Google announced a new change regarding sideloading unverified Android apps, which is targeted at power users.
In a post, Google said that this was feedback from ongoing conversations within the Android community.
“While security is crucial, we’ve also heard from developers and power users who have a higher risk tolerance and want the ability to download unverified apps. Based on this feedback and our ongoing conversations with the community, we are building a new advanced flow that allows experienced users to accept the risks of installing software that isn’t verified,” Google said in the post.
They clarified that the new flow will be made specifically to resist coercion so that even the advanced users will not be tricked into bypassing safety checks. They will also be clear warnings to ensure that the people attempting things will fully understand the risk involved in sideloading apps.
This move is a stark contrast to what Google announced in August this year.
“Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices, the article said.
Google still iterates the importance of verification and keeping users ‘safe’is still their top priority. They gave an example of an attack they tracked in Southeast Asia of how scammers use social engineering tactics to trick users to bypassing warnings
“For example, a common attack we track in Southeast Asia illustrates this threat clearly. A scammer calls a victim claiming their bank account is compromised and uses fear and urgency to direct them to sideload a “verification app” to secure their funds, often coaching them to ignore standard security warnings. Once installed, this app — actually malware — intercepts the victim’s notifications. When the user logs into their real banking app, the malware captures their two-factor authentication codes, giving the scammer everything they need to drain the account.”
One of the reasons people started using Android is the fact that there was freedom to install apps downloaded from somewhere other than the Play Store. The furore that ensued from the changes in August has seemed to have softened Google’s stance, but for now, you know, as an experienced user, there is a massive risk attached to it.
