🎥 Video Link
Links referenced for video
- https://arstechnica.com/gadgets/2026/03/google-details-new-24-hour-process-to-sideload-unverified-android-apps/ - Ars Technica Article
- https://android-developers.googleblog.com/2026/03/android-developer-verification.html - Android Developers Blog Post
- https://grapheneos.social/@GrapheneOS/116261301913660830 - GrapheneOS Mastodon Post
- https://blog.knowbe4.com/ftc-states-that-scams-cost-u.s.-consumers-158.3b-in-one-year - FTC Article
- https://intheshellpodcast.com - In the Shell Podcast
- https://yellowball.fm - 🟡 Yellowball, don’t just host your podcast, own it
Please excuse any grammatical errors. I used a tool to generate the transcript and haven’t had a chance to read through it yet. Google has been working with the community to make your device security more robust while still being respectful of platform freedom. That is not my opinion. I am loosely paraphrasing a post on the Android Developers Blog about Android developer verification. But instead of referencing a post clearly written by a marketing team, let’s look at an Ars Technica article talking about this. Google details a new 24-hour process to sideload unverified Android apps. Now, I really don’t like this word. I understand why it came about a couple of decades ago, but “sideloading” is just installing an app on your device. Big tech has been using it to demonize installing applications outside official app stores. If you install an app outside of the Google Play Store on Android, that is called sideloading. If you install an EXE downloaded from the internet on a Windows machine outside of the Microsoft Store, that is also sideloading. I could keep ranting about this, but I won’t. Just know this: if you sideload an app, you installed an app. Stop using the word “sideload.” It is doing more harm than good. But Google uses that term, so we will use it here. With these new limits, Android phones will only install apps from verified developers. To become verified, developers releasing apps outside Google Play will need to provide identification such as a passport or driver’s license, upload signing keys, and pay a 25 dollar fee. Apps from unverified developers will not be installable unless you go through a new advanced workflow buried in developer settings. Right now, Android phones alert users about enabling unknown sources and guide them through it. The new process is different and will not be obvious. You have to know where it is and enable it yourself, and it is not quick. Here is how it works. First, you must confirm that no one is instructing you. This is meant to prevent scammers from coaching victims. Next, you must restart your phone and re-authenticate. This is supposed to cut off remote access or active scam calls. Then you have to wait 24 hours. This delay is intended to break the sense of urgency scammers rely on. After the wait, you return and verify again. Finally, you can enable installation of unverified apps. You can choose to allow it temporarily for seven days or indefinitely, although the indefinite option is marked as not recommended. Once you complete all of this, you can install apps again. This entire process is difficult to describe without using harsh language. There are several dark patterns here. It is buried in settings, requires a long delay, and discourages enabling it permanently. It is easy to imagine a future where the indefinite option is removed and the wait time increases. Yes, users need protection. In 2023, Americans lost over 150 billion dollars to online scams, according to the FTC. But a 25 dollar fee and ID verification will not stop scammers. If that much money is involved, they will find ways around it. They can buy verified accounts, purchase existing apps, or publish under someone else’s identity. This is not about protecting users. This is about control. It is about deciding what you can install on your own device and where it can come from. GrapheneOS recently stated that their system will remain available worldwide without requiring personal identification or accounts. They also said that if their devices cannot be sold in certain regions due to regulations, so be it. This relates to upcoming rules like operating system age restrictions in places like California. Some people asked for my thoughts. I do not have much to add. It is terrible. This will affect what users can install and may also hurt independent developers. If you are building apps for the community, are you going to pay a fee and identify yourself, or stop developing entirely? That is all for today. The future looks bleak with these changes, but there are still alternatives. You just have to be willing to accept a little discomfort.📝 Transcript
Transcript
⚠️ Keep comments relevant to this post. All comments are manually moderated.
Privacy