- cross-posted to:
- technology@lemmy.world
- nextcloud@lemmy.ml
- cross-posted to:
- technology@lemmy.world
- nextcloud@lemmy.ml
cross-posted from: https://lazysoci.al/post/26355008
You must log in or # to comment.
While a fully functional version is available on F-Droid, the Play Store edition is subject to Google’s imposed limitations.
I think that’s the cause and solution rolled into one sentence right there. Use F-droid instead of Play Store.
Unfortunately I think this is going to be an inevitable problem with any software repository. F-Droid just expects users to go to the repository and inspect the code if they have concerns, or to trust the developer. Google can verify their own code isn’t malicious. They can’t verify the code of potentially millions of apps submitted to the Play Store that will inevitably ask for access to your entire filesystem, if given the option. Because let’s face it, the majority of mobile apps these days are just spyware whose primary purpose is hoovering up as much data as humanly possible to sell to data brokers.
Nextcloud is in the main repo
Huh?
What’s confusing?
Nextcloud is in the F-droid main repo
Its confusing that you didn’t say F-droid
I’m confused because I don’t understand why you’re telling me this.
I try to avoid the play store at this point. I even switched Tasker from the Play store version to the standalone non-google APK from João himself (Patreon-exclusive; or you can email him for a license, it’s like $4).
Any time I implement an open-source project that offers an Android app, I immediately search their github/gitlab or F-Droid. I don’t even try to look on the play store anymore. Too much tracking bullshit.
Order of installation:
-
Fdroid
-
Aurora
-
Playstore… and if I get to this point, probably about 80% of the time I just don’t bother. If it needs Google Play Services, 100% no-install.
-
If you haven’t, take a look at “Obtanium”. It searches F-droid, github, gitlab, and a few other sources for android releases of open source projects.
Oof, there’s a reason you use an app store. Dont download shit direct from the internet. Thats how you get malware
Yes because it’s that simple. Every file online that’s not from some huge corporation is spyware. /s
Some people are strange - we know what we’re doing, we know a site and whether they have a solid reputation, we have experience and can determine when we’re getting a safe file. Oh, and do you truly believe that the “official” sources don’t dole out spyware left & right? Don’t be this naive; It’s not as simple as you stated. That’s just the general carte blanche rule that experts tell ordinary users because if we didn’t, they would download crap from everywhere under the sun and load up on malware every day.
Buddy, pal, my absolute friend.
It’s not like I’m not vetting the source code. Are you out here installing from sources that don’t let you vett your source code?
Enjoy your spyware I guess 🙄
I do verify signatures, yes. If it isnt singed, I don’t install it.
Thats why you use fdroid.
F-droid is better as it is an actual app store with actual rules. You can still add external repos but ideally you should use main.
The F-droid app is complete garbage, also they don’t make it easy to install apps that are open source but don’t follow GPL. Obtainium is perfect, just point to git repository. Now all we need is a P2P source control service.
Obtanium is not meant as a replacement for f-droid. While it can be used as an f-droid frontend, I primarily use it to install from git repos such that I can track their releases page for updates automatically when using apps like freetube which generally only work reliably if you’re on the nightly release.
Enjoy your spyware I guess.
Oh yeah, I have at least 10 apps on that haha. Fantastic piece of software.
That explains why some files don’t sync on my device … just more reasons to fully switch to Lineage/Linux
Though, I’ve never seen any warning from Nextcloud that there might be an issue due to using the gplay version
If you have a Google Pixel I reccomend GraphineOS
That’s my major critique point of Graphene - it’s nice and all, but directly or indirectly supporting Google is pretty contrary to my goal. And, ofc, I’d much rather have a fairphone. I’d wish they’d support Google’s special security features too.
Special security features? Fairphone either doesn’t or improperly supports basic security features. They’re late on security patches, their implementation of verified boot is broken, and generally their security is worse than any other major phone brand.
How much of that is relevant with a custom ROM?
All of it, custom roms dont help at all. For example custom roms dont solve their broken implementation of verified boot or how they used public keys for verified boot. In addition custom roms rarely go out of their way to add security patches that the OEM hasnt added themselves. For example, GraphineOS relies on Google to publish security patches in a timely manner for them to keep GraphineOS secure. GraphineOS can trust Google because they have a proven track record of publishing open source security peatches in a timely manner while Fairphone has proven to be the exact opposite.
I was wondering why my custom sync folders weren’t syncing anymore.
a fully functional version is available on F-Droid
Jup, I just assumed that I had the F-Droid version. I just downloaded dev from there
The thing is, this change isn’t new, it’s been coming for a while.
Though it’s weird, some apps still get full access, such as Resilio Sync, though other similar apps such as Nextcloud and Syncthing don’t.
I recently setup a phone and when installing Resilio it asked for permissions to the entire SD card.
Something fishy going on.
