Android's sideloading limits are its most anti-consumer move yet
74 comments
·October 13, 2025HiPhish
gruez
>The term "sideloading" makes it sound shady and hacky
"side" refers to the fact that it's not going through the first party app store, and doesn't have any negative connotations beyond that. Maybe if it was called "backloading" you'd have a point, but this whole language thing feels like a kerfuffle over nothing.
unlikelytomato
I get where you are coming from. However, language like this matters when it comes to legislation. People outside there space will be guided by the sideload language to think it's just "something extra on the side so why should I care?"
grepex
Agreed. "Sideloading" has been marketed as a boogeyman opening doors to malware, when in fact malware exists on the play store anyway.
tomall
I like the term "direct install" which someone suggested in one of the previous threads.
alejoar
I wonder where the term started?
Android itself calls it "install" when you open an APK file, there's not mention of "sideload" in Android at all as far as I can tell.
viernullvier
There is, actually, but in a different context. The `adb sideload` command allows you to boot a device from an image without flashing it.
chasil
This command is also used to install 3rd-party ROMs.
There is an option in the TWRP recovery tool to sideload any capable .ZIP file.
chasil
If Google provides a permanent mechanism to disable this in developer settings, then this devolves to an inconvenience.
The setting to allow unsigned apps could be per appstore tracked by an on-device sqlite database, so a badly-behaving app will be known by its installer.
sidewndr46
Have you read anything about this? What you are proposing is exactly what is being disabled.
chasil
Let's say that Google implements this restriction, but allows F-Droid a permanent permission to disable it for apps installed through their store.
Then there is both increased protection and accountability.
ptrl600
Mandatory googleloading.
ta1243
> when in reality it is what we have been able to do on our computers since forever
You do realise that's been changing right? Slowly of course, there's no single villain that James Bond could take down, or that a charistmatic leader could get elected could change. The oil tanker has been moving in that direction for decades. There are legions defending the right to run your own software, but it's a continual war of attrition.
The vast majority of people on this site (especially those who entered the industry post dot-com crash) ridicule Stallman.
"Dan would eventually find out about the free kernels, even entire free operating systems, that had existed around the turn of the century. But not only were they illegal, like debuggers—you could not install one if you had one, without knowing your computer's root password. And neither the FBI nor Microsoft Support would tell you that."
gjsman-1000
If you want a real blackpill (I think this is the right word), consider the famous Cathedral and the Bazaar.
I recently had a realization: I can name Cathedrals, that are 800 years old, and still standing. I can't name a single Bazaar stall more than 50 years old around any Cathedral that's still standing. The Cathedral's builders no doubt bought countless stone and food from the Bazaar, making the Bazaar very useful for building Cathedrals with, but the Bazaar was historically ephemeral.
The very title of the essay predicts failure. The very metaphor for the philosophy was broken from the start. Or, in a twisted accidentally correct way, it was the perfect metaphor for how open-source ends up as Cathedral supplies.
nerdsniper
There are definitely bazaars which have a very old history. Being that the word "bazaar" has middle-eastern origins it feels appropriate to highlight middle eastern bazaars. Al-Madina Souq in Aleppo is one such bazaar with quite a few shops/stalls/"soups" dating back to the 1300's or 1400's, such as Khan al-Qadi (est. 1450). Khan el-Khalili in Cairo has its economic marketplace origins rooted in the 1100's-1300's.
spookie
I fail to see the link, businesses come and go. Their software dies with them.
znort_
indeed, but they're not talking about your phone, they're talking about android, which is something you don't buy nor own, you buy a license to use it on the provider's terms.
linux phones can't come soon enough ...
your point about the termn "sideloading" is spot on, though. perverting the language is the first step of manipulation: installing software is "sideloading", sharing files is "piracy", legitimate resistance is "terrorism", genocide is "right to defend oneself" ...
spankibalt
> "your point about the termn "sideloading" is spot on, though. perverting the language is the first step of manipulation [...]."
Precisely.
itg
Installing any app I want outside the Play Store was the primary reason I decided to go with Android, despite most of the people I know using iPhones. If I can't do this anymore, I may as well switch and be able to use iMessage and FaceTime with them.
gdulli
Then you'd be rewarding the company that pioneered and normalized taking away these rights. The next rights you'll lose will probably originate on Apple again years before Google takes them away too.
jadbox
You can still install apps outside the play store, but the developer does need to verify their signing information. Effectively this means that any app you install must have a paper trail to the originating developer, even if its not on the app store. On one hand, I can see the need for this to track down virus creators, but on the other, it provides Google transparency and control over side loaded app. It IS a concerning move, but currently this is far from 'killing' non-appstore apps for most of the market.
detectivestory
From a quick glance at /r/GooglePlayDeveloper/ it looks like Google is just as interested in killing playstore apps! It seems that they only want to support the existing larger apps now. I think they are giving a clear message to developers that its not really worth developing for that platform anymore. I think we will all agree that the playstore needed a purge but they seem to be making it impossible for any new solo devs at this point.
jadbox
I have no idea what this means. How does this change "kill playstore apps"?
msh
It also makes it easy for google to blacklist a developer, if for example the trump administration don’t like them (the same way apple removing apps documenting ICE).
pkulak
And basically every corporation with any business in the US has proven _more_ than willing to instantly capitulate to any demand made by the administration.
blaze33
Pretty sure virus creators could just pick a real ID leaked by the "adult only logins" shenanigans, whereas legit app developers probably wouldn't want to commit identity fraud.
gjsman-1000
If it gets that bad; Google can do what they already do with business listings - send a letter to the physical address matching the ID, containing a code, which then must be entered into the online portal.
Do that + identity check = bans for virus makers are not easily evaded, regardless of where they live.
omnimus
Yeah... no. This is normal with desktop computers. Let's stop handholding people. If I trust the source, I trust the domain... I want to be able to install app from its source.
Googles/Apples argument would have been much stronger if their stores managed to not allow scams/malware/bad apps to their store but this is not the case. They want to have the full control without having the full responsibility. It's just powergrab.
close04
> need for this to track down virus creators
I think they’re just going to track down a random person in a random country who put their name down in exchange for a modest sum of money. That’s if there’s even a real person at the other end. Do you really think that malware creators will stumble on this?
This has to be about controlling apps that are inconvenient to Google. Those that are used to bypass Google’s control and hits their ad revenue or data collection efforts.
63stack
Same, I'm tempted to call android just a shittier iPhone now
Aachen
What part of cheaper, better, and open source is shittier exactly?
brazukadev
> Installing any app I want outside the Play Store was the primary reason I decided to go with Android
You still can do that with PWAs in Android. Let's see for how long.
_imnothere
> PWAs
And I wonder when can we stop lying to ourselves pretending "web"-apps are real (native) apps?
llbbdd
Why?
jim201
Antitrust action is badly needed in this area. It is ridiculous that I need permission from my device manufacturer to install software on hardware I own. There is no viable alternative than to live in Apple and Google’s ecosystems. This duopoly cannot be allowed to keep this much control of the mobile platforms.
spogbiper
There needs to be a mandatory override for any lock down put in place by a manufacturer. I understand the need for security, but it should be illegal to prevent me from bypassing security if I decide to on my own device. Make it take multiple clicks and show me scary warnings, that's fine.
Technically Android still allows installation of anything if you use the debugging tool. Maybe that is where we have to draw the line, I'm not sure.
ohman876
I know this is side topic but if buying the Android or iPhone hardware gives us hardware we don't control, then what alternatives we realistically have? I do own pinephone (and I was recently reading that they kinda staled with development of new phones hardware), I know about librem.. is there anything else on the market?
freefaler
Yes, it's a very unfriendly decision by Google.
However, I don't think they haven't measured the number of users installing apps outside of the Play store. May be they just don't care about the small % of total users who are a large % here on HN.
This is a part of a bigger trend, Cory Doctorow spoke about 13 years ago in his "The coming war on general computing": https://www.youtube.com/watch?v=HUEvRyemKSg
And this will creep out to the major desktop systems too, Apple is doing it with their stupid "non-verified app" and Windows looks more likely to do so with their "need Microsoft account to login" to windows.
rclkrtrzckr
> This logic is flawed: historically, we've seen malware slip through the Play Store—signed and “verified”—several times.
Yeah, check for all the fake sora apps in the play store.
bitpush
This is a weak argument. If things have slipped through the cracks with someone actively reviewing it, the alternative cant be 'lets not do any checking whatsoever'.
There are better arguments against this that other commenters here have provided (including "my device, my rule") but this isnt a strong argument.
hollow-moe
They saw apple getting away with it under the DMA so they're just doing the same. You can't do anything about it.
billev2k
The Android Developer Blog called it "an ID check at the airport which confirms a traveler's identity but is separate from the security screening of their bags."
From the mouths of rubes, I guess. The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
gruez
>The ID check at the airport has zero to do with safety or security and everything to do with the airlines' business model (no secondary market for tickets), enforced by government.
If it's really about protecting "airlines' business model", why did TSA recently start requiring REAL ID to board flights? Were airlines really losing substantial amounts of money through forged drivers licenses that they felt they needed to crack down?
casenmgreen
This is the beginning of the end of Android.
Google have over-reached.
It is unacceptable to software developers to be unable to install software on their own phones, and this will lead to a successor to Android.
It will take time, but it will now happen.
bitpush
> beginning of the end of Android.
You underestimate how much money & effort it takes to make an operating system.
kypro
As someone who doesn't really care about apps, if I wanted to move away from Android what phones and OSs are worth considering?
yndoendo
Don't know how the Google's actions with affect AOSP. There are few options depending on location / country with base band frequencies.
Murena with e/OS/ [0], Purism with PureOS [1], Volla with Volla OS or Ubuntu Touch [2], and Furei Labs with FuriOS [3].
Those are the companies actually trying to sell a phone versus Pin64 selling a device to tinker with.
Alternative is checking personally managed OSes like postmarketOS [4] and Ubuntu Touch [5].
[0] https://murena.com/ [1] https://puri.sm/ [2] https://volla.online/en/ [3] https://furilabs.com/ [4] https://postmarketos.org/ [5] https://www.ubuntu-touch.io/
null
ivanmontillam
You don't really have a choice: it's either Android or Apple iOS.
sfdlkj3jk342a
GrapheneOS on a Pixel
la_fayette
Let's see what will the future of Graphene be, since Google is not publishing the device tree anymore for Pixel devices...
gruez
That's a non-issue for them: https://grapheneos.social/@GrapheneOS/115299586595207105
Batman8675309
They are building their own device trees now.
moffkalast
It's kind of ironic that you have to actually give Google money in order to not use Android. I'm still amazed that there's no Graphene support for any other device.
moffkalast
As with manifest v3, Google is once again misusing their position as a source of open standards to benefit their adware business. Hopefully the EU fines them once again.
A weird hill to choose to die on given that in practice it's not really a meaningful percentage of people that are using adblockers and the negative PR they get from these oversteps is massive.
bitpush
Didnt EU rule that it was OK for Apple to do, and Google is just just mirroring that?
nadermx
Why having your own website is essential
We need to stop calling it "sideloading", we should call it freely installing software. The term "sideloading" makes it sound shady and hacky when in reality it is what we have been able to do on our computers since forever. These are not phones, they are computers shaped like phones, computer which we fully bought with our money, and I we shall install what we want on our own computers.