back to article As Google clamps down, 'Droid developer warns 'breaking day' is coming

Mobile app developers are being forced to rewrite their code as Google attempts to tame Android's Wild West. The developer of the power management app Greenify has been given 30 days to alter its code by the gatekeepers at Google's Play Store, and stop using Google's accessibility framework. The framework is used by …

Silver badge
Unhappy

The developers of K9 and other Mail apps have been struggling to work around/with the more aggressive battery optimisation for a while now. It's apparently difficult to keep their apps alive to poll (POP3) or refresh the connection (IMAP). I've had a lot of success with Disable Doze but it's not foolproof. Google's stock answer apparently was that such apps should use the official messaging service but that means sending yet more data via their servers. Funny that. Even funnier that with each successive phone, despite no change in my usage, battery life gets worse.

I've thought for a while now that Android was trying to construct a wall around its garden. Sad if true.

21
0
Silver badge

IMAP IDLE won't work with Doze. The way Google want it done is some server backend which connects to the mailbox for you and notifies Play Services via GCM.

You can disable battery optimisations for K9 so it's allowed to keep the IMAP connection open, although on Android 8.0 (depends on phone) that might not work.

10
0

IMAP protocol was written with an always-on PC-style internet connection. Mobile phones do not have this, as to keep a connection open would require the radio to be kept on!

12
3
Silver badge

How do you think GCM works?

IMAP IDLE also works in the same way as GCM, in both cases no data is sent down the connection until the server wants to notify the client. The radio could be idle with GCM and an IMAP IDLE connection established at the same time, until either server wants to send data.

6
0
Silver badge

Yes. This sort of thing has made my Android phones essentially useless as my email portal. It really does seem like they get less and less useful every year.

5
1
Silver badge
FAIL

The way Google want it done is some server backend which connects to the mailbox for you and notifies Play Services via GCM.

Which is strictly forbidden by my company's IT policy, so if that is the only way to make it work it would be the end of company-provided Android phones.

9
1

@Phil O'Sophical

"Which is strictly forbidden by my company's IT policy, so if that is the only way to make it work it would be the end of company-provided Android phones"

And I guess you won't be getting iOS devices either then, since you have to use the Apple Push Notification service as far as I know for everything like this. Indeed my basic understanding is that this is the ONLY option with Apple.

12
0
Bronze badge

IMAP IDLE

The Jolla Sailfish email client appears to implement IMAP IDLE. I realise it is 'a bit' niche, but I am still using a Jolla 1 as my daily driver, and looking forward to some of the bugs in the implementation on the Sony Xperia X to be ironed out before I can move to that.

For a phone launched in November 2013 (which can still be updated to the most recent Sailfish OS by the end-user), the Jolla 1 is faring quite well, but I won't claim it is about to take the mobile world by storm. It suits me, but I'm well aware other people have different requirements that it does not meet.

I wonder if Sailfish could be implemented on top of the Project Treble Vendor Interface (more on Project Treble) - that could be 'interesting', and probably not something Google would want to encourage.

4
0
Anonymous Coward

You should blame the media, they are the ones reporting the storms in the teacups..

0
0

This post has been deleted by its author

Silver badge

@Vince

And I guess you won't be getting iOS devices either then, since you have to use the Apple Push Notification service as far as I know for everything like this.

I've heard that Apple are clamping down quite hard on apps that try and do their own background polling. Apple were due to pull some APIs in iOS 11.0, but there was so much backlash that they've delayed the removal of those APIs until early middle next year (Not 12.0 but a 11.x point release so I've heard) If you're not using Apple's push notification service by then, your app will stop working.

1
0
Silver badge

I use email on my phone only if I am away from the laptop and need a very recent email or to check if one has arrived. I have more than enough things notifying me on the phone to add mail arriving and not enough space for email with attachments etc.

But then I'm not relying on it for business or anything.

1
0

If you read what the poster said, it wasn’t that all push notifications were the issue.

It was a statement that the only way to get a new email notification for an Android email client, since changes that have affected background apps, was to have some central system be logging in and checking the emails too. Yeah, that sounds suboptimal.

1
0
FAIL

So, No Other Google News Today, Then?

Hmmm... two stories about Google so far today and no mention of the fact they've announced they're going to start "de-ranking" [nice euphemism!] stories from Russia Today and Sputnik News to "make them harder to find":

https://www.rt.com/news/410444-google-alphabet-derank-rt

Even the BBC managed to mention it briefly, in passing. But obviously censorship of points of view which deviate from the party line is only newsworthy for El Reg when those nasty Russians or Chinese do it.

7
21
Silver badge
Mushroom

Re: So, No Other Google News Today, Then?

"de-ranking stories from Russia Today and Sputnik News"

They are just trying to cover up news about the radiation cloud.

4
2

Re: So, No Other Google News Today, Then?

Paul Hovnanian that was 9 months ago and was likely a leak from a medical isotope making lab, and was in the order of a few micro grams*, and given it has a half life of 8 days after 9 months there will be basically nothing left. It got plenty of sensationalist news at the time but the news didnt get across the incredible sensitivity of the detectors and the tiny amounts involved, It's like me farting in south wales and somebody detecting a whiff of that fart in scotland levels of sensitive.

*https://forums.theregister.co.uk/forum/2/2017/02/23/us_aircraft_iodine_131_leak/#c_3110845

13
3

Re: So, No Other Google News Today, Then?

No, there is a new radiation cloud...

2
0
Silver badge

Re: So, No Other Google News Today, Then?

Right.

Oops. The news aggregator site I used pulled in an old link. Here's another:

https://www.msn.com/en-us/news/world/russia-finds-1000-times-normal-level-of-radioactive-isotope-after-nuclear-accident-claims/ar-BBFpSYE

0
0
Silver badge

Re: So, No Other Google News Today, Then?

> It's like me farting in south wales and somebody detecting a whiff of that fart in scotland levels of sensitive.

Ah, so it was YOU!

10
0

Congratulations!!!

"For example, it's used by criminal sites for ad fraud, generating fake clicks without the user being aware of it. This hits Google's bottom line."

Making a crack down on ad fraud sound nefarious must have taken real effort.

13
2
Anonymous Coward

Re: Congratulations!!!

"For example, it's used by criminal sites for ad fraud, generating fake clicks without the user being aware of it. This hits Google's bottom line."

Unsure about the Author's use of that sentence. It enhances Google's bottom line if click fraud is used, not hits it. The more clicks (fake or real) that the ad gets will make the ad network (in this case presuming Google although there are many others) more money. Blocking click fraud will reduce their income.

9
0
Silver badge

Re: Congratulations!!!

Short term bottom-line. Legitimate advertisers need to trust the revenue model and if they know its open to fraud they won't trust it. Medium to long term the big money advertisers might consider other options. This would hit googles bottom line.

8
0
Silver badge

Re: Congratulations!!!

'Making a crack down on ad fraud sound nefarious must have taken real effort.'

Except that if your device is known to be a prime target for fraud the marks will either avoid placing ads on the device, or demand a lower price per click to compensate for the 90% of fraudulent hits.

https://computer.howstuffworks.com/click-fraud.htm

1
0
Silver badge

Re: Congratulations!!!

> Making a crack down on ad fraud sound nefarious must have taken real effort.

The author has had years of practice.

0
0
Silver badge

Re: Congratulations!!!

" It enhances Google's bottom line if click fraud is used, not hits it."

Only until the advertisers all run away due to fraud.

It's not worth that risk

0
0

Too late...

Still just can't shake "landfill android".

I'll be hoarding Qualcomm-inside iPhone7's that don't break if you drop them.

Thanks, Cupertino Assholes who make phones that sometimes don't suck.

2
10
Trollface

Re: Too late...

It seems to suck the user's wallet pretty well...

11
0
Silver badge

Easy to see where Google's priorities are

Force devs to rewrite apps because of using APIs that can be used for ad fraud. Where are the rewrites to replace insecure APIs?

They didn't care about click fraud until advertisers started demanding lower rates or rebates when they were able to prove it!

12
1
Silver badge

Re: Easy to see where Google's priorities are

"They didn't care about click fraud until advertisers started demanding lower rates or rebates when they were able to prove it!"

This. Especially in the US market where advertisers are traditionally less trusting of publishers and routinely audit claims.

9
0
Anonymous Coward

Re: Easy to see where Google's priorities are

The issue is accessibility services are difficult or impossible to properly secure and still work. The "rewrites to replace insecure APIs" is what's being forced on app devs, only a problem where Google hasn't created a secure, focussed new API to replace the insecure hacks already in use. Devs usually need pushing to make these changes.

Anything that stops conditioning users to accept potentially dangerous permissions is a step forward.

0
0
Anonymous Coward

Curious Timing - Why now?

Google has been shaking off criticism of Android / Play-store for years, what took them so long to care? Recent Media backlash about fake news? Unflattering media stories about Android Malware getting through Play store's filters, EU 'antitrust cases', possible future GDPR liabilities....???

4
1
Silver badge
Facepalm

Re: Curious Timing - Why now?

"Why now?" - because Google have become arrogant, put their bottom line above consideration for their users, and are now realising that people are beginning to see through the altruistic spin ("we're filtering this content for your benefit!") to what they really are. It has happened before, and will happen again.

And, as with others before them, they are now trying to figure out what to do about it - and following pretty much the same path: get the cheerleaders out, attack the competition, try and take greater control or clamp down where they think they can and hope to weather the storm.

The sad thing is, I can see that in about twenty or so years time, we will be doing this exact same dance again, except with Google in the position of someone like Microsoft, and "the next big thing" in their place...

3
0
Silver badge

There are always innocent casualties in War.

That said, they should not just toss this idea away because a few Dev will get their Fefees hurt. Because they decided to take a shortcut instead of writing precisely targeted Code. That doesn't have to rely on such shortcuts, which may (or may not), also open the Door to other bad actors.

So this time at least I will side on the Chocolate Factory on this Issue.

1
8

Re: There are always innocent casualties in War.

While "the clue was in the name", Google made a really useful API in the Accessibility services. Many apps have used it. For example, AFAIK Tasker uses it to allow you to do useful things with notifications from other apps, which I use all the time.

The "change or we'll ban you, and to hell with the users" approach is very Apple-esque, and points towards a much less open Android world in future.

1
0
Silver badge
Thumb Down

Re: There are always innocent casualties in War.

"they should not just toss this idea away because a few Dev will get their Fefees hurt"

well, just DAMN the collateral damage, then, right? It's "just gonna happen" so we can "hand wave" it and not give a crap, right?

Let's NOT go there, ok?

Apple's development model SUCKS for "the little guy", and there are WAY too many "we must approve it" checkpoints, from what I've seen.

Let's NOT go there for 'droid, ok?

1
1

Rinse and repeat

Ans yet if nothing was done about the click fraud and security API use the same people would also complain

4
0

Re: Rinse and repeat

Yes! I think the lesson we should all take from this is that APIs for mass market products need very careful consideration and design, including some thought on “how would someone exploit this for personal gain?”

0
0
Bronze badge

Alcatel recently "updated" it's factory default File Manager without asking permission or "opt-in or Opt-out" option or prominent "Privacy policy" anywhere in site. It added a "cleaner" option and an "antivirus" scanner using McAfee technology.

It then started serving up streaming ads sometimes at full volume while users were at work meetings.

Streaming advertisements has been a security nightmare already, but when the app is a SYSTEM app the higher the level of possible exploitation.

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Forums

Biting the hand that feeds IT © 1998–2018