Self-updating apps are now banned from Google Play
Posted on 29 April 2013.
Google has made added a short but very significant clause to its Google Play Developer Program Policies, banning apps downloaded from the official store to "modify, replace or update its own APK binary code using any method other than Google Play's update mechanism."

The change is believed to have been provoked by Facebook's update to its official Android app that would allow the company to push out updates for it without going through Google Play and without asking the users' permission.

"One possible downside to this is that it now explicitly prevents developers from publishing emergency patches via their own websites, even if only part of the app is changed, while waiting for the new version to be approved into the Play Store. On balance, though, this seems like a loophole that needed closing," says Sophos' Paul Ducklin.

The problem is not with Facebook or other legitimate developers - it's with those who would use Google Play as a way of lending legitimacy to their apps, then update them with malware or make them change their behavior in a way that is detrimental to user privacy, security and finances.

The change in the policies will surely affect all developers in a small or big way. Apparently those that do not change their apps to conform to this new rule will be banned from offering them on Google Play, but Google will probably set a period of grace during which the changes will have to be made.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th