Android is changing now
SOPA Images/LightRocket via Getty Images
We know it’s coming. Google has confirmed a game-changing Android update that has caused a lot of backlash from users. What we don’t know is how difficult it will be to install new apps on your Android phone when it goes live.
We are talking about side loading. Perhaps the feature above all else that sets Android apart from the iPhone. Responding to the ongoing tidal waves of malware, adware and license abuse, Google is now removing. Starting this year and rolling out by region, only apps from verified developers will be available to users.
As Bitdefender points out, “social engineering attacks often focus on this direct attack vector: convince the victim that it’s a good idea to manually install an app. At the very least, it’s just an annoying app that displays full-screen ads. At worst, the victim installs a banking trojan that takes control of the device and drains the accounts.”
The security firm says “the phone is really dangerous and people agree.” This is undoubtedly true. But Android power users don’t want their freedom to use their own phones in their own way to be limited. I might as well buy an iPhone, was the response of many on Reddit and elsewhere when Google confirmed the changes.
The Android manufacturer responded by promising that sideloading is here to stay. But sideloading apps will now be difficult enough to put off all but the most ardent users.
According to Bitdefender, “one way to make it harder for users to get infected is to make the actual process for sideloading apps more complicated, or at least make users go through multiple hoops that also inform them of potential risks.”
We don’t yet know how painful the plagiophora will become.
Everything Google has he said is that “it’s not a sideloading limitation, but an ‘Accountability Level’.” Advanced users will be able to ‘Install without verification’, but expect a high-friction flow designed to help users understand the risks.”
The challenge is that if this is really just a new set of pop-up warnings, they will be ignored the same way they are now. And that defeats the whole purpose of the change. This needs to be much more rigorous to have the desired effect.
As Google itself says, “online scams and malware campaigns are becoming more aggressive. On Android’s global scale, this translates into real harm for people around the world.” Thus the change. But as always, the devil is in the details.
Watch this space.
