Android users might have a lot to anticipate, with Google hinting at groundbreaking new AI releases. However, there has been a sudden emergence of a new warning on Samsung Galaxy devices, which reportedly seems to disturb users and raise significant questions about the timing of the warning.
It’s not only Apple making headlines over its App Store changes in response to Europe’s DMA—including mimicking Android’s sideloading to some extent, at least. It seems that Google is also strengthening its traditionally laid-back approach.
From last year, Google has been cautioning owners of its Pixel devices when they download Google apps from sources other than its Play Store. This new update ownership “allows third-party app stores to become the only source of future automatic updates to an app they initially installed,” as reported by XDA-Developers
However, Android Police states that “Google has extended caution notices for sideloaded app updates to non-Pixel phones and non-Google apps.” This “irritating ‘update ownership’ warning” will come as a surprise to users who expect to install what they want from where they desire, relinquishing risk for flexibility. This has always been Android’s draw, making it distinctly different from Apple’s locked-down iPhone.
The warning itself connects back to the idea of app ownership introduced with Android 14. Essentially, an app store can impose provenance over an installation, triggering a warning if an update is requested from somewhere else. While this seemingly relates to integrity and functionality, there’s obviously a considerable security aspect as well.
While the warning dialog is not alarming, it will be unexpected, and something that Samsung and other Android device owners do not anticipate. “This is our first clear indication,” Android Police highlights, “that Google is ready to expand these cautions beyond Pixel phones and Google apps/services.”
Typically, this story might go unnoticed. The warning appears just once—it’s more of an inconvenience than anything else. I have reached out to Google for information about these new cautions and the rate at which they will be rolled out, with no further details yet. While this has started to appear on non-Google devices for non-Google apps, it’s not yet widespread and has not yet “annoyed” the probably millions of affected users.
But timing is crucial. It’s noticeable that this has occurred right as Apple hogs the headlines over the security and privacy risks—or lack thereof—in sideloading, with regulators reportedly monitoring its own DMA-induced implementation with interest.
As my colleague Kate O’Flaherty reported on Forbes, “iOS 17.4 will be welcomed by iPhone users in the EU who would like the same flexibility Google’s Android users enjoy. But Apple has warned that sideloading and the associated changes to iOS and its ecosystem as a result open up iPhone users to major security risks.
Over the past few weeks, I’ve reported on the latest wave of Play Store malware affecting Android devices. First SpyLoan, then Xamalicious, and finally a research note warning about the scourge of “copycat apps.”
Each of these cautions covered some limited Play Store installations, but primarily concerned the much less secure and controlled third-party stores.
This is the balance that Apple says it now needs to strike. Providing the seeming competitive freedom demanded by the EU, while maintaining its security credentials. Apple genuinely does need to navigate a path through this. While prompted by good intentions and instincts, I suspect most iPhone users are wary of lessening the famed security credentials of their devices. Arguably, users can choose the locked-down iPhone or open Android ecosystem. That choice in Europe is now reduced.
“We’re trying to strike a balance,” Sundar Pichai said last year, of Google’s own efforts in this area—but taking a different angle to Apple. “We believe in choice,” he said, “so on Android we allow you to sideload and install additional applications.”
But Pichai also pointed out that there is a user risk in venturing outside the official channels, where it has directed considerable resources in recent years to fortify security. It’s like a seatbelt, he said. Users can choose to use them. or not.
Until now, there has been a clear divide. Apple has a complete ban on sideloading, and Google is quite open. It hasn’t been possible to directly compare and contrast the security and protections available, given those varying approaches. But now it’s all change, and for the first time, the playing field has been somewhat leveled.
And so we watch with interest to see what Apple offers in practice—and how that is received by regulators, and then how Google reacts. Which is why the timing of this latest caution is interesting and why this story is worth monitoring as it unfolds.
Follow me on Twitter or LinkedIn.