To what extent developer activity is tracked across the ecosystem
What this means for developers working on privacy-preserving or politically sensitive applications
Developers should have the right to create and distribute software without submitting to unnecessary surveillance or scrutiny.

4. Arbitrary Enforcement and Account Termination Risks

Google’s existing app review processes have been criticized for opaque decision-making, inconsistent enforcement, and limited appeal mechanisms. Extending this system to all Android certified devices creates risks of:

Arbitrary rejection or suspension without clear justification
Automated systems making consequential decisions with insufficient human oversight
Developers losing their ability to distribute apps across all channels due to a single un-reviewable corporate decision
Political or competitive considerations influencing registration approvals
Disproportionate impact on marginalized communities and controversial but legal applications
A single point of failure controlled by one corporation is antithetical to a healthy, competitive software ecosystem.

5. Anticompetitive Implications

This requirement allows Google to collect intelligence on all Android development activity, including:

Which apps are being developed and by whom
Alternative distribution strategies and business models
Competitive threats to Google’s own services
Market trends and user preferences outside of Google’s ecosystem
This information asymmetry provides Google with significant competitive advantages, allows it to preempt, copy, and undermine competing products and services, and may open many questions about antitrust.

6. Regulatory concerns

Regulatory authorities worldwide, including the European Commission, the U.S. Department of Justice, and competition authorities in multiple jurisdictions, have increasingly scrutinized dominant platforms’ ability to preference their own services and restrict competition, demanding more openness and interoperability. We additionally note growing concerns around regulatory intervention increasing mass surveillance, impeding software freedom, open internet and device neutrality.

We urge Google to find alternative ways to comply with regulatory obligations by promoting models that respect Android’s open nature without increasing gatekeeper control over the platform.

Existing Measures Are Sufficient
The Android platform already includes multiple security mechanisms that do not require central registration:

Operating system-level security features, application sandboxing, and permission systems
User warnings for applications that are directly installed (or “sideloaded”)
Google Play Protect (which users can choose to enable or disable)
Developer signing certificates that establish software provenance
No evidence has been presented that these safeguards are insufficient to continue to protect Android users as they have for the entire seventeen years of Android’s existence. If Google’s concern is genuinely about security rather than control, it should invest in improving these existing mechanisms rather than creating new bottlenecks and centralizing control.

Our Petition
We call upon Google to:

Immediately rescind the mandatory developer registration requirement for third-party distribution.
Engage in transparent dialogue with civil society, developers, and regulators about Android security improvements that respect openness and competition.
Commit to platform neutrality by ensuring that Android remains a genuinely open platform where Google’s role as platform provider does not conflict with its commercial interests.
Over the years, Android has evolved into a critical piece of technological infrastructure that serves hundreds of governments, millions of businesses, and billions of citizens around the world.

Unilaterally consolidating and centralizing the power to approve software into the hands of a single unaccountable corporation is antithetical to the principles of free speech, an affront to free software, an insurmountable barrier to competition, and a threat to digital sovereignty everywhere.

We implore Google to reverse course, end the developer verification program, and to begin working collaboratively with the broader community to advance security objectives without sacrificing the open principles upon which Android was built. The strength of the Android ecosystem has historically been its openness, and Google must work towards restoring its role as a faithful steward of that trust.

#Droidify #Fdroid client
Added SHA256 for signature verification (Long press on Sync icon to refresh index)
https://github.com/Droid-ify/client/releases

Many more android app stores at
https://t.me/Libreware/1132 and #apk@LibreWare

Tell us your favorite or any missing ones

❌ #Fdroid security problems

⁨https://privsec.dev/posts/android/f-droid-security-issues⁩⁩

⁨⁨https://xcancel.com/GrapheneOS/status/1883895255142932816

https://xcancel.com/GrapheneOS/status/1497272529223917575

⁨⁨https://gitlab.com/ironfox-oss/IronFox/-/issues/7⁩⁩

⁨⁨https://github.com/obfusk/fdroid-fakesigner-poc⁩⁩

⁨⁨https://github.com/CatimaLoyalty/Android/issues/2608⁩⁩

⁨⁨https://gitlab.com/fdroid/admin/-/issues/593⁩⁩

⁨⁨https://discuss.grapheneos.org/d/15490-f-droid-or-obtainium⁩⁩

⁨⁨https://m.youtube.com/watch?v=IzpVI4zaso0⁩⁩

⁨⁨https://m.youtube.com/watch?v=lAbgeJau3eE⁩⁩

⁨⁨https://m.youtube.com/watch?v=FFz57zNR_M0⁩⁩

⁨⁨https://m.youtube.com/watch?v=IAoCfrqx⁩⁩

#fd

#Motorola's new partnership with #GrapheneOS

https://motorolanews.com/motorola-three-new-b2b-solutions-at-mwc-2026/

#Systemd Adds #Age #Verification & #Reddit #Linux Censors Age Verification Posts

Plus: Which Open Source Operating Systems plan to include Age Verification? The Lunduke Journal compiles a list.

Does It Age Verify?:
https://github.com/BryanLunduke/DoesItAgeVerify

https://lunduke.com

https://www.youtube.com/watch?v=M3erhbwqIAM

Lennart Poettering
#microsoft #stalking #surveillance #backdoor #trojan

SystemD Root Access Exploit Found, Devuan Team Calls SystemD "Unicorn Sh*t"

"Found yet another high severity #systemd bug in #Ubuntu: local root privilege escalation (CVE-2026-3888) https://cybersecurity88.com/news/ubuntu-cve-2026-3888-timing-flaw-in-systemd-cleanup-enables-root-privilege-escalation/ Let us wish all #Devuan users a wonderful day out with their family for a merry father's day, instead of showeling unicorn shit."

https://xcancel.com/DevuanOrg/status/2034560405968712179

https://www.youtube.com/watch?v=_yukEnElXUg

Lennart Poettering
#microsoft #Linux #stalking #surveillance #backdoor #trojan

A systemd fork has set out as a fu*k you to age verification.

Liberated systemd is a fork of mainline systemd started by Jeffrey Seathrún Sardina, a machine learning/AI researcher who apparently had enough of where things were heading. The project is straightforward about its purpose; strip out what it considers surveillance-enabling code, keep everything else intact, and stay in sync with upstream as it develops.


https://itsfoss.com/news/systemd-fork-strips-out-age-verification/

@itsfoss_official
#AgeVerification #SystemD

Gomphotherium — the most minimalistic and fast Mastodon client for the terminal.

For fans of decentralized networks and console minimalism.

It allows you to read the feed, reply to posts, and manage your account without leaving the command line. A true retro vibe for a modern social network.

@github via @dcntr
#Mastodon #Fediverse #CLI

https://securityonline.info/telegram-critical-zero-click-vulnerability-zdi-can-30207/

its real apparently, just thankfully not in the wild https://www.zerodayinitiative.com/advisories/upcoming/

In the search result of "ZDI-CAN-30207":
https://old.reddit.com/r/Android/comments/1s5xyi1/critical_alert_telegram_vulnerability_zdican30207/

https://news.ycombinator.com/item?id=47546545

#telegram #tg #0click #exploit #vulnerability

Nekogram APKs Accused of Hidden Spying Code | One Jail Break


A new investigation by security researcher Repinek is raising alarm over Nekogram, a widely used third-party Telegram client, with claims the app’s Android builds may include covert spying functionality. The report alleges that released APKs contain hidden code capable of collecting and silently transmitting sensitive user data.

The core concern isn’t just privacy, it’s trust. According to the findings, the behavior identified in compiled APKs does not exist in the project’s public source code, suggesting users may be installing something materially different from what developers publish on the Nekogram GitHub.

[Spyware, Malicious code] Malicious Code Injection and User Data Leaking in Release Binaries · Issue #336 · Nekogram/Nekogram
https://github.com/Nekogram/Nekogram/issues/336

#Nekogram #TelegramClient #Privacy #Telegram

systemd birthDate Merge: Corporate Filings & Governance Failure

Investigation pulled Amutable's founding documents from the German Handelsregister

The corporate filings show three equal shareholders, no outside investors, and self-dealing exemptions that let any founder sign contracts between the company and their own personal entities All three founders were employed at Microsoft when they signed the founding deed. A hidden shareholders' agreement referenced three times in the Articles of Association but never filed publicly governs economic rights, IP assignment, and vesting terms the public cannot see.

Three decisions put the birthDate field into #systemd. Each was made by someone with a direct financial interest in the outcome No one disclosed those interests. systemd has no conflict-of-interest policy, no steering committee, no community veto, and no disclosure requirements. The project that boots every major Linux distribution has less formal governance than a typical mid-size open source project.

Age Verification Isn’t What You Think (New Investigation) | Tech, Privacy, News Explained

A new OSINT-based investigation is raising serious questions about how age verification systems actually work.

These systems are often presented as simple checks — “are you over 18?” — but this report suggests something much broader may already be in place.

Surveillance Findings: Age Verification as Mass Surveillance Infrastructure - TBOTE Project

Age verification laws in Brazil, the United Kingdom, and the United States are creating mandatory markets for #BiometricIdentity verification infrastructure that doubles as #surveillance. The same investor, Peter Thiel, simultaneously controls the surveillance analytics company (#Palantir) and funds the identity verification company (Persona via Founders Fund). A coordinated legislative pipeline creates the legal demand for these services across borders. The identity verification ecosystem is now converging with the AI agent infrastructure..

#BigBrother

SharedTrace

#Python tool for getting additional info by shared link (usernames, avatars, IDs etc).

Support TikTok, Instagram, Discord, ChatGPT, Perplexity and other platforms.

https://github.com/hondling/sharetrace

@cybdetective
#socmint #tracking #trackers #stalking #surveillance #why