Google Starts Blocking 'Uncertified' Android Devices From Logging In

Google logins on unlicensed devices will now fail at setup, and a warning message will pop up stating "Device is not certified by Google," reports Ars Technica. "This warning screen has appeared on and off in the past during a test phase, but XDA (and user reports) indicate it is now headed for a wider rollout." From the report: While the basic operating system code contained in the Android Open Source Project is free and open source, Google's apps that run on top of Android (like the Play Store, Gmail, Google Maps, etc.) and many others are not free. Google licenses these apps to device makers under a number of terms designed to give Google control over how the OS is used. Google's collection of default Android apps must all be bundled together, there are placement and default service requirements, and devices must pass an ever-growing list of compatibility requirements to ensure app compatibility. Android distributions that don't pass Google's compatibility requirements aren't allowed to be called "Android" (which is a registered trademark of Google), so they are Android forks. The most high-profile example of an Android fork is Amazon's Kindle Fire line of products, but most devices that ship in China (where Google doesn't do much business) fall under the umbrella of an "Android fork," too.

While Google's Android apps are only properly available as a pre-loaded app (or through the pre-loaded Play Store), they are openly distributed on forums, custom ROM sites, third-party app stores, and other places online. When a non-compatible device seller (or a user) loads these on a device, they can potentially trigger Google's new message at login. The message pops up when you try to log in to Google's services, which usually happens during the device setup. Users who purchased the device are warned that "the device manufacturer has preloaded Google apps and services without certification from Google," and users aren't given many options other than to complain to the manufacturer. At this point, logging in to Google services is blocked, and non-tech-savvy users will have to live without the Google apps. Users of custom Android ROMs -- which wipe out the stock software and load a modified version of Android -- will start seeing this message, too.

interesting

[gravewax]

Geez they are really doing their absolute best to piss off and alienate their core fanbase.

Re:interesting

[CaptainDork]

The core fanbase buys legitimate stuff.

Re:interesting

[Jonathan+C.+Patschke]

Geez they are really doing their absolute best to piss off and alienate their core fanbase.

They learned from Apple that it's a totally safe an profitable thing to do if you have a "golden parachute" in another market.

• Apple did it to the educational customers in the 1980s and early 1990s.
• Apple did it to the publishing/print customers in the 1990s and early 2000s.
• Apple did it to the audio/video content creators in the late 2000 and early 2010s.
• Apple did it to the nerds shortly thereafter.

Now, with their not trying to sell to nerds and professionals (apart from iOS developer systems), Apple's more profitable than ever. They learned how to milk a market for what it's worth so that you can get into a market where the money's better, the effort less, and the users still desperate. When the old market is sick of you, you don't need them anymore.

Apple will do just fine until they lose touch with what consumers feel is shiny and exciting; then they'll be as relevant as Westinghouse and Sears.

Fear not, fellow nerd. There will be plenty of other companies who will make shiny things for us for the limited time before our usefulness wears out.

Re:interesting

[Jonathan+C.+Patschke]

s/Apple will do/Google will do/

Re:interesting

[belg4mit]

Did you miss the part about custom ROMs? I have a legitimate Galaxy Tab 10.1 which Samsung no longer supports, am I supposed to stick with Honeycomb forever?

Re:interesting

[SumDog]

No you're suppose to run adb shell and get out the insanely long hex code and type it in by hand, cause Google says, "fuck you."

Re: interesting

[cas2000]

Yep, asinine, to put it mildly.

Also, they're free services and apps that you can't fucking uninstall even if you want to - the best you can do is revert all upgrades to the installed but unwanted google app.

To avoid having the google's cpu/ram/bandwidth-stealing spyware shit (like the Youtube app) on your phone or tablet, you have to root it, flash it with Lineage or something, and use microG rather than Google Play Services.

Which is why this google announcement is both a good thing and a rare instance of google shooting themselves in the foot. With luck, it will spur further interest in and development of google-free libs like microG.

ps: unicode is fucked here on slashdot. if you can't get your phone or whatever to use plain single-quotes instead of "smart" quotes, then just drop the apostrophes entirely. nobody will care - missing apostrophes are at least readable - and far better then "butchers apostrophe's" (which nobody seems to give a fuck about either).

Re: interesting

[nightfire-unique]

and a rare instance of google shooting themselves in the foot

Where have you been the past 5 years? Google Plus? :p

Re:interesting

[TheRaven64]

Do you not have working copy and paste on the OS that you use to run adb?

Don't be evil

Unless its us. Then fuck you.

Re:Don't be evil

M$ just made mediocre software.

Obviously your knowledge of Microsoft's past behavior is very limited.

Microsoft for years bought competitors and then killed the company they had bought. Microsoft's behavior should have been much more closely scrutinized than it was, by the Antitrust section of the Justice Department. Of course, Microsoft's money most likely enabled it to buy "cooperation"
from legislators, such that Microsoft was not examined more closely by the authorities.

NB : getting away with bad conduct does NOT mean that conduct was any less reprehensible.

Ha Ha to those who thought you had no wall

[SuperKendall]

Delightful to find that people have finally started to realize that all mobile ecosystems are a walled garden, if you thought it didn't have a wall you just didn't look.

Only a matter of time

[110010001000]

It is only a matter of time before ISP's and mobile phone carriers start doing this too. Eventually you will only be able to connect to networks using "approved" devices manufactured by the handful of megacorporations that control the Internet. Of course, no one here thinks this can happen, but think of the children! And the terrorists, and the terrorist children...

Re:Who needs Google?

[cheesyweasel]

Yeah but to get the actual APK you can use stores that trick google into thinking it's a particular device to get the apk from google play store directly. For example, I want to play minecraft on the nvidia shield tv, but it isn't supported on play store, so I use a third party play store client to trick it into thinking it's a Nexus 9 or something compatible with the shield's processor. It's safer than trusting some dodgy apk site (I think?).

Re:This is a good thing

[SumDog]

But they already allow that. HTC, Samsung, etc. are just SoCs and memory slapped together with random chips connected to random pins. There are no standards for Google devices. They don't give a shit because it forces you to buy a new Google device ever two years in order to get upgrades.

At least Microsoft forced all their phones to support UEFI+ARM. Too bad their boot loaders are locked.

Not the end of the world - It's their Trade mark

[FeelGood314]

Almost everything in Android is open source or was. The barrier to entry for is not that large that another company can't fork what is already out there and create a smart phone. Google is just asserting
1) that if you want to call something Android you have to pass their tests
2) if you want to run some of their apps, those apps expect to run in an environment that passed the Android certification

At this point it is more about quality control and user experience than it is creating a walled garden. I'm sure you can create a fork that is even better than Android but unless Google has tested that it's at least as good as some minimum standard you can't call it Android. I don't see how this is a big deal.

Custom ROM users can still use GApps

[swillden]

As described in the XDA link, custom ROM users aren't shut out. Individual users can request whitelisting of up to 100 devices, and makers of custom ROMs can also contact Google to get their standard images approved by default.

Re:Custom ROM users can still use GApps

[Da+w00t]

Every time I've tried using the whitelisting link, I get an error message that pops up, and disappears at the bottom of the webpage: "Uh oh, something went wrong. Please try again later."

Since it's been difficut to track down how to get your android device ID, here's how over ADB:

$ adb shell settings get secure android_id
214d54464e505921

The sequence of hex digits above is your android device ID.

Re:Custom ROM users can still use GApps

[swillden]

I guess the main problem is that so many apps are tied deeply to the GApps/Play Store API's.

I think that will change in coming years. A lot of functionality has been added to play services rather than the platform because of the difficulty of updating the platform. If project Treble is successful and updates become easy and fast, then that trend will reverse. Not all of it, of course, because some of those play services APIs are tied to Google cloud services which are not easy to replicate.

Wrong solution

adb shell content query --uri content://settings/secure --where "name=\'android_id\'"

adb shell content delete --uri content://settings/secure --where "name=\'android_id\'"
adb shell content insert --uri content://settings/secure --bind name:s:android_id --bind value:s:

So there's going to be tons of apps to set your android_id. It's not going to stop many people from getting gapps, but it may well result in people having borked android_id's on previously "certified" phones.

IMO opinion would have been better to block access to gapps until the user acknowledges usage of uncertified device along with the obligatory "You may be insecure and apps may not work properly...." message.

What are you talking about?

[rsilvergun]

I can side load all I want on my Android. What I can't do is use google's apps without their permission. Moreover vendors don't get to sell a phone with google apps without their permission; which so far seems to be meeting minimum standards for compatibility to prevent fragmentation.

Hell, if you RTFA google left a back door in. It's a pain in the ass to use (You have to get your Android Id) but it's there. And if you're an enthusiast running your own roms it's not a big deal. It's just not something that a company selling an Android phone can expect their customers to do.

This has nothing to do with walling the garden. This has to do with protecting the Android brand.

Re:What are you talking about?

[AmiMoJo]

Google is actually responding to customer demand. They get attacked for not providing updates to Android, so they make Google Play Services able to apply updates and keep them flowing. But that means also specifying some minimum requirements for Play Services, to prevent patches bricking weird devices with strange custom OSs.

Of course, if you are an enthusiast who installed Lineage or whatever, you can self-certify and take on that risk yourself. If it goes wrong, you complain on xdadevelopers, not to Google.

But now that they have actually taken steps to keep everyone updated and safe, it's evil.

Re:Who needs Google?

[gaiageek]

If your phone "can't do anything" without Google apps and the Play Store, then I think you don't know how to download and install an APK.

I've used an Android phone without the Google apps installed for the past couple months. I installed the handful of apps I needed (using either F-Droid, a downloaded APK, or restored via Titanium Backup) and it's worked fine. Actually, better than fine, because the phone is more responsive without the Google suite installed, which I chose to try going without because I think it's become massively bloated.

This isn't to suggest that most people would be willing to jump through the necessary hoops to make it work, as I agree they wouldn't. I just think your suggestion that an Android phone without the Google apps and Play Store is useless, and "you migh tas well use a flip phone", is being overdramatic.

Nothing to do with fans...

[TheEyes]

If /. had bothered to read through the entire article, they'd have gotten to the important bit:

We've actually been unknowing victims of illicit Google app distribution here at Ars before. We once imported a Xiaomi Redmi 3 smartphone from China to review, and, upon booting it up, we were very surprised to find it came with the Google apps pre-installed. As a device from China, this should not have happened. After we posted the review, Xiaomi contacted us with some very scary news: "The Redmi 3 should not come with Google Play pre-installed because it is a China-only product." Xiaomi told Ars. "It is very likely that the Play Store you saw was preinstalled by the importer/seller. This is a very common practice with the unauthorised importers."

This would mean the reseller opened our phone, unlocked the bootloader, flashed on a new ROM with Google Play, re-locked the bootloader, and stuck the phone back in the box. There was no obvious evidence that our device had been tampered with, and, while hopefully the seller only installed Google apps, they could have just as easily loaded malware onto the device. A message like this during setup would have been a big red flag that something was wrong.

This is what Google is trying to fight against here: man-in-the-middle attacks by people selling / re-selling Android devices with pre-loaded malware or spyware. Custom ROM installs are getting hit because they're basically middle-ware too; the difference is that this is stuff that the end-user is specifically authorizing, so there's a workaround to let you install it if you want to.

Re:Who needs Google?

[Mal-2]

Doesn't the Real APK require that you do everything with hosts files?