How Android developers access installed apps on user’s device [pdf]

iOS had a similar leak that was exploited by apps like Twitter.<p><a href="https:&#x2F;&#x2F;www.techspot.com&#x2F;news&#x2F;58991-twitter-track-list-apps-installed-mobile-device.html" rel="nofollow">https:&#x2F;&#x2F;www.techspot.com&#x2F;news&#x2F;58991-twitter-track-list-apps-...</a><p>It used the “canOprnUrl” method if I recall correctly.<p>Apple locked this down less than a year later in iOS 10 where an app has to explicitly list which urls can be tested this way and there is a hard limit. Of course this goes through app review.

Previously in Android app development, the application sandbox has been sufficiently leaky that if a user has another app installed, it can cause problems for the app being developed.<p>It&#x27;s useful to be able to warn users that they&#x27;ve got an app installed that will conflict in this way, and suggest an upgrade&#x2F;uninstall&#x2F;warn them of poor behaviour.

If I wanted to do similar research to this, can anyone share a good method for obtaining a large corpus of apps like these researchers presumably did?<p>EDIT: Should&#x27;ve read the paper first, looks like they used this <a href="https:&#x2F;&#x2F;androzoo.uni.lu&#x2F;" rel="nofollow">https:&#x2F;&#x2F;androzoo.uni.lu&#x2F;</a>

I&#x27;d love to read a condensed version