Remix.run Logo
ChocolateGod 6 hours ago

I lost a lot of sympathy for these campaigns when they started to use hyperbole.

ADV is not a virus, nor a trojan horse.

> killing the ability to install your own software on your phone

But you can still install whatever you want over ADB...

jsiepkes 4 hours ago | parent | next [-]

> But you can still install whatever you want over ADB...

...if you wait 24 hours.

And also thanks to the new Google Play attestation API a lot of apps won't even work on alternative Android OS'es. But that's all needed in the name of security. Never mind if your Samsung Galaxy phone is EOL and hasn't been receiving updates for 4 years anymore. It still works with the attestation API. But the fully updated GrapheneOS phone is a real security hazard apparently, so it won't work with it.

So no, you can't just run everything you want via side-loading. It's pretty obvious Google is making a power play to curb down on everything that isn't going via Google Play.

ChocolateGod 3 hours ago | parent [-]

> ...if you wait 24 hours.

False.

ADB is not restricted at all, the moment you enable developer options and enable ADB you can install an APK.

The Google "wait 24 hour" flow only triggers if you install an APK off the web.

https://www.reddit.com/r/Android/comments/1rzd0is/mishaal_ra...

jsiepkes 2 hours ago | parent [-]

Ok, that's some good news. Still leaves the attestation API though. Which makes using a non-Google sanctioned device a non-viable option. Also don't forget that the source code for Android is now, since 2026, only released twice a year (i.e. every 6 months).

So overall it's quite clear which direction Google is moving in. They are clamping down on the ecosystem.

ChocolateGod 2 hours ago | parent [-]

> Still leaves the attestation API though. Which makes using a non-Google sanctioned device a non-viable option

The attestation API isn't Google 'being evil', it exists as part of legal requirements that exists, namely for financial and banking applications.

Any alternative platform that wanted similar kind of apps would almost certainly have to implement a similar system.

> Ok, that's some good news

The fact you thought wrong shows the confusion being caused by these factually incorrect articles.

ulrikrasmussen an hour ago | parent | next [-]

What legal requirements are you referring to?

angoragoats 42 minutes ago | parent | prev [-]

> as part of legal requirements that exists, namely for financial and banking applications.

Please cite the laws or regulations you’re referring to, because I don’t think there are any.

ChocolateGod 24 minutes ago | parent [-]

PCI-DSS (enforced by banks/payment processors) means the EMV token store on your Android phone must be in an isolated uncompromised location (usually the TEE).

If your phone is rooted or has an unlocked bootloader then it's possible that trusted store is no longer secure or can be snooped on by a third party. Given Google Wallet/Pay handles EMV tokens and stores them on the phone, it has to pass PCI-DSS before banks will allow it.

This is the biggest reason why Google tries as much as possible to block Google Pay on rooted/unlocked devices. If a device fails compliance (a rooted phone certainly does), as far as banks are concerned it's not safe.

But people just find it easier to say "Google is Evil".

You also have the EUs Payment Services Directive (so a law) which require strong customer authentication, rooted devices can also fail up here.

gonzalohm 3 hours ago | parent | prev | next [-]

Same kind of hyperbole that Google uses saying that "they have to do this because it's too dangerous for users to install whatever they want"

preisschild 4 hours ago | parent | prev | next [-]

By definition Google Mobile Services are a rootkit and have always been, not only since ADV...

antonvs 3 hours ago | parent | prev [-]

Oh no, hyperbole! How ever will you recover?!

This has the same energy as “I lost a lot of sympathy for these political protests when they mildly inconvenienced me on my commute.”

If you don’t agree with something, just say so. You don’t need to hide behind fake pearl clutching.

ChocolateGod 2 hours ago | parent [-]

It does as much good for the cause as those climate activists who glue themselves to motorways and block ambulances.

dTal an hour ago | parent [-]

So quite a lot then?