Earlier this week, Google quietly rolled out a feature that adds a string of metadata to all APK files (that's the file type for Android apps) when they are signed by the developer. You can't install an application that hasn't been signed during its final build, so that means that all apps built using the latest APK Signature Scheme will have a nice little chunk of DRM built into them. And eventually, your phone will run a version of Android that won't be able to install apps without it.

What the hell? DRM? Why?

DRM is why Netflix used to only work on approved phones. But it doesn't have to be used for evil.

We can relax (for now). We all hate DRM (technically, Digital Rights Management) because of the way developers and publishers have abused it. DRM means you are being treated like a thief before you buy any software. A great example is having to install the Origin client and have it regularly be checked online to run any games published by EA.

EA doesn't trust that we paid for the software title so it forces us to present our papers when demanded. PC gaming is rife with DRM and applications like Steam or U Play exist for the very same reason. Other examples come from Sony, Disney, EMI, and every other entertainment publisher which decides where in the world you are allowed to listen to music or watch a movie that you paid for, or how many times you are allowed to do so.

So DRM is bad to the core. But not really. DRM is simply a way for a developer or publisher to keep track of software versions and authenticity. Sometimes you need to do that for the right reason.

As of now, Google's reason is right. That doesn't mean the company can't change its tune and go all out crazy (like EA) in the future and limit how, where, when, and why we can use the apps we paid for, but for now everything is good. Google added this metadata so you can buy an app from any approved distributor and it will work with Google Play Store features like family library and subscriptions.

Apps have to be "signed" to verify their contents. Adding metadata to this signature ensures we will have DRM in every app eventually.

Android can read the metadata automatically inserted into an app and verify that it's a legitimately sourced version and approved for use by the developer. If it passes these checks, it is added to your Google Play Store library. You'll be able to update through Google Play, use things like Google Play Games for leaderboards and achievements, or share an app with people in your Family Library. And the developer can change the metadata at any time with a new signing key, which ends support for the current version and creates a new listing in Google Play.