you need Google to tell you what safe and what’s not? have you ever used a desktop operating system where you usually install programs from different sources?
Comment on Chameleon Android malware can turn off fingerprint unlock to steal your pin
VieuxQueb@lemmy.world 9 months agoAnd not from the play store or official bank site.
If you install an APK from unreliable source you should treat your phone and account as corrupted.
sir_reginald@lemmy.world 9 months ago
Scubus@sh.itjust.works 9 months ago
Lmao what? I have literally never found an APK I was looking for that did anything sketchy to my phone
Fiivemacs@lemmy.ca 9 months ago
That you know of, but I get what you’re saying
tsonfeir@lemm.ee 9 months ago
That you know of
BearOfaTime@lemm.ee 9 months ago
You mean like Play, which is where 99% of installed malware comes from?
Cethin@lemmy.zip 9 months ago
It’s funny imagining people saying this for anything but a phone. “You can only download from the Microsoft store or you should consider your device corrupted.” Take caution, but you don’t need to rely on daddy Google alone.
Transporter_Room_3@startrek.website 9 months ago
Damn, here I was worried I had bricked my phone and made it unusable by loading up my own personal apks when I was trying to learn coding and different app studios.
I feel like I would have noticed if my phone was unusable though…
JaddedFauceet@lemmy.world 9 months ago
not funny anymore. Banks and regulatory are doing this in some countries. Their app just refuses to open if users install any app outside of Google Play Stores.
Take a look at this mothership.sg/…/ocbc-security-feature-delete-thir…
AdmiralShat@programming.dev 9 months ago
I don’t think this person was saying they think all manual apk installs are suspect, just that installing apks from an unreliable source.
driveway@lemmy.zip 9 months ago
Most apps choose to distribute through Play Store only though. If the devs aren’t officially distributing on a separate platform or provide signing keys for you to verify the signature of the APK you get from elsewhere, you’re just asking for malware by downloading it anywhere else.