Conversation

Replying to

and

You don't have to distribute apps via the Google Play Store. On devices with Play services and the Play Store, the Play Store is granted the ability to do background installs and uninstalls anyway. Play services is set as a backup service so it can back up and restore app data.

This Tweet was deleted by the Tweet author. Learn more

Replying to

and

I don't see how making that into an APEX module is a problem. It doesn't impact us either. Baseline Android doesn't include Play services or the Play Store. Including them involves giving them a bunch of privileges which includes ability to silently replace an app with another.

Replying to

and

Which permission allows replacing apps without data loss? Not even adb can do that.

Replying to

and

The combination of the ability to install/remove apps in the background with being whitelisted as a backup service. Device-to-device backup support (see Android 11 release notes) implies ability to back up even if the app disables backup support.

Replying to

and

TIL about these new d2d backups!

Replying to

and

developer.android.com/about/versions is how it's going to work in Android 12 but Android 11 supposedly supports it. I don't really think it actually shipped in the intended / documented form for Android 11 though. It has constants, etc. for it but doesn't seem to be fully implemented.

developer.android.com

Behavior changes: Apps targeting Android 12 | Android Developers

Learn about changes in Android 12 that will affect apps when they target Android 12.

Replying to

We made an attempt to use it in Android 11 (for end-to-end encrypted, non-Play backups) but it didn't really seem to exist yet at least in AOSP. I don't know how much is implemented for the stock OS. It's possible Play services has enough privileges to make it work despite that.

Replying to

and

Ok, let's assume Play Services replace an app on Android11 using this mechanism, and the app hasn't blacklisted its data for backup. The app icon would still disappear from your homescreen and some app settings would probably be reverted. Much more complex than pushing an update.

Replying to

and

It's definitely more involved but keep in mind a bunch of core OS components are also built by Google now shipped via the Play Store via APEX components (also known as mainline modules or Google Play system update):

source.android.com

Modular System Components | Android Open Source Project

Replying to

Android with Play is closer and closer to being Google Android instead of an OEM fork where they control everything. Of course, Android exists without Play and the CDD/CTS pass without Play services.

6:51 AM · May 17, 2021Twitter Web App

Replying to

Android with Play is trending towards shipping a Google-built AOSP system image and kernel. I'm sure that's coming in the next couple of years. Mainline modules shipped via Play are already here though and include code loaded into system_server etc.

Replying to

and

Ok, you've convinced me that if you're worried about backdoors from US state-level attackers, you shouldn't be using Google Play services. However, there are other reasons why this is bad, for example this one:

Quote Tweet

Danilo

@dbrgn

May 16, 2021

4: This will enable further modifications to apps, like injecting DRM libraries or possibly even security scanners, tracking or advertising.

Show this thread

Show replies