[jrockway]

Why do I care? Google can already modify the behavior of an app without the developer's permission; they can just push an update to Android that changes the behavior of that app. It's "reflections on trusting trust" all over again.

[fragileone]

An OTA Android update which modifies your apps would make it incompatible when those apps try to update themselves at a later point and find different signed apps. This would out Google as hostile immediately since there would be no other party who could feasibly swap out your apps.

Whilst not preventative, even one attack would likely get enough media coverage it'd destroy Android by Google trust irreversibly.

[Aeolun]

My android updates do not come directly from Google, but instead my mobile provider. Google has no control over them, but they have direct control over the play store.

[pas]

Google controls the "Google Play Services" app. It's privileged, it can do anything.