The vast majority of users don't care about "openness" of the OS. They care about the utility of their phone in everyday life.
Can I access digital payment systems, social media apps, and entertainment apps? How's the camera on the phone? How big is the screen? Is it waterproof? How expensive is it?
These are the questions the majority of phone buyers care about. Not, can I download an app off of a random website and install it?
---
I would say that the majority of developers don't care about the "openness" either. They care about accessing a wide audience and getting revenue from their work. Free apps without ads or in-app purchases (zero-revenue apps) are the minority.
Google is also fine with losing the zero-revenue app developers because they provide no value for Google. Actually, they are probably a loss for Google, since Google provides Google Play Services.
Just because you're HN dweller doesn't make it HN view. The openness, freedom, customizability and accessibility (money wise) were the tenets that differentiated Android from Apple devices.
i have never heard someone outside of tech circles (e.g. HN) mention openness, freedom, or customization, even as a passing comment.
they use a phone to access mainstream apps (youtube, instagram, reddit, maybe their bank) and text/call. mention "apk" or "fdroid" and their eyes start to glaze over.
cheaper devices, sure, i agree with that as being the differentiator to the average non-techie. the rest is, at least in my experience, absolutely a "HN view".
I think _your_ impression of people outside tech circles is as HN-centric as it gets :)
My no-tech middle-aged uncles and aunts know what apks are, and that you need to install apps from somewhere apart from the main Play store if you want them to have no ads.
And how do you qualify "(e.g. HN)" for this purpose? Places where people value openness?
These feels like a no-true-scotsman.
https://web.archive.org/web/20260420021444/https://www.openh...
Openness for end-users was never a tenet. It is a very HN view to think that open-source equals freedom for users, and to state that it was a promise when it never was.
This is a straw man. This change hurts third party app stores such as F-Droid the most. I vastly prefer it to Play Store for the same reasons I prefer GNU/Linux to macOS or Windows (discounting the fact that Linux no longer needs hacks to "just work").
Nowhere is their goal to allow users complete control of their device. Android was built as an open-OS for the mobile device industry, not end-users.
Android might have been considered more open than other mobile OSes by users, but it was never a promise or goal.
The fact that having root access is not the default supports that. Without root we're just "consumers" and that's how they see us. There's a lot of discussion about the security model of Android and how root is bad. But we've come to the point to argue that having root access is not only less secure but that we don't need root at all. A lot of replies, even on HN, are like:
> Why would you even need root access? What is it you're trying to accomplish?
That's a much bigger security smokescreen than the one in TFA. Sure, having root may be dangerous, especially if you don't know what you're doing, but it's still a choice. Having no phone or doing banking IRL or not downloading apps from the Play Store you haven't heard of before would also be more secure. But these 3 options don't align to the financial gain the consumers would bring to the providers. The consumers having no root, on the other hand, benefits the providers.
Openness for users/consumers was never a goal for the Open Handset Alliance.
> Using money as the only metric is stupid and myopic.
Publicly traded companies will be publicly traded companies.
If Android isn't open, we lose the last open mobile operating system, which will have immeasurable negative effects on computing as a whole. People will need permission from either Apple or Google to create any mobile program. If you don't fit into their neat little system, you don't get permission. If I hadn't been able to publish my app for another 2 years I probably would've shelved it, decided it was stupid, forgot about it, got busy with other things, and never published it.
Unfortunately, it just never gained the necessary momentum.
If anything, I'd like more openness in Android. For instance, apps should not have any control over what data I can back up; I should be able to back up every aspect of every app, restore it to a new phone, and apps should not be allowed to care.
That said; iPhone is my main phone, has been for a decade or more. But I deeply appreciate what you can do with an android.
Iphones makes my life easier but are too limited.
Best case scenario, carry both.
A few years ago, iOS lacked basic features like widgets, NFC, calculator on their tablets, etc. And iOS still has a completely inferior keyboard (I used to write code and essays on my Android while walking) and a completely inferior notification system. Androids are also the only phones still offering a fingerprint scanner, which is way better for me. These nice things all combine well with the oppenness.
What's worse is that we're clearly in a progression of restriction. Bootloader restrictions, app installation restrictions, "age verification" requirements, etc. Openness is being locked down from every angle with serious momentum, it's not anticipated to stop here.
What should Google do when a change they are making to protect regular less-technical users breaks functionality needed by more advanced users?
If the user must click through a tons of disclaimers (including locked 60-second timeouts with huge WARNING: SCAM ALERT or something) in something buried in settings to get scammed, I think the few edge cases may be worth the tradeoff of being able to install apks.
Remember there is already malware-scanning by default (by Google play), apps need to ask for permissions, they generally can't read other app data or control say banking apps, modify system data (at all), etc..
The threat vectors seem already restricted. I haven't met anyone which has fallen to actual Android malware ever (that I can remember), but I can remember several close family members which were victims of simpler social engineering scams (mostly unsuccessfully) recently.
Have people read and type in a message saying "I'm not on the phone with a potential scammer who is trying to get me to install a package that may be dangerous", trust people to actually read what they're typing, and if they can't read and comprehend that, stop getting in the way of them shooting themselves in the foot.
If you are a fan of open source, maybe this will be a good thing. Maybe this will drive more people and money to open source projects directed at making a better mobile OS.
Put it behind an USB ADB only toggle and be more transparent to avoid slippery slope?
I don't think OS vendors should be expected to keep people from doing dangerous things. A warning label saying "hey that's dangerous because..." is reasonable, but anything more and they're trying to be my sysadmin against my will.
These are sold as consumer devices and not general computers. It sounds like you want something different. They’re selling cars and you want a motorcycle.
More sysadmin-as-a-service type stuff is fine as long as the opt-out is easy. This isn't. I'm upset about the rug pull.
You never know though. Sometimes things go the other way. When the iPhone launched there was no way to create apps for it or install third party applications except as web apps.
Furthermore, we have to acknowledge that scam-fighting is not Google's job. They can assist with law enforcement (assuming they do not violate the rights of their customers while doing so) but they should not be making themselves judge, jury, and executioner in the process.
If you want a more concrete technical recommendation, locking down device management profiles would be a far more effective and less onerous countermeasure than putting a 24-hour waiting period on unknown app installs. Device management exists almost exclusively for the sake of businesses locking down property they're loaning out to employees, but a large subset of scams abuse this functionality. Part of the problem is that installing a device profile is designed to sound non-distressing, because it's "routine", even though you're literally installing spyware. Ideally, for a certain subset of strong management profile capabilities, the phone should wipe itself (and warn you that it's going to wipe itself) if you attempt to install that profile.
Both. I don't like the idea of locked down computers and that includes phones, especially now that they're so prominent in our lives.
I dabbled in Android development for fun a decade ago and I loved how there was no barrier to entry. I've loaded apps that aren't available on the Play Store and have loaded apps that my friends have made just as fun side projects.
There was a handheld gaming system in the early 2000s called Cybiko. Cybiko and Sega Dreamcast homebrew opened my mind up to the power of computers and having control of your hardware. These things should not be locked down. I liked messing around with making little programs on the Cybiko and downloading homebrew games for it and the Dreamcast. The openness of Android really excited me when it was new because I thought of it the same way as a Cybiko or Dreamcast or PC and not a locked down device where I can only run software approved by the hardware manufacturer.
So far, I have been utterly incapable of getting my iPad to do anything remotely similar. It can run syncthing, technically, but not in the background. Apps don't have a shared filesystem structure, so it's difficult to get anything else set up to "save within my shared folder" in a way that would work, and that disregards that the syncing cannot occur when anything else is open. There's all sorts of cloud backup options, but those require the internet and even when they're working, there's this awkward import/export flow that adds friction to the whole dance.
In isolation this would just be a small papercut, I guess, but these sorts of limitations are all over iOS. It's just terribly hostile to anyone not fully committed to the Cloud-first, Apple-hardware ecosystem. Android doesn't care, and doesn't have to care, because it lets me run the software I want. It's a really small set of programs too, at the end of the day. (Firefox with real extensions is the other one.)
I use this to occasionally build and install Android apps from github.
These are often out of date and need some tweaks but I can do it on a whim (I certainly wouldn't bother if there was a paywall).
To be clear though android isn't stooping to Apple levels yet. You can still do anything, it just makes it obnoxious to do so.
[1] https://arstechnica.com/tech-policy/2025/05/musi-strikes-bac...
Citation needed.
But even if millions did bought an Android phone for ill-defined defined, about 15 billion Android phones were sold over the years, which could very well make those millions a minority, with most having other reasons for their purchase.
In principle I could never reward Apple with my business for having originated and normalized this.
And pragmatically, I'd like to hold on for as long as I can to the next set of rights that Apple will take away five years before Google does.
I would say keep the faith as I'm in the same boat and have made my choice for privacy and control. Giving up everything when it could very well be a minor setback is worth holding the line.
Was it convenient? No, of course not, but it's been an option for quite awhile; to me the biggest advantage for Android was the fact that it was relatively easy to sideload apps.
To be clear, I don't like that Google is doing this, and I think arguing that it's for security is a half-truth at best. I could make my phone 100% "secure" by pounding a nail through the NAND chip; no one is getting into my phone after that.
With the advent of vibe coding, a part of me wonders how hard it would be to hack together my own phone OS with a Raspberry Pi or something and a USB SIM card reader. Realistically probably too much work for me, but a man can dream.
Millions? Are you sure?
Even so, Android has billions of users who want secure app management by default.
I understand political dissidents and those living under authoritarians may have much more concrete Fs and Ds but for me (us?) it's mostly U.
I do. It's my device. And I've been in the position of having to buy a replacement phone in a pinch; having to wait an extra day before having a usable replacement is not acceptable.
In terms of apps I might not be able to get from the Play store:
- Signal, depending on what country I'm in in the future and whether they've tried to restrict things they can't backdoor.
- Vanilla Music, which remains the best music player I've used. (I wish there were an Android version of Quod Libet.)
- A fully capable version of Termux. (the Play store currently has a less capable version that's maintained separately, which could go away if someone decides to stop putting up with it).
- Syncthing-Fork, which has at times been undermaintained in the Play store.
Update: out of the box it seems to be reading tags strangely. Maybe I could fix this studying the settings more, but I'd say you have an upgrade opportunity switching off Vanilla. Signal is hard to replace though.
Just see the Play Integrity API making the user experience more difficult on more secure devices like GOS with mo security benefit.
>Play Integrity permits a device with years of missing security patches. It isn't a legitimate security feature. It checks for a device in compliance with Google's Android business model, not security.
(https://xcancel.com/GrapheneOS/status/2036610983888588818#m)
You're missing out then!