Are there any apps designed to specifically gate every install, including background OTA installs sent by carriers, because I'm security conscious with my devices but I have family who very much are not.
Ideally, I can just nag my non-tech savvy relatives to let me install such a security app for them and then enjoy having peace of mind for their behalf.
AppLovin has been doing this for a long time. BlueStacks and some other vendors have been doing this for literally a decade.
The root problem is that Google Play is poorly curated. One problem it has is that it ranks apps that have many downloads higher than those with fewer downloads. AppLovin is used to boost downloads for the purposes of the Google Play algorithm.
I looked through the AppHub APK last year after a friend told me they'd found unknown apps installed on their flagship Samsung, and I was very surprised to find some of the same "direct download" references you did.
I've known for a long time that T-Mobile shipped junk apps upon initial setup, but seeing them loaded OTA after a single click on an ad (even a few pixels off of the "x" button) is very concerning. Even putting aside the moral issues with practices like this, that's a huge security hole in a very large percentage of Android phones.
Makes sense. Pretty sad to have to install a tool like that to get security on a platform that is used by billions of users. Even more shocking that apps get installed just from clicking a small close button on a silly ad without even prompting for the install?
Installing random tools to hopefully get more security, though is risky also. Hopefully that tool doesn’t get compromised as it is privy to all intent activity.
> Pretty sad to have to install a tool like that to get security on a platform that is used by billions of users.
You click on a banner ad inside an app, and if you have Intent Intercept installed, it won't immediately register as an "impression" and take you to wherever the banner has been programmed to take you to by default.
Since Intent Intercept also affects the ad industry(of which Google is a big part), I don't expect Google to build a similar less-nerdy tool into Android by default.
> Installing random tools to hopefully get more security, though is risky also. Hopefully that tool doesn’t get compromised as it is privy to all intent activity.
Intent Intercept is open source(Apache License 2.0 https://github.com/k3b/intent-intercept) and its release binaries are hosted on F-Droid, arguably the most trusted Android "store" for Free and Open Source apps.
So I'm not too worried.
Bloomberg reports both that Applovin says they did get user consent ("Users never get downloads with any of our products without explicitly requesting it") and that they're nonetheless shutting down the app install business because it was, supposedly, "not economically viable."
15 comments
[ 15.0 ms ] story [ 514 ms ] threadIdeally, I can just nag my non-tech savvy relatives to let me install such a security app for them and then enjoy having peace of mind for their behalf.
Edit: Discussed somewhat here https://www.benedelman.org/applovin-permissions/. Seems like it's abetted by garbage from the carrier.
Something for iOS to look forward to?
Exotica like Fairphone and PinePhone are starting to look pretty good...
The root problem is that Google Play is poorly curated. One problem it has is that it ranks apps that have many downloads higher than those with fewer downloads. AppLovin is used to boost downloads for the purposes of the Google Play algorithm.
Of course, this is known to Google.
https://valustox.com/APP
Even so, I avoid stocks that don't have a sustainable, value-based business model.
https://imgflip.com/i/a940ug
I've known for a long time that T-Mobile shipped junk apps upon initial setup, but seeing them loaded OTA after a single click on an ad (even a few pixels off of the "x" button) is very concerning. Even putting aside the moral issues with practices like this, that's a huge security hole in a very large percentage of Android phones.
> AppLovin’s X’s are unusually tiny, so mis-taps are especially likely
This is why I use Intent Intercept - https://f-droid.org/en/packages/de.k3b.android.intentinterce...
It tells me exactly what's about to happen from my tap(accidental or intentional), and gives me the option to undo my tap.
Every privacy/security conscious Android user should have Intent Intercept installed on their devices already.
Installing random tools to hopefully get more security, though is risky also. Hopefully that tool doesn’t get compromised as it is privy to all intent activity.
You click on a banner ad inside an app, and if you have Intent Intercept installed, it won't immediately register as an "impression" and take you to wherever the banner has been programmed to take you to by default. Since Intent Intercept also affects the ad industry(of which Google is a big part), I don't expect Google to build a similar less-nerdy tool into Android by default.
> Installing random tools to hopefully get more security, though is risky also. Hopefully that tool doesn’t get compromised as it is privy to all intent activity.
Intent Intercept is open source(Apache License 2.0 https://github.com/k3b/intent-intercept) and its release binaries are hosted on F-Droid, arguably the most trusted Android "store" for Free and Open Source apps. So I'm not too worried.
https://www.bloomberg.com/news/articles/2025-10-15/applovin-...