[JohnTHaller]

You can still side-load signed apps. It's a similar limitation to macOS which won't let you run apps that Apple hasn't signed without command line or control panel shenanigans. Compared to iOS, Android still has the advantage of installing your own full browser (like Firefox) with full-fat ad blocking (uBlock Origin, not Lite). iOS is Safari-only right now though, in theory, some alternative engines may be available in Europe later.

[TuringTest]

If they need to be signed by Google, that's not side loading by definition; it's using an alternate Google channel.

[koolala]

What your describing isn't "side-loading". Doing that means the apps go through Google's chain of control. Please don't let them redefine the word.

[ptrl600]

With macOS you run "sudo spctl --master disable", and then you can run whatever you want without sending PII to Apple. Is that the case with the new Android stuff?

[jezek2]

MacOS can run unsigned apps with GateKeeper active, no need to disable it. Attempt to run the app, then go into security settings, scroll down and click on "Open anyway". And before Sequoia a right click -> Open was sufficient.

On M1+ devices it might also need "ad-hoc signing" if the developer hasn't done it (not required for Intel binaries). This is not a true signing, it just inserts a cryptographic checksum into the binary, no actual signing is involved.

[flawn]

No, the closest would be rooting your phone but then you can't use banking apps properly (there are loopholes to spoof integrity but they are slowly coming to an end as verification runs on TEE)

[jhasse]

Couldn't you install with adb without rooting?

[jhasse]

We don't know yet. At the moment side-loading still works without restrictions.

[lieks]

You can install full uBlock Origin in the Orion browser, on iOS. It also has decent built-in ad blocking (though uBlock Origin is still better).

I had been thinking for a long time to switch to Android (GrapheneOS, probably) when my current iPhone 13 dies, but this whole thing with "sideloading" on Android is making me reconsider. If I can't have the freedom I want either way, might as well get longer support, polished animation and better default privacy (though I still need to opt-out of a bunch of stuff).

[palata]

Well GrapheneOS is not Google-certified, so it is not impacted by this :-).

[bitwize]

AOSP releases are going to stop (or become late and cursory like Darwin releases), and new Pixels will not be able to run non-Google-certified operating systems :)

[Pfhortune]

> and new Pixels will not be able to run non-Google-certified operating systems :)

I haven't heard about this. Source?

I think there has been much _speculation_ around this, but no proof that I am aware of.

[lieks]

They have already shown themselves to be both able and willing. Hopefully the backlash from this current decision will delay their plans long enough for GrapheneOS, Lineage and others to figure out how to work around it somehow, which is why I'm eagerly watching where this is going.

[bitwize]

I can't confirm this yet but with Google refusing to provide device trees for new Pixels things definitely look headed that way; they're at least starting to make installing an alternate OS difficult. The Graphene devs are trying to set things up with a handset manufacturer to ship a GrapheneOS phone, but good luck connecting that thing to a US carrier (who allowlist handsets and often limit the allowlist to models they sell directly).

[palata]

> Google refusing to provide device trees for new Pixels things definitely look headed that way

So you're just speculating.

[whycome]

How did Orion sidestep the safari WebKit requirements?

[lieks]

They didn't. They implemented the WebExtensions API for WebKit. It's not complete (e.g. Stylus doesn't work yet), but it's enough to run uBlock Origin.

[cortesoft]

> It's a similar limitation to macOS which won't let you run apps that Apple hasn't signed without command line or control panel shenanigans

Can you do something similar to load unsigned apps on Android?

[_ea1k]

Agreed. While I do not like this move, ti is weird to me how far people are going in their criticism.

The perfect should not be the enemy of the good.

[cnity]

"The perfect should not be the enemy of the good" is the wrong analogy here. It's more like "death by a thousand cuts". Limitations on free computer usage are like a ratcheting mechanism: they mostly go in one direction.