Bitcoin Forum
September 15, 2019, 11:12:47 AM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
Author Topic: [ANN] [BETA] altdroid - Bitcoin-powered Android app store  (Read 1536 times)
Offline Offline

Activity: 51
Merit: 0

View Profile
January 11, 2017, 09:15:03 PM
Last edit: January 11, 2017, 09:28:14 PM by xane

While I love the idea of providing access to less known/officially declined apps but there is also a huge problem with this approach.
How will you check and make sure that apps in your store are legit and harmless? I feel like your appstore may become nest for malicious apps very fast.
I mean, there is history of malicious apps found in official google store so with your unofficial store number of problematic apps might skyrocket.

App safety (let's call it) is a valid concern but is actually much easier to achieve than one might think. Firstly, though, although a malicious app story makes good linkbait for mainstream media outlets, the threat is actually very uncommon compared to the number of non-malicious apps. I think the Google play store is a testament to that if you look at the billions of downloads of safe and legitimate apps compared to the number of reported or suspected attacks. Still, it's inevitable there will be some attempts.

We employ basically the same approaches Google employs but at a potentially even higher level. First we run automated sophisticated analysis tools against the apps to detect any obvious concerns. Things like SMS capabilities in a calculator app or root access attempts in a social media app. It will also tell us if a previously released app is now suddenly requesting premium SMS, camera, microphone, and location permissions when it previously only had Internet access, for example. The second stage is a general developer verification process to prevent imposters. This is so someone can't pose as the author to an app they don't actually own, for example. The final stage which will be implemented in the near future will be the peer/user flagging ability, so users who have concerns about an app will have a mechanism for us to impose an additional review process.

When you add up all these strategies and combine them with Android's own security model, the net effect is that apps from any app store including altdroid are statistically very safe. And when you compare this to the alternative (say, sideloading an APK from the developer's website directly), our process is an immense security enhancement. Still, there's no way for any app store to guarantee 100% that every app is completely benign. Thus users should always use extreme caution when installing any new app from any source and employ common sense by reviewing app permissions and avoiding any app that raises any doubt.
Pages: « 1 [2]  All
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!