Wasnt there an issue where certain devs’ accounts were compromised and malware was being distributed?

EDIT: that wasnt why. Kde connect was removed until its sms functionality was removed due to new security policies: https://www.bleepingcomputer.com/news/mobile/kde-connect-kicked-from-google-play-returns-less-the-app-it-was/

Google Play meets every definition of being a rootkit.

How rich is it that Googles closed source malware blackbox software is removing FOSS software and labeling it a threat.

Where did you get your APK from? My copy from F-Droid isn’t even being marked as dangerous.

Also, your webp has a lot of JPEG artifacting. I’m not sure why, but next time you download your screenshot from Reddit you might want to take the compression down a tad. The original is only 40KiB…

Edit: based on someone else’s screenshot:

it’s probably because there’s an org.kde.kdeconnect package on the Play Store with a different signature. “Same package name, different signature” is probably the most basic form of fake app detection they implement and I can see why they thought it was a good idea. Pretty shit that they still seem to kill apps when Play Protect is supposed to be disabled, though!

Or someone hacked a server somewhere and uploaded a copy with malware in it. That occasionally happens in open source projects but you usually hear about it.

I’m seeing these quite often with people taking the name of the app as “proof” it’s fine. Even if you got it from a reputable source, you should verify the checksum at the very least. Because if you don’t, thinking this stupid feature is stupid, you may just have malware on your system.

That’s fucked up.

Google thinks anything that isn’t Google is harmful(to their bottom line).

As an F-Droid enthusiast, I think Google Play is malware.

If everything around you is harmful maybe you are the harmful one google

Did the same to me but with Samsung Wallet lmao

uBlock Origin is harmful to our profitability and was uninstalled.

That’s why I decided to turn Play Protect off. Kinda useless for me and only does bullshit like that.

Meanwhile, I can’t view a single Google service without ads for Temu being pushed hard all over my shit despite it literally being spyware

Installed my version with f-droid.

No problems for me.

Edit I’ve made it a rule-always check for open source or non-Google source, installation away from play store is vastly preferred.

That’s due to Google adding play protect to the play store, which scans for “malicious” apps on your device that were installed outside of the play store. If you’re someone that likes to sideload and knows what they are doing then I would suggest turning it off to avoid Google removing your stuff.

I wanna preface this by saying that I run GrapheneOS (GOS), so idk if that has anything to do with the fact that nothing has flagged my version of KDE Connect. If it’s a Google Play Services (GPS) thing, then:

1. I guess it depends on whether you run GPS on your GOS phone, or
2. Maybe it doesn’t even depend on #1, since GPS runs as unprivileged. I put KDE it on my GPS profile, and didn’t get any notification about this.

Guessing this is just a Play Protect thing.

Nevertheless, if you’re installing FOSS apps, try installing them via Obtanium instead of the Google Play Store.

You can simply copy and paste the source code URL into Obtanium, and it’ll grab the APK, as well as notify you when there’s updates.

It supports F-Droid, GitHub, GitLab, and other sources.