This article isn't about the installation of regular apps. The "sideloading" it's referring to is the option to use the "adb sideload <OTA file>" command when booted into recovery mode to install OS updates. The functionality being removed is being able to install a proper OEM-signed OS update from a local file.
Note that this menu item was not used to install Android apps, which is what people often mean by "sideloading", especially with all the discourse around Google's new developer verification requirements. This menu item was used to manually install an OS update from a .zip file and already required that file to be signed by Samsung on locked devices.
On unlocked devices, you can install your own recovery that still has the option. So the removal doesn't prevent too much in practice. That ship sailed when Samsung stopped allowing bootloader unlocking on most of their phones.
That's still possible so long as you're on a version of OneUI 8 that allows downgrading to OneUI 7. I did that and then patched the OneUI 8 firmware with Magisk and substituted the new bootloader for the old one and it works. Literally did this like in the past 2 days. Didn't even have the time to sound like a conspiracy theorist.
Old versions of Android do not comply with OS age-checking regulations in California, Brazil, and elsewhere. Samsung face legal repercussions including fines if residents of such jurisdictions are allowed to run an old OS. Yes, the laws apply to entities outside the borders of the territory.
Oh but it is. If you are an operating system provider and you make available an OS that does not have age verification, the State of California can sue you for $7500 for each instance where a resident of California who is a minor uses that OS. If you allow OS downgrades to a previous version, you could still be liable.
Not surprising for Samsung to do this. Hacking on their devices (which are second to Apple at a hardware level) went downhill fast after they implemented eFuse-secured bootloaders.
What's interesting is that they tried hard to cater to the tinkerers before going in this direction. They "bought" (acqui-hired) CyanogenMod, contributed to open-source and had developer builds of their ROMs. I think they even had clean AOSP builds with the HAL and ABIs for their hardware baked in at some point. SafetyNet made it realistically impossible to daily a rooted phone in 2026 if you want to use banking, healthcare or most music apps, so it's safer for OEMs to tighten the screws on access to their hardware in kind.
My take is that they saw all of this as a risk to profits they could make from catering to regulated industries who would deploy their hardware en masse. It also didn't make sense to continue this investment after banks and healthcare put pressure on Google to step up privacy in Android, especially after Apple implemented Secure Enclave.
It's a pyrrhic victory regardless, in my opinion. If you're going to run a super-locked down Android device, you might as well go all-in with Apple. Their hardware ecosystem is better, their cloud services are better, they get first-priority for mobile apps, you get Blue Bubble Benefits, and their support (in-store and online) is on another level. Even MDM is better with Apple devices (through iOS Profiles). Shoot, even privacy-minded folks are better off on iOS with Lockdown mode.
Android is still more open, you can side load apps. For example I like newtube and revanced, it's easier to sync local files like when using syncthing.
AnkiDroid is a fantastic app.
I can use extensions in Firefox, and real alternatives browsers.
If android gets so locked down so it's almost as using an Apple phone, I'll use graphene or just stop using a smartphone altogether.
I recently switched to iOS and found alternative for those. For YouTube without ads and background playback you can use Brave. For syncing files between devices AirDrop is easy and doesn't require internet. There is an official Anki app for iOS where AnkiDroid is a third party app. In regards to extensions Safari does support them, along with Orion, but I decided to forgo using them.
>real alternatives browsers
Using webkit as the underlying engine within the different browsers on the platform has provided enough customization. The parts I actually care about in regards to the browser are the parts actually handling the user experience and not the engine itself. Webkit has evolved enough that it is good enough for my needs at least.
What's annoying to me is that I have to use DavX for calendar synchronization and some apps still add events to the (apparently default) Google calendar even after I disabled Google Calendar app.
You get a general feeling that Android is half assed if you don't use a Google account. Adding tasks using Gemini voice assistant? Sure, but only if you use Google Tasks. And so on.
I moved to Android from iPhone and am actually considering going back for those very reasons. Super annoying to see these limitations, iOS was much more provider-agnostic.
I just tried to move to Android because it's more open. Was not prepared for the "open" OS to not have basic support for self-hosted calendars. Yes, contacts and calendar are a core OS level feature in 2026.
Yes DAVx5 exists, but Google Calendar was buggy with local calendars and DAVx5 actually didn't work reliably afaict.
Calendar.app is totally seamless with synology on iOS. Same with contacts.
Android was working overtime to make sure I use Google for everything. iOS isn't perfect but I don't have to jump through crazy hoops to be in control of my data.
Exactly that. It's mind-blowing, to be honest, because I hear Android fanboys claim the system is so much more open, when it reality it's a mixed bag: iOS is more open in some areas, Android in other, but it's not a clear-cut case at all. There's some hope in EU making them be more open, at least on some fronts, e.g. https://www.heise.de/en/news/Google-EU-demands-Android-be-op...
I've been self-hosting it for several years, with the entire thing (ntfy / UnifiedPush for calendar event updates, Radicale for CalDav & CardDav) working perfectly once background "optimization" is disabled
iOS was actually much worse - it happily synced to an ip address and port on the LAN, then failed silently and without error messages when using a VPN away from home.
> tried to move to Android because it's more open
At least we agree on this - AOSP is more open, but that's not what's on offer any more. Hell, Android Beam was AOSP, and super nice for transferring files. It's now "Google Share", with all the proprietary bullshit that implies, and NFC's utility crippled if you don't use Google Services.
OK, but don't you have problems with apps that add events to calendar transparentny? These add events to Google calendar here, not my self-hosted synced with DavX. Something I can't fix at all.
Also, do you use Gemini for adding calendar events and tasks?
I tried switching to graphene after frustration with the latest direction of iOS.
Yes I could use Firefox and ublock to get around YouTube ads, but it actually worked worse than using Orion browser on iOS to do the equivalent. The Pixel 10 Pro couldn’t manage 2x without audio stuttering even at 360p. My iPhone can do it with 4K YouTube video, not that I need that.
iOS natively supports self-hosted contacts and calendars. No hoops. Android needs a separate app that may or may not work (my experience: it doesn’t work and doesn’t give useful feedback when it doesn’t work).
The app quality is so much worse on Android I had to go back. No forward gesture in apps and browsers - insane omission. There are literally only two calendar apps on Android that allow touch-based event editing - Business Calendar 2 Pro (paid subscription) and the Samsung exclusive calendar.
How does a modern smartphone not ship with a decent calendar?? Or touch friendly web navigation?
The rendering engine of the browser is far down the list of priorities compared to supporting basic daily workflows.
No I’m comparing Apple Calendar to Google Calendar, Fossify Calendar, Simple Calendar, Etar calendar and literally every other calendar available in the Play and F-Droid stores.
There only two calendars in the entire Android ecosystem that support efficient use, one is a vendor lock in, the other is ugly as sin and requires a subscription.
As for web navigation, I’m comparing Safari to Vanadium and Firefox, neither are semi-abandoned.
> No forward gesture in apps and browsers - insane omission.
Supposedly it's there, but it's up to the app to support that gesture.
> Samsung exclusive calendar
I am actually still wondering whether Samsung isn't the way to go, they do make sure to allow you the choice of not having to use Google apps, so they have their own calendar app, their own AI app, etc. I am currently on Nothing phone which is full-on Google. Might give Samsung a try before I move back to iOS.
Android is the OS for the rest of the world. The people who need a smartphone, but cannot in good conscience pay what Apple is asking. A phone for the poorest 10% of the planet. A phone for those who don’t really think about what phone they should have.
Put in that context, it is not strange at all that your specific need is not met. All those people with Android, they don’t use a calendar to manage their lives. Maybe work forces them to use a calendar but that’s it.
You're right, but if you're already thinking about spending $1.5k on a phone that's super locked down, you might as well get an iPhone. That's my point.
For now. Google just waged war on sideloading. I think the current state of it is that adb will throw a warning with a cancellation timer before the sideload initiates. It's only a matter of time before we get an "update about sideloading in Android."
Though you're right in that Android will always have the upper hand in browser freedom. I definitely miss running real Firefox (with real extensions) on my phone. If only Snapdragon could provide anything close to A-series CPU performance.
End of sideloading means end of 95% of site visits for me, just because of the ads flood. Only HN and the like will survive. And I don't want to pay 4 digit sum for a phone that wholesale costs 30.
This is a load of BS. First off, SafetyNet is long dead and its replacement is called Play Integrity. Second, I'm currently on a rooted af Samsung Z Flip5 that can use banking apps just fine. My primary bank doesn't even block functionality if you use root, and all the others (except Revolut, which is a tough one) are easy to hide root from, and there's plenty of ways to pass even the strictest Play Integrity checks.
How do you get unrevoked keys? Searching around it seems like there aren't any public sources for said keys, and they're only available in semi-public telegram channels. Even then, it's a cat and mouse game, and the more popular the key, the more likely it'll get revoked.
I haven't used Samsung phones in a while. So I didn't realize that the situation got this bad. That's ample enough reason to continue the 'haven't used Samsung' part indefinitely. Yet another brand hits the do-not-buy list. But at this point, I think it's worth choosing a brand that explicitly supports reflashing and customizability, rather than taking a chance with all these leaches.
> Unfortunately that's a rather vanishingly small list now.
> I would not be surprised if, in a few years, these options are gone from all android devices.
I'm afraid, I agree.
> People mention GrapheneOS but that relies entirely on Google.
I really admire the developers of various AOSP distros for their tenacity, technical brilliance and empathy. But honestly, I don't see AOSP as a solution. It's a deliberately moving target that wastes their time in chasing down the shifting goal posts and hurdles. The only viable solution is to go for a fully open mobile OS, probably based on Linux or a BSD. There are two big difficulties here.
The first is as you mentioned, most devices are severely locked down and their internal details hidden behind NDAs. Getting even the basic set of drivers working is a challenge. The solution is to ask friendly vendors (like Fairphone) for support and then aggressively purse compatibility with them. I'm very much willing to restrict my purchase choices to vendors who agree to such collaborations. If this works, others will follow eventually - like what we've seen with Linux on desktops and laptops.
The second problem is the app ecosystem. It's a chicken and egg problem. You need customers for software vendors to support the platform. But you need a large software ecosystem to attract customers. At least some customers will have to forgo convenience in the beginning and put up with the limitations, in pursuit of a better future. Again, I'm willing. But I don't know if the entire community is big enough to make a difference.
Nevertheless, these are worthy goals to pursue. Once the basic framework is established, the rest of the ecosystem will progress rapidly, since the developers can focus on functionality rather than fighting the never-ending parade of capricious 'safety features'. I'm just tired of putting up with all the wanton consumer abuse by these infinitely greedy corporations.
The legality of this update is also dubious in the EU as they are remotely crippling the device bought without any prior information, warning or way to go back.
Goodbye Samsung anyways, I've been with them since 2013 but it's time to go now.
Right now, you can install F-Droid from an APK file without rooting the phone or installing a new boot loader. Google is threatening to take that capability away, via another mod. This seems to be part of a comprehensive program to keep the Google boot on the customer's face.
Also, currently, with difficulty, you can initialize a new unlocked Android phone without a Google account. Is that capability going away?
All these are related. This seems to be part of a comprehensive program to keep the Google boot on the customer's face.
The article does not say anything about F-droid. However, there was discussion about this a few months ago;
F-Droid and Google's developer registration decree
https://news.ycombinator.com/item?id=45409794
F-Droid warns that Google's new "Developer Verification System" will require all Android app developers, even those outside the Play Store, to register personal data and pay a fee to Google to remain installable. The project argues this mandate threatens the existence of free and open-source ecosystems like F-Droid by ending anonymous development and stripping users of the right to choose their own software.
So that is one threat to what we have now. Right now you can install an APK that you trust and have been using for years.
What the article does say is that Samsung is removing several core options from the Android recovery menu, including the ability to sideload updates via ADB or SD cards and the "wipe cache partition" tool. While the reason for this change remains unconfirmed, it appears to be a permanent security policy shift tied to the One UI 8.5 update and the February 2026 security patch.
So why does this matter? Well some users like nocturn9x [0] have been able to take back control of their devices by installing:
1. An Unlocked Boot Loader.
2. An Unlocked OneUI/ROM
3. And then F-droid style installs are not problem.
Specifically, you can still install your trusted APK if you perform these steps, own a device where the hardware eFuses have not been blown and decline "Play Protect" nag screens and OneUI updates.
superkuh | 19 hours ago
It's ", including installing software". Lets not let the enemy of general purpose computing define the framing of the discussion.
chenxiaolong | 19 hours ago
tchebb | 19 hours ago
On unlocked devices, you can install your own recovery that still has the option. So the removal doesn't prevent too much in practice. That ship sailed when Samsung stopped allowing bootloader unlocking on most of their phones.
nocturn9x | 11 hours ago
stavros | 11 hours ago
bitwize | 18 hours ago
deaux | 17 hours ago
SoftTalker | 17 hours ago
jimrandomh | 16 hours ago
bitwize | 14 hours ago
nunez | 17 hours ago
What's interesting is that they tried hard to cater to the tinkerers before going in this direction. They "bought" (acqui-hired) CyanogenMod, contributed to open-source and had developer builds of their ROMs. I think they even had clean AOSP builds with the HAL and ABIs for their hardware baked in at some point. SafetyNet made it realistically impossible to daily a rooted phone in 2026 if you want to use banking, healthcare or most music apps, so it's safer for OEMs to tighten the screws on access to their hardware in kind.
My take is that they saw all of this as a risk to profits they could make from catering to regulated industries who would deploy their hardware en masse. It also didn't make sense to continue this investment after banks and healthcare put pressure on Google to step up privacy in Android, especially after Apple implemented Secure Enclave.
It's a pyrrhic victory regardless, in my opinion. If you're going to run a super-locked down Android device, you might as well go all-in with Apple. Their hardware ecosystem is better, their cloud services are better, they get first-priority for mobile apps, you get Blue Bubble Benefits, and their support (in-store and online) is on another level. Even MDM is better with Apple devices (through iOS Profiles). Shoot, even privacy-minded folks are better off on iOS with Lockdown mode.
kelvinjps10 | 14 hours ago
charcircuit | 13 hours ago
>real alternatives browsers
Using webkit as the underlying engine within the different browsers on the platform has provided enough customization. The parts I actually care about in regards to the browser are the parts actually handling the user experience and not the engine itself. Webkit has evolved enough that it is good enough for my needs at least.
fsflover | 13 hours ago
wiseowise | 13 hours ago
cromka | 13 hours ago
cromka | 13 hours ago
You get a general feeling that Android is half assed if you don't use a Google account. Adding tasks using Gemini voice assistant? Sure, but only if you use Google Tasks. And so on.
I moved to Android from iPhone and am actually considering going back for those very reasons. Super annoying to see these limitations, iOS was much more provider-agnostic.
n8cpdx | 13 hours ago
Yes DAVx5 exists, but Google Calendar was buggy with local calendars and DAVx5 actually didn't work reliably afaict.
Calendar.app is totally seamless with synology on iOS. Same with contacts.
Android was working overtime to make sure I use Google for everything. iOS isn't perfect but I don't have to jump through crazy hoops to be in control of my data.
cromka | 8 hours ago
xethos | 5 hours ago
I've been self-hosting it for several years, with the entire thing (ntfy / UnifiedPush for calendar event updates, Radicale for CalDav & CardDav) working perfectly once background "optimization" is disabled
iOS was actually much worse - it happily synced to an ip address and port on the LAN, then failed silently and without error messages when using a VPN away from home.
> tried to move to Android because it's more open
At least we agree on this - AOSP is more open, but that's not what's on offer any more. Hell, Android Beam was AOSP, and super nice for transferring files. It's now "Google Share", with all the proprietary bullshit that implies, and NFC's utility crippled if you don't use Google Services.
cromka | 3 hours ago
Also, do you use Gemini for adding calendar events and tasks?
n8cpdx | 13 hours ago
Yes I could use Firefox and ublock to get around YouTube ads, but it actually worked worse than using Orion browser on iOS to do the equivalent. The Pixel 10 Pro couldn’t manage 2x without audio stuttering even at 360p. My iPhone can do it with 4K YouTube video, not that I need that.
iOS natively supports self-hosted contacts and calendars. No hoops. Android needs a separate app that may or may not work (my experience: it doesn’t work and doesn’t give useful feedback when it doesn’t work).
The app quality is so much worse on Android I had to go back. No forward gesture in apps and browsers - insane omission. There are literally only two calendar apps on Android that allow touch-based event editing - Business Calendar 2 Pro (paid subscription) and the Samsung exclusive calendar.
How does a modern smartphone not ship with a decent calendar?? Or touch friendly web navigation?
The rendering engine of the browser is far down the list of priorities compared to supporting basic daily workflows.
ForHackernews | 9 hours ago
You're comparing semi-abandoned AOSP tools with commercial Apple utilities.
n8cpdx | 4 hours ago
There only two calendars in the entire Android ecosystem that support efficient use, one is a vendor lock in, the other is ugly as sin and requires a subscription.
As for web navigation, I’m comparing Safari to Vanadium and Firefox, neither are semi-abandoned.
cromka | 8 hours ago
Supposedly it's there, but it's up to the app to support that gesture.
> Samsung exclusive calendar
I am actually still wondering whether Samsung isn't the way to go, they do make sure to allow you the choice of not having to use Google apps, so they have their own calendar app, their own AI app, etc. I am currently on Nothing phone which is full-on Google. Might give Samsung a try before I move back to iOS.
EDIT: although I can already see they have no CalDAV support, either: https://eu.community.samsung.com/t5/mobile-apps-services/sam...
philistine | 8 hours ago
Put in that context, it is not strange at all that your specific need is not met. All those people with Android, they don’t use a calendar to manage their lives. Maybe work forces them to use a calendar but that’s it.
layer8 | 7 hours ago
kelvinjps10 | 6 hours ago
nunez | 6 hours ago
poulpy123 | an hour ago
nunez | 6 hours ago
Though you're right in that Android will always have the upper hand in browser freedom. I definitely miss running real Firefox (with real extensions) on my phone. If only Snapdragon could provide anything close to A-series CPU performance.
tsoukase | 5 hours ago
nocturn9x | 11 hours ago
gruez | 8 hours ago
Examples? My impression is that strong integrity is hard to spoof because it's validated through hardware attestation.
306bobby | 7 hours ago
See TrickyStore for more info
gruez | 6 hours ago
JustinGoldberg9 | 16 hours ago
goku12 | 15 hours ago
aboringusername | 15 hours ago
I would not be surprised if, in a few years, these options are gone from all android devices.
People mention GrapheneOS but that relies entirely on Google.
Yes they are working with an OEM (leaked as Motorola) and we'll see how that goes, it may be the last hope.
goku12 | 9 hours ago
I'm afraid, I agree.
> People mention GrapheneOS but that relies entirely on Google.
I really admire the developers of various AOSP distros for their tenacity, technical brilliance and empathy. But honestly, I don't see AOSP as a solution. It's a deliberately moving target that wastes their time in chasing down the shifting goal posts and hurdles. The only viable solution is to go for a fully open mobile OS, probably based on Linux or a BSD. There are two big difficulties here.
The first is as you mentioned, most devices are severely locked down and their internal details hidden behind NDAs. Getting even the basic set of drivers working is a challenge. The solution is to ask friendly vendors (like Fairphone) for support and then aggressively purse compatibility with them. I'm very much willing to restrict my purchase choices to vendors who agree to such collaborations. If this works, others will follow eventually - like what we've seen with Linux on desktops and laptops.
The second problem is the app ecosystem. It's a chicken and egg problem. You need customers for software vendors to support the platform. But you need a large software ecosystem to attract customers. At least some customers will have to forgo convenience in the beginning and put up with the limitations, in pursuit of a better future. Again, I'm willing. But I don't know if the entire community is big enough to make a difference.
Nevertheless, these are worthy goals to pursue. Once the basic framework is established, the rest of the ecosystem will progress rapidly, since the developers can focus on functionality rather than fighting the never-ending parade of capricious 'safety features'. I'm just tired of putting up with all the wanton consumer abuse by these infinitely greedy corporations.
realusername | 14 hours ago
Goodbye Samsung anyways, I've been with them since 2013 but it's time to go now.
layer8 | 7 hours ago
realusername | 2 hours ago
layer8 | an hour ago
Animats | 14 hours ago
Can you still run without a Google account?
bunbun69 | 10 hours ago
Animats | 2 hours ago
Right now, you can install F-Droid from an APK file without rooting the phone or installing a new boot loader. Google is threatening to take that capability away, via another mod. This seems to be part of a comprehensive program to keep the Google boot on the customer's face.
Also, currently, with difficulty, you can initialize a new unlocked Android phone without a Google account. Is that capability going away?
All these are related. This seems to be part of a comprehensive program to keep the Google boot on the customer's face.
mctt | 6 hours ago
F-Droid warns that Google's new "Developer Verification System" will require all Android app developers, even those outside the Play Store, to register personal data and pay a fee to Google to remain installable. The project argues this mandate threatens the existence of free and open-source ecosystems like F-Droid by ending anonymous development and stripping users of the right to choose their own software.
So that is one threat to what we have now. Right now you can install an APK that you trust and have been using for years.
What the article does say is that Samsung is removing several core options from the Android recovery menu, including the ability to sideload updates via ADB or SD cards and the "wipe cache partition" tool. While the reason for this change remains unconfirmed, it appears to be a permanent security policy shift tied to the One UI 8.5 update and the February 2026 security patch.
So why does this matter? Well some users like nocturn9x [0] have been able to take back control of their devices by installing: 1. An Unlocked Boot Loader. 2. An Unlocked OneUI/ROM 3. And then F-droid style installs are not problem.
Specifically, you can still install your trusted APK if you perform these steps, own a device where the hardware eFuses have not been blown and decline "Play Protect" nag screens and OneUI updates.
[0] https://news.ycombinator.com/item?id=47205434
Kim_Bruning | 11 hours ago
Which is a bit funny I suppose, since a lot of people around where I live seem to assume that smartphone means either Samsung or Apple.
Currently I'm using Fairphone (Made by a Dutch company, and now can be bought with a degoogled android from France)
methuselah_in | 6 hours ago