I bet a cookie that this will be used to kill apps like NewPipe and Revanced.
this post was submitted on 04 Nov 2023
81 points (94.5% liked)
Technology
57453 readers
4884 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
Yep.
I've already seen it try to disable sideloaded apps. Was yet one more motivator to go to a de-googled device (specifically DivestOS). I can't do Graphene with my current device, but my next phone will be a Pixel 5.
Why a Pixel 5? It's end of life already.
Currently using an Essential Ph1. Paid $100 for it. Runs fast. Faster than my friends newer phones.
I see no reason to pay hundreds of dollars for a phone. I'd rather pay $130 for a good condition Pixel 5 that has the features I want, and I can afford to keep a testing phone around or use it as a hot spare, and still pay less than a "new" phone.
Or more an excuse to monitor and read app data
Or things like AdGuard.
I have sideloaded apps where the malicious code has been removed (e.g. a Spotify client without ads). I bet this is an attempt to block them.
But... they could've already done that with current tools? Not like these change the package ID often.
They could, but I think that would be too obvious. Why such system they could flag it at OS level with a big, scary warning and claim it was for security sake.
Maliciously sideloaded? means the freedom users enjoy by not installing spyware-like application. Nowadays Security terms doesnt mean its for the users, that narrative is always with them.
Maliciously sideloaded doesn't mean all apps that were sideloaded are malicious, it refers to those that were sideloaded and are malicious, like the recent WhatsApp modded apps that have a Trojan, or apps installed via usb debugger exploits
Only Google Play Protect, which is part of the Google Services. Good, i don't have that.
This is the best summary I could come up with:
This consists of a code analysis that will “extract important signals from the app and send them to the Play Protect backend infrastructure for a code-level evaluation.”
Sideloading remains a popular feature for Android users, even if it means having to trust that the app they are installing is not malicious.
One of the key reasons for Google to introduce its enhanced real-time code-level scanning feature is to counter the proliferation of predatory loan apps.
We began the testing on the Pixel 7a by trying to install various spyware apps that have rebranded or been cloned, or otherwise had code changes that would attempt to evade detection.
Commercial surveillance apps, like stalkerware or spouseware, are typically surreptitiously installed by someone with physical access to a person’s phone, often a spouse or domestic partner.
“These capabilities will continue to evolve and improve over time, as Google Play Protect collects and analyzes new types of threats facing the Android ecosystem.”
The original article contains 953 words, the summary contains 158 words. Saved 83%. I'm a bot and I'm open source!