I don’t think it’s about the data. There’s not much volume here. I think instead it’s about blocking apps they don’t like. Like some pesky ad blocking apps for YouTube. They know more people would reach for YouTube adblockers as they keep increasing the ads on the free tier as well as the price of the Premium tier. The way to prevent that is to make it extremely difficult to install such apps.
Do you think they won’t have a provision to revoke developer’s signing keys for reasons they determine? If they don’t, the whole malware-fighting angle would be meaningless. Once developer’s keys are revoked, their apps become uninstallable on Android that ships with Google apps. They could also easily uninstall apps signed with revoked keys.
I assume they’ll do this using chain of trust where they give signing keys to verified devs so that the apps don’t have to be signed by Google, but Android can still check if an app was signed by a Google-issued key.
Is that right!?
Giving up the app signing keys would allow Google to publish anything in your name. This sounds like a nightmare.
Surely there could be some equivalent to DNS confirmation by adding a key provided by Google to a txt record (or the signed app)
I don’t think it’s about the data. There’s not much volume here. I think instead it’s about blocking apps they don’t like. Like some pesky ad blocking apps for YouTube. They know more people would reach for YouTube adblockers as they keep increasing the ads on the free tier as well as the price of the Premium tier. The way to prevent that is to make it extremely difficult to install such apps.
deleted by creator
Do you think they won’t have a provision to revoke developer’s signing keys for reasons they determine? If they don’t, the whole malware-fighting angle would be meaningless. Once developer’s keys are revoked, their apps become uninstallable on Android that ships with Google apps. They could also easily uninstall apps signed with revoked keys.
I assume they’ll do this using chain of trust where they give signing keys to verified devs so that the apps don’t have to be signed by Google, but Android can still check if an app was signed by a Google-issued key.
E: Looking at this it says:
So you give your keys and I suppose they allowlist that package and keys. That means they’ll be able to revoke individual apps as well as dev keys.
Is that right!? Giving up the app signing keys would allow Google to publish anything in your name. This sounds like a nightmare.
Surely there could be some equivalent to DNS confirmation by adding a key provided by Google to a txt record (or the signed app)
The pub key could be enough to check if an app was signed with the private key.