are designing this flow specifically to resist coercion, ensuring that users aren’t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months.
yeah, that’s a whole lot of corporate speak that says absolutely nothing. they wrote two whole paragraphs that promise nothing and don’t back down on their verification plans. and you fell for it, too.
you have no idea what that “advanced flow” means, or what it entails, or even if it will actually be there to begin with, or how long it will be there until they discontinue it.
Did you actually read it? That’s not what it says at all.
I mean what they pasted here sure sounds like that us what it says.
Sure did. Did you?
"Empowering experienced users
While security is crucial, we’ve also heard from developers and power users who have a higher risk tolerance and want the ability to download unverified apps.
Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified. We are designing this flow specifically to resist coercion, ensuring that users aren’t tricked into bypassing these safety checks while under pressure from a scammer. It will also include clear warnings to ensure users fully understand the risks involved, but ultimately, it puts the choice in their hands. We are gathering early feedback on the design of this feature now and will share more details in the coming months. "
As I said earlier, only a vague mention of an “advanced flow” that’s still in the works. Nothing saying they are no longer going to require distributors to register with Google, but it does say that they will require it on Google’s own website:
Starting in September 2026, Android will require all apps to be registered by verified developers in order to be installed on certified Android devices
Why you are spamming?
Do you know how to read? Do you know how to click links?
If you do you would see this in this page https://android-developers.googleblog.com/2025/08/elevating-android-security.html
Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices.
I could ask the same.
Each individual asked for the evidence, I presented it.
you can only do that if you use a custom ROM
but on official ROM, no you can’t
You are getting shit on in this thread, but all you are doing is showing what was said by the company. If they say sideloading is going to stay, then I would go with that until they don’t. I’m a find out before you freak out kind of person, but it seems there’s a lot of freak out and no find out here.
Heads firmly up asses all around, it’s like a discussion with MAGA.
No such “backing down” to speak of there
All Google has said is that “it’s not a sideloading restriction, but an ‘Accountability Layer.’ Advanced users will be able to’Install without verifying,’ but expect a high-friction flow designed to help users understand the risks.”
That quote comes from the director of product management from Google Play. It has not been altered or deleted since posted.
Again, a bunch of vague nonsensical horseshit. That sounds like their previous strategy where they said you could use adb, which is completely unrealistic, and is 1000% a sideloading restriction.
Time to finally move to GrapheneOS. Hope they finish polishing it, including things like automated backups. I’m going to donate to them. They have consistently proved themselves to be a legitimate project.
GrapheneOS is ok but the people behind don’t have good reputation on open-source; They smear F-Droid, Firefox, Linux even uBlock Origin https://lemmy.zip/post/59060122
They have an amazing reputation on open source. I think you’re conflating reputation on open source with reputation because of their willingness to understand & criticize issues with some other open source products. The issues with F-Droid’s security model have long been known & discussed by other prominent developers. It is why Obtanium has become increasingly popular. Heck, it is even mentioned on Privacy Guides. Their criticism towards Firefox is to my knowledge more specific to the Android security model & the reality is that Chromium provides significantly better sandboxing there. That isn’t an attack on Firefox itself but design choices or lack or commitment to the fundamentals, which Mozilla has routinely engaged in with Pocket, reselling Mullvad while breaking their browser support for tab container VPN integration if a user has Mullvad installed, their recent AI push, etc. But again they are specifically evaluating & criticizing the security or technical decisions in such instances. Likewise, it is fair to hate on Manifestat v3 used in newer Chrome extensions because not all the v2 features were supported out of the box, but there is no question that the security model in Manifest v2 was significantly worse & would be very easy for a malicious developer to have intercepted & logged all the requests. Manifest v3 solves that & they have uBlock Origin Lite now. I hope to see further improvements in this area. But criticizing the decisions of an open source project, especially as it pertains to security, does not make them anti-open source.
F-Droid’s security model has long been known and discussed by other prominent developers.
Yeah, by privsec.dev (which is owned by a GrapheneOS employee and ex-developer: akc3n and TommyTran732),
and madaidan (who is a GrapheneOS fan),
and Privacy Guides (there are many GrapheneOS developers in this project).
Just give me up-to-date information about F-Droid from someone not related to GrapheneOS.
They have uBlock Origin Lite now.
Yeah, a handicapped version of uBlock Origin.
And you really believe that they killed V2 for security? If you do, I have a cheap bridge for you.
But criticizing the decisions of an open-source project
If they smear projects that are a real choice for quitting Google and Microsoft (which are F-Droid, Firefox, and Linux), of course I’ll criticize.
Yes, well, everything they say about F-Droid and Firefox is more or less true.
I would say there is a difference between constructive criticism and an “attack” and although the privsec article does bring up valid points* I would still regard it as the latter (despite their claims of objectivity), because they ultimately conclude that its premise is inherently flawed regardless of implementation details. They claim
This article aims to be purely technical. It is not an attack on F-Droid or their mission.
Yet while the authors claim to be “objective and technical” its not hard to notice all the “attacks on F-Droid’s mission” in this article, from the reference to F-Droid’s “ridiculous inclusion policy” to all the dismissive references to “ideology.” The message is clear, that F-Droid’s “mission” is Stupid and Ideological and the problems F-Droid aims to solve are not real. Thus, their suggested “alternatives” are just regular app stores that don’t enforce any of the guarantees that F-Droid does (namely, that the app corresponds to its source code and does not include proprietary components), because those guarantees aren’t worth anything** to the “Objective and Technical” people of privsec - you are Stupid and Ideological if you care about software freedom. In fact, Accrescent even says they allow proprietary software because free software “is not inherently more secure or private” - which is technically true, but very misleading, because free software never has claimed to be “more secure” - it has only ever offered the four freedoms, which as a user I feel entitled to on my own devices, so I only install apps that give me these four freedoms. Far from being “objective and non-ideological” the position of Privsec, Accrescent, and their advocates is that users neither deserve, need, or should want software freedom, as such I would characterize these organizations as hostile to the free software movement even if some of their points are factual.
I will add I am not entirely uncritical of F-Droid either, but my criticisms are more that they aren’t strict enough and should be building as much from source as possible instead of relying on prebuilt Maven dependencies as much as they do. I would also say although as a user I think F-Droid’s inclusion policy is a good thing and not “ridiculous” I agree it does put some amount of burden on developers who I imagine develop for the Google world first and the FOSS world second. It might be a good idea for F-Droid maintainers to take a more active role in, well, maintaining these apps instead of pushing the extra work onto the developers (this is typical in the GNU/Linux world, in which distro maintainers take up all the work to package upstreams, but F-Droid sometimes tries to cosplay as an “app store” despite it being a fundamentally different model).
* aside from a bizarre claim that F-Droid supporting multiple repositories is a Bad Thing because it interferes with, and I quote, “UserManager which can be used to prevent a user from installing third-party apps” - what does this have to do with privacy? I think this also speaks to a deeper conflict between security people and free software people, that being uncritical worship of “security models” even when they harm the user. Accrescent offers more or less the same justification for why it locks the user into their own store/repository, and I think it is subtly dangerous to suggest this is an “alternative” to F-Droid because it has very different values.
** According to one of the writers of that article,
Any better ideas for it are welcome.
Just allow devs to upload their own build with their own keys like Accrescent. It’s not like the whole “audit” system is meaningful anyways.
Of course, characterizing it as an “audit system” is missing the point entirely, but I imagine he knows that. Reducing the four freedoms down to “you can look at the source code and audit it” to then follow it up with “you can’t/aren’t going to audit every app you download so why bother with FOSS anyway” is a favorite rhetorical tactic.
Yes, however, the article is titled “F-Droid Security Issues”, not “F-Droid FOSS Issues”. I’m not sure why anyone would read that and say “well what about the four freedoms?”. That’s not what the article is talking about.
ultimately conclude that its premise is inherently flawed regardless of implementation details
In terms of security, which is true.
aside from a bizarre claim that F-Droid supporting multiple repositories is a Bad Thing because it interferes with, and I quote, “UserManager which can be used to prevent a user from installing third-party apps” - what does this have to do with privacy?
It doesn’t. It’s a security issue.
Just allow devs to upload their own build with their own keys like Accrescent. It’s not like the whole “audit” system is meaningful anyways.
It’s true, F-droid’s signature doesn’t provide any meaningful security guarantees.
What Google has been doing to Android the past few years puts the future of Graphene in jeopardy. Especially with closing off third-party access to the binary blobs needed to enable newer Pixel hardware.
Is it possible to try Graphene out, like dual booting on PCs? Without throwing the existing Android setup away or bricking it?
Yes, but I don’t know if it works with grapheneos. You can live-boot an image with
fastboot boot boot.img. You need the grapheneos img file obviously, and a working fastboot connection, and an unlocked bootloader. Usually unlocking the bootloader means wiping the device before you can do anything else though.If you have a pixel, grapheneos should work just fine. Except adding payment cards to Google wallet (non-payment cards and digital tickets work fine though). Some apps may refuse to work on uncertified devices. RCS support depends on your carrier. Outside of those things, though, literally everything else I’ve done has worked.
