upvote
Only require Developer Registration for apps with READ_SMS then.
reply
There are about a half dozen permissions that are regularly abused by malware. These permissions are also extremely useful for a ton of completely legitimate features.

I am pretty confident that if Google had enabled this policy only for apps which use these permissions that the community would still be upset.

reply
If they restricted sideloaded apps from sniffing SMS then I wouldn't mind all that much.
reply
There are about a half dozen permissions that are regularly abused by malware. These permissions are also extremely useful for a ton of completely legitimate features.

I am pretty confident that if Google had enabled this policy only for apps which use these permissions that the community would still be upset.

reply
So no access to SMS for apps distributed on F-Droid?
reply
Fine by me, what are people using SMS for in 2026 except for spam and sending 2FA codes insecurely?

(I'm being facetious here but this is massively preferable to disabling sideloading altogether)

reply