Cool, its never been like that and you kept buying Android devices anyway?

I’d like that too. In what way does “things should be better” counter argument “this update changes nothing”? EDIT: No really, if you have either of these hypothetical phones, what can you not install after this update that you could before? I got shit I want to install but cant because of restrictions to root made in Android 4+. Haven’t been to able to run a OS outside of Android since the Pixel 3 era. Am I supposed to reach peak anger over Android being a shitty platform with every change they make? Is that useful or helpful to you? Was I supposed to start my comment with an entire history of Googles anti user behavior so you understand I am not defending them?

I’m gonna stop commenting honestly. Y’all just wanna be mad. Tried to dispel a rage bait article and ended up wasting my time. You already knew what the article was about and wanted to get mad again anyway. There is more useful stuff to do than get mad at someone who agrees with everything you said. Please work on your reading comprehension.

I specifically said publishing. Publishers/developers are not the average person. And the people installing third party apps on the user hostile platform of Android are also already dealing with friction. I’m more concerned with developers giving up because they need to do unacceptable ID verification, or are outright banned from development APKs entirely, than users giving up because “this takes too long…” Frankly, you ignoring the context of my post comes off as you just wanting to be angry.

I read the headline, I read the article, and I answered the rage bait presented in said headline. The impact of this change is “fuck all and nothing”. I’ve got plenty of web sites that are inaccessible without getting around geoblocks with a VPN. Been in communities shut down by corporate media throwing money and legal teams at denying their right to exist. Feels like everyone wants a federal ID to use an online service these days, and Google wont be that far behind doing their own version of it. But this update changes literally nothing for power users right now. Sorry that I’m not as upset because the slippery slope isn’t as steep as everyone else says it is.

If you really want something worth being mad at, get mad at the hardware manufactures who release hardware with proprietary firmware that only runs on Android. Wouldn’t be having this discussion at all if users were allowed to run completely custom software from boot. If there was an open standard for a battery powered device that could run a modern compliant web browser, and take SMS/phone calls, we could tell Google to kick sand. Instead we have an ocean of built-to-expire mobile phones that end up being “obsolete” within 2 years. I’m pretty sure the mobile carriers/ISPs have more control over what hardware is allowed to exist though. I should probably do more research on that.

I agree. I do not want to come off as defending Google here. Things will get worse as they always have, and the sooner we got off Googles corporate platform, the better. Google has no business forcing themselves as a “trusted central source”, especially with all the evidence showing that the Play Store is a more common and successful attack vector than third party apks. Third party offerings should be as easy and accessible as Googles.

I guess I’m just really annoyed at the public response because it continues to be doom and gloom; as if open source app development was going to die overnight due to this one change. I’m pointing out that there is already more restrictive things on the Android platform, and big projects still exist despite that. As hostile as a development platform Android has been, a new one time, 24 hour scare screen is likely not going to be the final straw for developers.

Saving you a click:

Read the fine print carefully, and Google’s new app-loading processes aren’t as invasive as they could have been. For many users, nothing will change. Even for users exploring apps outside Google’s walled garden, the process is usually a one-time setup with a few simple steps and a short wait, keeping the experience virtually the same as it is today.

We have phone manufacturers who offer unlocked boot loaders as a feature, but require two weeks or more of device ownership, registration using personally identifiable info for an online account, and many times don’t even allow you to relock the boot loader. Despite all this hassle, these devices still get updated third party OS’s with Lineage and eOS.

Anyone who was publishing to FDroid already is not going to be annoyed give up over the 24 hour scare screen for users. The most inconvenient aspect is that they can’t use the same signing keys as a Google Play release, which they should never have been doing anyway. Its absurd that developers were using the same signing keys across all different distribution methods in the first place.

EDIT: Phrasing. Everything about Android is annoying.

What a crazy hypothetical you made up, “left of center”, considering the Republican party was pushing for federal ID verification for online services years before Democrats caught up to speed. Red states brought this up first and resulted in multiple porn sites banning users in those states.

But yes, online censorship and corporate surveillance is a bipartisan issue in the two party system of fascists. You will not be able to “vote” these issues away.

Thats part of the problem though. Supposedly catfriend1 gave researchxxl their signing keys, and researchxxl used these on their new github account. No one was aware that catfriend1 was not maintaining the repo anymore until users saw unexpected/unannounced updates and looked into the matter. This sparked a short lived discussion on F-Droid forums about what should be done when maintainer transfers are handled poorly like this. F-Droid admins decided that it wasn’t that big of an issue, which is problematic… this supposedly happened between two people meeting each other online and discussing it with each other. But its possible that catfriend1 is being blackmailed or otherwise coerced into handing off this data. This type of credential attack could happen with a compromised machine, without the victim ever realizing it in time. The fact that F-Droid treats this so casually is upsetting. Signed developer certificates protect you from MITM attacks, it does not protect you from the sources themselves being compromised.

Years ago, official development of an android app of syncthing was abandoned by the official developers. Most android users migrated to an already existing fork by a github maintainer catfriend1.

Catfriend1 unceremoniously disappeared, with their github repositories being taken over by a new user researchxxl. This was entirely unannounced and wasn’t really discovered until people with automatic updates enabled on *Obtanium noticed it.

researchxxl is not a known community member, and is being very reclusive when interacting with the syncthing community. Their github account was made specifically for the repository transfer, and their method of handling existing credentials is suspicious; looking no different than a hostile take over.

At this point in time, they are collaborating with Nexon, a user who worked with catfriend to publish syncthing fork builds to Google Play. They are more well known and trusted. If you can trust Nexon, and trust that end users in general are putting more scrutiny on the github source code after this whole situation, you can probably trust the recent releases for now.

Sorry for any details I may have gotten wrong. AFAIK, no one has taken the time to document all the things that have gone down. I would have linked to such a document otherwise. A lot of the discussion on this is happening in separate discussion threads, one of them being researchxxl’s github issue page, which they are censoring/deleting discussions from with(till recently) no oversight.

*Edit: this is also a poor summary. There is a lot of additional context that I don’t feel comfortable trying to encompass. Like why the official syncthing developers stopped their official android app, or catfriend1’s forum account coming back for a short time to try to explain their side of the story. Frankly, for how many people are using syncthing, I don’t think this story is getting enough attention.