Google Officially Warns Huawei Device Owners Not To Sideload Its Apps

[Gema Shisila]

Google has warned of serious security and privacy implications of downloading its Android apps other than the Google Play store. Directed at the new Huawei customers, Google said its applications and services aren't available for downloading on the official app store or sideload on new Huawei devices. It is worth noting that Huawei was barred from using Google services following a ban by the US in May, 2019.

"In addition, sideloaded Google apps will not work reliably because we do not allow these services to run on uncertified devices where security may be compromised. Sideloading Google's apps also carries a high risk of installing an app that has been altered or tampered with in ways that can compromise user security," Ostrowski added.

Google officially warns Huawei device owners not to sideload its apps

DOWNLOAD https://urluss.com/2yVQa1

The process of accessing iOS sideloaded applications is easy -- really easy. Anyone can do it from their iPhone or iPad, and it doesn't require jailbreaking the device. All that's needed is to download the app onto the device via a desktop or load apps from the mobile browser.

Anecdotally, jailbreaking isn't as popular or common as it once was. Some people still do jailbreak their iOS device -- this will never completely go away -- but the number of jailbreakers is getting smaller and smaller as Apple rolls out features that used to only be possible on a jailbroken device. Also, it's easy enough to sideload iOS apps onto a phone or tablet, so users may not find it necessary to do so.

There are two different -- but ultimately similar -- methods to sideload iOS apps worth exploring here, and the key with each relies on abusing Apple developer certificates. The simplest method is via the device itself.

While it remains easy for users to get these applications, an iOS device with sideloaded apps opens up another vector for bad actors to get spyware and other malicious software onto iOS devices. Organizations must be sure they can trust the third-party app store where the IPA file or app originated.

Jailbreaking also leaves devices more vulnerable. In theory, malicious apps would have less effect on jailed devices than jailbroken ones. Administrators need to think about the overall threat model. No method to getting unauthorized apps onto a device is great from a security perspective. Any sideloaded iOS apps will have unfettered access to a device, along with APIs, according to Lookout.

Apps scanning means that Google scans not only publicly available apk through their search engine, it also scan apps that are sideloaded by users on their device. This feature enables threat detection across devices. For instance if you are trying to download an apk file flagged as dangerous by Google Play Protect (either by their routine scanning or because other users have reported the file), it will display a warning message.

In addition to not having a way to identify the hardware, apps cannot directly identify the installation of the OS on the hardware. Apps only have a small portion of the OS configuration exposed to them and there is not much for device owners to change which could identify their installation. Apps can detect that they're being run on GrapheneOS via the privacy and security features placing further restrictions on them and hardening them against further exploitation. Apps can identify their own app installation via their app data and can directly (until that's removed) or indirectly identify a profile. Profiles should be used when separate identities are desired. Profiles can be used as temporary ephemeral identities by creating them for a specific need and then deleting them. The rest of this answer only provides more technical details, so you can stop reading here if you only want an overview and actionable advice (i.e. use profiles as identities not inherently tied to each other).

Root access is sometimes compared to jailbreaking devices running the Apple iOS operating system. However, these are different concepts: Jailbreaking is the bypass of several types of Apple prohibitions for the end user, including modifying the operating system (enforced by a "locked bootloader"), installing non-officially approved (not available on the App Store) applications via sideloading, and granting the user elevated administration-level privileges (rooting). Many vendors such as HTC, Sony, OnePlus, Asus, Xiaomi, and Google explicitly provide the ability to unlock devices, and even replace the operating system entirely.[1][2][3][4] Similarly, the ability to sideload applications is typically permissible on Android devices without root permissions. Thus, it is primarily the third aspect of iOS jailbreaking (giving users administrative privileges) that most directly correlates to Android rooting.

As of 2011[update], the Amazon Kindle Fire defaults to the Amazon Appstore instead of Google Play, though like most other Android devices, Kindle Fire allows sideloading of applications from unknown sources,[9] and the "easy installer" application on the Amazon Appstore makes this easy. Other vendors of Android devices may look to other sources in the future. Access to alternate apps may require rooting but rooting is not always necessary.

Until 2010, tablet and smartphone manufacturers, as well as mobile carriers, were mainly unsupportive of third-party firmware development. Manufacturers had expressed concern about improper functioning of devices running unofficial software[55] and related support costs. Moreover, firmware such as OmniROM and CyanogenMod sometimes offer features for which carriers would otherwise charge a premium, such as tethering. Due to that, technical obstacles such as locked bootloaders and restricted access to root permissions have commonly been introduced in many devices. For example, in late December 2011, Barnes & Noble and Amazon.com, Inc. began pushing automatic, over-the-air firmware updates, 1.4.1 to Nook Tablets and 6.2.1 to Kindle Fires, that removed one method to gain root access to the devices. The Nook Tablet 1.4.1 update also removed users' ability to sideload apps from sources other than the official Barnes & Noble app store (without modding).[56][57]

Some users have been resorting to sideloading Google Services on Huawei devices. The search giant, however, warns them that this opens up a door for potential hackers to create fake Google apps. The situation simply shows that Google is not happy with this situation.

Assuming you follow these steps correctly, you should have no issues using the Google Play Store and downloading apps from it. We should also note that Google did previously warn against sideloading its apps onto unauthorized devices, so you might encounter errors in the future when trying to use them,

The Mate 30 has no Android license. As such it has no underlying Google Mobile Services (GMS) on which its apps can be installed. And that means users will not be able to sideload the main software or services after purchase. This lack of GMS, the lack of an Android license, means the core underlying Play Services are not hidden away on the device. If this system layer was in place, after-market installed Google apps would be able to function properly. But without that underlying framework, they will not work. The apps cannot access the system-level permissions needed. And to replace the underlying framework requires users accessing the core system that is currently locked out of reach for their own cybersecurity.

It seems Google is using a new API in Android 11 to block sideloading updates. If older Pixel device owners try to sideload Google Camera 8.0 or later or Google Recorder 2.0 or later on a Pixel device running Android 11, they see an error message that says the verification could not succeed.

Some users have resorted to sideloading Google Services on Huawei devices, but Google has warned against it as that opens up a door for potential hackers to create fake Google apps and compromise users' devices.

Android & Play legal director Tristan Ostrowski also laid out the company's opposition to people sideloading its apps. According to him it's because Google can't certify new Huawei phones, due to the ban, and cited the risk of compromised security either in the devices or via an app that has been tampered with. While Huawei had hinted at replacing Android with its own OS, it's continuing to use Android, and replaced Google services with those of other companies like TomTom, for maps and navigation.

Independent verification by BleepingComputer confirmed that these warnings appear on Huawei devices with pre-installed Google core APPs (released before the ban) that have not been loaded with additional applications. However, it remains unclear which apps trigger the alerts on Vivo or Honor phones. If the Google app has not been sideloaded onto Huawei, Vivo, or Honor devices, it should be safe to disregard the warning and continue using it.

aa06259810