They are signed, though. Just not by Google.

viktorcode · 2025-10-15T17:50:36 1760550636

Signed by any non-authorised signature is the same as unsigned from security perspective.

natch · 2025-10-13T18:25:23 1760379923

“Running binaries signed either by yourself or by whoever wants to spy on you.”

That last part there is the problem.

RedComet · 2025-10-13T20:52:35 1760388755

Let's ignore all of the preinstalled programs, which are signed by Google and do a great deal of spying.

Do you think the 100 most popular F-Droid apps do more spying than the 100 most popular Play store apps?

natch · 2025-10-13T23:21:44 1760397704

No, that’s a straw man. The popular ones are not the concern.

RedComet · 2025-10-14T00:35:35 1760402135

A straw man in your favor, maybe. Shall we compare the 100 least popular of each store?

Those are more likely to be outright malware on Play.

natch · 2025-10-14T01:13:10 1760404390

The popularity in app stores has no bearing. Some problem apps can be on no store, just locally installed. This has been well covered in the past and you are playing catch up. It’s about abusive household members who spy on their grown children, siblings, roommates, girlfriends, parents, etc. with apps they install on their devices if given a route to do so.

RedComet · 2025-10-14T16:18:32 1760458712

The sideloading change doesn't protect against abusive household members, though. Simple lock screen hygiene and periodic reminders about invasive permissions (e.g. accessibility & location) would do more. And let us not even pretend that is the true motivation for the change. An incidental consequence that you find defensible is simply that.

grep_name · 2025-10-13T19:05:52 1760382352

It's an excuse. Give me the option to install the software I see fit. Period.

generic92034 · 2025-10-13T19:22:22 1760383342

Is this not a meaningless differentiation if Google does no assume any responsibility for apps on the Play Store?