The GraphineOS project seems to recommend 2 app stores :

  • accrescent
  • sandboxed Google play
    They also say that we should avoid using the aurora store and f droid for many security reasons.

We all need proprietary invasive apps like banking apps unfortunately, sandboxed Google play store seems to be the solution for this. It's apparently the best approach because of security and the fact that most of theses apps depend on google play services anyway. It seems to be recommended to keep this in an isolated profile or private space.

We all use open source apps and how to get them is what's troubling me.

Should we just create a throwaway google account to get all of them ?

Accrescent seems very secure and private, but right now their are only 20 apps on it. Development seems slow. Why no one is funding it ? Do people think we should move away from stores and centralized ways of getting apps ?

I still don't really understand why the project doesn't recommend obtanium + appverifier for first install.
When looked at previous posts, i found this FROM GraphineOS IN Graphene like iOS : "Obtainium really can't be the answer. It's only even seriously considered because Android has signing verification built-in with pinning, but it lacks an answer for the initial installation being secured well which is important."
Is this with or without appverifier ? Is appverifier verification inferior to accrescent ?
We shouldn't trust the appverifier database ?

Also, are the VPN leaks fully fixed ? If that's the case when Tor VPN will be out we will be golden.

I think it's going to be a very interesting conversation and I'm looking forward to read your thoughts and maybe even the thoughts of the GraphineOS dev team which are btw the best.

    hello11 Should we just create a throwaway google account to get all of them ?

    Yes.

    hello11 Do people think we should move away from stores and centralized ways of getting apps ?

    Not really, this is currently the situation we are in and it isn't particularly secure. Centralized stores are the most secure options.

    hello11 Development seems slow.

    The developers of Accrescent are not currently looking to get as many apps as possible on their store but rather focusing on more backend stuff like the developer experience and ensuring the app is stable. Give it time, it is still in pre-alpha.

    hello11 I still don't really understand why the project doesn't recommend obtanium + appverifier for first install.

    Although it is a solution that works, it is not convenient or easy for non-technical users.

    hello11 Is this with or without appverifier ?

    This is without app verifier.

    hello11 Is appverifier verification inferior to accrescent ?

    Accrescent automatically does what AppVerifier accomplishes rather than you having to do it manually. You also run into problems when the AppVerifier app database does not have the hash for an app you are installing, so you cannot verify it. The developer of AppVerifier has said that the database is planned to be depreciated once Accrescent becomes stable as there would be no point to using AppVerifier if you get all your apps from Accrescent anyway.

    hello11 We shouldn't trust the appverifier database ?

    You should trust it and use it whenever possible if you are installing apps from a source outside the Play Store or Accrescent.

    hello11 Also, are the VPN leaks fully fixed ?

    Not yet, there are a few leaks remaining.