Google restricts Android sideloading

What a weird thing to write a blog post about now. Did someone forget to hit publish on this back when it was written? The programme in question, announced a year and four months ago: https://security.googleblog.com/2024/02/piloting-new-ways-to...

AFAIK this only applies within Singapore (not sure if this applies to visiting devices) for apps requesting certain permissions (RECEIVE_SMS, READ_SMS, BIND_NOTIFICATIONS, and accessibility) downloaded outside of app stores (F-Droid is fine) and opened directly on the device (adb install is fine).

You can probably bypass the restriction by just disabling Play Protect if you don't want Google to tell you what you can and cannot install, but I'm not in Singapore so I can't confirm if that will work or not. That said, Google has made it impossible to disable Play Protect while on a call, that's probably a smart move.

Based on this article from the Singapore police, the approach doesn't seem to have helped much: https://www.police.gov.sg/media-room/news/20250417_police_ad...

> In some cases, before downloading the malicious APK file, victims would also be guided to disable Google Play Protect that helps to prevent harmful downloads. Once Google Play Protect is disabled, victims would not receive alerts that there is malware introduced into their mobile phones. Victims may also be asked to download Virtual Private Network (VPN) applications from Google Play Store which would facilitate scammers’ connection to their Android device. Scammers would then be able to bypass the banking anti-malware measures and remotely access the victims’ banking accounts with the phished ibanking login credentials.

This is a few paragraphs of fluff and then an ad for Purism.

Is this not from 2024?

https://techcrunch.com/2024/02/07/google-starts-blocking-use...

> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers.

There are a lot of qualifiers on this: Only in Singapore, only on apps requesting certain permissions frequently used by scams, and only when downloaded via certain paths.

I don’t see the full details but this implies that it’s still possible for advanced users to side load whatever they want. They don’t want to make it easy for the average user to start sideloading apps that access SMS permissions or accessibility controls.

If it takes a few extra steps for the advanced user to sideload these apps that’s not really a big infringement on freedom like this purism PR piece is trying to imply. Unfortunately sideloaded apps are a problematic scam avenue for low-tech users.

> The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.

This explains why it’s only in Singapore for now.

I've got to say, some of the comments here are pretty funny.

> "The sideloading restriction is easily solved by installing GrapheneOS"

> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".

Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.

I am the first to be on the "I own my phone let me do whatever the heck I want with it" but recently something hit me.

DJI forces you to side load their app for their Air Units and Drones. And this is scary. It looks like the rule they violate for the play store is that their app can self modify.

Let that sink in ... Any tension or whatever political bull crap happens and you have a state controlled malware on your device that can do anything it wants with your drone.

Millions of people installed this without really understanding what could be the consequences...

The sideloading restriction is easily solved by installing GrapheneOS, which has all the security benefits of Google's Android on Pixel.

In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded, effectively pushing users to install apps only through the Google Play Store.

The issue is even bigger. Even when using Play Store on GrapheneOS with a locked bootloader (which is the recommended configuration by the GrapheneOS project), Google refuses to let apps use the hardware attestation support in the Play Integrity API [1], which blocks certain banking apps, Google Wallet, etc.

It's insane that Google lets Android vendors that have a lot of dubious security practices (months-late security updates, etc.) pass, while an OS that implements more security mitigations than PixelOS and is sometimes faster than Google rolling out security updates is excluded.

The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.

Time to block the Facebook/Instagram apps then, given https://localmess.github.io ?

[1] https://grapheneos.social/@GrapheneOS/112878070618462132

A person from Singapore here. In practice, this changes nothing (from the news standpoint). The most critical applications are already integrated with Play Integrity API. Singpass (ID system) is 100% unavoidable for every long-term visitor and has strict Play Integrity integration (but attacker can select SMS flow and nullify the protection). Banks and all financial organizations require Singpass too, also use Play Integrity in most cases. The biggest bank DBS has extra checks, like "if there is an .apk in Downloads directory, then device is considered as compromised" (and they recently disabled SMS bypass). The most funny case that a similar protection is used in McDonald's app (again, maybe enforced only in specific countries): have something sus on your phone -- no burgers for you! They also have extra checks (i. e. device passes "strong integrity test", but app refuses to work).

Another note: this obviously does not prevent people from having multiple phones, feel free to buy an extra phone and install LineageOS/Gentoo/whatever you want.

Time to get serious about contributing to and using projects like https://postmarketos.org! We can continue to fork Android every release, but that's just re-arranging deck chairs on the titanic without upstream driver support.

The way this is designed appears to be entirely intentional and sensible. Yes, you can still install malware using ADB. It's just harder. That seems really sensible. It's a speed bump, but not a prohibition.

I also haven't seen any specific examples of software that's frequently sideloaded that would be unjustly discriminated against.

> [blocking apps] requesting sensitive permissions such as SMS access or accessibility services

These are the permissions most used to impersonate a user. SMS access lets an app log into every service you use and get OTP codes. Accessibility tools lets the app open your banking apps etc. whilst you're sleeping.

Singapore has big issues with identity 'trading' - and there are big signs saying things like "if a stranger offers to buy your phone number from you, and you accept, we will send you to prison for 5 years". Same with bank accounts, credit cards, etc.

Basically, if something is tied to your identity, and you let someone else use it for crime, then they're gonna punish you heavily.

This will impact the blind community in a pretty serious way.

In countries where Android is popular and iPhones are expensive, Commentary (Jieshuo) screen reader is a popular and arguably much better alternative to TalkBack, the built-in Android screen reader. Because it's a Chinese app and there's no major conglomerate behind it, it's not on the Play Store.

Because it needs to be able to read all screen contents and drive the entire system UI (that's literally what a screen reader is for), the permissions it requests are quite intrusive. Blocking it from accessing sensitive apps would entirely defeat its purpose, after all, if you need a screen reader in the first place, one that doesn't work in banking apps will be pretty useless to you.

Googlers will probably point to Webaim[1] and say that nobody uses the app so it's not a problem, entirely forgetting that Webaim is mostly filled out by well-off English speakers. If you look at data sources that better represent the global population at large, like the Yandex user survey, you will see something very different.

[1] https://webaim.org/projects/screenreadersurvey10/

The Google input method on my phone is patched by myself. So is the calculator, and many other everyday apps. I cannot imagine owning an Android phone without the ability of sideloading. Maybe I will consider rooting my phone and void my warranty on the first day with my every future Android phone.

Will this affect alternative app stores like F-droid or is it only about downloading and installing an APK with a web browser?

An example of "normal" users that side load (through F-droid or direct APK) is most Ingress players. While Ingress itself is in the playstore most people use the "companion" intel app called IITC which isn't in the playstore as it's technically against the ToS.

Can anyone using a Librem 5 as their daily phone report back as to how well it works. Specifically, how reliable are the most basic, and crucial SMS and calling functions? How's battery life?

I had a Pinephone a couple of years ago and receiving phone calls wasn't very reliable.

> In parallel, Google has rolled out its Play Integrity API, which allows developers to limit app functionality when sideloaded

How about Google focuses on proper sandboxing and permissions models? With those in place where an app comes from should not be a concern.

I can't find sources to this one sided article nor can I find anything recent when searching for it

This would have been a great time to explain how Purism protects users from malware better than Google while giving users more freedom, instead of just repeating the word “security”. If, in fact, that is the case.

It would be great to have more devices running PureOS available, especially a bit smaller ones than current generation "phablets". Where did all 4" devices gone?

Is it forking time? It feels like it's forking time.

Seriously, just restrict it to signed applications unless debugging mode is active. With explicit permission from the user.

I like Purism as an idea but, lord, is their marketing annoying. Between FUD like this and regular emails inviting me to become some kind of investor (if I search my inbox for "purism investor" I get dozens of results), I've begun tuning them out.

To me this is ironic as Singapore Government own lottery and sports betting app has to be side loaded as Google play does not allow gambling apps.

As I’ve mentioned here before, sideloading is a genuine security concern, not merely an excuse for Apple to exert control. There is a never-ending stream of people losing their life savings. It happens on Android and not iOS because Android allows sideloading and iOS doesn’t. There is a very real human cost to this.

> Police warn new Android malware scam can factory reset phones; over S$10 million lost in first half of 2023

> There have been more than 750 cases of victims downloading the malware into their phones in the first half of 2023, with losses of at least S$10 million (US$7.3 million).

— https://www.channelnewsasia.com/singapore/android-malware-sc...

> DBS, UOB become latest banks to restrict access if unverified apps are found on customers' phones

> They are the latest banks in Singapore to do so – after OCBC and Citibank – amid a spate of malware scams targeting users of Android devices.

— https://www.channelnewsasia.com/singapore/dbs-uob-anti-scam-...

> 74-year-old man loses $70k after downloading third-party app to buy Peking duck

> “I couldn’t believe the news. I thought: Why am I so stupid? I was so angry at myself for being cheated of my life savings. My family is frustrated and I ended up quarrelling with my wife,” said Mr Loh, who has three children.

— https://www.straitstimes.com/singapore/74-year-old-man-loses...

> Singapore Android users to be blocked from installing certain unverified apps as part of anti-scam trial

> "Based on our analysis of major fraud malware families that exploit these sensitive runtime permissions, we found that over 95 per cent of installations came from internet-sideloading sources," it added.

— https://www.channelnewsasia.com/business/anduril-secures-305...

> CNA Explains: Are Android devices more prone to malware and how do you protect yourself from scams?

> Why are scammers more likely to target Android users? How do you spot a fake app and what should you do if your device is infected by malware?

— https://www.channelnewsasia.com/singapore/android-malware-sc...

> Nearly 2,000 victims fell for Android malware scams, at least S$34.1 million lost in 2023

> In 2023, about 1,899 cases of Android malware scams were reported in Singapore. The average amount lost was about S$17,960.

— https://www.channelnewsasia.com/singapore/android-malware-sc...

> Android users in Singapore tried to install unverified apps nearly 900,000 times in past 6 months

> These attempts were blocked by a security feature rolled out by Google six months ago as part of a trial to better protect users against malware scams, which led to at least S$34.1 million (US$25.8 million) in losses last year with about 1,900 cases reported.

— https://www.channelnewsasia.com/singapore/android-users-inst...

Outside the app store, Android 15 on Google Pixels supports Debian Linux "Terminal" pKVM VM with access to Debian Arm packages. It doesn't yet support accelerated (v)GPU graphics, in development for Android and shipped on some Chromebooks.

And how is it supposed to work in China, where the Google Play Store is blocked and sideloading is very common to install apps on Android phones? Looks like Google plans to throw its Chinese users under the bus.

As long as AOSP and its various flavors continue to be viable alternatives, Android is still better than Apple. If you run Lineage or Graphene, I'm sure you can still "sideload" just fine.

this is literally just an advertisement.

I don't really understand why all sideloads are put into same category. Because the APK must be signed, and e.g. you could easily verify Facebook/Microsoft/bigcompany signatures.

> In a pilot program launched in Singapore, the tech giant now blocks the installation of certain sideloaded apps—particularly those requesting sensitive permissions such as SMS access or accessibility services—if they are downloaded via web browsers, messaging apps, or file managers. The move, developed in partnership with Singapore’s Cyber Security Agency, is designed to prevent fraud and malware-enabled scams.

This is a reasonable restriction and I am surprised this restriction is coming now and not ten years ago.

Sideloading must be limited to tech savvy users only who know what they are doing.

Hate the $megacorps too, soPurism sounded like a good idea. But half the links on their site are broken. It makes them look like a scammer unfortunately.

As long as AOSP - or /e/ in my case - doesn't go down this road I'm ok with it.

EU regulators to the rescue!

It seems to me this was inevitable.

Google could do this, and it's in their interest.

It happened.

The way this is worded suggests that installing using alternate appstores (that set the installer metatadata) will still work.

Also it's not clear what exactly it means. Does it have a dialog you can click through like play protect, does adb install still work, etc.

I enjoy Android is because of its relatively nonrestrictive nature. It trusts that I know what I'm doing. The highly locked down nature of iOS is a reason why I will never buy one of their devices. Google will drive me further away from their services (and into GrapheneOS, which has "no" Google hooks) with moves like this.

From the article, I presume this is being done in the name of "cyber security" (least common denominator strikes again.) In newer versions of Android, a few warnings/confirmations are shown prior to sideloading an app. I think the best solution here is to gate-keep sideloading behind Developer Mode. Enabling Developer Mode, then enabling side loading, would be complex enough to stop brain dead drive-by side loading from occurring. And (mostly) only people that know what they're doing enable Developer Mode.

My Motorola Razr 3 doesn't have this problem.

Ignoring the Purism ad, does this break F-Droid?

The inexorable process of using security as a pretext to enshittify your platform carries on. I don't believe there is a meaningful difference between Google and Apple anymore.

It's OK if it's not Apple doing it———Someone, probably.

The flexibility afforded by sideloading, which allows that that an Android phone is still for the most part a pocket-sized computer that can operate in a mode not intended by its creators (as opposed to a restricted consumption appliance like the iPhone) is what has kept me on the platform for 16 years and counting. If they take that away, then I really don't see a compelling difference between the two platforms.

Android has been getting markedly more flaky for me ON MULTIPLE GOOGLE PIXEL DEVICES since 2018. My current Pixel 8a on Android 15 regularly has the underlying UI controls (separate from the launcher) crash and force me to restart if I want to use the app overview switcher since day 1. I also have no app overview button in the stock Android calculator since Android 14, the shipped OS, so if I want to switch between a calculation and another app I must first return to the home screen. Wasn't like this in previous releases! Furthermore, the day/date is routinely cut off in the statusbar and its pulldown. This product passed multiple reviews and 2 major OS releases with these (and many other) obvious and irritating bugs and shows no signs of improvement. If they left these holes in the surface, I can only imagine what's underneath. It's ridiculous, but I guess we're cranking out complexity at a rate that exceeds our ability to manage it (or our ability to manufacture new fucks at a rate exceeding their consumption).

If Purism is shopping for new users, all they would eventually need to do is not get worse at a rate as fast as Android, or more expensive at a rate as fast as iOS devices. Based on what I've seen from them so far...they're not at that point yet: meager specifications, high prices. I will continue to cling to my Android device, but I'll cheer them on from the sidelines.

Let's not adopt the newspeak of the megacorps here. The actual headline is,

"Google Restricts Android Application Installation–What It Means for User Autonomy and Freedom"

The idea that you're not allowed to install any application without it coming directly from $megacorp is the new wierd thing. The idea of installing applications yourself on your computer is well established and normal.

"Sideloading" is a dangerous word that implicitly gives up freedoms. It should not be used.

imo this doesn;t feel like scam prevention, it's permission centralisation. the attack surface didn’t shrink, just moved upstream to whoever owns the allowlist.

Smartphones are just trash.. Totally stupid human interface design + the worst OSes imaginable.

I've totally gotten into modern AI, cus its actually useful, but I've always been a "luddite" re. smartphones. I've always thought they suck.

Smartphone = a computer that's shitty and dumb enough to be popular.

How the hell does this get upvoted? This is major FUD by an Android "competitor". First of all, it just introduces an addition level of security, at the request of the government of Singapore. Second, it's a year and a half old. Third, it obviously hasn't affected side loading in other parts of the world 1.5 years later. The other restriction, allowing app makers to restrict side loading, is to combat piracy and it's again, up to the app makers themselves.

Garbage article. Also embarrassing so many fell for it.

I am on Google ecosystem since the original T-Mobile G1 - now at Pixel 9 Pro XL. The moment this is rolled out, I am getting iPhones for me and family.

I'm pretty sure my degoogled Murena /e/ OS pixel 5 won't have this problem.

Do these restrictions require the phone to support Play Services and the Play Store? I'd imagine on a non-Play-Store phone this still won't be a thing, yeah?

the only security paradigm that is 100% foolproof is to assume breach. Taking away any number of users freedoms, big or small, does not change that.

Old computers, before sandboxing and Windows defender and real-time protection, were more secure, because people were less likely to plug their bank account information, social security number, birth date, and home address into them.

At a certain point we have got to level with the idea that a smartphone is no longer a general purpose computer in your pocket. It's more like a cyber passport. It knows everything about you and authenticates formal activities.

This is an ad

>These policies reinforce Google’s control over Android’s ecosystem under the guise of security but have sparked renewed concern over digital autonomy, innovation suppression, and user rights.

Ahhh yes. You want some of the action apple is getting from EU commission don't you?

Talking about the api-s that discriminate between playstore and side loaded aps. Which is not clear if are Singapore only

there has never been Autonomy and Freedom, not from google, ever.

I have never ever used a fully loaded android phone with all the spying, surveillance apps and play services, amazon, facecrook, whatshit, running.

why on earth do muppets insist that they cannot live a life without google and the rest.

I have installed the latest AOSP on all my phones, including family aand friends.

I currently have a motorola edge 20 pro with android 15 installed. and my very old oneplus 5T also has android 15 installed.

all my family and friends have either lineage or E/os installed.

I dont see the problem here. I hear no complaints.

fool me once, More fool anyone who thinks google, facecrook and whatshit is their friend.

Autonomy for me, MEANS, self regulation. this is severely absent in the lives of the modern human being.

[dead]

[flagged]

After all these years, and they are still following Apple's playbook. Sad.

as long as I can continue to pirate android apps. one thing I hate about apple is that I have to pay for everything. annoying. information needs to be free as in no payment. the great thing about android is that it's so easy to find the APKs for any app, and unlock paid purchases and what not.

luckily for me and other others who are sailing is that you cannot keep sideloading without enabling pirating as well.

the rich techies can downvotes if they want but I and others in India don't have money to pay for your silly todo apps. ha ha.

Google should not be allowed to own Android, it gives them too much control.

The smartphone app ecosystem is a net loss for most users sideloading or not.