RIP #Obtanium on "certified Android devices."

"Non-certified OSes, like GrapheneOS, should be unaffected by this for as long as they are allowed to continue to exist."

Freedom tech exists on iOS—after developers KYC themselves, even where Apple now allows sideloading under its rules. Android matters because it's open source and allows sideloading without Google's permission. That's why Nostr apps, FOSS tools, and freedom tech took root here.

#GrapheneOS works because it preserves that ecosystem without breaking continuity. But now Google's forcing developer KYC for the Play Store on certified devices. The choice becomes: KYC to Google or start over.

This is what breaks mobile in a way desktop never broke. On Linux, you can run open-source and closed-source software on the same primary system. On mobile, once the app ecosystem is gated, custom AOSP ROMs don’t get that role.

The result is a split by design. As I predicted—for the foreseeable future—stock Android becomes the primary device for most. Privacy ROMs get relegated to secondary use, not because of capability—but because of access.

For those whose threat model demands it, privacy ROMs remain the primary device. For everyone else, they become secondary—appealing to those willing to sacrifice convenience for privacy and security, but not the masses.

Obtainium dying on stock Android is the warning. After this, the rest is just enforcement.

The catch now, however, is that with custom ROMs you’re rebuilding the entire app ecosystem from scratch.

On Linux, you can still install closed-source software. On mobile, once you step outside the Google/Apple ecosystem, you’re not just losing a store—you’re losing the distribution, licensing, and services stack a lot of the apps people actually use are built around.

That’s Linux on mobile, but without an easy way to carry over the apps people already paid for, depend on for productivity, and use every day.

That’s the challenge in front of us right now.