More info:
https://developer.android.com/developer-verification
https://support.google.com/googleplay/android-developer/answ...
Personally...we all know the Play Store is chock full of malicious garbage, so the verification requirements there don't do jack to protect users. The way I see it, this is nothing but a power grab, a way for Google to kill apps like Revanced for good. They'll just find some bullshit reason to suspend your developer account if you do something they don't like.
Every time I hear mentions of "safety" from the folks at Google, I'm reminded that there's a hidden Internet permission on Android that can neuter 95% of malicious apps. But it's hidden, apparently because keeping users from using it to block ads on apps is of greater concern to Google than keeping people safe.
> we will be confirming who the developer is, not reviewing the content of their app or where it came from
This is such an odd statement. I mean, surely they have to be willing to review the contents of apps at some point (if only to suspend the accounts of developers who are actually producing malware), or else this whole affair does nothing but introduce friction.
TFA had me believing that bypassing the restriction might've been possible by disabling Play Protect, but that doesn't seem to be the case since there aren't any mentions of it in the official info we've been given.
On the flip side, that's one less platform I care about supporting with my projects. We're down to just Linux and Windows if you're not willing to sell your soul (no, I will not be making a Google account) just for the right to develop for a certain platform.
https://www.bitdefender.com/en-us/blog/hotforsecurity/hacker...
1. Most users do not use fdroid or APKs to download software. They download software from the play store.
2. Therefore almost all malware will target the play store.
3. Therefore most malware actively used comes from the play store.
4. Compounded, the play store does almost nothing to prevent malware and actively encourages certain types of malware like spyware and adware.
5. Compounded, Google gets a cut from each piece of malware sold on the play store or advertised on the play store, therefore they have no incentive to prevent malware in any significant way.
This isn't necessarily true even if you're right on all the other points. Even if most malware is on the Play Store, it can still be true that, out of the Android users that DO get malware (or rather, those that actually report malware to Google), most of them got it from outside the Play Store.
It can be true that a minority of users get any malware at all because Play Store is safe, but most users in that minority get malware because they are open to using apps from outside Play Store.
If Google is making this change in service of safety, they would protect a large chunk of that minority, by verifying apps downloaded outside Play Store. If it's necessary for Google to help these users, this change is not "completely unnecessary".