Well, the issue will be developers of other apps would force us to re-google since any build of the app would be useless unless installed from the play store…
For every single app where the developer tries this?
Yeah right. That’s unsustainable.
They’ll also just increase ways for the integrity to verify it hasn’t been patched. This announcement already says they’re checking the app’s binary for tampering.
MicroG devs are working on fakeing play integrity api since 2023: https://github.com/microg/GmsCore/issues/2050
it seems that play integrity continue to change internally day to day… He is waiting that google stabilize it. Then will be a pull request.
Are they? Other comments in different PRs seem to indicate they have no intention of trying to subvert play integrity. Is there something more recent than this that indicates they’re trying?
You can degoogle on Android you know. Takes some effort, but the end result is better than moving into a walled garden.
You can degoogle on Android you know.
only if your device is supported. Most aren’t…
Something AOSP like Lineage OS
You can install MicroG if you need play compatibility
time to demand apps in other repositories. Bonus if it’s f-droid compatible
Some paid apps actually prevents the user from using it if it’s not paid from Google play
Are you suggesting such an app can be purchased outside Google play but not used?
Having an app check a license server isn’t exactly new. Google play is simply a third party license server.
No, but you can download the APKs anyways. Which is most likely exactly why this is being implemented. I doubt many developers of free apps are going to turn this feature on.
Yes they will. This tool would force users to always use the Play Store which would increase the download count on their app, which would help its ranking in the Play Store. Every last single developer is incentivized to use this.
The App Lounge from /e/OS has access to the play store if you choose to log in to Google. It is possible (but not recommended because of a possible ban) to purchase stuff, I haven’t done that yet, but some apps want to talk to Google to see if it was purchased and that gives an error.
For example, Wavelet can’t unlock paid status, All-In-One Calculator gives the option to link an email so it can restore paid status, Nova Launcher uses a different app to restore paid status so it works as well.
Kinda makes sense. A paid app on Google Play is a license to download the .apk file(s). Then a user could make copies, and without DRM, it’d be the same situation as with copyrighted movies and whatnot.
I’m not saying I support them, it’s just that they are like this for a reason
Well that’s an easy fix. I just won’t use those apps.
So no banking apps for you? I agree that this is shit, but pretending we are not hit by this is not helping.
Also, I don’t really use banking apps anyway because they already pull similar shit and I can get around it. For now.
I don’t know what you mean by that. Do you mean you rather use google pay?
Fortunately so far I haven’t come across a bank here in the Netherlands that wouldn’t work because my phone was rooted or because I’m running grapheneos. Hope it stays that way too.
Correct. I’ve never used banking apps in the first place anyway. If my bank doesnt have a functional website then I would change banks.
And i say this not to be difficult or contrarian. I just really hate using apps for every business in existence and simply refuse to do so. Yes I have absolutely sacrificed convenience on many occasions due to this principal.
Very good. I don’t like using apps for every little shitty website like discord or WebEx either.
Just know that this is a step forward in the direction of making it technically possible to force people to usw the app. Ask yourself if you trust them to not try and profit from this.
With banking apps in particular this lock down is ultra-stupid.
Like, I have to use your super secure app, or I can just… visit your page in a web browser running on god-knows-what with whatever extensions in any computing environment or OS of my choosing? But not using Google Play is where they draw the line.
Aw shit, it says this is supposed to detect when an app’s binary has been tampered with… That means it’s probably gonna be used to block stuff like ReVanced. I hope they can find a way around this that doesn’t require root.
