惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

罗磊的独立博客
Forbes - Security
Forbes - Security
Blog — PlanetScale
Blog — PlanetScale
P
Proofpoint News Feed
Apple Machine Learning Research
Apple Machine Learning Research
Google DeepMind News
Google DeepMind News
MyScale Blog
MyScale Blog
GbyAI
GbyAI
B
Blog RSS Feed
S
SegmentFault 最新的问题
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
小众软件
小众软件
The Last Watchdog
The Last Watchdog
W
WeLiveSecurity
Webroot Blog
Webroot Blog
S
Security @ Cisco Blogs
Hugging Face - Blog
Hugging Face - Blog
Microsoft Security Blog
Microsoft Security Blog
月光博客
月光博客
博客园 - 聂微东
F
Fortinet All Blogs
H
Hacker News: Front Page
A
About on SuperTechFans
Application and Cybersecurity Blog
Application and Cybersecurity Blog
C
Check Point Blog
V
V2EX
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Y
Y Combinator Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
N
News | PayPal Newsroom
Cisco Talos Blog
Cisco Talos Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
The Cloudflare Blog
P
Privacy & Cybersecurity Law Blog
N
Netflix TechBlog - Medium
C
CXSECURITY Database RSS Feed - CXSecurity.com
Recorded Future
Recorded Future
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
Google DeepMind News
Google DeepMind News
大猫的无限游戏
大猫的无限游戏
美团技术团队
Security Latest
Security Latest
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
I
InfoQ
Recent Announcements
Recent Announcements
The GitHub Blog
The GitHub Blog
Google Online Security Blog
Google Online Security Blog
T
The Exploit Database - CXSecurity.com

Danb Blog

Cheaper Sodastream Gas with a Big Tank June 2026: What I've Been Working On · Danb Blog Running Snyk On Forgejo/Codeberg Actions · Danb Blog Tuta & Proton: An Open Source Client Does Not Result in an Open Source Service · Danb Blog May 2026: What I've Been Working On · Danb Blog 3D Printing Parts for my Greenhouse, Round 2 · Danb Blog Great Devices: Nexus 7 2013 · Danb Blog R36S Console RetroArch Stuck Menu Issue · Danb Blog April 2026: What I've Been Working On · Danb Blog Basic OpenCode Sandboxing with Docker · Danb Blog Games Played in 2025 · Danb Blog March 2026: What I've Been Working On · Danb Blog Shivam Mathur's "node-docker" Images are Awesome for PHP CI · Danb Blog February 2026: What I've Been Working On · Danb Blog Your BookStackApp project was assigned as a project for my Software Architecture course · Danb Blog My Sovol SV08 3D Printer Setup in 2026 · Danb Blog January 2026: What I've Been Working On · Danb Blog Epson Printer: The administrator password you entered was not recognized · Danb Blog Pressure to Follow Process · Danb Blog Online Shopping Email Notifications · Danb Blog My HomeLab Setup in 2026 · Danb Blog Linux Label Printing with the Phomemo D30 · Danb Blog OPNsense & Dnsmasq: Responding with specific DNS servers · Danb Blog An Impromptu Introduction to ZFS Drive Replacement at 1am · Danb Blog Experience with UK Medical Cannabis for Ankylosing Spondylitis · Danb Blog Copyright Takedown for Linking to the "State of Open Source" Report · Danb Blog No, Gumroad Did Not Become Open Source Today · Danb Blog Scripting Monitors (KDE on Fedora) · Danb Blog Amber flags in Open Source & Self-Hosted Projects · Danb Blog LLMs are Directing Open Source Licensing · Danb Blog Games Played in 2024 · Danb Blog Beware of Poison in the Source · Danb Blog Common Misconceptions of the AGPL · Danb Blog Adapting GitHub action PHPUnit tests for Codeberg/Forgejo · Danb Blog Lessons from the Allotment · Danb Blog Futo, Please don't attempt to create your own Open Source Definition · Danb Blog Material You (Dynamic/Adaptive) Colors in Legacy Android Apps · Danb Blog Scripting Monitors (Gnome & Wayland on Fedora) · Danb Blog Retaining a Greenhouse Roof with 3d Printing · Danb Blog Games Played in 2023 · Danb Blog Lessons From Growing Food Indoors · Danb Blog Why the Distinction Between "Open Source" and "Source Available" is Important · Danb Blog Raspberry Pi Camera Module 3 Timelapse · Danb Blog Removing the Rear Seats on a Volvo C30 · Danb Blog Reporting Google's WEI to the CMA · Danb Blog Controlling Default GRUB Boot Option via USB · Danb Blog Creating a Video Home for FOSS Projects · Danb Blog Paying for Search · Danb Blog My Favourite Static Site Deploy Method · Danb Blog PhpStorm (JetBrains IDE) 2023 Linux Scaling · Danb Blog Synology Hibernation with Active Backup for Business and Tailscale · Danb Blog My 2023 HomeLab Setup · Danb Blog Redefining Open Source via "Commercial Open Source" · Danb Blog Moving to Mastodon · Danb Blog Gaining Sponsors · Danb Blog "This is a Low Maintenance Project" · Danb Blog Upgrading my CPU, Ryzen 2600 to 5800x · Danb Blog Migrating Google Photos to my Personal NAS · Danb Blog Scheduling Proxmox Storage to Reduce Disk Activity · Danb Blog Why the Term "Open Source" is Important · Danb Blog Lessons From Working for Myself (9 Months In) · Danb Blog Misrepresenting Open Source for Business Benefit · Danb Blog Cat Images in WebP · Danb Blog My 2022 Workstation Setup · Danb Blog Leaving my Job to Focus on Open Source (For a bit) · Danb Blog Quickly Getting Placeholder Images With Unsplash Source · Danb Blog A Thanks to Laravel for the LTS Releases · Danb Blog A Quick Overview of Unix-Style Permissions · Danb Blog The Power of currentColor · Danb Blog Dealing With Ankylosing Spondylitis Flareups · Danb Blog Hugo Verbose Dates With Suffixes · Danb Blog
Reporting to the CMA: Google Android Developer Verification · Danb Blog
2025-09-18 · via Danb Blog

Recently Google announced a further push of its developer verification, in which it states that all apps on “certified Android devices” will be required to have developer verification. This includes apps which are distributed via other means like F-Droid or manual download, so goes far beyond the scope of their own distribution platform.

To become verified, developers would need to provide their personal details which includes uploading a “government-issued identity document”. They will also need to pay a fee, requiring a Google payments profile. Business will face additional requirements which include a website address, a D-U-N-S number, and to be verified in the Google Search Console.

This is a massive leap in control, further centralising approval power to Google across the entire Android ecosystem while cementing themselves as the ultimate gatekeeper of what users can run on their own devices, all under the guise of security. This is a further step away from an open ecosystem, while being harmful to any platform competition & innovation.

Personally I’ve been going through the process of adding my apps to F-Droid, worried about being able to keep up with the increasingly tricky & burdensome Play store requirements, while allowing an avenue of access that’s not reliant on Google. Yet even then, it would remain reliant on Google for everyone on standard non-modified/rooted/official devices.

As with their Web Environment Integrity a couple of years ago, as a UK resident I feel my best bet to counter this is via the Competition & Markets Authority (CMA).

I have submitted a report to the CMA, the contents of which you can see below. If you’re in the UK, and care strongly about open platforms, I’d advise you to also report this which can be done here.

Report

Note: I wrote this up quite quick, it could be a lot better but I’m not sure how much extra detail actually helps for these kinds of reports. The main thing really is just to bring this kind of thing to the CMA’s attention.

Google are introducing required developer verification for Android applications, including those which are installed outside their own Google Play Store: https://android-developers.googleblog.com/2025/08/elevating-android-security.html

This further centralises control of the wider Android platform to Google, allowing them to act as a gate-keeper even beyond their own means of distribution. These changes also impact the ability for alternatives to innovate and survive since to engage with the existing large Android market they’d still be requirement to interact with Google, and agree to their terms/requirements. I’m also confident these requirements would also play into the integrity checks that are becoming increasingly used by applications, which would further tie a range of applications down to just Google’s approved ecosystems, and thus make it harder for alternatives to thrive.

I believe it’s in the interest of the UK public, business competition, and the UK’s own tech sovereignty that such platforms which are so engrained in society are made more open and diverse rather than being further controlled & monopolised by few US tech firms.