[astra1701]

This is going to hurt legitimate sideloading way more than actually necessary to reduce scams:

- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?

- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need. This kills the pathway for new users to sideload apps that have similar functionality to those on the Play Store.

The rest -- restarting, confirming you aren't being coached, and per-install warnings -- would be just as effective alone to "protect users," but with those prior two points, it's clear that this is just simply intended to make sideloading so inconvenient that many won't bother or can't (dev mode req.).

[MishaalRahman]

>- Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?

Hi, I'm the community engagement manager @ Android. It's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.

If you turn off developer options, then to turn off the advanced flow, you would first have to turn developer options back on.

>- One-day (day!!!) waiting period to activate (one-time) -- the vast majority of people who need to sideload something will probably not be willing to wait a day, and will thus just not sideload unless they really have no choice for what they need.

ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.

[Zak]

I don't think Google should be changing Android this way at all, and fear that it will later be used for evil. That said, I thought of an improvement:

Allow a toggle with no waiting period during initial device setup. The user is almost certainly not being guided by a scammer when they're first setting up their device, so this addresses the concern Google claims is driving the verification requirement. I'll be pretty angry if I have to wait a day to install F-Droid and finish setting up a new phone.

Evil, for the record would mean blocking developers of things that do not act against the user's wishes, but might offend governments or interfere with Google's business model, like the article's example of an alternative YouTube client that bypasses Google’s ads. Youtube is within its rights to try to block such clients, but preventing my device from installing them when that's what I want to do is itself a malicious act.

[Ajedi32]

Agreed. I also don't think this should be in developer settings; it's kinda insulting to imply that only developers need to have full control of their own devices.

Personally those two changes would mollify me somewhat, though the slippery slope concerns others have discussed in this thread remain. Additionally, I think there's a real anti competitive concern in that these changes negatively impact the market for non-Google-approved apps. (Perhaps the latter could be solved by allowing alternate app stores like F-Droid to completely bypass the verification requirement, allowing those stores' internal app verification processes to compete on equal footing with Google's.)

[silver_sun]

> Allow a toggle with no waiting period during initial device setup

I like this idea in principle but I think it could become a workaround that the same malicious entities would be willing to exploit, by just coercing their victims to "reset" their phones to access that toggle.

[Zak]

That wipes all the data on the device and requires logging back in to accounts. It seems to me that's high enough friction to resist most coercion.

[silver_sun]

Isn't app data, photos etc. usually synced with the Google account? Besides, Google claims that the scammers are using social engineering to create a feeling of panic and urgency, so I think the victim would be willing to reset and log in to the accounts again in such a frame of mind.

[Zak]

Some is, some is optional, some isn't.

I'm sure there's a hypothetical scenario where someone successfully runs a scam that way, but there's also a hypothetical scenario where a 24 hour wait doesn't succeed at interrupting the scam.

[johnnyanmac]

None of this is stopping a malicious entity. We keep trying to use tech (poorly thought out tech at that) to solve issues of social engineering. And no one is asking for a solution, either; it's being jammed in for control.

[thedevilslawyer]

Such a silly statement. Of course tech can solve social engineering problem, we do so every day startign from UX design. This is a good solution to killing urgency.

[johnnyanmac]

Ux is made for humans. Humans can learn to exploit UX. This is as useless a battle as fighting piracy: you will destroy your product before you solve the problem.

[survirtual]

Social engineering is destroyed with education, not with restriction and control.

Trading freedom for safety eliminates both.

[MishaalRahman]

That's an interesting idea wrt to enabling the advanced flow during initial device setup! I'll pass it along.

[worble]

> It's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.

Ok, but why is this advertised to applications in the first place? It's quite literally none of their business that developer options are enabled and it's a constant source of pain when some government / banking apps think they're being more "secure" by disallowing this.

[hbn]

> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.

Someone is just going to make a nice GUI application for sideloading apks with a single drag-and-drop, so if your idea is that ADB is a way to ensure only "users who know what they're doing" are gonna sideload, you've done nothing. This is all security theatre.

[tbodt]

> “For a lot of people in the world, their phone is their only computer, and it stores some of their most private information,” Samat said.

Not applying the policy to adb installs makes a lot more sense if the people this is trying to protect don't have a computer

[RulerOf]

I've seen a few apps that run locally on Android and hook into the ADB connection over loopback networking to do certain things.

This just adds the step of "download Cool ABD Installer from the play store" to the set of directions I would think.

[NotPractical]

Google could easily put an end to that if they wanted. Just block adb access from the loopback address and VPN. I'm surprised this isn't already in place. The setup flow for those apps you're referring to is awkward enough that it's clear it was never intentional to be able to access adb on-device.

[eclipxe]

You can run adb install locally without a computer

[grishka]

If you mean things like Shizuku or local adb connection through Termux, it's quite an awkward process to set up even for someone like me who's been building Android apps since 2011. Like, you can do if you really really need it, but most people won't bother. You have to do it again after every reboot, too.

[g947o]

Scammers will figure something out to help that workflow smoother, you can count on that.

[Retr0id]

The scammers don't even need to make a GUI, they just need to get you to enable adb-over-tcp and bridge that to their network somehow - an ssh client app would do the trick.

[ForHackernews]

How many people do you suspect are gullible enough to fall for these scammers but also competent enough to install an SSH client and enable port-forwarding for an ADB proxy? Like fifteen people worldwide?

[plst]

How many people are gullible enough right now to plug a phone to a laptop over USB and execute an exe on an operating system with no sandboxing at all? ADB even seems to work over webusb. (at that point you may as well give up on hacking the phone, but I digress). That's exactly why I believe the problem is more complicated and why Google's solution is not really fixing anything, not for the users.

[takluyver]

There's going to be a lot of people who don't have a laptop/desktop handy right now - because they're out of the house, because it's unplugged in a cupboard, or because they borrow it from a friend or use an internet cafe when they need that. So a requirement to use that and connect your phone to it is effectively similar to the 24 hr waiting period: time to think, time to mention it to a friend who's heard about this scam before. This is why phones are such an attractive target in the first place.

[Retr0id]

More than the number of people who will wait 24h

[Gander5739]

scrcpy can already do that.

[headsman771]

Why do you keep harping on about ADB installs. That's not helpful. It doesn't help me install open source apps from FDroid. It's ridiculous that you think booting up a computer and using ADB is a reasonable workaround. It isn't.

[NoahZuniga]

You would be able to install f droid and it's apps without going through this flow.

[JaggedJax]

How? Reading this it seems like only verified developers can skip this process. Most Fdroid developers won't be verified. I don't see where it says Fdroid would be exempt from this requirement. Would Fdroid be a verified developer?

[rbits]

No. F-Droid builds the apps on their server, and they cannot sign the apps with the developer's keys because that would require them to have access to the developers' Google accounts

[MishaalRahman]

If you enable the advanced flow as described in the Android Developers Blog, then you can install unregistered apps regardless of source. That includes apps from sources like F-Droid.

[headsman771]

Don't be mistaken, it's the delay I'm complaining about, not how to instal F-Droid or apps through it.

It is not reasonable to advocate for ADB if the 24 hour wait is too long.

I'll copy what I wrote elsewhere. Fraud uses social tactics and legitimate tools in the vast majority of cases. Developer verification will have absolutely no effect on that.

Impinging on my property rights cannot and will not protect or help fraud victims.

[jayofdoom]

The only reason I run android over iOS is the freedom to install things I want on it. A waiting period is unacceptable as Android has proven that it can't be trusted not to tighten the grip further.

Reconsider.

[fsflover]

If you prefer to keep your freedom when Android removes it, you may want to try GNU/Linux phones. Sent from my Librem 5.

[thatllbe99dot99]

The only reason I use an Android instead of an Apple phone is that I can install two apps off of github. I am actively making a certain number of very quantifiable sacrifices already at this very moment by not stepping into the orchard.

If you go forward with this, I am not coming back. I will never again in my life trust you. And believe me - I still have boycotts on-going 20 years later. Including microsoft. It is surprisingly easy to avoid you "Ubiquitous" companies once you get your mind into it.

[jwrallie]

Why don’t you create an option to bypass this whole thing permanently on adb then? You can even add your 24h delay.

I’m not convinced this is really to protect users from being hurt by scammers, it is really about protecting the users from doing what hurts your company interests.

[MishaalRahman]

>Why don’t you create an option to bypass this whole thing permanently on adb then? You can even add your 24h delay.

When you enable the advanced flow and choose the 'indefinite' option, that allows you to install unregistered apps 'permanently', which is effectively what you're asking for, no?

(I've gotten questions on whether this setting can be restored after a factory reset or when setting up a new device - I'll have to get back to you on that if you're wondering.)

[jwrallie]

> When you enable the advanced flow and choose the 'indefinite' option, that allows you to install unregistered apps 'permanently', which is effectively what you're asking for, no?

Is it a process that you do once and applies to any unregistered app I install now or in the future? Or do you have to repeat it for installing or upgrading different apps?

If it is the former then yes, it is effectively the same.

[rbits]

From the article:

> This flow is a one-time process for power users

[mqus]

At what point will you draw the line between "the user wants to do this because of his/her free will" and "the user wants to do this because someone else told them to"? Where will you stop?

All of this is just a bandaid, so why not stop at the state we are at _right now_, without some kind of 24h-long process to enable sideloading and let people be people? Yes, people make mistakes. But that is not your responsibility, especially if it comes at the cost of freedom. The most secure android device would probably be a brick, but you won't sell these, right?

Please instead take these resources and invest them into the app verification process in the play store. Way too many scams are right under your nose, no need to search in places where people are happy with the status quo.

[kotaKat]

So... we're just going to move the scam into convincing the end user to run an application on their PC to ADB sideload the Scam App. Got it, simple enough. It's not hard to coach a user into clicking the "no, I'm not being coached" button, too, to guide them towards the ADB enable flow.

[ufmace]

I think this is a "don't let the perfect be the enemy of the good thing". It's technically possible to get around, but adding more speed bumps in the way of scammers tends to drastically reduce the number of people who get scammed.

[johnnyanmac]

It's adding more speedbumps because one drunk person a few years ago ran into a tree. it still won't stop that, but now everyone suffers.

[ottah]

What good?

[maple3142]

Will third party apps like bank apps be able to detect whether advanced mode is enabled or not, like how they currently detect if developer options is enabled?

[MishaalRahman]

That I'm not currently sure of.

[potsandpans]

> I'm the community engagement manager

On a scale from "not worried" to "let them eat shit", how is the product team thinking about the breakage you'll get from people moving off platform?

[eipi10_hn]

I don't want to install via ADB at all. This is MY phone.

[JeremyNT]

So give me a way to completely disable this nonsense via ADB.

This is hot garbage. Eliminating third party app stores like F-Droid defeats the whole purpose many of us even bother running Android instead of locked down Apple stuff.

[largbae]

May I use ADB or Developer mode to disable the one-day period?

[nightpool]

Yes, ADB disables the 1-day period.

[NotPractical]

How do you know this? It's been confirmed that you can use adb to temporarily bypass verification on a per-app basis, yes, but from what I can see, there's no indication that sideloading one app over adb will also skip the 1-day period.

This matters if you're sideloading an app store like F-Droid, because sideloaded app stores still have to go through PackageInstaller [1], which probably still enforces verification checks for adb-sideloaded apps?

[1] https://developer.android.com/reference/android/content/pm/P...

[fsniper]

I see the chosen language of "certain unregistered applications" (I suppose company mandated) already hints on the goal of control aspect. I want to deploy apps on my device. They are my apps, it’s my device, and I should not be required to ask for permission to do so.

[OrangeMusic]

Can you answer this question:

If you install F-Droid via ADB, can F-Droid then install the apps from its catalog?

[MishaalRahman]

If you enable the advanced flow as described in the linked Android Developers Blog, then you can install any unregistered app, which includes those distributed by app stores like F-Droid.

[OrangeMusic]

Sorry if I wasn't clear, my question was about using adb so I don't have to do this process (so I don't have to wait 24h).

Buy a new phone, install F-Droid via adb, install F-Droid apps (the same day): is that possible?

[chii]

> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.

if that's the case, why would the new flow help reduce fraud and scams? These are meant to be roadblocks, which the ADB bypass will just...you know, by pass it? Why can't the scammer coach the victim to use this instead then?

[wolvoleo]

Do I need to be signed in to Google play to get the sideloading exception turned on? I don't sign in to it because I don't want to have my phone associated with a Google account. But I can't uninstall play completely on the devices I have.

It says something about 'restart your phone and reauthenticate' that's why I'm asking. What do you autenticate?

> ADB installs are not impacted by the waiting period, so that is an option if you need to install certain unregistered applications immediately.

Um yeah but then do I have to install every update via adb? I want to just use F-Droid.

[catgirlinspace]

I think the authentication is doing your face/fingerprint/passcode unlock?

[MishaalRahman]

Correct.

[MishaalRahman]

>It says something about 'restart your phone and reauthenticate' that's why I'm asking. What do you autenticate?

You're authenticating that you're the device owner (via your device's saved biometrics or PIN/pattern/password).

>Um yeah but then do I have to install every update via adb? I want to just use F-Droid.

No, once you go through the advanced flow and choose the option to allow installing unregistered apps indefinitely, you can both install and update unregistered apps without going through the flow again (or using ADB).

[riquito]

This part I don't understand. I want to allow for a couple minutes, the time to install a unregistered app, and then go back to deny. I don't want to allow "for 7 days" or "indefinitely". In the text and screenshot of the announcement I see that you can switch these feature "on", but can they be switched "off"?

[wolvoleo]

Ah thanks I'm glad I don't need a Google account to enable this.

[698969]

Can apps detect whether the advanced flow for sideloading is enabled or not?

[01HNNWZ0MV43FF]

> ADB installs are not impacted by the waiting period

"If you don't like the food we're serving, you can always buy a farm"

[ottah]

Every single one of these steps are blatantly an attack on user freedom. The steps to unlocking the bootloader and install a different rom are not nearly as onerous. The only thing I will accept as reasonable, is a complete abandonment of this policy. Google has destroyed all trust I could have in it, and these weaselly worded concessions are based on a bullshit premise.

[astra1701]

Thank you so much for clarifying! That is most definitely not as bad as I had feared.

I still feel, though, that having to go ahead and proclaim “I am a developer!” just to enable sideloading is a bit much, as almost certainly the vast majority of sideloaders aren’t developers. Nonetheless, it does keep sideloading as an option, and I do see why, from Google’s perspective, using the already-existing developer mode to gate the feature would be convenient in the short term. Perhaps the announcement should specify this -- I suspect a number of people who read it also noticed the lack of that clarification.

And yes, good point on ADB. That does make this less inconvenient for developers or power users, though doesn’t help non-developers very much.

[rtkwe]

> - Must enable developer mode -- some apps (e.g., banking apps) will refuse to operate and such when developer mode is on, and so if you depend on such apps, I guess you just can't sideload?

What apps are those? I've yet to run into any of my banking apps that refuse to run with developer mode enabled. I've seen a few that do that for rooted phones but that's a different story. I've been running android for a decade and a half now with developer mode turned on basically the whole time and never had an app refuse to load because of it.

[wolvoleo]

Wero in Europe. It's really insane. They make wero to make us less dependent on US tech and then hamstring it in this way.

[looperhacks]

I can use Wero just fine in my banking app. Can't try the app that's called Wero in the Play store because it just directs me to my banking app. But I can open it at least ...

[adzm]

I enable developer mode on every android phone to at least change the animation durations to twice the speed. I also have never run into an issue fwiw

[ricANNArdo]

Philippines' most popular e-wallet app GCash outright closes when the developer mode is enabled with the popup saying that the device has "settings [enabled] that are not secure".

[jcelerier]

RBC in Canada for instance, just having developer mode enabled blocks it here

[rtkwe]

Just summarizing the apps below it seems to mostly be banking/payment and government apps specifically outside the US that break under developer mode and sometimes even accessibility access.

I wonder what makes them less trustful of Android security. AFAIK there are still pretty hard limits to what you can do inside apps you did not create. US companies at least seem comfortable with their security even with Developer or accessibility apps enabled.

[flykespice]

Brazil government app refuses to operate with developer mode on

[NicuCalcea]

One of my banking apps didn't even run if I had accessibility settings turned on. I've since closed my account with them, just because of that.

The amount of control we've given corporations over our computers is incredibly disappointing.

[Markoff]

Was this in EU/US? This sure has to break some disability act to discriminate visually imparied in such way.

[NicuCalcea]

It was in Moldova. Probably illegal there too if someone bothered to challenge it. I just downloaded it again, still won't work.

https://i.ibb.co/6c1MgkJQ/Screenshot-20260320-115310.png

[rtkwe]

It is interesting that most of these are coming from apps outside the US including the fully developer mode lock outs. US companies seem more comfortable with the mode being enabled which explains why I've never really run into issues with having it turned on.

[nibbleyou]

All the banking and payment apps in India refuse to open if you have developer mode on

[stek29]

TrueMoney is a Thai e-wallet/fintech app which refuses to open if Developer Mode is enabled, it actively checks for developer mode on each start.

[andrewaylett]

SumUp won't let you use your phone to accept contactless payments while developer mode is enabled. You can still use an external card reader though.

[curt15]

The one-day waiting period is so arbitrary. Have they demonstrated any supporting data? We know google loves to flaunt data.

Something like Github's approach of forcing users to type the name of the repo they wish to delete would seem to be more than sufficient to protect technically disinclined users while still allowing technically aware users to do what they please with their own device.

[xnx]

> The one-day waiting period is so arbitrary.

Scammers aren't going to wait on the phone for a day with your elderly parent.

[free_bip]

Brother, there's an entire genre of scamming where the scammers spend months building rapport with their victims, usually without ever asking for anything, before "cashing out". One day is nothing.

[curt15]

Wouldn't a wait time like 2 hours with some jitter make it more difficult for a scammer to pursue the case? People aren't going to be willing to stay on the phone for hours at a time. With 24 hour wait, the scammer could just schedule another call for the next day.

[johnnyanmac]

>People aren't going to be willing to stay on the phone for hours at a time.

"Okay, come back to me in a few hours and we'll continue"

Remember, these are already people who took the time to respond. They are invested.

[nhinck3]

Okay, I'll ring back tomorrow and we'll continue

[hbn]

Scammers already will spend multiple days on a scam call. Watch some Kitboga videos, he'll strings them along for a week.

"Google will call you again tomorrow to get you your refund."

There, we've successfully circumvented all of Google's security engineering on this "feature."

[fhdkweig]

Check out this A&E Intervention episode for Greg. They have continuously worked this guy over for months.

https://youtu.be/YIR-nJv_-VA?t=121

They don't mind being patient when they have dozens of other victims in the wait queue.

[yunnpp]

This is obvious to anyone with a brain. I'm not familiar with scam logistics or the videos you mentioned, and the exact same line you put in quotes is what first came to my mind.

tl;dr of this post is that Google wants to lock down Android and be its gatekeeper. Every other point of discussion is just a distraction.

[kevincox]

I think the more important aspect is that people will have 24h to slow down, think, and realize that they are being scammed. Urgency and pressure is one of the top tactics used by scammers.

Scammers will definitely call back the next day to continue. But it is quite possible that by then the victim has realized, or talked to someone who helped them realize that they are being scammed.

[dminik]

There's been some reporting recently where I live about a case of some woman being scammed.

She went to a bank to transfer the scammer money. They told her no. She came back the next day. The police got involved and explained everything to her. Then she came back the next day. After that, she apparently found another location which let her transfer the money.

There's basically zero chance a 24 hour (or any amount of a) cool off period will help these people.

[kevincox]

Just because you have one example of someone who would not realize doesn't mean that the number of people who would realize is zero.

[dminik]

It's not one example. The scammers purposefully target people like these. That's their business.

Like, I'm sure there's a small amount of people who normally wouldn't get scammed but fall for it in a panic. But, is that really such a big concern for Google that they absolutely must continue stripping user freedoms from us? Is the current 30s popup which needs 3 confirmations not enough? Will the new one really work?

[MishaalRahman]

Right, this friction makes it much harder for a scammer to get away with saying something like, "wire me $10,000 right now or you won't see your child ever again!" as the potential victim is forced to wait 24 hours before they can install the scammer's malicious app, thus giving them time to think about it and/or call their trusted contacts.

[joecool1029]

The sheer arrogance that you think someone manipulated successfully will just re-think the situation and ask their friends/family. The naivety to assume all scammers are impulsive fools and don't do this for a living, as their primary line of work.

So Google's going to add some nonsense abstraction layer and when this fails to curb the problem after a 24 hour wait, it will be extended more maybe a week, and more information must be collected to release it. We all know how this goes.

[prmoustache]

Potencial victim's AI agents will wait patiently those 24 hours. In fact it may just wait exactly 24 hours and not one more second.

[ncr100]

Goalposts moving, who says this on an official forum?

[cogman10]

Sure, but what about a 30 minute delay? 1 hour? 2 hour?

24 is just so long.

But also, my expectation is that a scammer is going to just automate the flow here anyways. Cool, you hit the "24 hour" wait period, I'll call you back tomorrow, the next day, or the next day and continue the scam process.

It might stop some less sophisticated spammers for a little bit, but I expect that it'll just be a few tweaks to make it work again.

[fwip]

24 hours is long enough to get them off the phone, and potentially talking to other people who might recognize the scam.

There will be some proportion of people who mention to their spouse/child/friend about how Google called them to fix their phone, and are saved by that waiting period.

[MishaalRahman]

Exactly - the idea is to make it harder for scammers to create a false sense of urgency.

[ncr100]

This is too long. It's Google locking in users with hostile user practices.

[tauntz]

Sure, but wouldn't 35 hours do the same trick? Or 5 hours? Or 10 hours and 28 minutes? :)

The question is, why exactly 24 hours? The argument is that the time limit is set to protect the users and sacrifice usability to do so. So it would be prudent to set the time limit to the shortest amount that will protect the user -> and that shortest amount is apparently 24 hours, which is rather.. suspiciously long and round :)

[Groxx]

You've got to pick some time value (if you choose this route at all), and if the goal is to prevent urgency-coercion it needs to be at least multiple hours. An extremely-common-for-humans one seems rather obvious compared to, like, 18.2 hours (65,536 seconds).

Unless you want to pick 1 week. But that's a lot more annoying.

[jcul]

Well, I guess 24 hours gives a good change to include at least one window where a vulnerable person might be able to speak with a trusted contact.

Someone who lives in another timezone or works weird hours etc. Our routines generally repeat on 24hour schedules, so likely to be one point of overlap.

[thatllbe99dot99]

Have you watching literally ANY scamming video in your life? Even if you were bon yesterday.

[nvme0n1p1]

Have you ever watched Kitboga? Scammers call people back all the time. They keep spreadsheets of their marks like a CRM. It takes time to build trust and victimize someone, and these scammers are very patient.

[ronsor]

Scammers will gladly wait on hold for 10 hours a day, for a week, if they think they'll get their Bitcoin.

They have infinite time and patience.

[izacus]

It sounds like the 24 hour advanced flow should be completely removed then to protect these people. Right? It can't be perfect so to follow you, it should not exist.

[Xelbair]

they wouldn't wait an hour either.

[trillic]

To paste code into the chrome dev console you just need to type “allow pasting”

[lvales]

> This is going to hurt legitimate sideloading way more than actually necessary to reduce scams

Isn't that the objective? "Reducing scams" is the same kind of argument as "what about the children"; it's supposed to make you stop thinking about what it means, because the intentions are so good.

[riedel]

This is clearly anticompetitive. Hope regulators will figure out, then we won't have it eg not in the EU. However, Google is also abusing their power to e.g. deinstall apps without any option to decide using 'play protect' and blocks whole alternative stores through 'safe browsing' flags. I posted this play protect incident about IzzyOnDroid a few days ago, because I was so outraged: https://news.ycombinator.com/item?id=47409344

[pmontra]

You have to wait one day only once, when enabling the feature. I agree that enabling developer mode could be a problem but mostly because it's buried below screens and multiple touches. As a data point, I enabled developer mode on all my devices since 2011 and no banking app complained about it. But it could depend by the different banking systems of our countries.

[frays]

You don't use the HSBC or Citibank app then I assume?

[pmontra]

They don't operate in my county AFAIK. However that reinforces my idea that the endgame will be a pristine Android phone in a drawer at home with the banking apps required for accessing their sites with 2FA and another phone in my pocket for daily use.

[brewdad]

I’m not sure that Google/Android selling everyone two phones instead of one is the deterrent to this behavior that you envision.

[pmontra]

It's not a deterrent, far from that, but it's probably what I'll have to do to be able to carry with me a sane device.

[girvo]

That is working as intended. Google wants to kill side loading.

[prmoustache]

Google wants to kill installing apps outside of playstore.

Installing apps manually or through another store app is not "sideloading".

Sideloading is the new jaywalking, a newish word to pretend that a pretty normal action would be in any way illegal, dangerous or harmful.

[nacozarina]

their goal is to make software installation as painful as possible without being outright impossible : ‘sideloading’ is only ever a euphemism for ‘illegitimate’.

[raincole]

> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on

And you blame Google for this? First of all, banks chose to make apps work this way, not Google. Moreover, they chose this likely due to scams. That proves scamming on android IS an issue that needs some technical solution.

[5d41402abc4b]

>And you blame Google for this

Why does google allow apps to access this info?

[Dwedit]

Medical apps (such as those that talk to insulin pumps) also refuse to run when developer mode is turned on.

[tadfisher]

We'll see when this rolls out, but I don't foresee the package manager checking for developer mode when launching "unverified" apps, just when installing them. AFAICT the verification service is only queried on install currently.

[MishaalRahman]

Googler here (community engagement for Android) - I looked into the developer options question, and it's my understanding that you don't have to keep developer options enabled after you enable the advanced flow. Once you make the change on your device, it's enabled.

If you turn off developer options, then to turn off the advanced flow, you would first have to turn developer options back on.

[mqus]

Why can't stores take over the "verification" process (like they do already)? Why do app developers have to be verified themselves, why does the verification have to be done by google? There are so many options, why choose google of all companies? Just laziness?

[kuschku]

If I understand correctly, the F-Droid store itself would be possible to install without waiting period, as it's an app from a verified developer.

Would apps installed from F-Droid be subject to this process, or would they also be exempt? Could that be a solution that makes everyone happy? Android already tracks which app store an app originates from re: autoupdating.

Also: Can I skip the 24h by changing the my phone's clock?

[dzaima]

> as it's an app from a verified developer.

Well that's if they go through the verification process, which does not seem like a thing they'd want to do - https://f-droid.org/en/2026/02/24/open-letter-opposing-devel...

[kuschku]

If one verified app can install many unverified apps, either aurora droid or fdroid basic or one of the many other frontends would end up offering that feature quickly.

But there's been some comments that even that wouldn't be possible, every app would have to be verified individually, or be signed by a developer with less than 20 installs.

(Which of course then begs the question: Why not build a version of Fdroid that generates its own signing key and resigns every app on device?)

[xnx]

> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on

JFC. Why would an app be allowed to know this? Just another datapoint for fingerprinting.

[tadfisher]

Yes, it is really dumb that some of these settings are exposed to all apps with no permission gating [0]. But it will likely always be possible to fingerprint based on enabled developer options because there are preferences which can only be enabled via the developer options UI and (arguably) need to be visible to apps.

0: https://developer.android.com/reference/android/provider/Set...

[zzo38computer]

What might help better is having permissions that you can set separate settings that can be read for different apps (including the possibility to return errors instead of the actual values), even if they can be read by default you can also change them per apps. (This has other benefits as well, including possibility of some settings not working properly due to a bug, you can then work around it.)

[nijave]

It's always boggled my mind what native apps are allowed to know versus the same thing running in a browser on the same device.

[ninininino]

Because estimates suggest Americans lose about $119 billion annually to financial scams, which is a not insignificant fraction of our entire military budget, or more than 5% of annual social security expenditures.

[tadfisher]

Banks do these things to check security boxes, not to prevent scams.

In this case, they don't want users to reverse-engineer their app or look at logs that might inadvertently leak information about how to reverse-engineer their app. It is pointless, I know, but some security consultant has created a checkbox which must be checked at all costs.

[Zak]

What do scams have to do with having developer options enabled?

This isn't a rhetorical question. There's no big red warning on the developer options screen saying it's dangerous. I haven't heard about real-world attacks leveraging developer settings. I suppose granting USB debug to an infected PC is dangerous, but if you're in that situation, you're already pwned.

Is there a real vulnerability nobody talks about?

[ninininino]

Android is attempting to discourage good / regular users from sideloading apps, rooting their phone, etc.

Android wants good / regular users to pass things like Play Integrity with the strongest verdicts.

This helps app distributors to separate regular good users from custom clients, API scripting etc that is often used to coordinate scamming, create bots, etc. If an app developer can just toss anyone who doesn't pass Play Integrity checks in the trash, they can increase friction for malicious developers.

[Zak]

Play Integrity and developer options are entirely separate as far as I know.

[prmoustache]

That is unrelated to apps installed outside of the playstore (which by the way is full of malware).

It is like mandating that people use rainjackets in the rain to avoid getting cancer.

[nijave]

So put a disclaimer in... Same way tons of other stuff works...

[warkdarrior]

Nobody reads disclaimers, and people who get scammed and lose their life savings won't be made whole by being told "you accepted the disclaimer, nothing we can do."

[inyorgroove]

As described developer mode is only required at install time. Remains to be seen in the actual implementation, but as described in the post developer mode can be switched off after apps have been side loaded.

[fortyseven]

One of the first things I do when I buy a new Android phone, like day one, is to enable developer mode. I usually use that simply for the ability to speed up animations so the phone feels a bit more snappy. In all the years I've engaged in this behavior, I've never had an application refuse to work. A rooted phone? Yes. Definitely. But just having developer mode enabled, no.

That said, it may be that I've simply been lucky and have an encountered that yet. So I'll be keeping an eye out for it.

[andyjohnson0]

> some apps (e.g., banking apps) will refuse to operate and such when developer mode is on

Enable dev mode, sideload the apk, then disable dev mode. I'd argue that it is poor security practice to keep developer mode enabled long-term on a phone that is used for everyday activities, such as banking.

[jcul]

I don't know. I've been silently outraged and disappointed by this whole forbidding of unverified apps, but also hopeful it wouldn't affect me much as a user of grapheneos.

But this process seems pretty reasonable to me.

I'd like to think it is due in part to the efforts of F-Droid and others.

Waiting a day, once, to disable this protection doesn't seem like a big deal to me. I'd probably do it once when I got a phone and then forget about it.

I happen to have developer mode enabled right now, for no good reason other than I never disabled last time I needed it. Haven't had any issues with any apps.

I actually think these protections could help mitigate scammers.

[jraph]

It's not directly a big issue for us technical people and our own individual usage. Telling people about F-Droid, NewPipe (& forks) or secuso apps will be a pain. People will find free software / software not approved by Google complicated or suspicious. It is a huge issue, and even for us in the end because it hurts the software we love.

[prism56]

>the vast majority of people who need to sideload something will probably not be willing to wait a day

I disagree with this. Won't somebody who need to sideload something will just try again the next day...

[johnnyanmac]

Didn't Google already lose a case over making it hard to install alternative app stores? How is this not going to get them hit again? This is way worse than what Epic sued over.

[sharpshadow]

I wouldn’t be fully optimistic about the one-day waiting period. Almost certain there will be a pop up showing up with: Process failed try again in 23:59:59.

[BatteryMountain]

Another take: People are not getting scammed because of side-loading (or not knowing your demographics/biometrics). People are getting scammed because of ignorance & stupidity & lack of common sense. In a way, its just nature running its course. If I'm able to scam you successfully, don't you deserve it at that point? Doesn't matter what we do, if you are scammable, you will get scammed.

Have these companies sent out their people to old age homes to teach old people how to use their tech and how avoid scams? If you lock the system down at max level, scams will just move offline again or find another way. Same if they build backdoors into encryption or make chats data available to gov agents: all illicit comms will just move off the network or find another smarter way. Its just how nature works, we are seeing tech-evolution in realtime.