The ability to sideload APKs is the single thing I appreciate most about Android vs iPhone. I don't use it often; the main app I sideload is Mendhak's GPS Logger. (He finally gave up trying to comply with the Google Play Store's changing restrictions on location trackers.) But it's nice to be able to install the software I choose to on my phone without having to have Apple or Google's approval.
Unlike iOS there's no complicated jailbreak required, I can't remember if you even have to enable developer mode (an easy supported thing). And there's a reasonable ecosystem of safe alternative app stores. F-Droid mostly, APKMirror also comes in handy for things that have disappeared.
I understand the value of a curated app store. I get the benefit of that too on Android! But it's nice to have an override in the cases it's needed.
Sadly Android is becoming more user-hostile all the time. For example there are fewer and fewer devices that will give you root access. Imagine buying a PC and finding the manufacturer decided you can't have access to an administrator account.
I'm looking at Wikipedia page of most sold Android devices ( https://en.m.wikipedia.org/wiki/List_of_best-selling_mobile_... ).
We've got Samsung, Xiaomi and Huawei devices. Samsung and Xiaomi are root able (as far as I know without issue, having 4 Samsung devices in my collection, though sibling says otherwise). Only Huawei isn't (and it's actually much lower than Samsung and Xiaomi).
I'm speaking only of root ability without security flaw (Huawei had some.), Since we're discussing user hostility
That being said, there is one feature that is user hostile with regard to owning your software, it's contactless payment. Contactless payments all require stupid security requirements, that the community well knows how to circumvent (so it doesn't provide any actual security), but are pretty annoying for the user. I would guess Google isn't to blame there (even though GPay does have this anti-feature just like all other services, and Google being more monopolistic manage to make it even more annoying. But still insecure)
Rooting nexus and pixel devices makes them unable to be updated directly, so you need to update them via fastboot/adb and with a cable + root again with every update
Just flash something like LineageOS, which has a built in updater that works seamlessly.
It's not surprising that making changes to an OS designed for delta updates and an immutable OS partition breaks updates. That's just how the technology works; the solution is to use an OS that is designed for that kind of use case. Root patches for original vendor OSes are never a particularly clean or secure experience.
To my knowledge every Samsung can be rooted with Magisk, but at the cost of losing Knox, which makes a bunch of apps relying on biometrics go bonkers - Telegram, Chrome and the unlock screen work, but some banking apps outright crash or lose their data, even with "SafetyNet Fix" - they are expecting the presence and usability of Knox vault.
For Google's Pixel lineup, the situation is similar.
The really problematic stuff are Huawei (which can't be rooted at all with something trustable and open source such as Magisk), Xiaomi (these need to flash a custom recovery first, IIRC) and all the fly-by-night ops that don't have any kind of support other than hoping for a web/apk exploitable bug (I believe KingoRoot is using that method, but since it's closed source I wouldn't use it!).
Only Exynos-based Samsung handsets can be easily rooted, which requires unlocking their bootloader. An exploit exists for Snapdragon based devices running Android 10 and below but it's a paid service and isn't cheap. To complicate things, Exynos based galaxy devices will lose access to the AT&T network and every sub-carrier that operates on it in February when AT&T adopts a whitelist model.
Ah but that's only for voice calls, right? Would it still be possible to connect for data?
I personally hardly use regular voice anymore. Some months I have 2 to 3 minutes, most of my calls are over WhatsApp or Teams :) I don't think I've had more than 10 minutes on my bill for years.
Also, 5G is coming and I hope they finally standardised the voice part well enough and don't make the same mistake as VoLTE. However I haven't really looked into that.
Hmm that's bad for roaming. At least there's more networks and as a roamer you're not bound to a specific network. But it does raise a problem once more networks start doing this.
While it is bad it is still not as restrictive as Apple policies. Even at non-rooted device you can side-load APKs. Rooting device gives you an extra level of freedom of loading custom OS. This is something none of iOS device never had officially.
What on earth is "curated" about the Google Play store? It is the most spyware ridden, spam filled "store" I've ever had the displeasure of using.
If I need an utility app, I now just look for it on F-Droid. Need something to track AirPods charge? You can find the original open-source app for it on F-Droid, or download one of 100 ad-filled, GPL-breaking clones of it on Google Play.
As someone who is beginning to really dislike both Google and Apple, is it possible to buy/use an Android phone without the Google store where you only sideload software?
Totally ungoogled you won't have the google service layer, if you still want to use some proprietary apps, it is possible but some won't work. The biggest constraint is often push notifications not working.
As an alternative you can use microg [1] which is a client side re-implementation of google services. Some part uses alternative service as backend, some will use google though, like push notifications.
Side loading can have its limitations has you need to find sources for APK that you can trust.
The best non google store is f-droid [2] in my opinion, all open source and build reproducible.
If you need some proprietary apps from google store, you can use the client Aurora Store [3] which still sources app from google play store.
In term of buying a phone with most of that, /e/ does sell phones with android + microg + their own store [4]
Otherwise plenty of phones allow to easily replace the operating system. You can look for phones supported by lineageos which comes with no google apps. [5]
Another option: you can choose not to sign in to Google play. And just use other app stores. This limits Google's data collection somewhat as they don't know your account.
It's not as good as micro g or a completely ungoogled phone but the benefit is you can use manufacturer roms with all security features like bootloader locking turned on.
I do this with my OnePlus as I don't like leaving the bootloader unlocked. Anyone can pull a disk image off it through recovery then.
Another benefit of this is that Google play services like location and push still work, they don't require an account. But you do give up extra privacy compared to the other options.
There are grapheneos and calyx which do allow bootloader locking but they only work on pixel phones and those are really poor value for money IMO (expensive but still having fingerprint on the back, midrange soc etc). And really hard to get in Europe now. The 5a 5G is not coming here and probably the 6 isn't either.
So this is why I ended up with this option. At least Android has a wide spectrum of choices. With Apple it's take it or leave it.
> The biggest constraint is often push notifications not working.
A massive problem, but the UnifiedPush project is trying to change that with an open spec for push notifications.
This is why I don't understand how Microsoft can't compete in the mobile market. They could be successful just by using AOSP with Office and an alternate app store that doesn't screw developers and users.
I'm pretty sure MS would like to push the same kind of limitations, take the same cut etc. They really saw a cloud of dollars went they went all in with Tablet design in Windows 8 and UWP etc.
They're coming back from that now because nobody wanted it but I don't doubt they still want to create their own walled garden. It's free money off app sales, control that gives them leverage over their customers and develops, data which they love (they're always pushing telemetry).
I don't really see what's in it for them to make a really open store.
Feels like a chicken and the egg problem: no one is buying Android phones without Google Play Store (except in China, which has no Google Play Store), so no developers are releasing apps for it.
Look at Amazon App Store, and it's failed Fire Phone. Amazon has cornered the market on low-end tablets with it and people still try and install Google Play Store on it. And according to Epic's lawsuit, Google has been actively preventing hardware manufacturers from packaging alternative app stores with products.
Yes. Completely.
Never sign in.
Never allow any Google install on original boot..
Disable all Google at that time.
Pre copy fdroid into SD card ahead of time. Also can copy on, a collection of already downloaded apks.
Don't forget the keyboard apk. You need that one almost first, so you can enter letters into fdroid.
Then you may also use other apk sites than fdroid - which are good, just not as verified.
You may miss some Google layers or other so called "ease of use."
I don't.
With one or two exceptions, I only install Google software on my Android phone. Since I'm already on their platform, I don't guess that makes me any more open to their data gathering. And I don't trust any of the other apps.
Unlike iOS there's no complicated jailbreak required, I can't remember if you even have to enable developer mode (an easy supported thing). And there's a reasonable ecosystem of safe alternative app stores. F-Droid mostly, APKMirror also comes in handy for things that have disappeared.
I understand the value of a curated app store. I get the benefit of that too on Android! But it's nice to have an override in the cases it's needed.