Re: APKMirror: I have the same questions I have about all APK proxy services - which claim to pull the APKs directly form the Play Store - why would I trust it to provide software that isn't infected with malware?
Other than APK Downloader, I haven't found another credible source among the very many options. Any solutions would be appreciated.
----
[0] APK Downloader, for those interested ... I'd start with the original, but the others might suit your needs:
You are fine using apkmirror to grab an update you haven't yet received from the Play Store. When you install the apk, Android knows you are updating an app, verifies the signature, and ensures it came from the same developer.
Android is sane: it won't let you downgrade, further updates from the store will work correctly, etc. Since apkmirror usually get their apks from the Play Store, you'll be okay if you know what you are doing.
That said, your skeptical attitude is very appropriate. Installing apks from outside of the Play Store is by far the biggest vector for malware. Users that only install from the Play Store are currently safe (less than 0.15% of those users get malware).
> You are fine using apkmirror to grab an update you haven't yet received from the Play Store. When you install the apk, Android knows you are updating an app, verifies the signature, and ensures it came from the same developer.
Great point; thanks.
> apkmirror usually get their apks from the Play Store
How do you know this? I've read reports of other Play Store proxies who injected malware.
> your skeptical attitude is very appropriate. Installing apks from outside of the Play Store is by far the biggest vector for malware
I was talking about APK proxy services, which claimed to pull the APKs from Google Play Store. For app stores, there are other generally reputable sources, such as,
* F-Droid, which focuses on free/open source software and user privacy. It has an excellent reputation and builds every app from source.
* Aptoide: Large commercial market, claims to screen apps for malware
* SlideME: At least at one time, reputedly focused on small, indie devs.
* GetJar: "The worlds biggest Open App Store", Started "by developers for developers"
Android is sane: it won't let you downgrade, further updates from the store will work correctly, etc. Since apkmirror usually get their apks from the Play Store, you'll be okay if you know what you are doing.
That said, your skeptical attitude is very appropriate. Installing apks from outside of the Play Store is by far the biggest vector for malware. Users that only install from the Play Store are currently safe (less than 0.15% of those users get malware).