this post was submitted on 05 Dec 2024
34 points (92.5% liked)

Android

17804 readers
103 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

πŸ”—Universal Link: [email protected]

πŸ’‘Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.

Support, technical, or app related questions belong in: [email protected]

For fresh communities, lemmy apps, and instance updates: [email protected]

πŸ’¬Matrix Chat

πŸ’¬Telegram channels / chats

πŸ“°Our communities below

Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to [email protected].

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to [email protected].

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
Devgard
[email protected]
[email protected]
34
Google's beefing up Android app security, but not everyone's going to be happy (www.androidauthority.com)
submitted 1 week ago by [email protected] to c/[email protected]
18 comments fedilink hide all child comments
top 18 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 6 days ago

As a currently totally "normal user" - no root, stock OS, I would have been screwed by this security while travelling

Driving in Italy you need to know about ZTL zones - places cars are secretly restricted in - and there's an app for that, but the app is only useful for drivers in Italy and if your phone doesn't default to the Italian play store you can't see it

Your only option is to side load it

It would be no fun to get your phone working with ZTLs only to lose access to your bank apps

[–] [email protected] 59 points 1 week ago (2 children)

"Security" meaning "preventing users from using the devices they own in the way they want to use them" apparently.

[–] AnUnusualRelic 7 points 1 week ago

Silly users, thinking they actually own anything...

[–] [email protected] 6 points 1 week ago (1 children)

If you root, unlock your bootloader or run a custom ROM, nothing changes since your device does not pass the integrity checks and Google already had a feature for developers to block apps from running on those devices.

These new additions are also entirely irrelevant for apps distributed outside of the Play Store since Play Integrity requires the app being downloaded from the store.

Also, all of these additions are entirely up to the developers to add, Google is not forcing anything.

[–] [email protected] 8 points 1 week ago

They call out making spoofing harder, although they don't specify how.

It's a normal thing for people to sideload apps that are distributed through the play store - that's exactly what tools like Aurora do.

You are right that they are up to developers, but that's the problem. It should be up to users how they run their software on their hardware.

[–] Zak 18 points 1 week ago* (last edited 1 week ago)

When Microsoft first proposed this sort of crap, it was widely seen as a nightmare scenario. Now, it seems as if only a few of us open source nerds care.

[–] kokesh 12 points 1 week ago (1 children)

Fuck Google. Hopefully Magisk & modules will find a way to keep hiding root from crappy bank apps.

[–] daddy32 1 points 1 week ago (1 children)

I see you wrote "& modules", because you certainly know where Magisk developer works and why he removed the option to hide it from other apps. It's just hopeless. It's just a matter of time until this kind of crap gets into the legislation in the name of security.

[–] kokesh 3 points 1 week ago

Magisk Deny works pretty well. Play Security Fix module does the truck for Google Pay. Sometimes it needs an update, but I'm successfully posting with my phone most of the time. And all my banking apps run OK just with the deny list.

[–] [email protected] 9 points 1 week ago (2 children)

I sideloaded fdroid and install most of my apps over that. From the text I don't understand what the actually change will be.

[–] [email protected] 6 points 1 week ago (1 children)

the image at the top seems to be the only real hint - it looks like it's supposed to be for restricting which apps may run in the background while performing "secure" tasks in other apps

[–] pivot_root 6 points 1 week ago* (last edited 1 week ago)

Oh, yay. I can't wait until Netflix starts requiring users to temporarily disable because it supports screen sharing. Can never have too many layers of ~~user inconvenience~~ assurance for rightsholders, you know?

[–] [email protected] 4 points 1 week ago

For apps installed through the play store, developers have the option to add these "layers of security" with Play Integrity. The one the screenshot shows keeps you from opening and using an app if specific apps are detected to be running in the background (like a bank app blocking you from using it if a screen recorder app is running on the background). Another feature is apps blocking them from running if they weren't installed from the play store (like side loading a bank app and it prevents it from running because it might be malicious).

For apps distributed outside of the Play Store (and for people side loading them) and those running rooted/bootloader unlocked devices nothing changes, as Play Integrity is no longer in effect in those cases

[–] [email protected] 8 points 1 week ago

of course Another way to track you

[–] [email protected] 7 points 1 week ago (1 children)

Android peaked with version 9.

[–] [email protected] 1 points 1 week ago

I mean 12 had some good features

[–] i_shot_the_sherry 6 points 1 week ago

This is bad news when using "official" apps such as the ones from banks, right?

[–] [email protected] 5 points 1 week ago

... Great