this post was submitted on 11 Sep 2024

4 points (100.0% liked)

Technology

59651 readers

2744 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each another!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago

MODERATORS

Android apps are blocking sideloading and forcing Google Play versions instead (arstechnica.com)

submitted 2 months ago by lemmee_in@lemm.ee to c/technology@lemmy.world

237 comments fedilink hide all child comments

You might sideload an Android app, or manually install its APK package, if you're using a custom version of Android that doesn't include Google's Play Store. Alternately, the app might be experimental, under development, or perhaps no longer maintained and offered by its developer. Until now, the existence of sideload-ready APKs on the web was something that seemed to be tolerated, if warned against, by Google.

This quiet standstill is being shaken up by a new feature in Google's Play Integrity API. As reported by Android Authority, developer tools to push "remediation" dialogs during sideloading debuted at Google's I/O conference in May, have begun showing up on users' phones. Sideloaders of apps from the British shop Tesco, fandom app BeyBlade X, and ChatGPT have reported "Get this app from Play" prompts, which cannot be worked around. An Android gaming handheld user encountered a similarly worded prompt from Diablo Immortal on their device three months ago.

Google's Play Integrity API is how apps have previously blocked access when loaded onto phones that are in some way modified from a stock OS with all Google Play integrations intact. Recently, a popular two-factor authentication app blocked access on rooted phones, including the security-minded GrapheneOS. Apps can call the Play Integrity API and get back an "integrity verdict," relaying if the phone has a "trustworthy" software environment, has Google Play Protect enabled, and passes other software checks.

Graphene has questioned the veracity of Google's Integrity API and SafetyNet Attestation systems, recommending instead standard Android hardware attestation. Rahman notes that apps do not have to take an all-or-nothing approach to integrity checking. Rather than block installation entirely, apps could call on the API only during sensitive actions, issuing a warning there. But not having a Play Store connection can also deprive developers of metrics, allow for installation on incompatible devices (and resulting bad reviews), and, of course, open the door to paid app piracy.

(page 4) 50 comments

sorted by: hot top controversial new old

[–] LemmyAtEmLemmyAtEm@lemmy.world 0 points 2 months ago (1 children)

Can we do anything ?

[–] Angry_Autist@lemmy.world 0 points 2 months ago (1 children)

Custom ROM or just go back to a flip phone.

It's only going to get worse with the big players from this point on.

load more comments (1 replies)

[–] 5cr33ch3r@lemmy.ml 0 points 2 months ago (2 children)

The only reason I'm still sticking with Android is the ability to sideload

I have no reason to use an android if this is the road Google wants to follow and expect my next phone to be an iPhone SE

[–] avieshek@lemmy.world 0 points 2 months ago (6 children)

May as well sideload on iOS~

[–] DoucheBagMcSwag@lemmy.dbzer0.com 0 points 2 months ago (1 children)

The only caveat is you Gotta pay yearly $99 for dev account or be limited to 3 apps.

[–] avieshek@lemmy.world 0 points 2 months ago

Looks like you’re someone who doesn’t read but it uses DNS filters to use revoked certificates.

load more comments (5 replies)

[–] moonburster@lemmy.world 0 points 2 months ago

I'm in this boat. I really liked using Android and tinkering with it. If I do so now I cannot even use my banking app without doing aftercare each update

[–] sweetpotato@lemmy.ml 0 points 2 months ago

Yeah, it happens to Spotify mods as well. This isn't good

[–] hypertown@lemmy.world 0 points 2 months ago (1 children)

Good that most apps I use now are open source but for those few that I still get from Aurora Store it might be a death sentence but perhaps this API could be spoofed?

[–] tfowinder@lemmy.ml 0 points 2 months ago (1 children)

From where does the aurora store get the binaries?

[–] SturgiesYrFase@lemmy.ml 0 points 2 months ago

From the Play store

[–] eddeeMN@poweredbygay.social 0 points 2 months ago* (last edited 2 months ago)

The whole point of #Android is the ability to control your device without #Apple, or #Google, or anyone else dictating your apps and content.

@lemmee_in @android

[–] ray1992xd@lemmy.world 0 points 2 months ago (3 children)

The EU is going to be furious about this

[–] pumpkinseedoil@sh.itjust.works 0 points 2 months ago

I hope so. I don't want Android to become the new Apple

load more comments (2 replies)

[–] sentientity@lemm.ee 0 points 2 months ago (1 children)

Ew. Fuck google

load more comments (1 replies)

load more comments