• BearOfaTime@lemm.ee
      link
      fedilink
      English
      arrow-up
      25
      arrow-down
      1
      ·
      1 year ago

      Yep.

      I’ve already seen it try to disable sideloaded apps. Was yet one more motivator to go to a de-googled device (specifically DivestOS). I can’t do Graphene with my current device, but my next phone will be a Pixel 5.

    • pHr34kY@lemmy.world
      link
      fedilink
      English
      arrow-up
      8
      arrow-down
      1
      ·
      1 year ago

      I have sideloaded apps where the malicious code has been removed (e.g. a Spotify client without ads). I bet this is an attempt to block them.

    • Madis@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      But… they could’ve already done that with current tools? Not like these change the package ID often.

      • Tiger Jerusalem@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        They could, but I think that would be too obvious. Why such system they could flag it at OS level with a big, scary warning and claim it was for security sake.

  • Sygheil@lemmy.worldB
    link
    fedilink
    English
    arrow-up
    18
    ·
    edit-2
    1 year ago

    Maliciously sideloaded? means the freedom users enjoy by not installing spyware-like application. Nowadays Security terms doesnt mean its for the users, that narrative is always with them.

    • Crit@links.hackliberty.org
      link
      fedilink
      English
      arrow-up
      1
      arrow-down
      1
      ·
      1 year ago

      Maliciously sideloaded doesn’t mean all apps that were sideloaded are malicious, it refers to those that were sideloaded and are malicious, like the recent WhatsApp modded apps that have a Trojan, or apps installed via usb debugger exploits

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    This is the best summary I could come up with:


    This consists of a code analysis that will “extract important signals from the app and send them to the Play Protect backend infrastructure for a code-level evaluation.”

    Sideloading remains a popular feature for Android users, even if it means having to trust that the app they are installing is not malicious.

    One of the key reasons for Google to introduce its enhanced real-time code-level scanning feature is to counter the proliferation of predatory loan apps.

    We began the testing on the Pixel 7a by trying to install various spyware apps that have rebranded or been cloned, or otherwise had code changes that would attempt to evade detection.

    Commercial surveillance apps, like stalkerware or spouseware, are typically surreptitiously installed by someone with physical access to a person’s phone, often a spouse or domestic partner.

    “These capabilities will continue to evolve and improve over time, as Google Play Protect collects and analyzes new types of threats facing the Android ecosystem.”


    The original article contains 953 words, the summary contains 158 words. Saved 83%. I’m a bot and I’m open source!