- Edited
[deleted] yeah it works for some people but not others (me). That's why I wouldn't consider it reliable.
See : Chopped7821
What is a good appstore to use on graphene considerations?
yeah thanks. for the hint with obtainium. I have a dumb: question: I have agoogle pixel 6a
which one of the files do i need? I suppose the 54 MB app-release.apk?
Sorry but it confuses me that another one is written at top...
Thanks..
Great help, thx mate. I just heard/read that F-Droid is not that secure. So i guess i will give obtainium a try. But if that is to much fuzzing, your solution sounds like stressfree alternative.
PS I read something from a year ago that Apps downloaded with Aurora don't update?? Is this still true?
SpeakYourMind I highly recommend the Google play store. Safety first and foremost. Interestingly, there's a partnership with ESET to detect rogue applications and ensure that applications don't contain viruses that could be triggered some time after installation.
Chopped7821
Hi again,
i added the release page to obtainium/App Source URL: https://gitlab.com/AuroraOSS/AuroraStore/-/releases
And i have Version 4.23 installed but it doesn' find the new version 4.24?
Anything else i have to do?
What i noticed is that obatainium changed the link that i adde to gitlab.com/AuroraOss/AuroraStore
but i don't know how to force obtainium to keep to the original link?
Greetings!
Without meaning to disregard the position of others on fdroid being insecure, i have argued and would argue that is not true.
Downloading from fdroid is as secure as downloading from github.
There was a technical argument laid against fdroid, however i have critiqued this argument already and have not heard any meaningful counter argument against it yet.
Bottom line: fdroid has some potential issues however those issues do not apply in all situations and the categorical statement that "f-droid" is not secure is simply not true. Downloading from github is not safer than downloading from fdroid. In fact I might argue the contrary, or at least parity.
Do know that fdroid is not a replacement for play store as most apps on playstore are not available on fdroid. Also many apps are fdroid are not available in playstore. So they are "different" libraries with some crossover. Also some apps are only available from fdroid.
Don't use the official fdroid app, use droidify instead. Also be mindful that the app you download adheres to recent target API levels.
Understand what you are downloading from fdroid and you're good go.
For a guide to get you started on apps and stores read this:
https://discuss.grapheneos.org/d/5267-basics/9
- Edited
SpeakYourMind
The link that obtanium created for itself is the correct one.
The reason the latest version is not detected might be because of release channel factors (alpha, beta, etc). Try refreshing or change settings.
If you are in a rush just download the latest version from the gitlabs page.
Due to the recent problems with aurora's official download pages and versions made available recently i have personally decided to just use the version from fdroid. It gets released with a few days more delay but its been a more reliable source.
I have this problem as well and f-droid only has version 4.2.3 as well. If you want 4.2.4 then you'll probably have to uninstall the version you have and install from https://auroraoss.com/AuroraStore/Stable/AuroraStore_4.2.4.apk
I agree it's silly to say f-droid is insecure. There's plenty of malware on the play store, GitHub, and everywhere else. The way to protect against malware is to vet the app's developers or check the app's source code. Nobody's gonna catch malware for you. The reason I recommended Obtainium is because it lets you download from f-droid, GitHub, and other sources from one app.
Obtanium is a fantastic app and I highly recommend.
You need all 3 apps to have good and easy access to android apps. So get all three (Aurora, Droidify, Obtanium). Each does something the other 2 don't, so.
User2288 Mostly agree, it's great we have so many options nowadays to replace Play Store. For me usually Obtainium plus Aurora Store is enough, since Obtainium can access Github, F-Droid and Izzy. If I needed a separate F-Droid frontend, I'd go with Neo Store instead of Droid-ify. It might be not as pretty, but like the other apps it has an "update all" button which is so much more convenient in the long term...
User2288 On fdroid, the vast majority of applications are no longer maintained, and the fdroid application itself is not at a very high SDK level, which means that all this can weaken the AOSP security model. There was once an article written by a Frenchman which brought together reliable and verifiable sources, and which was based on real facts.
I mean, installing fdroid on GrapheneOS when there are other solutions is not a very logical choice.
- Edited
Ixirup https://wonderfall.space/marches-android-alternatifs/ This is a very good basis. And yes, downloading from github with obtainium isn't a great idea either. What shocks me about fdroid is not the application itself, but rather the developers who are in some kind of denial... One of them said on their forums that the SDK level wasn't important.
Ixirup
I think you haven't read the posts I linked to cause it would have answered this. Presence of outdated apps is not an argument against fdroid or an argument for security flaw, and also the official app is not mandatory, you can and should use a replacement.
Anyway, there arent too many good apps on fdroid anyway. Maybe about 5 to 10 common good ones for any idividual. If you get them with neostore or droidify or with browser directly, there is no security issue any more than getting from any other source. They are updated apps.
Thanks for all the great answers, but it's still a bit overwhelming.
What i am struggling right now a bit is the following questions.
- So if the apps from Aurora store don't update automatically - how do you handle this then?
- What i didn't think about - till now - is what problems security wise arise from the fact that the apps from aurora are installed with a shared account with some strangers? Would it be better to make a google account just to download the apps. Or is this a silly idea and makes no difference to using google playstore.?
- @"Ixirup": "And yes, downloading from github with obtainium isn't a great idea either. " Why is it not a good idea to download from Github. I thought is is more or less the gold standard since it has been used to share code for ages and its used a lot?
Thanks a lot...
[deleted]
- Edited
SpeakYourMind So if the apps from Aurora store don't update automatically - how do you handle this then?
Not an Aurora user but if it's still doesn't do unattended updates, you need to manually go in there and update what you need from within the Aurora app.
SpeakYourMind What i didn't think about - till now - is what problems security wise arise from the fact that the apps from aurora are installed with a shared account with some strangers? Would it be better to make a google account
With a shared account it's the same risks as if you would have used mine account without having access to its credentials. It's just a strangers Google account. If don't mind using your own account (throwaway or otherwise) just use Play.
SpeakYourMind Why is it not a good idea to download from Github. I thought is is more or less the gold standard since it has been used to share code for ages and its used a lot?
Obtainium is fine. If you don't trust it, download the app manually from GitHub first and then start tracking it through Obtainium. Developer distributed APKs from GitHub or otherwise are in fact officially recommended by GrapehenOS among the best ways to get apps. If you only use a few APKs it makes more sense to manually update them IMO but if it's a dozen or more Obtainium might be worth the extra overhead.
N1b
Whre would you download Neo Store? It sounds good, on the github page it says download from F-Droid (which most here say is not secure) or "IzzyOnDroid" which i don't know how good that is. i would like to install it that it updates itself. Which way to go?
Good night... alll...
SpeakYourMind Whre would you download Neo Store?
You can download it from Github directly (scroll further down and you'll find the releases: https://github.com/NeoApplications/Neo-Store/releases)
I'm not sure if it will pull the self-updates from github or Izzy after that. If you trust Izzy and have their repository activated, you can install it from there since it will usually find an update there a few days before F-Droid. I got mine from Izzy about a year ago and it worked ever since.
SpeakYourMind Why is it not a good idea to download from Github. I thought is is more or less the gold standard since it has been used to share code for ages and its used a lot?
It's not that downloading from Github is a bad idea. It simply ends up with you trusting the source of the app you download. Really great and secure apps are hosted on Github, as well as badly coded ones, or ones that are forked and pretend to be legitimate.
[deleted]
Chopped7821 You should use f-droid
I don't know why you are recommending a repository who's official frontend literally targets Andeoid 7.1