Windows 11, Amazon, and Uncomfortable Questions

The big Android news of the week was the announcement that Microsoft is adding Android support to Windows 11. Alongside the existing Windows Subsystem for Linux, they are adding a Windows Subsystem for Android. Android apps will live alongside Windows apps in the Microsoft Store, and installed Android apps will live alongside Windows apps on desktops and notebooks.

This should be a positive development for Android and app developers. Adding hundreds of millions of potential users does not happen all that often. I thought that Google might be aiming for Android-on-Windows with the introduction of ARC five years ago as a way of getting apps onto Chrome OS. Extending that to Chrome browsers on Windows would have been very interesting. Microsoft adding it to Windows 11 has the potential for much better OS integration than Google might have been able to pull off.

However, there is a dark cloud with all of this: the primary source of Android apps for Windows 11 users appears to be the Amazon AppStore for Android.

Amazon introduced their AppStore for Android over a decade ago. Few developers think about their store, because it pretty much is just for their Fire series of devices, including tablets, the Fire TV family, and the oft-maligned Fire Phone. However, Amazon had originally envisioned it as being an alternative to the Play Store (then called the Android Market). Amazon let you sideload their store onto phones, and they struck distribution deals with some manufacturers. All of that dried up, and it would be interesting to learn more about what all transpired there, perhaps in the context of some antitrust litigation.

The reason why I haven’t written much about the Amazon AppStore for Android is simple: Amazon pioneered the “replace the developer signature” approach that Google uses with App Signing. And, Amazon does so specifically to be able to modify every Android app that they distribute. In other words, the very problem that I ranted about with Google back in September is something that Amazon has been doing for over a decade:

Amazon wraps your app with code that enables the app to communicate with the Amazon Appstore client to collect analytics, evaluate and enforce program policies, and share aggregated information with you. Your app will always communicate with the Amazon Appstore client when it starts [To do this], Amazon removes your signature and re-signs your app with an Amazon signature that is unique to you, does not change, and is the same for all apps in your account.

Back in September, I was not worried about Amazon, just because they had little presence in Android app distribution. While the Fire devices are doing fairly well (Fire Phone notwithstanding), “fairly well” is still a tiny fraction of the billions of Android devices out there that use the Play Store. Getting the Amazon AppStore for Android on millions upon millions of Windows 11 machines changes that. Now, the Microsoft/Amazon combination has vastly improved reach: Amazon supplies the apps, while Microsoft supplies the users.

The problem is that Amazon modifies all those apps to be different than what the developers intended to ship.

Some will worry that Amazon will modify those apps to contain more than to “collect analytics, [and] evaluate and enforce program policies”, in ways that might rankle those concerned about Amazon’s behavior. After all, this is the same firm that tried sneaking Amazon Sidewalk in through the back door and has a dubious privacy and security track record with Ring, and that is “just for starters”.

But this puts them in the crosshairs of the same fine folks who might want to introduce other modifications to those apps. I can think of a number of countries who would love to convince Amazon to modify Facebook Messenger to bypass end-to-end encryption, for example. That would have been nearly pointless just to reach some Fire tablet users. Fortunately, Facebook has a desktop edition of Messenger already in the Microsoft Store, so (hopefully) relatively few additional people will wind up using an Amazon-distributed Messenger app. But, what about future generations of personal communication apps?

Perhaps Microsoft will lean on Amazon and convince them to abandon this app tampering practice. Perhaps Microsoft will emphasize other distribution channels as well as the AppStore for Android, ones that have a better track record of ensuring that apps are not modified by anyone. Perhaps Microsoft will start their own way of distributing Android apps, bypassing firms like Amazon.

So, let’s ask Amazon and Microsoft their own pair of uncomfortable questions:

  • Will Amazon agree to distribute Android apps unmodified from what developers upload, with the original signatures intact? Amazon’s behavior is policy, and policies can be rescinded.

  • Will Microsoft commit to having ways to distribute Android apps to Windows 11 users, where those apps are unmodified and retain their original signatures? If we have alternatives to Amazon’s AppStore for Android that are reasonable for developers, reasonable for users, and avoid the tampering, that would be a massive win.

Giving Amazon lots more reach compounds the problems that I outlined in my original “uncomfortable questions” post. That, combined with Google dragging their feet with details of “code transparency”, is deeply disturbing. Hopefully we can get this to all work out in the end, but I suspect that it will require a lot of effort.