Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
MishaalRahman 11 hours ago

>Developers, including non-US citizens, are forced to give Google their government ID to distribute apps.

Developers can choose to not undergo verification, thereby remaining anonymous. The only change is that their applications will need to be installed via ADB and/or this new advanced flow on certified Android devices.

Either way, you can still distribute your apps wherever you want. If you verify your identity, then there are no changes to the existing installation flow from a user perspective. If you choose not to verify your identity, then the installation will still be possible but only through high-friction methods (ADB, advanced flow). These methods are high-friction so anonymous scammers can't easily coerce their victims into installing malicious software.

Evidlo 10 hours ago | parent | next [-]

My friend's little kid likes to make games that he and his friends can play. As far as I am aware, these apps don't require any permissions.

Are apps like this more dangerous than browsing to a website? I thought they were entirely sandboxed from the rest of the device?

Aachen 7 hours ago | parent [-]

Not quite. You can do a lot of stuff that requires no permissions, or at least not ones that the user has to confirm (e.g. you get internet permission, sensor access, always run in the background etc. by default, but you do need to declare this in the manifest file iirc), which isn't possible on websites like that (a website will ask before it lets a site do limited things while you think the tab is closed)

Depending on your threat model, it might be mostly harmless

codethief 2 hours ago | parent | prev [-]

> Developers can choose to not undergo verification, thereby remaining anonymous. The only change is […]

"The only change" – with all due respect, are you even listening to yourself? The "only change" is that you, as a developer, will be completely excluded from publishing apps in the Play Store and that people effectively won't be able to install your app anymore! (Unless you were targeting only e.g. F-Droid users to begin with, which very few apps do.)

In essence, you are cutting down on the privacy of tens of thousands of honest developers around the world in the name of protecting users from scammers and you're pretending that 1) it's a nothingburger and 2) developers have a choice.