The infuriating part is that chain-of-trust certificate signing has been a fundamental part of the web for decades. It would be trivial for Google to allow third party signing authorities, for the benefit of people who aren’t comfortable handing over all their personal details to Google.
The only reason they’ve chosen not to is because protecting users isn’t as important to Google as sucking up all that sweet sweet verified personal data.
I don’t think it’s about the data. There’s not much volume here. I think instead it’s about blocking apps they don’t like. Like some pesky ad blocking apps for YouTube. They know more people would reach for YouTube adblockers as they keep increasing the ads on the free tier as well as the price of the Premium tier. The way to prevent that is to make it extremely difficult to install such apps.
Do you think they won’t have a provision to revoke developer’s signing keys for reasons they determine? If they don’t, the whole malware-fighting angle would be meaningless. Once developer’s keys are revoked, their apps become uninstallable on Android that ships with Google apps. They could also easily uninstall apps signed with revoked keys.
I assume they’ll do this using chain of trust where they give signing keys to verified devs so that the apps don’t have to be signed by Google, but Android can still check if an app was signed by a Google-issued key.
Is that right!?
Giving up the app signing keys would allow Google to publish anything in your name. This sounds like a nightmare.
Surely there could be some equivalent to DNS confirmation by adding a key provided by Google to a txt record (or the signed app)
The infuriating part is that chain-of-trust certificate signing has been a fundamental part of the web for decades. It would be trivial for Google to allow third party signing authorities, for the benefit of people who aren’t comfortable handing over all their personal details to Google.
The only reason they’ve chosen not to is because protecting users isn’t as important to Google as sucking up all that sweet sweet verified personal data.
I don’t think it’s about the data. There’s not much volume here. I think instead it’s about blocking apps they don’t like. Like some pesky ad blocking apps for YouTube. They know more people would reach for YouTube adblockers as they keep increasing the ads on the free tier as well as the price of the Premium tier. The way to prevent that is to make it extremely difficult to install such apps.
deleted by creator
Do you think they won’t have a provision to revoke developer’s signing keys for reasons they determine? If they don’t, the whole malware-fighting angle would be meaningless. Once developer’s keys are revoked, their apps become uninstallable on Android that ships with Google apps. They could also easily uninstall apps signed with revoked keys.
I assume they’ll do this using chain of trust where they give signing keys to verified devs so that the apps don’t have to be signed by Google, but Android can still check if an app was signed by a Google-issued key.
E: Looking at this it says:
So you give your keys and I suppose they allowlist that package and keys. That means they’ll be able to revoke individual apps as well as dev keys.
Is that right!? Giving up the app signing keys would allow Google to publish anything in your name. This sounds like a nightmare.
Surely there could be some equivalent to DNS confirmation by adding a key provided by Google to a txt record (or the signed app)
The pub key could be enough to check if an app was signed with the private key.
Code signing is expensive, and will force out some smaller devs from the market, and is the main scare tactic Microsoft is using on Windows.
plus using it to train an AI