I know Android apps are already in a pretty tight security environment. Perhaps they could put unsigned side-loaded apps in an actual container.