Google's beefing up Android app security, but not everyone's going to be happy
Google's beefing up Android app security, but not everyone's going to be happy
The Play Integrity API is getting some upgrades right now, but better spoof protection could cause headaches for custom ROMs.
As a currently totally "normal user" - no root, stock OS, I would have been screwed by this security while travelling
Driving in Italy you need to know about ZTL zones - places cars are secretly restricted in - and there's an app for that, but the app is only useful for drivers in Italy and if your phone doesn't default to the Italian play store you can't see it
Your only option is to side load it
It would be no fun to get your phone working with ZTLs only to lose access to your bank apps
of course Another way to track you
so that's actually a decrease in security for the actual user who owns the device.
"Security" meaning "preventing users from using the devices they own in the way they want to use them" apparently.
Silly users, thinking they actually own anything...
If you root, unlock your bootloader or run a custom ROM, nothing changes since your device does not pass the integrity checks and Google already had a feature for developers to block apps from running on those devices.
These new additions are also entirely irrelevant for apps distributed outside of the Play Store since Play Integrity requires the app being downloaded from the store.
Also, all of these additions are entirely up to the developers to add, Google is not forcing anything.
They call out making spoofing harder, although they don't specify how.
It's a normal thing for people to sideload apps that are distributed through the play store - that's exactly what tools like Aurora do.
You are right that they are up to developers, but that's the problem. It should be up to users how they run their software on their hardware.
When Microsoft first proposed this sort of crap, it was widely seen as a nightmare scenario. Now, it seems as if only a few of us open source nerds care.
Fuck Google. Hopefully Magisk & modules will find a way to keep hiding root from crappy bank apps.
I see you wrote "& modules", because you certainly know where Magisk developer works and why he removed the option to hide it from other apps. It's just hopeless. It's just a matter of time until this kind of crap gets into the legislation in the name of security.
Magisk Deny works pretty well. Play Security Fix module does the truck for Google Pay. Sometimes it needs an update, but I'm successfully posting with my phone most of the time. And all my banking apps run OK just with the deny list.
I sideloaded fdroid and install most of my apps over that. From the text I don't understand what the actually change will be.
the image at the top seems to be the only real hint - it looks like it's supposed to be for restricting which apps may run in the background while performing "secure" tasks in other apps
Oh, yay. I can't wait until Netflix starts requiring users to temporarily disable <insert video calling app> because it supports screen sharing. Can never have too many layers of
user inconvenienceassurance for rightsholders, you know?
For apps installed through the play store, developers have the option to add these "layers of security" with Play Integrity. The one the screenshot shows keeps you from opening and using an app if specific apps are detected to be running in the background (like a bank app blocking you from using it if a screen recorder app is running on the background). Another feature is apps blocking them from running if they weren't installed from the play store (like side loading a bank app and it prevents it from running because it might be malicious).
For apps distributed outside of the Play Store (and for people side loading them) and those running rooted/bootloader unlocked devices nothing changes, as Play Integrity is no longer in effect in those cases
This is bad news when using "official" apps such as the ones from banks, right?
Android peaked with version 9.
I mean 12 had some good features
... Great