Google has added DRM to all Play Store apps

Greg S

Posts: 1,607   +442
Why it matters: Digital Rights Management software has routinely been abused by content publishers and can be downright invasive in certain instances. Google claims to be beefing up security for end users by signing apps with additional metadata, but could easily change course at any time.

As part of Google's efforts to enhance security across Android devices, apps published on the Play Store will now have metadata added to them at the time of publishing. Additional data applied to the APK files hosted by Google is just a fancy way of saying DRM.

One of the benefits to this change is that apps can be verified for integrity even when there is no cellular or Wi-Fi connection. Peer-to-peer app sharing is relatively common in developing markets with more limited internet access, which makes identifying legitimate apps a little more difficult.

For apps that were installed via an APK file to a device while offline, Play Store updates will be automatically enabled once internet access is found. Developers are effectively being given a sanctioned method for distributing their apps outside of the Play Store while still retaining the ability to push updates through Google's platform.

Assisting users in keeping their apps up to date is another way to help make devices more secure. However, there are some obvious caveats here depending on how developers leverage the newly added metadata.

It is now possible for developers to easily restrict how their apps are being used. Netflix used to only work on certain mobile devices that were deemed to be authorized. Any other business or developer could easily follow suit if they were willing to endure the wrath of the general public.

Google's intentions appear to be alright for now, but the addition of what is nothing less than a form of DRM certainly presents some red flags. Anti-tamper protections will be welcomed by those earning paychecks from in-app purchases, but end users are left only taking Google at their word that the new protections are really in their best interests.

Permalink to story.

 
"For apps that were installed via an APK file to a device while offline, Play Store updates will be automatically enabled once internet access is found"

^ That's pretty much the fastest way to encourage me to not buy another Android device. I find side-loading older pre-bloated versions of now horrendously bloated software like ES File Explorer, the only sane way of using them. If I'm forced to use a newer version, I won't be using it at all...

Google's "official store app integrity" is an utter joke anyway. Merely searching for "ES File Explorer" comes up with literally dozens of fake / copycat apps by different devs all calling themselves "ES" with a 99.999% ripped off logo (blue text on white cloud, etc). Or the stolen "traffic cone" logo of VLC on every other ripoff app developer who isn't "VideoLabs", not to mention the usual "flashlight" apps that need access to the net, your photos, files, etc. But then if you were to prune the cr*p out of the Play Store, millions of apps would shrink to about 50k.
 
"For apps that were installed via an APK file to a device while offline, Play Store updates will be automatically enabled once internet access is found"

^ That's pretty much the fastest way to encourage me to not buy another Android device. I find side-loading older pre-bloated versions of now horrendously bloated software like ES File Explorer, the only sane way of using them. If I'm forced to use a newer version, I won't be using it at all...

Google's "official store app integrity" is an utter joke anyway. Merely searching for "ES File Explorer" comes up with literally dozens of fake / copycat apps by different devs all calling themselves "ES" with a 99.999% ripped off logo (blue text on white cloud, etc). Or the stolen "traffic cone" logo of VLC on every other ripoff app developer who isn't "VideoLabs", not to mention the usual "flashlight" apps that need access to the net, your photos, files, etc. But then if you were to prune the cr*p out of the Play Store, millions of apps would shrink to about 50k.
There's got to be a way to turn that off, or at least break it. That would be a serious turn off for me too! By the way, I also use ES File Explorer and noticed it's getting suuuuuper bloated. Did you know there's a pro version? It's way cleaner. I recommend buying it but you can get the apk from websites like https://forum.mobilism.org/viewforum.php?f=398 if you search for it. I also recommend going there for some other apks since some will be signed different, so possibly the Play Store won't be able to match it to the real version in the store.
 
The auto updating better have a disable feature, otherwise this will be a royal PITA.

We really need a third competitor in the smartphone space. I miss having windows phone as an option.

At least we still have alternatives like F-droid.
 
"One of the benefits to this change is that apps can be verified for integrity even when there is no cellular or Wi-Fi connection."

This I like. My music app needs verification once in a while and I would hate to be without it when I don't have an internet connection.
 
"For apps that were installed via an APK file to a device while offline, Play Store updates will be automatically enabled once internet access is found"

^ That's pretty much the fastest way to encourage me to not buy another Android device. I find side-loading older pre-bloated versions of now horrendously bloated software like ES File Explorer, the only sane way of using them. If I'm forced to use a newer version, I won't be using it at all...

Google's "official store app integrity" is an utter joke anyway. Merely searching for "ES File Explorer" comes up with literally dozens of fake / copycat apps by different devs all calling themselves "ES" with a 99.999% ripped off logo (blue text on white cloud, etc). Or the stolen "traffic cone" logo of VLC on every other ripoff app developer who isn't "VideoLabs", not to mention the usual "flashlight" apps that need access to the net, your photos, files, etc. But then if you were to prune the cr*p out of the Play Store, millions of apps would shrink to about 50k.
There's got to be a way to turn that off, or at least break it. That would be a serious turn off for me too! By the way, I also use ES File Explorer and noticed it's getting suuuuuper bloated. Did you know there's a pro version? It's way cleaner. I recommend buying it but you can get the apk from websites like https://forum.mobilism.org/viewforum.php?f=398 if you search for it. I also recommend going there for some other apks since some will be signed different, so possibly the Play Store won't be able to match it to the real version in the store.

Why would you buy a bloatware piece of software when Total Commander exists? The best way to fight against bloatware is to switch to its competitor.
 
Android is such a mess and a fraud. The great "open-source" OS that was going to free us all from vendor and telco tyranny has spectacularly failed to do so. Users wait weeks, months, or forever for every telco to dribble out their hacked, crapware-laden, proprietary versions for every device one at a time. Until of course they stop bothering to do so.

PATHETIC.
 
It is now possible for developers to easily restrict how their apps are being used.

Can you please provide proof of this (something beyond just supposition)? I couldn't find this in the Google's blog.


To me this seems to me like a rather positive development. Now Android games from third party stores line Humble will be integrated with Google Play, which can open the market up the way that Steam keys did for Steam.
 
Last edited:
It is now possible for developers to easily restrict how their apps are being used.

Can you please provide proof of this (something beyond just supposition)? I couldn't find this in the Google's blog.


To me this seems to me like a rather positive development. Now Android games from third party stores line Humble will be integrated with Google Play, which can open the market up the way that Steam keys did for Steam.

Google didn’t even call it DRM in their blog why would they spell it out elsewhere. They literally provided an example, that’s not supposition. Install a sideloaded app and it can now be forced to update to the new version where all the utility is stripped away to encourage you to buy the “pro” version or replaced subscriptions. This is reality on iOS already. You don’t want it.
 
They literally provided an example, that’s not supposition. Install a sideloaded app and it can now be forced to update to the new version where all the utility is stripped away to encourage you to buy the “pro” version or replaced subscriptions.

Seems to me like the exact opposite of what they describe, so I'm not sure how that would happen. If you install the 'pro' version APK, and it's detected as such (which is what I think they describe), then it'd be updated to that.
 
Back