Google warns against sideloading their services on new Huawei devices

unsplash-logoAlexander London

After essentially walling off their own garden, the omnipresent American giant is now warning users against installing their bloatware on non-certified Huawei devices.

Artículo disponible en Español | Article disponible en Français

Following the sanctions imposed by the US government on Huawei in May 2019, the Chinese manufacturer has been unable to release new devices with Google’s Mobile Services (GMS) pre-loaded. This has caused Huawei to start losing market share in the Western world, as the company has seen itself forced to recycle models with old specifications and unable to sell their new high-end models, such as the Mate 30 series, in large quantities through traditional sales channels such as carriers. While Huawei has been heavily investing in their own solutions and pushing developers to join and release their applications on the brand’s app store, AppGallery, this one is still far from being usable, lacking many of the widely used applications. On top of this, thousands of applications rely on Google up to a certain extent, with some applications using their payment system for in-app purchases, others relying on Google Maps or other services provided by the American ad giant to function properly.

Furthermore, many developers and companies have been slow to react and adapt to the ban on Huawei, likely due to not being used or aware that alternatives to Apple’s App Store or the Google Play Store exist, such as, in this case, AppGallery.

This has pushed the few buyers of recent Huawei devices, such as the Mate 30 series, to look for methods to sideload Google’s services by any means possible, going as far as using risky methods such as LZPlay and now “Chat Partner”, an application which seems to be based on the original LZPlay method but working better, although with an even more questionable interface. Some of these methods require users to know what they are doing, as well as downloading the installation packages (APKs) of each Google service individually from third-party sources, such as APKPure, which is an added risk, as these APKs could have been tampered with or actually be something entirely different.

Due to all this, Google has issued a warning against sideloading their services on non-certified devices, specifically aiming at Huawei and finally giving an official response to the LZPlay debacle. Part of Google’s warning confirms that the company is allowed to work with Huawei for now, providing security updates for the operating system and updates to applications, as users might have been able to notice. As most of us had previously understood, Google is not allowed to work with Huawei on new devices released after the 16th May 2019, which essentially means the Nova 5 series, the Nova 6 series, Mate 30 series or Honor’s V30 series are all unable to get GMS, at least while the sanctions are not lifted.

However, from this point onwards, Google’s post is just a series of lies and excuses, trying to avoid any responsibility in the current situation. After all, Huawei and other companies only face this problem because of how the American company has gone from “open-source” to essentially putting a wall around their little “garden”, making the “open-source” version of Android completely useless in most of the world without their benediction. As discussed in a different article, Google has bought and deployed key services on Android with the only goal of controlling the platform, locking customers in and making any competition fruitless.

If we go back to Google’s post, the company claims “Due to government restrictions, Google’s apps and services are not available for preload or sideload on new Huawei devices.”. While this is true, this is Google’s own fault. The company should have designed their services in a different manner, allowing users to choose whether they desire to install all of Google’s services or just part of them.

In the next few paragraphs, Google keeps talking about “protecting user data privacy, security, and safeguard the overall experience”, with devices needing to be “Play Protect certified”, which is a series of tests performed by the company to make sure “user data and app information are kept safe”, as well as “[…] protection against the device being compromised”. Finally, we see “This has been our long-standing approach to user security and privacy”. These few sentences are all so hypocritical it is difficult not to laugh at them. If one really wanted to protect their data privacy and security, they would not be using Google. Google is essentially a backdoor on our devices, gathering and sending massive loads of our personal information to some random, omnipresent American giant, which uses all this information to continue building their services on our backs for free, while also datamining all this information to spam us with targeted advertisements. To this we have to add the close friendship between Google and the US government, with this one having a series of questionable laws which undermine EU’s GDPR, such as the US Cloud Act, meaning there’s no guarantee our information is kept safe on European soil and not shared with US authorities for arbitrary reasons.

At the end of the post, Google explains that “sideloaded Google apps will not work reliably because we do not allow these services to run on uncertified devices where security may be compromised”. As previously mentioned, this is Google’s own fault, for designing their services in such a way that there’s no other way to install them than by buying a device which had GMS pre-loaded from the factory. Last time we checked, if we want Microsoft Word on our PC, or any other Microsoft service, these can be easily bought and downloaded via Microsoft’s store, and installed on our Windows 10 machines with ease. On the other hand, we have Google’s approach, which is forcing manufacturers to sign confidential and unfair agreements for using their “open-source” operating system, shoving down the throat of customers a bunch of useless apps that they will likely never use, such as Google Duo, Music, Movies or Games. Of course, customers are not able to uninstall these apps either. On top of this, and just to make sure they [Google] get the most out of our data, the company puts their Chrome browser as default browser, with their search engine set as default, and, worse of all, after an OS update, if the user had switched to a different default browser or search engine, Google’s will come back as default.

We obviously shouldn’t forget about invasive applications such as the Google Assistant, which is difficult to disable and ultimately just sleeps in our devices, ready to be activated at any time and send copies of audio recordings and such to Google for transcription and “improvement” of their… marketing services. For a more precise example of how Google essentially uses us to improve their services, we could point to their “Messages” app, which has a setting to “Help to improve Messages”. Google claims our information stays on the device and that they use “privacy-preserving technology” and combine information from multiple participants to improve their service, but here they are already contradicting themselves: how can our data stay on our device and at the same time be combined with data from other participants? This essentially means our data is leaving the device anonymized, but regardless, data is still leaving the device, which is the main point:

In the past, customers were able to sideload Google services on devices imported from China, with, for example, Xiaomi devices having been popular in Europe for a long time, easily since 2013-2014, and easily purchasable through third-party sellers on Amazon and other online stores. These third-party sellers would pre-load the Google Play Store and other services needed in the West and then repackage the device, or let customers do it themselves, as it was relatively easy, before Google started locking down their ecosystem. This, for instance, has allowed Xiaomi to grow extremely fast in our markets once they launched officially on our continent, on top of benefiting from the misfortune of Huawei.

Things have now changed, with sideloading Google services and making them all work properly being a nightmare and, in some cases, straight up impossible, such as on the Nova 5i we’ve recently tested, on which Huawei has blocked anything that looks like a GMS installer.

Ultimately, Google could have easily bypassed US sanctions had they tried, by allowing users to freely download their applications through an approved website and by designing their applications in a way that they do not require administrator privileges for the smallest things, as it is currently the case. Finally, while supposedly US companies are unable to work with Huawei at all, it appears this is not the full truth, with dozens of American developers and companies putting their apps on Huawei’s AppGallery, likely going through either a subsidiary located outside of the US, or because Huawei’s European branch/subsidiary in charge of Huawei Mobile Services, Aspiegel Limited, is an actual European company headquartered in Ireland.

More on this subject:​