Google has announced that it is moving away from the APK format for Android apps. Jack Wallen gives his opinion on why this is happening.
Google is always doing something or the other. Now, before you jump to an important conclusion, let me make myself clear: I don’t believe Google is always of a nefarious nature. I’m of the opinion that everything Google does is positive – at least on the technology front. Call me Pollyanna or not, I want to give them the benefit of the doubt. And given how easy it is to spread public opinion like a meme on Slow Friday, any company with nefarious antics should understand that it’s not the point, but when they are caught.
See: Hiring Kit: Android Developer (techrepublic premium)
So when it was announced that Google was moving away from APKs on Android in favor of Android Play Bundles, my mind went to a very special place (which it often goes to). Where is the security.
Before you roll your eyes or judge me (or both), listen to me.
One of the issues I’ve been bothering with for years is sideloading applications. With Android, it is not that difficult to find an APK file from any website and install it on your phone. The problem with this is that you have no way of knowing if that file was checked for security. In the end, you could have installed a piece of malware or ransomware on your phone, assuming the APK was just an innocent looking game.
And sites offering APKs are everywhere. Some of them may not have malicious intent in mind, but many do. Google knows this and they have struggled with it for years. As far as I’m concerned, I regularly come out to say, “Don’t install apps from anywhere other than the Google Play Store!” Many listen, while some do not.
See: Electronic Communications Policy (TechRepublic Premium)
If Google has anything to say about this, the APK may be dead in the near future.
This is right. Google has officially announced that it is moving from APK to Android Play bundle. And they have only given one month notice to shift developers. Of course, existing apps on the Play Store are exempt from change, but all new apps must be submitted in the new format, otherwise they will not be accepted.
See: Samsung Galaxy S21 Series: A Cheat Sheet (Free PDF) (Tech Republic)
There has been some speculation that the move was made after Microsoft announced that it would allow Android APKs to run on Windows 11. While it’s tempting bait for a media cannon, I don’t buy it. I think Google is looking beyond this and its end game is to eliminate APK files altogether.
but why? What’s the drama here? I believe Google has finally done it with side-loading and is making this change to eliminate it. This makes the most sense as the need for security is at an all-time high. Malicious apps and attacks aren’t going anywhere. In fact, they are only going to grow and become smarter than ever. The companies that produce, curate and distribute the software are at a loss as to how to stop doing what they do. If Google’s mindset suits me, this move is a clear checkmate against those willing to steal users’ data and hold their devices for ransom.
And that would be a huge step forward. If Google eventually does away with the ability to side-load applications, it would go a long way toward preventing users from installing malicious apps.
Before I continue, understand that this is a complete guess on my part. I’m drawing a conclusion that may be way off the mark. But for Google to pull it off, with any measure of success, they’ll have to keep that Android Play bundle format near the vest. The second specs have been released for this new format, they’ll find side-loadable apps everywhere. So, once they officially transition to the new format (in August 2021), Google should permanently disable side-loading for both the old and new formats.
See: Password-stealing spyware targets Android users in the UK (Tech Republic)
This may wag some developers and companies, but the safety of the end user should come first. Period. And although it is great to have options, in this case end users should have only one choice: one that gives them even the slightest guarantee of security. If the safety of end-users and consumers doesn’t come first, you’re going about business to business wrong.
warning for warning
Here’s the thing: There will always be a certain user type who installs alternative ROMs on their Android devices. It should always be a possibility for those who choose. And Google should respect that community going forward. Even though the Android Play bundle will be the default format going forward, the company should allow APKs for alternate ROMs. So, here’s how I see it playing out in the future (not immediately):
- For official Android builds—Android Play Bundle will be the only supported format, which can only be found in the Google Play Store.
- For Unofficial ROMs—Both APK and Android Play Bundle are supported.
The above two will work:
- Better protect consumers.
- Calm down those who want to use unofficial roms.
I think this is the best alternative to google. Anyone who has bothered to look at the security crystal balls knows that the situation is about to get worse. Unless Google does something now, Android could become a real playground for hackers and thieves. If Google plays its cards correctly, this migration to the Android Play bundle could go a long way to cap it off.
But again, this is only conjecture on my part. Google may have other reasons for moving away from APKs (such as the speed and size of the installation or preventing Windows 11 from integrating with the Google Play Store). Only time will tell, but I expect it to be on the side of more security for consumers.
Subscribe to TechRepublic’s How to Make Tech Work on YouTube From Jack Wallen to all the latest tech advice for business professionals.