Google is making it harder for Android apps to spy on each other

1. Home
2. News
3. Privacy

Google is making it harder for Android apps to spy on each other

(Image credit: Lukmanazis/Shutterstock)

Google is making a change to Android that volition prevent apps from snooping on i some other.

Taking effect May 5 and applying primarily to Android 11, the rule update bans well-nigh apps from using the new QUERY_ALL_PACKAGES permission, which reveals details about the other apps installed on a device.

• The all-time Android antivirus apps to keep your device make clean
• This Android update is really nasty spyware — what you need to know
• Plus: Hackers turn to phone calls to infect PCs with malware

Information technology'southward meant to stop apps from getting sensitive information or creating device profiles that can exist used for advertisement or even spying purposes.

The exceptions volition be apps that need to meet what'southward going on as part of their core functions, including antivirus apps, browsers, file managers and search apps. Digital-wallet and cyberbanking apps may be able to ask for temporary exceptions.

These apps will have to declare that they are using this permission in their Google Play listings.

Google explained in a new notice to app developers that it "regards the device inventory of installed apps queried from a user'southward device as personal and sensitive information."

Apps that asking to utilize the QUERY_ALL_PACKAGES permission "must exist able to sufficiently justify why a less intrusive method of app visibility will not sufficiently enable your app's policy-compliant user-facing core functionality."

Abusing a privilege

The QUERY_ALL_PACKAGES permission, introduced with Android xi, replaces and supersedes an older set of functions that apps have used to see details well-nigh the other apps installed on an Android device, Catalin Cimpanu at The Record explained.

These functions were originally created to resolve compatibility issues, but they concluded up beingness driveling. Because they were functions and not permissions, the apps did non demand to ask or even inform the user before doing so.

A year-old inquiry newspaper institute that roughly 30% of commercial Android apps — including nearly 73% of games — used these functions to go information about the other apps installed on a device.

Less than 3% of open up-source Android apps did so. Many of the app queries were generated by third-party ad and utility code used by app developers, oftentimes without the noesis of the developers themselves.

Although this modify in theory affects only Android 11, estimated to exist on simply about 6% of Android devices in active utilise right at present, XDA-Developers explained that it will become more or less mandatory in November when Google will require that all app development "target" Android 11 or later rather than earlier versions.

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has too been a dishwasher, fry melt, long-haul driver, code monkey and video editor. He's been rooting effectually in the information-security space for more than fifteen years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. Yous can follow his rants on Twitter at @snd_wagenseil.

Source: https://www.tomsguide.com/news/android-app-mutual-visibility

Posted by: brooksblaway.blogspot.com

Share this post