Third party stores do not have the same functionality as Google's store, this is one of the things Epic sued over, so I imagine it will factor into the remedies.
AFAIU Aurora isn't an alternate store, but an alternate front-end to the Google Play Store.
That is, the only apps available through Aurora are those on Google Play, and if Google's rejected an app, then you won't be able to install it via Aurora.
By contrast, F-Droid is an alternative front-end and app store, with apps available which aren't included in Google Play (for example, Termux).
(I use both Aurora and F-Droid on an Onyx Android device.)
By that measure, F-Droid is very close in that both have the majority of apps some people use (Aurora for you, F-Droid for me).
Neither can compete with the Play store though, as only Google's offering is allowed to update or install apps in the background without user interaction (without root). For that matter, only Google Play Protect (part of the Play Store IIRC) can uninstall apps from user's devices with no interaction.
>only Google Play Protect (part of the Play Store IIRC) can uninstall apps from user's devices with no interaction.
That sounds horrible. Why can a store decide to delete an app with no prior notice?
But it does seem Google has given more freedom to other apps to install apps. I guess it comes down to if that's still too many clicks or too fear mongering to count as "competitive".
Worse than that, I've had it unilaterally block legitimate third-party apps I've installed from F-Droid. Then since I've disabled it, it constantly nags me to re-enable it so it can re-delete my third-party apps. If you want to talk about anti-competitive, Play "Protect" should be where you start.
In my experience Google Play Protect can be disabled, and shows a warning an app might be "Harmful" and sometimes prompts to Uninstall or Ignore the warning, afaik no unprompted uninstalls
You're right! I thought I'd heard something about that, but couldn't quite remember :) From your linked article though:
> in response to mounting pressure from Epic Games and government regulators
Just because it came out before the judgement doesn't mean it wasn't because of the court case. And frankly, needing to be sued to do the not-a-monopoly thing isn't exactly a great look.
Maybe I'm just grouchy because I'll never get to use it though - BlackBerry stopped making handsets, so I'm using either the last great physical keyboard (subjective, but true IMO) while being "stuck" on Android 8.1, or GNU+Linux à la Pinephone Pro.
Google Play is not just app store, but also the only way to efficiently deliver push notifications on Android devices. And latest modifications to Android OS make it very rippled without push notifications, all background apps unload from memory very fast. The result is that it makes many types of apps impossible to implement without relying on push notifications - and lock in to Google Play services.
While they carry almost the same name, Google Play Services are not the same as the Play Store, though. You can use the former without using the latter.
I highly doubt that a manufacturer can release an Android phone that does not have Google Play Store app but does use Google Play Services. We have evidence that Google prohibits even releasing other models w/out Google Play store if it wants to make Androids with Google Play.
Pretty much. Google Play services runs as like a root process that can (among other things) bypass all the security checks that the OS usually has. That includes those annoying update confirmation dialogs which make it impossible to install updates automatically without user interaction.
> Pretty much. Google Play services runs as like a root process that can (among other things) bypass all the security checks that the OS usually has.
Unnecessarily mind you, GrapheneOs proved that you can get the vast majority of GMS functionality without it needing to run as root.
Even Gpay would work if google allowed it.
> That includes those annoying update confirmation dialogs which make it impossible to install updates automatically without user interaction.
This has changed with android 12, third-party sources can now auto update an app after a user accepts the initial prompt go install it.
> That includes those annoying update confirmation dialogs which make it impossible to install updates automatically without user interaction.
Important to note this has changed starting with android 12, now you just need accept installing the app, and the source can update the app without interaction.
Droidify (third party fdroid client) supports it, among others like Aurora store.
Specifically GMS runs as a "privileged app" (that's what priv-apps stands for) which can declare access to permissions in the manifest that non-privileged apps can't even ask for.
You can install and run apps from Aurora store without having Google Services installed? Did Aurora store replace Google Services somehow? Many apps depend on those services.
It uses that to install new applications and update applications installed by other app stores without the OS-level confirmation, probably can't be uninstalled on most Android OSes and perhaps some other things.
Auto updates can be implemented by other apps without prompt. [0] But you're right on initial install there is that installation confirmation prompt and other stores may be uninstalled.
It feels like you're trying to use the existence of some criminal acts as a justification for a different set of criminal acts.
So, yes, when users literally own their own devices, it is difficult for the manufacturer to keep them perfectly secure without abusing monopoly power.
The door also swings the other way here too, because malware has certainly existed _inside_ the Play Store, and it took _users_ to bring it to the billion dollar corporations attention.
You realize the same company suing Google and saying that allowing third party app stores is the same company that actually introduced a vulnerability by doing so?
The entire value proposition of the App Store is the sandbox.
I just had a coworker say that he surreptitiously installed an app on his son’s phone that allowed him to see everything his son was doing remotely and listen in to his son’s conversations. He showed it to us in action.
This sounds suspiciously similar to the “evil maid” attack: all bets on security are off when you’ve got physical access to the device. This is a well known weakness in all platforms. Some platforms manage short term protections against this, but nothing ever withstands it in the long run.
If the adult demanded the kid's phone password, it's rubber hose cryptanalysis. If the adult set up the password for the kid, it's a supply chain attack. Evil maid implies you don't know the password at all, which doesn't sound like the case here.
Yes and because of Linux’s “openness” it’s being used by most people as their main desktop OS and in the US 60% of the market are buying iPhones. Have you thought that their priorities aren’t the same as yours?
Surely most people care at least enough about openness to want to be able to install apps on their phone. Your threat model is considering an authorized user installing an app to be a security breach.
Android has privacy indicators for when software is recording things on the phone. Wouldn't that give the coworker away? Or does his son just have an old phone? (The privacy indicators are fairly new, IMO, but it mirrors a thing Apple did a few years ago.)
What “child tracking” device on iOS lets you intercept phone calls, text messages and remotely monitor in real time what someone is doing on their phone?
It's a difficult security model when the threat actor is a parent who presumably has access to the device and in an unlocked state along with permissions to install anything from anywhere. It's not like the threat actor realistically couldn't (with some effort) see everything the child was doing already just by asking so I don't really see this as a very good threat model.
Sure, Apple might prevent you from installing such applications on devices (though they offer monitoring app usage and websites for parental controls), but that's just because they have a walled garden that could disallow such apps and it's less clear how to weigh app freedom against user safety.
If you're worried about zero days, Android exploits are priced around the same as iOS exploits apparently so take that how you will.
If you own a device you can do whatever you want with it. Can you install surveillance cameras in your own home? If yes, then I don't know why you can't install surveillance software on your own device.
Without any indication that it’s on there? Would you feel the same way about an abusive partner installing software surreptitiously on their wife’s/husband’s phone?
> You really think you are going to ask a child what are they doing every second and what they talked about and they are going to tell the truth?
Of course not, but usually adults can force a passcode out (or take the device altogether) or force the child to sign in for them to see at regular intervals, in which case they can observe everything. I would agree that this is excessive for a parent to do, but clearly the parent you are talking about is already taking excessive measures.
> What’s stopping someone also from surreptitiously installing the same snooping software on another adult’s phone?
Presumably, an attacker will not have access to the device and not be freely given the password or access with the ability to install an app. If they do, then there's nothing stopping the attacker from just going through the phone. Installing a app without the person's knowledge would either require you to have inside access or have a zero day.
> It’s not less clear. There is no reason to allow this type of software to be installed on a phone without a clear indication that it is on there.
A lot of the permissions individually make sense and this software could just be composed by a significant number of them. I'm not sure exactly how the software you are referring to works and its scope, so I'll take a narrow example.
In the case of messages, users may legitimately want a different messaging app. If the adult just side loads an arbitrary SMS app, how is that supposed to be distinguishable to the OS whether the app additionally happens to sync these messages to a third party?
In the case of screen capture, that's a perfectly normal use case to stream your screen. Android does warn you when this is occuring.
Or for that matter, many Android devices permit side loading an entire OS. This could be used by the adult to basically bypass any restrictions on apps altogether. This has a completely legitimate use case. Should we block that as well?
Even if the parent “forces a passcode”, they can’t remotely listen in on conversations and see exactly what their child is doing at any given minute.
> Presumably, an attacker will not have access to the device and not be freely given the password or access with the ability to install an app.
Are you really unaware of what a jealous partner can do?
> A lot of the permissions individually make sense
In what world does a permission to “remotely monitor your screen and intercept your voice and hide that the app is installed make sense”?
> A lot of the permissions individually make sense and this software could just be composed by a significant number of them. I'm not sure exactly how the software you are referring to works and its scope, so I'll take a narrow example.
Maybe it’s a bad idea to allow a third party app to have access to your SMS messages especially seeing they are often used for 2FA?
> In the case of screen capture, that's a perfectly normal use case to stream your screen. Android does warn you when this is occuring.
And yet there are plenty of apps for Android that can do this surreptitiously…
You realize you aren’t making a great case for Android here don’t you?
