GoKawiilGoogle’s new sideloading rules have been announced, which add more friction to the process of installing apps from unverified developers. While the change is meant to stop certain types of scams, it ignores a bigger problem.
Google has set its sights on apps installed from other sources, but it doesn’t address the fact that millions of users are already exposed to malware through the official Play Store.
Do you think Google's new sideloading flow will have a significant impact on scams? 62 votes Yes. 15 % No, not without changes to the Play Store. 85 %
Google is taking aim at the wrong problem
Megan Ellis / Android Authority
The new sideloading process, which will come into play in August, requires users to enable Developer Mode, confirm they’re not being coached, restart their phones, wait 24 hours for a security delay, and then enable the settings to allow them to install the app.
The good news is that this 24-hour process only needs to be completed once. But it’s a much longer flow than what users are accustomed to.
It also targets a very specific form of scam, where scammers pressure targets to install malware as part of a fake emergency. The sideloading process already has hurdles and warnings included, so Google’s new high-friction flow feels like overkill.
There already needs to be a lot at play for this type of scam to work. Some level of social engineering is usually needed, along with contact details for the target. The target then also needs to ignore multiple red flags during the process, as well as the existing warnings on their phone.
However, scamming people through the Play Store is seamless once the app makes it past Google’s filters — making it a way to reach millions.
... continue reading