With developer verification, Google’s Apple envy threatens to dismantle Android’s open legacy
The F-Droid team recently published an open letter to Google, signed by 35 organizations, that expresses serious concerns about what this change will mean for Android as a platform, but Google seems stuck in its course. Even if a large portion of independent developers boycott verification, Google could still move forward.
On an individual basis, there’s not much you can do as an Android user. You might be forced to let Google control your apps, and you might not even think about it most of the time. That is, until you get stuck trying to install an app from someone else’s store without a reliable internet connection or discover that an open source app you want to use isn’t verified.
Some developers may also simply decide to abandon Android development. Nathan Freitas of the Guardian Project notes that the mobile web has gotten much better for developers in recent years. “We’ve moved a lot of our projects to progressive web apps because they can now do more,” Freitas said. “It’s like, ‘Can we do this in a browser?’ If so, then yes.
Using more web apps might help, but the only way to truly opt out of Google’s verification system is to leave Google’s version of Android. Although there are uncertified Android phones, these devices usually have security vulnerabilities. So this doesn’t solve the problem. Installing an alternative privacy-protecting Android OS (sometimes called a ROM) like LineageOS or GrapheneOS might work. This gives you complete control over the software running on your phone, but it’s becoming increasingly difficult to customize phones this way.
Marc Prud’hommeaux of F-Droid considers Android ROMs a very implausible solution for keeping open source projects alive. Installing this software is beyond most people’s capabilities, and device manufacturers don’t really make it easy with locked-down products. “Every phone you receive is Android certified, and many of these phones have locked bootloaders,” Prud’hommeaux said.
To some extent, these restrictions are unavoidable for devices that connect to mobile networks. “The harm goes to the telecommunications and mobile operators,” said Freitas, who explained that operators have certain expectations and requirements for any baseband radio on their networks. “This thing has to work like a phone, and so we can’t let this be a Wild West like a computer.”
If you can’t unlock the bootloader on your phone, you’re stuck with the stock software and any security changes implemented by Google and the device manufacturer. And more and more, it seems like they’re going to decide that you need protection from yourself.
