Google is making it harder for Android apps to spy on each other
Google is making it harder for Android apps to
spy on each other
By Paul Wagenseil April
2, 20212, 2021
change bans long-standing abilities to see details of other apps
effect May 5 and applying primarily to Android 11, the rule update bans most
apps from using the new QUERY_ALL_PACKAGES permission, which reveals details
about the other apps installed on a device.
meant to stop apps from getting sensitive information or creating device
profiles that can be used for advertising or even spying purposes.
The exceptions will be apps that need to see
what's going on as part of their core functions, including ,
browsers, file managers and search apps. Digital-wallet and banking apps may be
able to ask for temporary exceptions.
These apps will have to declare that they are
using this permission in their Google Play listings.
that request to use the QUERY_ALL_PACKAGES permission "must be able to
sufficiently justify why a less intrusive method of app visibility will not
sufficiently enable your app's policy-compliant user-facing core
Abusing a privilege
The QUERY_ALL_PACKAGES permission, introduced
with Android 11, replaces and supersedes an older set of functions that apps
have used to see details about the other apps installed on an Android device,
Catalin Cimpanu at explained.
functions were originally created to resolve compatibility issues, but they
ended up being abused. Because they were functions and not permissions, the
apps did not need to ask or even inform the user before doing so.
than 3% of open-source Android apps did so. Many of the app queries were
generated by third-party ad and utility code used by app developers, often
without the knowledge of the developers themselves.
Although this change in theory affects only Android 11, estimated to be on in active use right now, explained that it will become more or less mandatory in November when Google will require that all app development "target" Android 11 or later rather than earlier versions.