How secure is apkpure.com?

I have just seen, that the apk fror Magic Earth (default mapps app) is coming from apkpure. As far as I know, nobody can ensure that the apk 's from apkpure are ‘untouched’.

So my question is: Can we really trust apkpure.com ?

(I know, there are similar posts regarding source eOS apps store akp’s), but this is different, because it a build in default app)

2 Likes

I know where this debate will go. It just gives more fuel to all the waiting in the wings e-haters to rant and vent about /e/.
All I can say is if you do not trust an app do not use it. The day users entirely agree that they do not need whatsapp , facebook and other such apps we will not need an apk pure in between. Can we have a consensus on no - unsafe apps ? Can all users of /e/OS agree to that. I do not think so. Half the questions on this forum is how to run whatsapp or other such ‘google’ apps.

No, I don’t think so. If in app store are apps from apkpure or elsewhere it the user risk to install it. But MagicEarth is a system app and it’S coming from Apkpure. So I think it’s a good question. How secure apkpure is and how we can ensure that he apk is untouched

2 Likes

Since it is a system app and, for now, cannot be uninstalled, I think it’s fair enough to be insecure about its procedence.

And

Who are those “e-haters”? :man_shrugging:

Since I don’t like a Maps app pre-installed, I just removed it (with adb) so, yes, this is a fair question, in my opinion.

1 Like

Wait and watch how the arguments come in this thread and you will see where such discussion lead. There is a dedicated group of folks who do not even use /e/ and are just posting nonsense on this forum.
I know this is a good question and it has already been shared with the developers to provide an answer. There are a number of apps which can and should be removed as users may not need them .I hardly use maps or the weather widget as it does no give me the correct details for my location. The idea of a basic ROM which we had proposed some time back. That would be the best solution to all such problems. Install only what you want.

My point too - looking forward for this chance. You see, this was my primary reason to opt for Linux decades ago :smiley:

And talking about this:

We have an expression in Portuguese that, translated to English, would be something like “The dogs will bark but the caravan continues” - I couldn’t find a similar expression.

The poing being that since we want to asure the right and freedom of speech for all, one must be prepared for this kind of situation. And keep moving, never minding the bollocks!

3 Likes

This would be “the” solution for responsible citizens and /e/ users. A deGoogled /e/ OS ROM with “clean” browser, phone dialer and SMS message, file manager settings. No more

This would make /e/ critics go away and the /e/ team could focus more on the important things like /e/ OS ROM migration to 9-Pie.

3 Likes

Hi,

I don’t have any technical knowledge, so forgive me if this question sounds silly.

Is the magic earth apk from /e/ and apkpurethe same app, supplied by different providers, and presumably not interconnected?

Or is the magic earth app that is installed on /e/ somehow coming from apkpure? and ultimately what affect does that have?

Thanks

They are the same. Pl let us know if there is any difference in them.

Thanks for your reply. I’m trying to understand what the problem may be? how is it’s availability on another marketplace (apkpure) a concern?

My current alternative: Preinstalled /e/ Apps (visible on the homescreen) against Simple Mobil Tools, /e/ Maps (magicearth) against OsmAnd+ (full version) exchanged; otherwise FOSS Apps as far as the eye can see.

Why the fogginess around this topic? if you look here it still does not answer where the apps originate from. If they come from apkpure, just say so, let people decide if they trust it. I think being foggy about this subject does not help the project.

3 Likes

@facb69 That phrase has been known in English for a long time too. We have another: “Empty vessels make the most noise.”, which I think also applies to those @Manoj is referring to. As the Americans (used to) say, keep on trucking.

Hey @Vaughan

I didn’t know this. I just translated it literaly :smiley: Good to hear that it’s real because I like this expression.

The other phrase is very good too - the same meaning but it’s more elegant.

I prefer the imagery brought to mind by the one you used. It imbues progress with romanticism. Though that might be just an English perspective. The phrase is believed to be Arab or Turkish in origin, so quite exotic to the English.

Indeed.
It was very popular in Brazil back in the days. Now only the elders (like myself :smiley:) use it.

These questions about apkpure keep coming back again and again.
App Store or App Installer as it should have been named - it does not store apps only points to their location on FDroid or GPlay Store - acts like a intermediary, that is integrated into the /e/OS. It also removes the one additional step where we grant permission to install an app - Like on Aurora Store where you are explicitly asked to grant permission to install the app even after you press Install.
The whole idea behind the app installer was to make it easy for users to download apps from two different locations FDroid and GPlay Store without having to manually download them.
The integration of the apps is not fully effective in some cases as we do not mimic Google authentication or allow anonymous logins which would be a clear violation of google TOS. You may have noticed how at times Aurora store stops working - that happens because Google changes their authentication modes. Which means they are also aware of such stores and repositories. It is not all perfectly legal but exists as a workaround and we all use it to save users a round trip across multiple website to download their preferred apps.
The FOSS version of /e/OS will have only FDroid and a limited set of apps. The Apps Installer will continue on a version of the /e/OS for ‘normal’ non-technical users.
What I would like is someone - anyone with development skills - should point at discrepancies in the apks shared through App Installer. Check the same app on FDroid or Google PS and the one downloaded from App Installer and let us know if there is any change in the app.
Even after one year of App Installer coming on the /e/OS I am yet to see this evidence.

1 Like

Hi @Manoj thanks fir that. But I don’t understand 2 things:

  1. The app installer points to play store? That means, if I download a app with app installer it is downloading the apk from gplay store?

  2. I never talked about app installer apks. I have talked about the system app ‘magic earth’. This apk in eOS sources is coming from apkpure!!! That’s why I have created this post.

The same apps that are there on Play store or FDroid are picked up and downloaded by the App Installer. How that mechanics works in the code I do not know. Which is why I asked if you think we at /e/ are downloading and manipulating it in some way before letting users download it please show us how that is being done.
This is why I said at the start that the thread will go in a different direction. Magic Earth is not created by /e/ or Apk pure if that is what is being implied. Check the documentation here that has the details of the Magic Earth website which you can check.
All I can say is if you do not trust the App Installer do not use it. Same goes for any other app on /e/OS. The launcher - weather widget - Magic earth …

@manoj, pls forget the app installer. I’m NOT talking about app installer. Please !!!

pls have a look into the sources of prebuild apks. You will find this
Magic_Earth_Navigation_Maps_v7.1.20.2.9A95B974.C17C098B_apkpure.com.apk

And I’m only talking about this apk, NOT about app installer