@foss In reference to this post- https://lemmy.ml/post/6374732
For Molly, I kept seeing this popup by Google when downloading Molly FOSS from fdroid.
Should I be concerned? What should I do to ensure I am downloading Molly from a trusted source if Fdroid isn’t an ideal place (due to misleading names as depicted in the referenced post)?
- Ganbat ( @Ganbat@lemmyonline.com ) English22•11 months ago
This is kinda like Windows with the “We don’t recognize this application” message. Letting it scan will probably just help other users avoid this annoyance in the future. You can also shut off play protect from the play store settings.
- BearOfaTime ( @BearOfaTime@lemm.ee ) 3•11 months ago
It still does this with app scanning turned off, unfortunately.
- Ganbat ( @Ganbat@lemmyonline.com ) English4•11 months ago
Oh, wow, that’s absolute bullshit from Google in that case.
- 0x4E4F ( @0x4E4F@infosec.pub ) English2•11 months ago
Yeah, I have it turned off by default.
- Otter ( @otter@lemmy.ca ) English17•11 months ago
Play Protect gives a lot of false positive warnings for me, and I usually just ignore them
FDroid is one of the safest, but you may need to go into settings -> repositories to check which repos are being used. What is checked off when you do that?
- brie ( @brie@beehaw.org ) 6•11 months ago
The repo a specific app comes from can also be checked by opening the list of versions, then clicking on one of the versions to show the details.
- appel ( @appel@whiskers.bim.boats ) 13•11 months ago
Of course, google is trying to dissuade you from using other app stores, nothing more. You might be able to download and install it from GitHub using obtainium if you really want to verify the origin of the app.
- xor ( @xor@lemmy.blahaj.zone ) English16•11 months ago
Eh, I think there’s definitely some legitimacy to doing a virus scan for applications with unrecognised signatures
Not everyone knows how to (or even can for many apps) manually verify the authenticity of their apks
And plenty of non-technical people will just install random shit from the internet without thinking
- BearOfaTime ( @BearOfaTime@lemm.ee ) 3•11 months ago
And yet most malware comes from the Play store.
- BearOfaTime ( @BearOfaTime@lemm.ee ) 4•11 months ago
This BS is one of the last straws pushing me away from Google.
Running DivestOS, you can install MicroG as a user app in a secondary profile. So it runs only when you want it to. You can install play store there too, and again it only runs when you want it to.
That should limit this nonsense until I can replace my paid for apps with something else.
Shut up Google. Most malware comes from the play store.
- monkE ( @monkE@feddit.ch ) 3•11 months ago
It’s fine if you downloaded it from official place. Sometimes warnings are shown for apps which are patched or forked from original. If it’s the offical place then don’t worry