Will Android 13 really sacrifice its freedom to fight malware?
Of course, the idea is based on a good feeling: to prevent users who install applications outside the Play Store from being contaminated by dirt.
Indeed, the great “malware 2022″ fashion is to use the accessibility API. Intended for people with disabilities, the latter is the hacker’s ideal ally since it gives great powers to the apps that use it: possibility of recording conversations (transcription for the hearing impaired), of reading the images displayed on the screen (for the visually impaired) or to perform actions in place of the user.
In short, this API is a bit like the “open-bar” mode.
Don’t know which Beta this was added in, but Android 13’s new “restricted setting” feature will also block the user from enabling an app’s Notification Listener if the app was sideloaded using a non-session-based package installer! pic.twitter.com/bh6Wei0mQp
— Mishaal Rahman (@MishaalRahman) July 5, 2022
Pragmatism vs Philosophy
Subsequently, Google wants to prevent non-Play Store apps to use this API. So of course, we can regret that the system becomes more and more closed. An independent developer wishing to use this API for an “in-house” app could encounter difficulties. On the other hand, Google is only preventing a very present risk. Despite the warnings, many users continue to install apps “by hand” in the form of APK files retrieved from anywhere: WhatsApp clones supposed to bring many new features, so-called “unblocked” apps with the normally paid options, etc.
Also read: Get covered! The best VPNs for Android are on sale!
For the average user, this change will not change anything and it will even provide an additional safeguard. Philosophically, on the other hand, this closed door goes badly with the “real ones”.
The solution ? Root your device. This manipulation of taking full control over your smartphone (super user, or super user as in Linux) will allow an app to use the API in question without Android denying it access. And since rooting a smartphone is slightly more complicated than installing a wild APK, Coraline and Timéo are safe.
The accessibility features are numerous and allow people with disabilities to use a smartphone normally. The problem is that hackers shamelessly use these options to accomplish their misdeeds.