Android 14 Preview 1 released: blocks old apps by default
Google announced the official release of the first Android 14 preview earlier today on the company's Android Developers Blog. The developer preview is available for a range of Google Pixel devices and the Android emulator.
One of the main changes of Android 14 is a security feature that blocks the installation of older apps on devices that run the new version of Android. Google notes that Android malware targets older API levels often to bypass certain security and privacy protections introduced in newer versions of the mobile operating system.
API levels determine the capabilities and limitations of applications on Android. The level determines compatibility as well, as apps that target newer APIs are not compatible with Android devices that are older. Google Play discoverability is also linked to certain API levels. Apps that target older levels, currently older than API level 30, won't be discoverable "to all Google Play users whose devices run Android OS versions newer" than the application's target API level.
These API level restrictions applied to Google Play Store only, but not to other distribution platforms or means. With Android 14, attempts to install apps that target older Android API levels are blocked, including installations through sideloading.
Malware exploits old Android API levels
The company noticed that malware is often using a target SDK level of 22, which means that it is not "subjected to the runtime permission model introduced in 2015 by Android 6.0", which is API level 23.
Runtime permissions, introduced in Android 6.0, gives users more control over "dangerous permissions". Users are prompted to allow or decline permissions when an app launches or a certain feature is accessed, that requires a specific permission. Google improved runtime permissions in Android 10, when it increased transparency and added control of activity recognition runtime permissions.
As a consequence, Google decided to restrict the installation of apps that target API levels before 23 on Android 14 devices. These applications are blocked from installation on Android 14 devices.
Apps that are installed on devices remain installed when a device is upgraded to Android 14. Google Android users may want to make sure that all old apps are installed on the device before the upgrade to Android 14 is installed. Updates for these apps should also work in this case, but Google does not mention this explicitly in the blog post.
Developers may run an ADB command to test apps that target an older API level on Android 14 devices. The command adb install --bypass-low-target-sdk-block FILENAME.apk bypasses the restriction for the selected Android application.
Google Play Store guidelines and future restrictions
Google updated the Play Store guidelines last month. One of the main changes is that Google requires that new Android apps target at least Android 12. The restriction does not apply to existing apps that are updated by their developers.
9to5Google discovered a commit comment that suggests that Google has plans to increase the required API level progressively. The company has yet to confirm the plans. For now, Android 6.0 is the minimum when it comes to the installation of old apps on Android 14 devices.
Now You: do you run old Android apps on your devices?
Annoying, but Android 6 is kind of reasonable, as it’s the version which introduced the permissions system. Applications targeting an older API version have a permission screen which is basically – do you want to run this application: yes/no. Still, I hope there is a global switch, maybe via ADB, because I do have some older applications which are actually open source and either haven’t been updated in a while, or they have their reasons for that target.
I do believe the permissions system needs a bit of an overhaul. Lately they have added new permissions such as alarms/reminders and nearby devices which seem a bit odd or a bit of an afterthought. The alarms/reminders one is particularily weird, because it is being given to everything, and if you attempt to remove it, things seems fine at first, but then you start encountering some ectremely odd bugs, which seem to be caused by the system rather than the application itself. For instance you cannot minimize certain applications if you remove this feature. Every time you go back to it, it reloads discarding everything that was previously stored in RAM. Without nearby devices some applications refuse to start at all, again a permission given by default to everything.
My phone is an outdated Samsung J3 back from 2016, running lolipop 5.1 android. Great phone. It has only 8Gb of mem, back in 6 years and more, apps doesnt wanted so much space..but it still works perfect.
Google has taken a very bad decision because the forward compatibility is always needed and it was one of the best things of Android OS. Thanks for the article.