Even worse. Many apps have google signature instead of the developers. They upload their key and give it to google. Horrible practice. Nowadays, fdroid gravitates towards reproducible builds with the dev's own signature and google is going the other way round. Gravitating towards an unsafe "best practice" ...

[–] princessnorah@lemmy.blahaj.zone 8 points 2 months ago (1 children)

Potentially, but that doesn't really matter, as you can match the signatures of the two versions and see that they are the same. You cannot fake that and have one version have different code, it's not possible.

[–] GingeyBook@lemm.ee 3 points 2 months ago

Thanks for the insight :)

[–] matcha_addict@lemy.lol 5 points 2 months ago (1 children)

What does Google play do to remediate it?

[–] Chewy7324@discuss.tchncs.de 2 points 2 months ago

They do basic checking for known malware.

[–] Estebiu@lemmy.dbzer0.com 11 points 2 months ago

IzzyOnDroid link if you dont have the play store.

[–] three@lemm.ee 4 points 2 months ago (1 children)

So this is just VueTorrent in an app

[–] Matth78@lemm.ee 1 points 2 months ago* (last edited 2 months ago) (1 children)

I would say VueTorrent has more features. Yet on Android as it's not an app you can't make it open magnet links or torrents when tapping / downloading one.
That would be great to have it as an app or to be able to turn it into a pwa.

[–] anzo@programming.dev 1 points 2 months ago

The closest would be a folder, synchronized between phone and computer (e.g. using syncthing) where you save the torrent files. Then the client scans and automatically adds torrents from there. It will remove such files, so while at it, you should also configure to save completed torrent files somewhere. When possible, torrent files are a better option (they bring metadata, required if you ever wanted to re-share some content).

[–] sag@lemm.ee 1 points 2 months ago

I wish there was a good free and open-source downloader with torrent support, like 1DM+.