Android Market now lets developers mount multiple Android Package (APK) files optimized for different devices and releases, instead of selling the optimized versions separately, says Google. Meanwhile, security firm Dasient reports that eight percent of Android apps are transmitting personal user data to unauthorized computers, and some Android malware is specializing in “drive-by downloads,” leaving users unaware of what's being installed.

Remember Google's war on Android fragmentation? While the profusion of new "pure Google" devices without vendor UI skins is helping, and the upcoming "Ice Cream Sandwich" release, aims to merge smartphone and tablet versions into a single release, fragmentation is still a big issue for developers and users.

This is especially true in games, which are increasingly optimized for different processors, screen sizes, and Android releases. Developers are forced to sell different versions of an app to ensure optimal playback, and users with more than one device sometimes have to purchase the same app twice. Now there's a new option that should streamline the process, and save some customers a few bucks: multiple-APK support.

Android game developers often post multiple apps for different devices, as Halfbrick did with this Tegra HD version of Fruit Ninja. Now, Halfbrick will have the option of posting a single app supporting multiple profiles. (Also note: Fruit Ninja just came out in a free version.)
(Click to enlarge)

According to Google's Eric Chu, Android Developer Ecosystem, who announced the new multiple-APK option in a blog posting July 21, "Broad distribution of a single APK works very well for almost all applications and has the advantage of simplified product maintenance." However, for those more concerned with optimization, users can now "upload multiple versions of an APK for a single product listing, with each one addressing a different subset of your customers."

The APKs are said to share the same package name, but contain code and resources to target different Android versions, screen sizes, or GL texture-compression formats. When an Android user buys an app, Android Market now automatically chooses the right APK based on the characteristics of the device, says Chu.

Android Market will also treat multiple APKs as part of a single product listing, aggregating the app details, ratings, and comments for all the APKs. In addition, Google will now aggregate the app's download statistics, reviews, and billing data.

Eight percent of Android apps violate privacy, says security firm

Dasient has just completed a study of 10,000 Android applications, and found that eight percent, or some 800 apps, transmit personal user data to unauthorized computers, according to a report in DigitalTrends. Dasient does not appear to have published the results on its website, but announced yesterday that it will reveal these and other details of the study at the Black Hat USA 2011 conference in Las Vegas on Aug. 4.

The security firm found that 11 of the surveyed malware-filled applications automatically spammed entire contact lists with text messages, reports DigitalTrends. Among other issues, this can lead to huge SMS messaging charges for those who pay for messaging a la carte.

Dasient was also said to have noted that the amount of infected applications has doubled over the last two years. One new issue is the so-called "drive-by downloads," in which a user surfing a website can install Android malware without knowing they are downloading an app. One recent drive-by malware contender posed as an Angry Birds add-on, says the story.

The latest Android malware often shares the IMEI number (specific to the phone) and the IMSI number (specific to the subscriber) with unauthorized servers, says DigitalTrends, once again citing Dasient. This is said to enable the bad guys to clone one's SIM card to create cloned phones.

---

This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.