While it is technically feasible, it is not a good idea to try and find a technical solution to a people/organisation problem.
Do not accept the premise of assholes.
I hope we can get the EU to fund a truly open Android Fork. Maybe under some organisation similar to NL Labs.
--- edit ---
Furthermore, the need for a trustworthy binary to be auditable to a certain hash or something would make banning this a simple task if Google would want to go that route.
A secure OS is a prerequisite for secure digital services. We can agree on that, right?
The task, therefore, is to convince enough politicians to establish an independent unit that can address this issue without direct political influence.
Fund the unit with enough money so that it can take care of the cybersecurity and sovereignty of all citizens.
A side effect of this would hopefully be that these politicians would then be digitally literate enough to recognize nonsense such as chat control as such and reject it outright. I hope that most politicians would not really want such omnipotent surveillance tools if they could truly grasp their scope.
The ID presented at time of purchase does not have to be the ID of the actual user of the card. Your local drunkard will be happy to get $10 to buy a SIM card for you. Or you could visit eBay (or local equivalent) and get a valid SIM card without leaving your house.
Even with fair usage policy violations (like long term roaming) the prices are still quite reasonable: 1.30 EUR/GiB (+VAT); from next year 1.10 EUR/GiB (+VAT).
There's eu(maybe even EEA?) wide free roaming legally mandated since I think 2017 or so? But it's not a permanent solution, your second paragraph still holds true.
The only thing that happens is your data becomes a lot more expensive, the card still continues to work as normal. I've not lived in Poland for over 15 years now, and I still have a polish SIM card that I use almost daily - the only thing that I've lost due to roaming long term is cheap data packs, I can still call and text as normal from my monthly allowance.
I think this means we need to rely on web technologies more. PWAs are looking pretty good on mobile devices these days and you can publish any web app you want with no reviewing authority. The web has a bunch of crazy APIs now that let you build crazy things and for everything else you're a hosted server away somewhere that can run more complex jobs.
I believe devices I own should let me do whatever I want with them and I agree that the verification is BS, but I'll work around it in the ways I can which means building more for the web.
If that ever drops the open pretense (since both traffic and trust authority are largely centralized and thus easily controllable) then I'll only write for self hosted linux boxes.
We as individuals can only do so much. We'd need actual organization and some measure of political power to do anything more since normal people do not care about this.
The tl;dr is that a PWA implies an app which is based in the cloud. So suddenly you need a server, and you need to store user data, which means costs and dealing with privacy and security.
If something could be built as a native app without depending on a central server, it could also be built as a PWA without a central server. You don't need to store user data centrally at all, just because it's a webapp. You can just have the clients use localStorage or IndexedDB or whatever.
You still have to host the static files for the webapp itself, but that can be made very cheap.
Of course, API feature parity between native and web apps is a separate issue. But the argument about server costs doesn't seem like a good one.
This will not work because the goal of android developer verification is to prevent running Google-sanctioned code. If you actually tried to publish this, Google will revoke the signature on the loader APK.
Sounds like the UEFI shim loader that's signed by Microsoft but can load an arbitrary EFI executable (with some signing checks). The difference is that the UEFI shim loader is endorsed/condoned by Microsoft. What about Google? This seems easily patchable, ostensibly for "security purposes" (eg. disabling loading dynamic code).
Microsoft also forces manufacturers to provide an option to reset Platform Key aka SecureBoot "root of trust" key - which is supposed to be not possible in spec-compliant UEFI system.
They don't do it out of goodness of their hearts, which is why it's more solid than relying on goodwill - Microsoft simply has an offering that depends on that for certain high profile clients.
Then Apple should get sued for bundling Safari, and also for forcing all browser engines on iOS to use Safari - which is way worse than anything Microsoft ever did with IE.
> verified loader apk, which in turn dynamically loads any apk the user wants
Wasn't this kind of solution considered and sort of dismissed (because of too much centralization iirc) by F-Droid (can't find the reference now)? It seems like something that's worth trying, but in the end it's just a band-aid. If it gets any traction Google will shut it down. The real disease is dependence on a duopoly of (quasi)-proprietary OS for the dominant computing platform of our time.
2. The application ID and permissions are that of the loader. To have different applications with separate data and permissions you would need multiple copies of the loader.
3. You miss out on other android security features such as application signing validation for updates.
Or you could just tell everyone out there that there are already tons of older Android devices which will never get any of these hostile updates, and if you're a developer, make sure your app runs on those older versions. Spread the word about how hostile the newer devices are, and let the lazy masses do what they're best at doing. Of course there will always be rabid bootlickers who will gladly pay to put Google's noose around their necks, but if they become the minority, and the majority just stops upgrading, it could very effectively pull control of Android away from Google. Giving everyone yet another reason to not upgrade, especially given the huge Android marketshare in poorer countries, could become a powerful force.
I'm already banned from publishing Android apps through Google, but apart from that, what would stop me making a server you can upload any app to and sign it with my certificate?
That could actually be done solely on the device. You can develop an app to sign arbitrary APKs with users' own hobbyist certificate. Lucky Patcher have done that for a decade.
Well, I'd rather verify myself with the government identity than accept a stock OS that literally woke me up with a fake message promoting Gemini despite me spending almost 2 hours turning every possible privacy-invasive setting off.
To me, the attention to these verification changes seems misplaced. We need to defend the ability to unlock the bootloader, pressure Google to revive AOSP and then encourage people to switch to a more user-friendly OS.
You're already unable to install what you want on a stock OS due to Android permission model treating you as a third-class citizen, after Google and OEMs.
> My vision of the hack is to distribute a verified loader apk, which in turn dynamically loads any apk the user wants. A user obtains the loader apk once and loads apps without installing as much as they want.
And a day after you release, Google will say "Oh no you don't" and unverify your app, preventing it from being installed or run. Which is you know, kind of the point of this maneuver.
This "attack" is not even theoretical. Android apps can just download arbitrary binary code, mprotect(PROT_MAYEXEC) some area in RAM, link the code there, and run it.
Google will simply revoke the keys for the "loader" APK. But that's fine for malware, its authors will just use the next stolen credit card to register a new account.
That's also why this has nothing to do with security.
While it is technically feasible, it is not a good idea to try and find a technical solution to a people/organisation problem.
Do not accept the premise of assholes.
I hope we can get the EU to fund a truly open Android Fork. Maybe under some organisation similar to NL Labs.
--- edit ---
Furthermore, the need for a trustworthy binary to be auditable to a certain hash or something would make banning this a simple task if Google would want to go that route.
The same EU that's doing Chat Control?
What's wrong with lineage?
> I hope we can get the EU to fund a truly open Android Fork.
How are things in the EU on whether it's legal to buy a SIM card without showing ID?
A secure OS is a prerequisite for secure digital services. We can agree on that, right?
The task, therefore, is to convince enough politicians to establish an independent unit that can address this issue without direct political influence.
Fund the unit with enough money so that it can take care of the cybersecurity and sovereignty of all citizens.
A side effect of this would hopefully be that these politicians would then be digitally literate enough to recognize nonsense such as chat control as such and reject it outright. I hope that most politicians would not really want such omnipotent surveillance tools if they could truly grasp their scope.
It is neither illegal nor hard to obtain such a prepaid SIM card.
That very much depends on the country, many require ID.
The ID presented at time of purchase does not have to be the ID of the actual user of the card. Your local drunkard will be happy to get $10 to buy a SIM card for you. Or you could visit eBay (or local equivalent) and get a valid SIM card without leaving your house.
The suggestion above wasn’t a statement of practicality but rather of EU motivations. Maybe you can also find a drunkard to fork Android for you.
>While it is technically feasible, it is not a good idea to try and find a technical solution to a people/organisation problem.
Germany requires ID for all SIMs (for "normal" people). You can buy activated SIMs in every bigger city if you know what to look for though.
You can use any country's SIM card in any other country, regardless of its registration status.
… if you have roaming coverage.
And even in that case, doing this for a long period of time violates most roaming policies
Even with fair usage policy violations (like long term roaming) the prices are still quite reasonable: 1.30 EUR/GiB (+VAT); from next year 1.10 EUR/GiB (+VAT).
https://en.wikipedia.org/wiki/European_Union_roaming_regulat...
There's eu(maybe even EEA?) wide free roaming legally mandated since I think 2017 or so? But it's not a permanent solution, your second paragraph still holds true.
The only thing that happens is your data becomes a lot more expensive, the card still continues to work as normal. I've not lived in Poland for over 15 years now, and I still have a polish SIM card that I use almost daily - the only thing that I've lost due to roaming long term is cheap data packs, I can still call and text as normal from my monthly allowance.
> How are things in the EU on whether it's legal to buy a SIM card without showing ID?
It varies per country. In some you can just buy one (or more) SIM cards at a supermarket without any ID.
In many EU countries you can walk into many a supermarket or phone-store and just buy a simcard with cash without questions asked.
I'm confused, how are those two things related?
The commenter you replied to was implying that the EU does not respect the privacy/freedom of mobile device users.
Nanny state
More like surveillance state
Which states aren't? And for the love of god do not write US now
I think this means we need to rely on web technologies more. PWAs are looking pretty good on mobile devices these days and you can publish any web app you want with no reviewing authority. The web has a bunch of crazy APIs now that let you build crazy things and for everything else you're a hosted server away somewhere that can run more complex jobs.
I believe devices I own should let me do whatever I want with them and I agree that the verification is BS, but I'll work around it in the ways I can which means building more for the web.
If that ever drops the open pretense (since both traffic and trust authority are largely centralized and thus easily controllable) then I'll only write for self hosted linux boxes.
We as individuals can only do so much. We'd need actual organization and some measure of political power to do anything more since normal people do not care about this.
I thought Brent Simmons did a great job laying out why PWAs don't work: https://inessential.com/2025/10/04/why-netnewswire-is-not-we...
The tl;dr is that a PWA implies an app which is based in the cloud. So suddenly you need a server, and you need to store user data, which means costs and dealing with privacy and security.
That explanation doesn't really make sense to me.
If something could be built as a native app without depending on a central server, it could also be built as a PWA without a central server. You don't need to store user data centrally at all, just because it's a webapp. You can just have the clients use localStorage or IndexedDB or whatever.
You still have to host the static files for the webapp itself, but that can be made very cheap.
Of course, API feature parity between native and web apps is a separate issue. But the argument about server costs doesn't seem like a good one.
So like LiveContainer[1] which works around ios's signing requirements
[1] https://github.com/LiveContainer/LiveContainer
Whoa that is neat! How does that not get shut down by Apple?
They don't allow it in the app store, so you have a chicken-and-egg problem...
This will not work because the goal of android developer verification is to prevent running Google-sanctioned code. If you actually tried to publish this, Google will revoke the signature on the loader APK.
Ah yes sanctioned. A word that has two opposite meanings.
Contronyms are awesome, yet people are nonplussed.
Sounds like the UEFI shim loader that's signed by Microsoft but can load an arbitrary EFI executable (with some signing checks). The difference is that the UEFI shim loader is endorsed/condoned by Microsoft. What about Google? This seems easily patchable, ostensibly for "security purposes" (eg. disabling loading dynamic code).
Microsoft also forces manufacturers to provide an option to reset Platform Key aka SecureBoot "root of trust" key - which is supposed to be not possible in spec-compliant UEFI system.
They don't do it out of goodness of their hearts, which is why it's more solid than relying on goodwill - Microsoft simply has an offering that depends on that for certain high profile clients.
I suspect it's also a defense against antitrust law suits - lock in was how they got sued for things circa Internet Explorer.
Frankly they should still be getting sued for the way Edge and Cortana are bundled.
Then Apple should get sued for bundling Safari, and also for forcing all browser engines on iOS to use Safari - which is way worse than anything Microsoft ever did with IE.
Apple does not have a platform monopoly on smartphones the way Microsoft did on PCs.
Yes
I suggested this a couple months ago: https://news.ycombinator.com/item?id=45084296
Android may ultimately win the arms race, but if they want to be evil, we should make their task as tedious as possible.
Google doesn't need to make an argument to ban apps or developers.
Doesn't https://github.com/Katana-Official/SPatch-Update already handle this, and also support Xposed on top?
> verified loader apk, which in turn dynamically loads any apk the user wants
Wasn't this kind of solution considered and sort of dismissed (because of too much centralization iirc) by F-Droid (can't find the reference now)? It seems like something that's worth trying, but in the end it's just a band-aid. If it gets any traction Google will shut it down. The real disease is dependence on a duopoly of (quasi)-proprietary OS for the dominant computing platform of our time.
I see a handful of problems.
1. The loader will just get banned.
2. The application ID and permissions are that of the loader. To have different applications with separate data and permissions you would need multiple copies of the loader.
3. You miss out on other android security features such as application signing validation for updates.
Or you could just tell everyone out there that there are already tons of older Android devices which will never get any of these hostile updates, and if you're a developer, make sure your app runs on those older versions. Spread the word about how hostile the newer devices are, and let the lazy masses do what they're best at doing. Of course there will always be rabid bootlickers who will gladly pay to put Google's noose around their necks, but if they become the minority, and the majority just stops upgrading, it could very effectively pull control of Android away from Google. Giving everyone yet another reason to not upgrade, especially given the huge Android marketshare in poorer countries, could become a powerful force.
i thought google was going to push this as an update to play services , thus affecting all models
Good luck with unsecure phone This is clearly a bad idea.
I'm already banned from publishing Android apps through Google, but apart from that, what would stop me making a server you can upload any app to and sign it with my certificate?
That could actually be done solely on the device. You can develop an app to sign arbitrary APKs with users' own hobbyist certificate. Lucky Patcher have done that for a decade.
Well, I'd rather verify myself with the government identity than accept a stock OS that literally woke me up with a fake message promoting Gemini despite me spending almost 2 hours turning every possible privacy-invasive setting off.
To me, the attention to these verification changes seems misplaced. We need to defend the ability to unlock the bootloader, pressure Google to revive AOSP and then encourage people to switch to a more user-friendly OS.
You're already unable to install what you want on a stock OS due to Android permission model treating you as a third-class citizen, after Google and OEMs.
In my opinion, the only solution while keeping Google and Apple as the developing entities is regulation.
Despite that, there are some things that should not be for profit in my opinion. A good OS platform is one such thing.
I agree but I also think any meaningful regulation is off the table for the next few years in the USA at least.
> My vision of the hack is to distribute a verified loader apk, which in turn dynamically loads any apk the user wants. A user obtains the loader apk once and loads apps without installing as much as they want.
And a day after you release, Google will say "Oh no you don't" and unverify your app, preventing it from being installed or run. Which is you know, kind of the point of this maneuver.
This "attack" is not even theoretical. Android apps can just download arbitrary binary code, mprotect(PROT_MAYEXEC) some area in RAM, link the code there, and run it.
Google will simply revoke the keys for the "loader" APK. But that's fine for malware, its authors will just use the next stolen credit card to register a new account.
That's also why this has nothing to do with security.