Google's new developer verification requirements starting September 2026 will force ALL Android app developers to register with Google - even those avoiding the Play Store entirely. F-Droid, the tr...
I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.
I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.
Of course, this will only help those whose devices GrapheneOS can run on.
Shouldn’t they be keeping bypass strategies a secret right now?
They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.
If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.
The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.
Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.
I read somewhere that GrapheneOS devs have a strategy which they believe will work – they strip out something or other about app/device attestation (?) from APK files before installing occurs, or the enforcement code itself from their spin of the OS, so sideloading (ie., user-controlled installation) can still work.
I sure hope so… I think everyone in their respective country needs to scream at their local regulators about this.
Of course, this will only help those whose devices GrapheneOS can run on.
Shouldn’t they be keeping bypass strategies a secret right now?
They’re up against a company with more money and developers than they know what to do with. This is, at most, a game of cat and mouse. Secrecy will buy them a sprint or so.
If Google wants to go nuclear, they can do some rolling encryption bullshit or put a million calls all over the OS to check app validity and stop open source altogether.
and bloat default android devices even more! 🎉
The GrapheneOS team is already in communications with an Android OEM to see if they can make a device that meets their specs, hopefully that bears fruit in a year or two.
Do you have source to this?
Just check the project’s X account. The OEM partnership is mentioned very regularly.
Hope it’s a Chinese phone
Google has already shared how apps’ developers will be verified. They’re adding another app that will have access to block installing apps or disable them. That won’t work on GrapheneOS because 1. the app won’t be installed and 2. the app won’t have that kind of privileged access.
ROFL we got redstarOS on mainstream phones before gta6