Android 11 will bring a lot of changes when it arrives, but one significant security change could shake up the way people install apps from third-party sources.
According to details from a Google Issue Tracker thread, Android 11 will force-close apps after users grant permission to install unknown apps. For those unfamiliar with the term, Android has offered the ability to install apps through ‘APK’ files for some time. That means anyone can download an APK from outside the Play Store and install it on their phone.
As a security measure, to install an APK through a third-party app, users need to permit it to install ‘unknown apps.’ For example, if you download an APK with your web browser, it won’t let you install it without permission for your web browser to handle unknown apps.
On Android 10 and older, this process was quite simple. Users downloaded an app, a pop-up would say they need to grant permission. Tapping the ‘Settings’ button in the pop-up would send users to the app’s settings so they could enable the permission. Then, tapping or swiping to go back would generate a second pop-up asking to install the APK.
Android 11 completely disrupts that process. Instead of letting users head back to the app to finish the installation, it will force close that app once users grant it the permission. Then, you have to head back to the app and start the process over from the beginning.
Android 11’s new Scoped Storage system causes the issue
After some back-and-forth between testers and Googlers in the Issue Tracker thread, the search giant finally provided some more detail about what was causing the problem. Essentially, the issue stems from Android 11’s new ‘Scoped Storage’ file management system. Below is the full explanation from Google:
“The way the filesystem and storage mounts are setup in Android R has changed significantly. When an app starts without this permission, it gets a view of the filesystem that doesn’t allow writing to certain directories (eg Android/obb). Once the app has been granted this permission, that view is no longer accurate, and needs to be updated to a view that allows the app to write to certain directories. With the way the filesystem has been setup in R, changing that view on the fly is not possible. As mentioned in comment #16, we’re evaluating internally. I’m just providing additional details why this doesn’t work the way it did on Q.”
Scoped Storage, for the unfamiliar, changes how Android apps can access storage. At a base level, it provides each app an isolated section of storage and limited access to the Android filesystem, instead of granting full access like Android currently does.
On the privacy front, this is a critical change that could prevent apps from snooping around your files. However, Scoped Storage also comes with some issues, such as reduced read and write speeds. And, of course, this makes the process of installing APKs more complicated.
Hopefully Google can develop a solution that means Android doesn’t have to force-quit apps. However, it’s also likely that this problem isn’t high on Google’s priority list. Since users only need to grant permission once per app, they’ll only experience one force-close. The flip side of that, however, is that some people like to keep that permission disabled except for when they need it, which could mean having to force quit an app every time they want to adjust that permission, which also isn’t ideal.