I haven’t been able to update my cellphone anonymously with Aurora since January. Every time I try, Aurora errors out with “Oops, you are rate limited”.
This isn’t the first time Google plays at making non-normies’ lives difficult. So I tried the usual tricks, updated Aurora, tried the nightly build, waited, tried again… for months - to no avail: Google just won’t play ball this time.
Last week, Signal stopped working and demanded to be updated. Fortunately, Signal offers the APK as a normal download without having to get it from the hateful Google Play store.
Today, my home banking identificator app did the same thing and stopped working. I needed to make a payment right now, and I had no way to update the app: “Oops, you are rate limited”. And my bank sure doesn’t offer the APK outside of anything but the goddamn Google Play store.
So I relented and created a Google account. Which of course entailed giving Google a phone number. I sure didn’t give them mine, so I phoned a friend abroad who doesn’t care to ask him to receive the verification SMS on his phone and read out the code to me. Which worked long enough to set up 2FA and do away with phone numbers altogether. And finally, after an hour of fucking around, annoying other people and compromising their phone number, I could update my banking app and make my payment at last.
All that because Google has decided they want to control my phone.
Fuck Google.
Seriously, how they are allowed to hold the Android world hostage like this without getting their monopolistic ass Sherman’ed AT&T-style, I’ll never know. It’s long overdue.
my only hope is that with the receding influence of us tech companies we will get more breathing space for alternative foss software in the future.
Spoken like someone from Kaliningrad (as opposed to someone in the US, where US tech companies’ influence is only getting even stronger).
oh fuck you got me!
srsly though, what makes you think that its not declining
Really seems to me that the only way to manage this consistently will be with a non-de-googled phone as back-up for downloading and exporting apks. Doesn’t need a phone number, and wouldn’t have to have a google account with any real information.
As Android becomes increasingly hostile to users who want to control their own device, and without Google bullshit, I’ve grown to accept that I’m basically just going to have to carry two phones.
Rooted/Lineage phone is main, if something refuses to work (which is rare for me), I kick on the hotspot and pull out the “clean” one.
Been doing it for a year or so now. It’s annoying but not that big a deal, honestly. I’ve gotten used to it.
I’d probably end up having two anyway for work stuff. This way Verkada and Microsoft’s garbage can stay on the “clean” phone too. I’m not about to tolerate Outlook wanting device admin privileges on my personal phone, but if it wants it on the “clean” one, go for it.
Maybe this will spark the next Linux phone wave as there’s not much reason for to run Android if you are already forced into a second smart phone.
It makes me nauseous to say this, but I am now considering getting a goddamned iPhone just to avoid Google, trading one shitcorp for another shitcorp.
What other options are there to be de-Googled and avoid the app troubles OP is battling?
I’ve been using GrapheneOS on Pixel 7 for about 5 months now, and haven’t seen any issues. With this, bootloader is also locked, so no issues there.
I’ve been eyeing the Murena Fairphone 4 and I think I may go that route. Their OS is purpose built to de-Google, offering free competing services while still having access to the Play store. It seems like it might be a good way to do this for someone like me who doesn’t know what a bootloader is or why it should be locked.
with fairphone, I am afraid of inferior build quality. Reviews tell they got old hardware and stuff. But will prolly get fairphone once I get some extra money :D
I banged my head against this for a while, turned out switching VPN servers did the trick for me. Might help for you? Could also try installing an update for aurora. Or you could try deleting all aurora data. Those have helped in the past as well.
I just switched to a degoogled phone and Aurora recently, and it worked fine installing 30+ apps. When you get an error, try logging out of Aurora and start a new session, maybe the current Aurora proxy your phone is using is down
Yep this is it. Same thing happened to me randomly for a week before i said “maybe it’s not the servers” and did the whole turn it off and on again thing.
I only use apps from fdroid . But yeah i guess it sucks if you want banking apps
I don’t want banking apps, I’m forced to use them.
How come? Just curious
I live in a country where the government provides a lot of services online, and have delegated the task of identifying people to the banks. You literally can’t live without a cellphone and without the secure ID app of your bank here. Well, you can I guess, but then your life become extremely difficult to do anything at all, however trivial.
Oh, ffs. What a phenomenally fucked up idea (and we all know it was done intentionally by both people in banking and government, to glean yet more info and gain more control).
Sorry you have to deal with this BS.
DivestOS (and Lineage I’m pretty sure) enables you to run MicroG under a specific user account only. Wonder if that would help for you?
Or, if an Android VM hosted on a VPS would work.
Sweden?
Sounds like BankID (and feja?). Remember to support DFRI and their fight to being open, independent standards for identification.
What’s DFRI?
Edit: never mind i got it
Time to run graphene with the app in a separate profile with MicroG if you need it
You’re living in the future.
No, they’re just not living in the pseudo-first-world country like the US.
Not sure why people are downvoting you. This is what power brokers around the world are working hard to implement everywhere.
I’ve been running GraphiteOS and get most of my apps from Fdroid.
I love FDroid but no way in hell is my banking app going open source and uploading there. I can use the website instead of the app but I doubt that’s the case for everyone.
You mean GrapheneOS? Or is GraphiteOS a different OS I’ve not heard of?
GrapheneOS?
Yes
I noticed I only got the rate limiting error when searching for an app on Aurora, but not to download and install. But how to get to the install page if you can’t search?
I opened Firefox/Fennec on mobile, searched for an app, clicked the result for the Google Play store. Once on the play store page for the app was open, I would choose the “Open in App” option from the Firefox menu and select Aurora.
That would launch Aurora and bring me directly to the App Install page. From there I could complete the installation.
This was sometime in 2023, but hopefully it will still be helpful today.
I haven’t seen the rate limitation issue for a couple of months now. The issue is not new, IIRC the Aurora team needs to provide more and more anonymous accounts as the user base is growing. Some months ago we had this problem for more than two weeks. I just checked and Aurora finds no connection, but until today everything worked flawlessly. And I expect it to work again soon.
I feel your pain though. I am degoogled for more than 5 years now and what I learned is that Google will always look for ways to make our life harder. More and more basic functions such as network location were seperated from the AOSP into proprietary google services. I am pretty sure this will get even worse in the future.
We must not forget that we rely on open source software and a hand full if developers, everything can break tomorrow and we are fucked.
Try deleting app data in Settings > Apps > Aurora Store, some data remains persistent even with reinstall, I had a similar problem showed that Aurora is down for maintenance, were reinstall didn’t work but removing data did, go figure.
We must not forget that we rely on open source software and a hand full if developers, everything can break tomorrow and we are fucked.
In no way am I blaming the kind souls who create the open source software I love, and make life livable despite Google. I am squarely blaming Google who, like you say, has everybody’s balls in their hand and can squeeze at will - somehow lawfully.
For banking exclusively, I use an insecure old phone with all the Google stuff updated through the Play Store. This phone is only on, without a SIM, behind a VPN, when I make a transaction. Battery lasts forever.
And yeah, Google don’t like people who won’t allow them to fuck around with Android phones.
It works for me! Just try loging out (via the settings) and back in…
you guys are aware the new play integrity API will demand us to have both the official play store AND a locked bootloader to use any app that wants to enforce it right?
they are definetly coming for us.
I would recommend using apkupdater for closed source apks, in particular enabling apkpure repo, rather than insisting on using google repo with aurora store or any other mechanism.
Also looking for FLOSS alternatives if possile (granted things like whatsapp and waze won’t have alternatives for example).
Some metioned apkmirror as the more trusted repo for closed source apps, however it’s currently formatting apks on multiple apks, and supposedly requesting for the apkmirror own instaler, so I recommend apkpure instead, which is also pretty well regarded, and they also in theory offer the same packages as the ones on google play…
For FLOSS apps, the different f-droid repos (official ones and non official ones such as izzy-on-droid) offer a good amount of them.
Thanks!
RCS just got cut for me again today because I’m rooted. At this point I’m spiteful enough that anybody who wants to reach me is going to have to do it through signal.
The egregious part in this is that Google presents RCS as an open standard to get carriers to adopt it. But then they retain enough control to exert their power over users like this. The same happened with Android. I don’t know how long such exploitation is tolerated before such aggressors are split up into a thousand competing businesses.
RCS is the non-Apple aquivelant to iMessage, right?
There is RCS the standard, which isn’t really used - maybe Apple’s support will give it a boost. Then there is RCS + proprietary addons that is used, Google iMessage.
RCS is XMPP if it were invented by corporations for corporations with the goal of minimal EU data compliance of messaging interoperability & maximal loopholes. The irony is these big corpos used XMPP a decade ago until they realized they have nothing to gain from interop or contributing to the working groups, but everything to gain from walling off the gardens & making users create accounts.
Another solution would be downloading the APK from APKMirror. I believe all their APKs signatures are checked against the proper Play Store releases or something like that (don’t quote me on that), but the baseline is that all their APKs should be pretty safe.
As much as I hate Google and the Play Store, I trust it more than third party app stores. APKPure, Aptoide, APKMirror… They all sound a bit sketchy to me. Because if you think about it, there’s absolutely no way to verify that the APK files they serve haven’t been diddled with, since the Google Play store doesn’t give a file hash that would enable me to verify the file’s signature independently. Not to mention, their apps have a knack for displaying obnoxious advertisement at full screen and full volume.
And even if I did trust them, do you find this normal? Why is Google allowed to make me jump through hoops and compromise my security with impunity?
Without mentioning that most of the time (and probably depending where you live) you won’t find your banking app in there, nor in the Aurora Store usually.
Hmm no, if it’s in the Google Play store, it’s in Aurora too - kind of by definition.
I live in a Central American country where I simply can’t find my banking app in Aurora Store or in APKMirror (or any of those sites), and when I search the app name in Google Play it’s there, so I guess it has some kind of logic since the app uses anonymous Google accounts that are probably located in a country where it makes no sense that my banking app is there, I mean, why should my Central American banking app be shown in US for example?
Interesting… I sort of assumed everybody in the world had the same view of the Google Play store. Like for instance, my bank has subsidiaries in many countries, and I can see all the national versions of their apps in the Play Store as well as in Aurora. But now that you mention it, it’s possible that not everybody can download everything everywhere.
Although that seems quite wrong: what if you travel to, say, France or Italy, you need to update your banking app while you reside there and you can’t see the app? That sounds like a recipe for disaster.
Then again, it’s Google. They are kind of a giant disaster for millions of people who don’t need their aggravation…
I suppose in the case where I’m using Google Play with a Google account, the most likely thing is that I’ll be able to update without a problem because my account is in the country where the app is located, just that it’s using the servers in the country where I live.
In the case of the Aurora store of APKMirror, well, I’m fucked, I guess the only think that I can do is use the website of my bank, that I suppose this will be the case in many banks, the interface and the overall experience is worse than that of the app.
To be honest, is just a shit that many, not to say all banking apps depend specifically on Google to work, it would not be a surprise to me that if I try to install my banking app extracting the APK for myself and then installing it on a deGoogled phone, the app will tell me that it requires Google to work or something like that.
Not necessarily. My bank’s app for instance works perfectly well without Google Play Services. Quite surprising actually, and a relief that I don’t need a separate non-deGoogled cellphone just to do my banking. You might be surprised that yours does too.
Try getting the app URL and opening that on your device because I found a lot of times that even apps that are not shown will show up if you use the direct link instead.
If you log out of Aurora and use the “insecure” option you may have better luck. By default, Aurora’s location is in France but the insecure log-in is where you or your vpn location is.
This comment about the app signature should apply to your situation too, you can’t mess with an APK and then sign it with the Google Play keys.
APKMirror is the most trustworthy website there is for APKs out there, if you do some research you will see that the community consensus is it being pretty safe.
I do however understand your concern, especially when talking about banking apps. Honestly now that I think about it, for a banking app I’d rather make a burner Google Account as well. For less sensitive apps however, APKMirror is the best non Google way to get their APKs.
About the app, I have no idea, I only ever used the website (with uBlock).
Obviously it sucks that you need a Google account to access all these apps “properly” through the Play Store, for free apps they should really just let you download them without an account.