Silent installation on Android devices

Asked 9/8, 2010 at 9:10 Answered 17/8, 2010 at 4:32

I've accepted for a while now that it's impossible to silently install an application on Android - that is, to have a program install an application bundled as an APK without providing the standard OS installation prompt and going through the app installer activity. But now I've picked up a copy of the Appbrain fast web installer, and it does exactly this.

How on earth is this possible? :D

Urian answered 9/8, 2010 at 9:10 Comment(12)

Because AppBrain is doing something that will probably get them sued by Google. – Gook 9/8, 2010 at 12:12

Ah yes, but what are they doing that will probably get them sued by Google? :D – Urian 10/8, 2010 at 11:33

Why? Are you eager to be sued as well? – Leonard 12/8, 2010 at 6:39

I would also like to know how it works. Not to use it but to enlighten me ;) Hiding information is not helping in security issues. – Rauch 12/8, 2010 at 7:14

Why would a non hacker broadcast a method of writing potentially malicious code. Even if I knew I wouldn't post it up. – Briny 12/8, 2010 at 15:43

@Mike: Security through obscurity? You must be a MS-dev ;-) – Convalescent 12/8, 2010 at 17:4

@stefan haha you get an up vote for that. No I am not a MS dev but I do fancy myself as an ethical dev and sometimes that means keeping some security knowledge between yourself and the devs that will fix it. – Briny 12/8, 2010 at 19:10

@Briny When in doubt, assume that the "black hats" already know about the exploit and how to use it, and thus it should be made public so that normal users and "white hats" can attempt to avert it. There may be reason to hold back information for a couple weeks, but no longer. – Buck 12/8, 2010 at 19:51

@Mark B: I disagree; updating the Android platform on all phones can take a significant amount of time, and considering that not all phones can even update to the latest version, there's no sense in publishing security holes publicly. – Lefevre 16/8, 2010 at 15:7

I have noticed the app seems to be using the chrome browser for this. Can you confirm whether you application works with other applications? – Bowls 17/8, 2010 at 4:42

This works (for me, at least) with Firefox and Froyo on an HTC Desire. – Urian 17/8, 2010 at 14:31

Yeah my bad! I read the last link I posted after I asked the question. Very sure I have a decent idea how to do it, hope Google is reading this. At the moment, I have ceased installing any new application on my phone... Gonna experiment some stuff today... :) – Bowls 18/8, 2010 at 4:45

I think the clue is pretty much in this statement I found here in the FAQ.

The fast web install worked for me yesterday, but it doesn't work anymore today. What's wrong?

The permission to install apps directly on your phone needs to be refreshed once every few days. Go back to the "Fast Web Install" app on your phone and click the button to give us the permission again. We are working on a future update that will optionally automatically refresh this setting.

I presume this is very similar to what Google does in the kill switch. I am assuming that the kill switch is an application on my device, just hidden from me. When Google wants to remove an application, it silently uninstalls it without asking for our permission. I am very sure this security hole is of their making. Now we just need to figure that out... =D

Bowls answered 17/8, 2010 at 4:32 Comment(3)

Yes, that seems likely. There's an informative article on the kill/install functionality here: jon.oberheide.org/blog/2010/06/25/… – Urian 17/8, 2010 at 11:36

Ha ha, I see another remote kill of AppBrain in the near feature.. =D – Bowls 17/8, 2010 at 11:48

Another link on the same lines. This I think clinches the deal... jon.oberheide.org/blog/2010/06/28/… – Bowls 17/8, 2010 at 12:48

You can ( in a very hackish way ) install apps silently using adb. You have to enable USB Debugging, but just push the APK to /data/app. ie:

adb push MyApp.apk /data/app

or -

adb install MyApp.apk (cleaner way)

The second command MAY prompt for an installation, I don't remember off the top of my head.

Olsewski answered 16/8, 2010 at 21:23 Comment(1)

Thanks Chris! In my device, a Nexus 5, adb install MyApp.apk doesn't prompt for confirmation. I have enabled USB debugging. – York 14/8, 2014 at 15:1

IF you can work out what the standard installer does when it installs, you can replicate that behaviour in your app, however yours would need quite extensive permissions to do everything properly.

Seriously, don't even try.

Consensual answered 13/8, 2010 at 11:46 Comment(1)

I can work out what the standard installer does when it installs, and replicate that behaviour so that it would theoretically work with the appropriate privileges. The issue here is that I've seen an application that works just fine without those privileges, that doesn't seem to be taking that approach. This is behaviour that I'd like to be able to duplicate if possible. – Urian 16/8, 2010 at 8:37

Recommended topics

Hot tags