Last year, Googlealready killed YouTube Vancedfor the first time. The company sent the makers of the modded, ad-free YouTube app a cease and desist letter, forcing them to shut down the project. However, eager copycats were quickly found, with new versions of Vanced making the rounds online. Since cease and desist letters are ultimately just a game of cat and mouse, Google appears to be looking into a way to stop one kind of Vanced alternatives once and for all.
As spotted byAndroid Police alumnus Ron Amadeo at Ars Technica, Google is exploring “an experimental Android WebView Media Integrity API.” This ties in with previous work for the web, where the company proposed and tested a “Web Environment Integrity API.” In its documentation for this interface, Google was never clear what exactly it was intended for, but it would have allowed websites to check devices accessing them to see if they were modified in any way. This could have been a way for websites to weed out jailbroken or rooted devices, though that’s only based on the vague and contradictory wording Google used in its proposal.
After widespread outrage and coverage, the Web Environment Integrity API was killed off at the beginning of the month. However, Amadeo spottedon the Android Developers Blogthat the core idea isn’t fully dead. The aforementioned Android WebView Media Integrity API is the brainchild of the earlier web-based ideas. Like the web proposal, it’s still vague, but It essentially allows websites embedded in WebViews to check your Android phone for integrity. That could make it possible to stop you from accessing the site in question when it deems your device unfit.
To get why this could be a problem for some YouTube Vanced successors, we need to understand how they work. Some of these apps are essentially tweaked and modded browsers that display videos via a WebView of the YouTube website, adding extra features to the experience like adblock and other YouTube Premium perks. If the YouTube website was able to check which apps or devices are trying to access its servers before displaying content, this would be an easy route to stop some Vanced successors from working.
To be fair, this new API isn’t necessarily only meant to protect YouTube’s bottom line. Google says that WebViews offer a lot of room for fraud and abuse as it potentially allows app developers to intercept and change what users can see on third-party websites. In that sense, the API can be used to keep malware in check. Your bank could add an integrity check like this for its website, for example, preventing it from running in untrusted environments.
At the same time, Google offers statements like “embedded media providers should be able to verify that their media is playing in a trusted and safe environment” and “there are no plans to offer it beyond embedded media, such as streaming video and audio, or beyond Android WebViews.” This sure sounds like the API is more concerned with copyright protection and weeding out any unwanted modifications or enhancements to media content, and it would tie in with Google’s quest tostop adblocking on YouTube.
Google already offers plenty of protection for copyright holders. Netflix and other streaming services only properly run with copyright protection measures present on devices, with Google using Widevine.
Google will start piloting the Android WebView Media Integrity API in early 2024, saying that it will be in use for “select embedded media providers.” Google is also inviting more content providers to join an early access program that will roll out next year, too.
