Android Oreo: Google has just made app installs from unknown sources a lot safer

Android Oreo ditches 'Allow unknown sources' installs and instead introduces per-app permissions.

oreoappinstall.png

On the left is the pre-Android O install screen for a potentially harmful app masquerading as a system update. With Android O, right, the user must first grant permission to the app that triggers the install.

Image: Google

Android 8.0 has introduced a new way to protect devices from malicious Android apps installed from the web or third-party app stores.

Until now, Android users could install apps from places other than Google's Play Store by enabling 'Install from unknown sources' in Android Settings. Though it is a convenient option, users are generally not recommended to enable this feature because it can lead to malicious apps being downloaded to their phone.

Moreover, users who enabled 'Allow unknown sources' were still exposed to a benign app offering a bogus security update that in fact installs a malicious app. Google calls these "hostile downloaders" and, according to its 2016 Android security report, they're the second most prevalent threat on the Play Store following Trojans.

In Android Oreo, Google eschewed the setting for a new 'Install unknown apps' permission that's tied to each app.

Android Oreo users will need to grant permission to each app to allow it to download apps from untrusted sources. So, the user could enable Drive and a third-party store app to download apps outside the Play Store, but block Chrome and Gmail from downloading unknown apps.

This new per-app opt-in model should go some way to preventing hostile downloaders, given that now the user would need to give the app permission to install another app before a hostile downloader can install software with standard trickery.

The Settings app now lists which apps have been approved for installing unknown apps. Users can also revoke the permission in Settings.

Older versions of Android will continue to use the Settings page to either allow or disallow installs from outside of the Play Store.

Google has outlined changes that app developers need to make to use this new behavior. Essentially they'll need to declare upfront that they could request permission to be able to install apps from Android's Package Installer.

Apps that haven't declared this permission are automatically banned from installing other apps.

Previous coverage

Android 8.0 Oreo: Rollout begins for Pixel, Nexus in Android beta

The long road to rolling out Android 8.0 to handsets has started.

Google reveals official name of Android O

Months of sweet suspense have come to an end. Android O has a name.

What you can expect from Android O

Android O is almost ready to go, and thanks to Project Treble, more users than ever will get the newest version of Android.

Read more on Android security

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All