KDE Connect is also available through Google Play and most likely signed with a different key as the F-Droid Version. Since Play Protect checks the App signatures, it probably detected this discrepancy and determined the App was fake. Not really an Assholedesign as this is a valid concern if a normal user downloads an app from the internet.
It could just ask before removing shit. Remove the permissions, freeze the app, prompt the user to confirm they meant to install it from somewhere other than the playstore. Hell, since it can detect F-Droid is installed, maybe use some context clues and ask the user to confirm this app was installed from there?
More importantly, can you tell it to ignore certain apps? I don’t know, I’ve had Play Protect turned off forever. If not, that’s absolutely asshole design.
More importantly, can you tell it to ignore certain apps?
Yes, but it stops ignoring them after a while
On the other hand it’s a valid case to have the app installed by means other than the play store. I can’t imagine they have found this discrepancy in signatures for the first time.
Probably most other apps are correctly signed with the same certificate on both sites.
No they are not: F-Droid builds a signs the apps independently. Source: I have apps on both stores.
Imagine doing a business if Google one day start to hate you.
No listing on most popular and the only search engine that counts. Most popular browser gives a big red warning for your website. Even with different browser it won’t connect due to Google being the most popular DNS provider. No app on the only widely used app store on Android - the only OS phone manufactures use besides Apple. Your app is automatically uninstalled on >99% Android phones. Your calls gets blocked by Android spam detector. Your e-mails get blocked by Gmail. And besides that, Google would pumps all of your competition up.
That much power over the market is very dangerous and should not be legal.
There was a similar thread where Play Protect blocked installation of Signal. As it turned out, said copy of Signal was indeed fake, as op downloaded it from F-Droid, where it’s not being distributed.
Maybe it’s the same case here?
Hilariously, Google Play Protect is one of the worst tools on Android at detecting malware and triggering false positives, and consistently scores poorly in independent tests like AV-Test and AV-Comparatives. You can find links to these tests on the AMTSO website.
- (open) play store
- (tap) your profile picture
- (open) Manage apps & device
- (open) Google play protect
- (tap) settings icon at the top
- (disable) scan apps with play protect
- congratulations, google will babysit us less than before
- install kde connect again
Optional:
- send a hate email to google support but do not abuse the employee reading it, because he is probably under pressure 25h a day by google