Alternative to Breezy Weather

Graphene1

I'm currently unifying app sources to get everything from a single source, the Play Store.

Any recommendations for an open source weather app? Obviously Breezy is the one but its not available on the Play Store.

NetRunner88

Graphene1
Give Weawow a try

FaberCastell

Graphene1
I don't have an answer, but I am curious as to why you are choosing Play Store as your single source?

DeletedUser235

Graphene1
Disclaimer : won't help.
I am also trying to get all my apps from the Play Store for security and automatic updates but of the 55 apps that show in my app grid, there is two that I download outside of the Play Store and GOS app store : Libretube and my weather app.
Between WeatherMaster, Burs Weather and Breezy Weather, weather apps outside ouf the play store are just much better imo. So I stay like this.

missing-root

Graphene1

Lol I can recommend against that. The Playstore may stall updates, remove apps, host fake apps or apps with proprietary libraries included unlike "foss" releases they would publish on Github, F-Droid, own F-Droid repos or Accrescent.

NetRunner88

FaberCastell

Maybe security concern ?

Graphene1

FaberCastell after reading the security concerns with certain methods within the recent F-Droid thread, I have come to the conclusion that PlayStore is the only way for me (unless Accrescent steps up the number of apps over the coming months/ years) given my lack of understanding on the matter I need some level of filter/ checks.

I have a feeling at some point a popular app withing the community will turn out to be or turn malicious. Surely it's only a matter of time. I hope I am wrong of course.

Graphene1

DeletedUser235 yeah NewPipe was an issue for me to at first but iv now stopped using YouTube front ends for two reasons. 1) I find it to distracting to have my follows and access to everything at the click of a button. 2) they frequently stop working.

I now just use Brave browser and manually search on youtube without a YouTube account for what I want to watch. Adds friction so it's not as convenient but removes all adds which is my goal.

AlphaElwedritsch

OSS weather
com.akylas.weather

Graphene1

AlphaElwedritsch lovely thanks. I went with OSS

FaberCastell

Graphene1 will turn out to be or turn malicious

TrustExecutor the strong security of GOS

In what ways do the malicious apps misbehave?
And how does GOS prevent it?

I would imagine it is commonplace to have bad apps abusing privacy or data harvesting, but what are the threats beyond that?

TrustExecutor

Worth noticing, apps that are malicious in various ways should probably be avoided, but the strong security of GOS like additional permissions, sandboxing, MTE, storage scopes can sometimes be used in a somewhat secure manner anyway depending on the severity and your threat model.

TrustExecutor

FaberCastell
For example, the fine-grained permissions control in grapheneOS allow to turn off network permission so no data exfiltration can occur, and the sensors permission allows for not allowing apps to exploit that feature. Then it is Storage Scopes which prevent malicious apps to access sensitive data, Sandboxed Play and other features native to GrapheneOS that makes it much better than stock OS privacy wise. Also the robust exploit mitigations, full verified boot makes it much harder for malware to get on to your device and persist reboots.

I suggest reading through the features-page if you haven't done it already.
https://grapheneos.org/features

FaberCastell

TrustExecutor
I have read the features page, but could probably do with a re read... I suppose I am trying to approach it with a greater understanding of the threats that it mitigates

TrustExecutor full verified boot makes it much harder for malware to get on to your device and persist reboots

Does this mean that even if you get a malicious app a reboot will spot it and get rid of it?

TrustExecutor prevent malicious apps to access sensitive data

What ways can a malicious app access sensitive data. Do you mean access your eg photos and other files, or can it force other apps to give up info re passwords or log in credentials etc

TrustExecutor

FaberCastell I have read the features page, but could probably do with a re read... I suppose I am trying to approach it with a greater understanding of the threats that it mitigates

For sure. I can also recommend the interview with one of the GrapheneOS developers on THe Hated One's channel.
https://www.youtube.com/watch?v=WkQ_OCzuLNg

FaberCastell Does this mean that even if you get a malicious app a reboot will spot it and get rid of it?

If a malware succeeds in getting persistence into the operating system it can not survive a reboot, because on reboot the bootloader checks the whole boot chain including the operating system's kernel cryptographically and fresh OS image gets loaded. https://source.android.com/docs/security/features/verifiedboot

FaberCastell What ways can a malicious app access sensitive data. Do you mean access your eg photos and other files, or can it force other apps to give up info re passwords or log in credentials etc

With Storage scopes the app can only access the files itself creates, even if it demand higher perissions. Storage Scopes tricks the app that it has full permissions.

Clark

TrustExecutor If a malware succeeds in getting persistence into the operating system it can not survive a reboot, because on reboot the bootloader checks the whole boot chain including the operating system's kernel cryptographically and fresh OS image gets loaded

When the fresh image gets loaded will the phone lose all its contents and you have to set it up all over again?

TrustExecutor

Clark
No, from what I can comprehend the user data is stored in a separate partition. The user gets alerted and a fresh image gets loaded if it is not corrupted.

DeletedUser127

QuickWeather
https://github.com/TylerWilliamson/QuickWeather?tab=readme-ov-file
https://play.google.com/store/apps/details?id=com.ominous.quickweather

Graphene1

missing-root no doubt. I'm looking forward to the ongoing development of Accrescent and hopefully one day I'll be able to solely use this as the only app source (assuming things play out as expected and it remains a trustworthy alternative to the Play Store)