SoylentNews is people
SoylentNews
New Play Store rules block most apps from scanning your entire app list:
Google is finally taking steps to limit what applications can scan the application list on your device.
Google has announced another privacy restriction for Play Store apps. Starting this summer, Android 11's new Query_All_Packages permission will be flagged as "sensitive" on the Play Store, meaning Google's review process will restrict it to apps the company feels really need it. Query_All_Packages lets an app read your entire app list, which can contain all sorts of sensitive information, like your dating preferences, banking information, password management, political affiliation, and more, so it makes sense to lock it down.
On a support page, Google announced, "Apps that have a core purpose to launch, search, or interoperate with other apps on the device may obtain scope-appropriate visibility to other installed apps on the device." Google has another page that lists allowable use cases for Play Store apps querying your app list, including "device search, antivirus apps, file managers, and browsers." The page adds that "apps that must discover any and all installed apps on the device, for awareness or interoperability purposes may have eligibility for the permission." For apps that have to interact with other apps, Google wants developers to use more scoped app-discovery APIs (for instance, all apps that support x feature) instead of just pulling the entire app list.
There's also an exception for financial apps like banking apps and P2P wallets, which the page says "may obtain broad visibility into installed apps solely for security-based purposes." We assume this means scanning for root apps. The new policy also states that "[a]pp inventory data queried from Play-distributed apps may never be sold nor shared for analytics or ads monetization purposes."
When will this apply to all applications?
Today's restriction is a great example: the Query_All_Packages permission was added in Android 11, so it only applies to apps targeting Android 11's API level, which is "API Level 30." The Play Store's restrictions, naturally, also only apply to apps targeting API level 30 and up, which probably isn't many apps right now. Shortly after Android 11 is one year old, though (in November 2021), the Play Store will make API level 30 the minimum API level for updating apps, so the permission and the new restrictions will apply to every currently maintained app in the store.
(Score: 4, Insightful) by tangomargarine on Monday April 05 2021, @10:34PM (3 children)
"Who The Hell Thought This Was Ever A Good Idea?"
*facepalm*
I can maybe imagine a circumstance where the OS needs to know, but why would an app ever need this information? At worst just make a Does_App_By_Name_Exist(x) function that queries whether specific names are installed.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"
(Score: 4, Insightful) by tekk on Tuesday April 06 2021, @12:59AM
The launcher is "just an app" on Android. I can't think of any other kind of app that'd need this info though.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @10:34AM (1 child)
Many PC games nowadays require admin privileges for stuff. Some claim it's to prevent cheating etc... Go figure.
(Score: 2) by tangomargarine on Wednesday April 07 2021, @02:59PM
PC is a different world. And you can blame that on DRM.
"Is that really true?" "I just spent the last hour telling you to think for yourself! Didn't you hear anything I said?"