HN Reader

Google's long term strategy with Android is baffling to me. Apple has had better mobile hardware for years. Apple has higher consumer trust. Apple has better app selection (for most people). Apple has been increasingly implementing the core features that differentiate Android devices, like USB-C and RCS. Every Android user lost to the increasing iOS market share is another customer Google has to pay exorbitant fees to a competitor to access.

And Google's strategy is to continue removing differentiating features from Android that also help them mitigate the threat of antitrust? Surely the marginal revenue from the inconsequential number of sideloading users isn't attractive enough to justify that kind of strategic blunder.

Sideloading is a neologism to scare users and lawmakers, it just means "Installing software" and should be a basic right.

Also software installation in Android has been high friction for a while. Installing an APK on my phone is at least 10 clicks.

I take the opportunity to let people know that there are alternatives to Google/Apple duopoly on mobile. Link: https://www.ubuntu-touch.io/

Sure, GrapheneOS is often suggested but Ubuntu Touch is a really interesting alternative, their own store and ecosystem.

The community is amazing and welcoming. If there are Android apps which you can't do without, they can be emulated and used anyway. Imagine switching to Linux and then using Wine for the apps you really still need.

Yes, it's not perfect but Linux isn't either. If you think you're sufficiently tech savvy and want to make a change, give Ubuntu Touch a try. Find a cheap second hand supported device and play around, make some fun apps. (devices currently supported: https://devices.ubuntu-touch.io/ )

To me it's like being back when there was only Windows and Macs as viable home computer OS, and people were getting their feet wet with Linux and all its flavours. Now, it's the same but for mobile.

I would like to see a high friction flow for installing all the crap from the Play Store to "protect and educate users". "Are you sure you want to install this app? It's only got a score of 2.8 and only 7 reviews, and will ask for all of these permissions?"

If the make sideloading high-friction, either via account-bound or apk upload or permissions from MNO/ISP, I will leave android. I have a bunch of my own apps that only I use, not released to the public, if I cannot use them, I have zero reason to stay on android.

I think one of the reasons they want to lockdown the system is to prevent guys like me from locking THEM out of my home/ecosystems, as and example, I build my own launchers, specifically for TCL TV's, which runs Android TV and has Developer Mode + adb. Which means I remove all the bloat & ad garbage, which they want to prevent.

We will get to the point where google will remove your ability to set custom dns servers and only use theirs.. just wait & see friends.

Anywhoo, when this side loading fence materializes, I will jump ship to apple.

When this whole thing got announced, I purchased a new Pixel 9 and flashed it with GrapheneOS.

I am hoping that in about 6-8 years (when I realistically need to update) the landscape might be a bit better. Or who knows, maybe I'll just continue using GrapheneOS.

So far I have not had a single issues with it. Apps the rely on attestation do not work, but honestly it's only two applications out of hundreds so I can live with it.

I also financially support GrapheneOS on a monthly basis (15$). This is just too important of an project not to.

So I was actually planning on upgrading from a Pixel 7 Pro to a Pixel 10 around the time this announcement came out last year, but have put it on hold as I wait to see what form these changes take.

Like if it was "you need to do the developer 7-tap of the version label in settings", it'd be like "whatever". But given how long this process has taken, I suspect that is not what they've planned - it wouldn't take this long to develop, it certainly wouldn't take this long to explain.

So I suspect that we're actually in the "Maybe Later" phase of "Google wants to control which apps you install: [ ] Yes [ ] Maybe Later". And I mean, if their proposed solution turns out to be "Me and 25 of my closest friends can install apps I make by phoning home to Google servers", then like, I can do that on iOS too. And if I'm not going to have meaningfully more control of my Android device, I may as well just go to iOS where Apple at least have a better privacy record and don't seem to have have an all-encompassing goal of "where can we put AI features to drive AI usage metrics up the most?"

I'm with Google on this one. Idiots and old people (the public) use these devices daily. These are the very same people that send money to Nigerian royalty and expect to hear back about a great reward. This is mostly a CYA move with hard data behind it. If they completely removed side load, that would be a different story.

> Matthew Forsyth, Director of Product Management, Google Play Developer Experience & Chief Product Explainer, said the system isn’t a sideloading restriction, but an “Accountability Layer.”

And... What about accountability for hosting distributing spyware, malware loaded apps from Google Playstore and hundreds of copy cat, misleading apps?

Why can't they pose a question when the phone is setup?

- Yes, I want to sideload

- No I dont want

If the user says NO then to later enable it to allow sideload Yes, the user needs to factory reset phone. Done.

As TFA does not mention it, and I don't see any top-level comments discussing it, this is a continued rollout of a "feature" first piloted in Brazil, Indonesia, Singapore, and Thailand. See:

https://android-developers.googleblog.com/2025/08/elevating-...

https://android-developers.googleblog.com/2025/11/android-de...

https://www.channelnewsasia.com/singapore/google-android-dev...

Of course, HN reaction has always been skeptical about this including in earlier news. But the reporting on it, and the countries in which it is piloted in, seems to me to involve government/banking industry cooperation with or pressure on Google to combat cyber fraud. These polities are prime targets for Android cyber fraud of this sort due to Android penetration, and seemingly (to me) also cultural proximity to scam operators, and tech-illiteracy among the vulnerable demographic. (And anticipating a reply I got from a previous article on my comment on this feature---no, it's just not feasible to comprehensively educate retirees against evolving tactics by scam operators and expect that to be a sufficient sole countermeasure.)

The image at the top of the article is actually what already happens in Android and has done for years. At first, I thought that this meant that the article was very outdated, but no, this is from January 2026.

I imagine the text of the article is fine, but I'm a little bit disappointed that Android Authority chose to lead with that image and caption and make it seem that this is what the future flow would look like. You'd think they'd know better.

Those of us who use Android phones now - and install FOSS apps form F-Droid or just any apps from elsewhere other than the church of Google - might be thinking: "Oh, I need to work out how I'll have decent app access after this happens."

But what we should really be thinking is: "Oh, I need to _donate_ to projects which aim to patch Android-based phones to remove these restrictions; or to projects which aim to replace (most/all of) Android completely".

We need to speak with our wallets in addition to just ranting about Google.

I heard that the frog boiling is a myth. You can't boil frog alive, it will jump out. As opposed to humans

Call me what you want but it is my belief that the reason google is locking down and Apple refuses to budge is that in the near term future our mobile devices will become our identity online and in public.

Apple already offers digital ID in some states. They can do this partly because they can guarantee to the gov’t the ID is genuine because the user cannot modify the system.

Google needs to be able to do the same thing.

Age verification laws for online services will actually require something like a digital ID and Apple and Google want to be the providers.

In the technofeudal new world order, your smartphone is not just a device, it is your gov issued digital ID/wallet

The Apple/Google OS duopoly exists by design, they view bootloader unlocking and sideloading as threats because they break that control

They want to be able to define and/or revoke your existence in the system

No escape, because no alternative

The highest risk is the play store itself. Gambling and addiction. So, when does Google add "high friction" there, instead of encouraging it? Ah, well, it's the money! Than stop bending the truth.

Guys, a discussion of which big tech company is better is equivalent to talking about which cancer is the best to have.... Can we all agree that each operating system has good features but they share a terrible feature of being strapped to a giant vampire squid exfiltrating your data and selling your secrets to the highest bidder? Instead of wasting bandwidth on these two companies can we go and figure out how to force cell phones (and consoles and numerous other things) open like the PC was/ mostly still is?

The real question is if you can still sideload:

1) a .apk that was not developer-verified

2) without informing Google of this

I wish the EU would step up and bring sideloading on iOS. iPhone hardware is great but the software is severely lackluster. I know a few developers there and they are not exceptional by any means. Chiefly because Apple pays much less than their competition so they do not attract the best talent

Wait so did this rollback? Initially they were about to forbid any install from non verified accounts, then allow them but just a limited number, this article seems to suggest there will just be extra steps?

Some manufacturers like Xiaomi already have a very annoying flow for enabling developer options and using ADB. You need to have a SIM card inserted, need to create a Xiaomi account and there's several popups with timers you have to wait through.

I was never an iOS user, or developer - exactly because Android was more "open", exerted less control over a user of the device.

The same reason I use Linux for 25 years (not ideological, but it just makes most sense by far). In time where this view (win11 vs. Linux) is starting to make sense to more and more people, few rare config nuances are getting easier to solve due to LLM-s, going into the opposite direction with a mobile OS calls for users to also start seriously considering more open alternatives and making a path for users of our app to do the same.

Semi-related question: how invasive is the Temu App on Google Play Store nowadays. Last time I read about it, it posed a bigger threat to users than the average side-loaded app.

The current system is already high friction. Enabling "advanced protection" in your google account additionally requires installing apps through adb.

"high friction" is a good euphemism for modern tech in general, how it feels to use.

reminds me of when theresa may said UK would become a "hostile environment", because it really feels like that in more ways than she meant.

a high-friction hostile environment is a good description for life.

If auto-updating apps stops working on fdroid, I'll be installing Graphene, Lineage or taking a shot at something like postmarket/ubuntu touch/plasma mobile. I've used Lineage as a daily driver before for a while, so I'll probably just go back to that and tell developers to support the platform I'm using. It doesn't rent seek on developers or users.

The Apple app store was ruled to not be monopoly.

When Google inquired in court how that could be if Apple doesn't even allow any form of side-loading, including other app stores (which Google does allow)

The judge said, I shit you not, Apple doesn't have any competitors on their platform, therefore they can't be anti-competitive.

Probably one of the worst most off the rails rulings ever. Google took notes and is now following Apple. You can thank the courts

Part of me thinks they wouldn't be doing this if their own ad team wasn't knowingly accepting money from fraudsters.

So, which 3rd mobile vendor and/or OS are you moving to?

If anyone wants to debate whether sideloading is a neologism, take it up with Sandisk circa 2007 https://xdaforums.com/t/sandisk-announcement.316860/

You're free to search XDA Forum. 2007 was the earliest mention I saw, but conversation seems to start in earnest around 2009 and never stops. Consistent hits in search from the last TWENTY YEARS.

This is not new. It may be new to you but any scary and evil connotations are your own ignorance. The term has been in common use for decades.

I'm sure I'm missing something but wasn't this already the case where the first time you try to install an APK, you had to go into Settings and mark the relevant application as a trusted source for installing APKs from?

Side loading into a streaming box is an essential feature for me. I depend on a side-loaded app for Japanese TV.

But of course, I have that in a separate Android box, so I'm not forced to update to a new OS when replacing a TV (as I just did this week).

The year of linux desktop unironically may be close. What is the situation with mobile?

Can we stop calling this "side loading" please.

There is nothing sleazy happening "on the side", I am simply installing an application of my choosing on some hardware that I purchased.

As long as it remains possible (without extra developer verification, etc, etc), a bit of extra friction is probably OK, as is assigning accountability to the person who chose to install an app outside of the "official" store.

But it has to remain possible. Otherwise can someone name any advantage that Android has over iOS?

Does high friction involve parties needing to identify themselves?

Eventually my so called smartphone will be a device for authenticating against a few services that require a special application, that I can also tunnel a serious device through for doing the things that I actually want to do.

It would be interesting to know why they're doing this, but it's unlikely it'll ever become public knowledge. I also don't think it is important, the people responsible should be in jail for a lot of other reasons anyway.

Add high friction to scammy ads on your platform, Google

Can we please stop calling it "sideloading"? It's simply "installing" software on hardware that I own, and that I should have full control over.

Don't be evil

Sideloading is already painful. I tried installing Sora (which is not available in my region's Play Store). The phone didn't allow me to start the app (complaining about integrity) unless I disabled the Play Store Integrity Checks. It wasn't straightforward in saying what the problem is and how can I bypass the check.

I think we should stop calling it "sideloading". I don't think the history of the term matters. By using that term, you imply that running the code you want on the hardware you own is somehow a secondary or second-class activity.

Call it "installing" or "jumping the garden wall".

Friction hopefully means "you have to plug in a USB cable" and not "you have to associate your phone with a particular Google account, then go through a process with Google's customer service to approve your phone for sideloading" etc.

Apparently this "high friction" is a term entirely invented by Android Authority based on finding a few new generic warning messages about sideloading in the Android source?? I guess if there's no news, you have to play word games to make some.

Articles like this where we lament being trapped in an ecosystem duopoly are contemporary with articles saying that software engineering is over and LLMs can just vibe code anything you imagine. What's keeping the duopoly in charge?. Code signing?

Is the solution for sideloading to also have the same APK in the Play Store? That way, Google would have received the AAB and generated a signed APK that is used from the Play Store and also offered via sideloading.

EU said that App Stores must have alternatives.

So F-Droid can just continue with their alternative app store.

If Google makes it harder than it needs to be, then I'm sure they will be fined/sued.

At least they aren't removing it like originally planned. A warning from `adb sideload` or `adb install` that can be bypassed with an environment variable is reasonable IMO.

How does this relate to the announcement from a while back about introducing signatures that tie back to Google? (IE trusted developer program or whatever they're calling that horse shit.)

> Google says the added friction is meant to educate users about the risks of sideloading.

Or maybe the risks of monopolies and monocultures in computing.

I am not very well educated when it comes to alternative stores landscape. But I do know that in Russia there's now Rustore: https://www.rustore.ru/en which functions by automatically downloading and updating APKs for you.

During the APK install, however, you do see the ugly Android prompt about how this app may be dangerous.

Rustore has its own app payment system, which obviously circumvents Google Play fees.

This works on regular Android phones.

Are there other examples of such stores? Perhaps it's Google's answer to that.

Funny way to say 'dark patterns'

My guess is the 'high-friction' part is some kind of mandatory waiting period of 1 to 3 days

iOS has fallen behind, I am struggling to use apps and even type on new liquid glass. My 2TB photo library is useless with the current photos app. I am trying out Pixel 10 on the side and I HIGHLY recommend it! Android does not suck anymore. I am in process of migrating stuff over slowly.

Steam phone incoming in 3... 2... 1...

Can we also get total app isolation sandboxing and location, network, etc. spoofing while we're at it?

BOYCOTT.

Why not just go full Apple right now and just rebrand iOS? That seems to be the ultimate outcome.

Ah yes, such enormous friction, to install F-Droid and install an app via it, instead of Playstore. Argh, sooo much friction, really unbearable. /s

Google is getting more ridiculous by the day.

The vast majority of Android users don't sideload apps. I used Android for years and only did it during dev. I don't know anyone who does it.

I agree with high friction sideloading. it is the best of both worlds. no friction sideloading is too easily exploited by scammers. having a member of my family exposed to this kind of thing in the past taught me some things.

I think i have an idea that would better protect normal users while not getting in the way for power users and developers:

1. All applications must be signed with a valid store key.

2. Anyone can import a store key after rebooting into the bootloader (similar flow as custom roms)

3. Google can maintain a list of malicious keys and reject them

Why is this better? Because it makes it much harder to trick grandma into installing an APK some site just dropped.

TBH this doesn't seem a particularly high friction change. It seems very like what we have to do already, or like what we do on OSX.