All changes regarding the Play Store – Millions of phones will be affected.
Android 15 is now on millions of Pixel devices. But while this upgrade focuses on security and privacy first and foremost, it’s missing two of the new headline features. One isn’t coming soon, but the other is imminent, potentially disabling apps on your phone by the end of this year.
A long-term missing security feature is Google’s new mobile network security, which protects users from network-based identity tracking and interception. This requires tight modem and OS integration, and no phone, not even the new Pixel 9, can do this yet. The second, more pressing upgrade is even more important and should be a real game-changer for Android security.
When it arrives on phones by the end of the year, Google Play’s live threat detection will “analyze additional behavioral signals related to the use of sensitive permissions and interactions with other apps and services.” If suspicious behavior is discovered, Google Play Protect sends the app to Google for additional review and can warn users or disable the app if malicious behavior is observed. Masu. ”
Google Play Protect already “scans 200 billion Android apps every day,” but this adds a new level of immediacy and performs early checks on the phone itself, “scanning 200 billion Android apps every day.” Enhances fraud and abuse detection for apps.” It uses on-device AI processing through Google’s Private Compute Core to maintain user privacy.
Eliminating extremely dangerous apps is a no-brainer, but what’s even more interesting is the potential to crack down on privilege abuse. This has always been a big issue across the Android ecosystem, with even the most popular apps requesting more permissions than necessary as user data continues to be collected at will.
Just last month, cyber news He warned that “popular apps have no limits” when it comes to “dangerous permissions,” and an analysis of the 50 most popular apps found that abuse of such permissions is rampant. I warned you that you did. Click here for more information.
Researchers found that access to photos and videos on a device was the second most abused permission, with an astonishing 30 of the 50 apps reviewed asking for it. . “Malicious attackers could exploit access to storage to leak or compromise files such as photos, videos, documents, and other personal information,” they warn.
This is exactly the kind of privilege abuse that Google’s new on-device protections should monitor. Why would an app need to access media if it’s not absolutely necessary for the app’s functionality? Access to photos is particularly sensitive, and Google has been trying to restrict it for some time. I tried it, but it wasn’t very successful.
The most abused “dangerous” sensitive privileges
“Android 13 will be released in 2022.” Android permissions To explain, Google introduced the Photo Picker API… The Photo Picker API allows apps to request access to selected photos and videos without requesting permission to access the entire media gallery. This is intended for apps that need to access photos and videos once or frequently. ”
However, this opt-in for app developers was not accepted. “Google has had a really hard time getting developers to adopt it. The majority of Android apps continue to use either the old system’s file picker or a custom-developed picker, the latter for photos and We need widespread access to video.”
But now everything has changed. Google has confirmed that a policy change has forced the use of Photo Picker. “We’re working to make photo permissions even more private for users,” the company announced at its I/O event. starts this year, Apps on Play must certify that broad access is required to use the photo or video permissions. Google Play will begin enforcing this policy in August. ”
It is now in effect. “It seems like the crackdown started at the end of last month.” Android permissions I will report it. “Starting September 18th, Google will require developers to ‘submit a declaration form to qualify for core use/broad access or have their privileges removed (for one-time/infrequent use).” Developers must fill out a form by the end of this month or their apps will be blocked from updating on Google Play. ”
It looks like Google may be giving some apps until the end of the year to clean up their code, but that’s just 10 weeks from now. This is very welcome. It’s better to force changes across the board and mitigate when edge cases are found. If developers had adopted APIs earlier, this heavy-handed approach wouldn’t have been necessary. But they weren’t. And considering that even the best and most popular apps abuse permissions. cyber news At some point, I’ll have to report on this.
I confirmed with Google that live threat detection is coming to phones later this year, with Pixel and several other OEMs planning to be the first to break out of the trap. We will be watching with interest to see how strict the crackdown on abuse of sensitive permissions will become. But another big Play Store update this year was the weeding out of low-quality and risky apps. And the decrease in the number of apps on the store shows that it is being taken very seriously and that the store is changing for the better. On the other hand, it will bring an end to the abuse of photography permits even faster.
