This Is How Android Will Restrict Sideloading Next Year
Summary
-
Android tightens the stake: the verifier developer checks applications; Rare installations require the internet.
-
Pre-author tokens facilitate the installations of the third party store; Play the older Android backcore protection rules.
-
Student / amateur accounts are lower than the costs but installations of the ceiling device; Malventy software or fraud lead to account blocks.
Bad news. Android, who has been quite democratic for years with regard to the keyboard, has a lot of things things from next year. The company has now come into detail about how it will work, and although there are money liners, it could still be dark for some of you.
Google has now detailed how Tours breeding will work from the second quarterly version of Android 16. The company insists that “the elogerie is fundamental for Android” and is there to stay, and for this purpose, these new measures are supposed to make the key holder to use. But that could still cause problems.
When a user tries to install an application for the first time, a new system service called “Android Developer Verifier” will be activated. This service will contact the Google backend to confirm that the application signature key and the package name have been submitted by a verified developer. The Verifier service of the developer will keep a disk cover of popular and already verified applications, which allows them to be installed without network connection, so it does not have to check online each time you want to install an application. For less common applications and not in the cache, however, an internet connection will be necessary, which could suck for some.
The new system recognizes the legitimate need for certain users to install applications from independent developers or third -party stores and try to get around this. To rationalize the process for third-party application stores, Google also introduces a “pre-Autth token”, a cryptographic blob that stores can transmit to the system to check an application without additional network calls. These changes will also be covered with older Android versions thanks to updates from Google Play Protect.
Google also detailed its plans for a separate account type for students and amateurs. These accounts will have fewer verification obstacles and will give up the registration fees of $ 25 standard. However, they are delivered with a significant limitation designed to prevent poor use of malicious actors: a strict ceiling on the number of devices that can install their applications. To apply this, a user must provide a unique device identifier to the developer, who must then manually authorize this specific device in the console of the Android developer, effectively limiting distribution to a small known group of people.
The company has also described its strategy to prevent bad players from bypassing the system. The developers will have to prove the property of the name of the package of an application by demonstrating that they have the correct signature key. Persons captured in distribution of malware will be faced with restrictions at the account level, blocking all the applications associated with them with the installation. Google also claims to have owner techniques to detect identity fraud during the verification process, in particular by identifying the false submissions generated by the AI.
All this may seem insufficient with regard to third-party stores like F-Droid, which is to make applications really from independent developers who do not rely on Google servers. But we will have to see how it all goes and if Google can reach a point where everyone is happy.
Source: Android Authority
