Android @lemdro.id Nemeski @lemm.ee 2mo ago

Apps can now block sideloading more easily and force downloads through Google Play

www.androidauthority.com Apps can now block sideloading more easily and force downloads through Google Play

The Play Integrity API has made it easier for apps to check whether you installed or bought them from Google Play.

102

102 comments

Well that's an easy fix. I just won't use those apps.
- So no banking apps for you? I agree that this is shit, but pretending we are not hit by this is not helping.
  
  Also, I don't really use banking apps anyway because they already pull similar shit and I can get around it. For now.
  
  Fortunately so far I haven't come across a bank here in the Netherlands that wouldn't work because my phone was rooted or because I'm running grapheneos. Hope it stays that way too.
  
  Correct. I've never used banking apps in the first place anyway. If my bank doesnt have a functional website then I would change banks.
  
  And i say this not to be difficult or contrarian. I just really hate using apps for every business in existence and simply refuse to do so. Yes I have absolutely sacrificed convenience on many occasions due to this principal.
  
  Is there any reason anyone would want to use an out of date banking app?
  
  Banking on the phone is absurd concept that I will never use
  
  With banking apps in particular this lock down is ultra-stupid.
  
  Like, I have to use your super secure app, or I can just... visit your page in a web browser running on god-knows-what with whatever extensions in any computing environment or OS of my choosing? But not using Google Play is where they draw the line.
Not a single app on my phone was installed through Google Play, it's all Aurora. Guess if apps really do this i'll just have to stop using them, cause I'm not installing the play store.
- I wish i can degoogle my phone but its a few months old so no rom support and its a samsung :<
  
  Samsung isn't one of the best for roms. Anyway you could stop using it while you port Lineage OS
  
  How is it being a samsung making things worse? I've never flashed a samsung phone before so I may be very wrong, but isn't unlocking the bootloader easy?
  
  And now that I think about, does samsung have their own system file format or something? Is that the issue?
- Quick question: what is the advantage of using Aurora to get apps instead of the Play Store?
  
  I have Aurora but i don't understand that, afaik both use the same APKs and can update interchangeably?
  
  At first I thought Aurora remove some of the app's tracking beacons but that's not the case.
  
  At least for me, Play Store impulsively updates itself. I would even say that some apps got updated even though I'd disabled auto updates.
  
  I installed Aurora and disabled Play Store altogether. So I update apps manually whenever I want to.
What if I sideload purely to downgrade a bugged app? Just seems like yet another kick in the teeth by Google.
- I thought you could not downgrade non-debuggable apps?
  
  But you can uninstall them and install a lower version
  
  You can always uninstall and install an older apk.
- Google's only providing the option, it's up to individual devs to enable it on their app. If the app developer has chosen to block sideloading, then they probably have a reason for going out of their way to do so. Whatever you find that reason to be should inform your decision whether or not to continue using their app.
  
  Their reasons mean nothing. It's my device. I shouldn't have to worry about an application installed on my device being policed because the developer got a hair up their ass about people downgrading.
  
  The phrase "more secure" is becoming meaningless as it keeps being used as a blanket excuse for literally every user hostile change.
  
  Explain to me what would be the good reasons McDonald's has to block their app from running on a rooted device because it doesn't pass SafetyNet or whatever Google is calling it now
BOOOOO!

YOUR DECISIONS ARE BAD AND YOU SHOULD FEEL BAD.

google, not op
time to demand apps in other repositories. Bonus if it's f-droid compatible
Aw shit, it says this is supposed to detect when an app's binary has been tampered with... That means it's probably gonna be used to block stuff like ReVanced. I hope they can find a way around this that doesn't require root.
- Nah, revanced will just patch that out too!
- I guess Revanced would eventually have a patch to skip this check. It can already spoof the client and such, why not this as well. I hope so
The whole tech world saw Microsoft Palladium as a nightmare scenario, but was quiet ten years later when Apple and Google did the same thing to our phones. That was a mistake.
- Maybe everyone was just OK with mobile devices being locked down heavily from the start, and now it's more or less the same level for most
  
  We had several years of Android that mostly wasn't. Now it's hard work to get Android that isn't.
Can we also sue Google for the same shit as apple? Sideloading isn't enough.
- This is the individual app's fault and not Googles. It's like getting mad at Steam for allowing apps with DRM. Is feature is entirely optional and requires extra effort to implement.
  
  Also didn't Google already get sued in the USA for Android not being open enough or something like that.
Google Play IS my "sideloading" app repository.
How are those Linux phones coming along?
- Google Pixel
  
  Still stuck with Android though, and with Google in control of that it won't be great forever
Some paid apps actually prevents the user from using it if it's not paid from Google play
- Are you suggesting such an app can be purchased outside Google play but not used?
  
  Having an app check a license server isn't exactly new. Google play is simply a third party license server.
  
  No, but you can download the APKs anyways. Which is most likely exactly why this is being implemented. I doubt many developers of free apps are going to turn this feature on.
  
  The App Lounge from /e/OS has access to the play store if you choose to log in to Google. It is possible (but not recommended because of a possible ban) to purchase stuff, I haven't done that yet, but some apps want to talk to Google to see if it was purchased and that gives an error.
  
  For example, Wavelet can't unlock paid status, All-In-One Calculator gives the option to link an email so it can restore paid status, Nova Launcher uses a different app to restore paid status so it works as well.
- Kinda makes sense. A paid app on Google Play is a license to download the .apk file(s). Then a user could make copies, and without DRM, it'd be the same situation as with copyrighted movies and whatnot.
  
  I'm not saying I support them, it's just that they are like this for a reason
when will this shit be cracked.
That's fine I rarely download apps that want to be on the Play store anyway

102 comments