ava on Nostr: ###### **Your Cheat Sheet to Installing Android Apps the Privacy Respecting Way: From ...
###### **Your Cheat Sheet to Installing Android Apps the Privacy Respecting Way: From Direct Sources to Google Play Store**
**1. Direct from Developer**
- Get APKs directly from GitHub, GitLab, or Codeberg etc. using Obtanium
- If the app is on Accrescent, use Accrescent
**2. F-Droid**
Use only in these cases:
- When it's the developer's chosen release channel
- When no other distribution option exists
Most devs will put F-Droid instructions or a download button on their Git page or website. Use the developer's official F-Droid release repository or recommended repository whenever available (eg: many devs use IzzyOnDroid F-Droid repo for their releases instead of creating their own).
**When using F-Droid:**
- Use the official "**F-Droid Basic**" client
- Benefits: Automatic background updates without privileged extension or root
- Enhanced security through reduced feature set and attack surface
- Do not use alternative clients like Neo Store
**3. Google Play Store**
Use only if the app is unavailable through any other official channel.
Some prefer to use Aurora Store (a Google Play Store client which does not require a Google account, Google Play Services, or microG to download apps).
This is threat model and usecase dependent.
I prefer to just use Google Play since I have it installed on GrapheneOS where I use some paid apps not available anywhere else, and I want to keep all of my apps all in one place.
(Optional) Create an anonymous Gmail account and use it for Google Play.
---
*Note: This approach aligns with PrivacyGuides and GrapheneOS recommendations, as well as modern security standards. Third-party F-Droid clients are not recommended.*
```
#Ikitao #OPSEC #Privacy #Android #GrapheneOS
**1. Direct from Developer**
- Get APKs directly from GitHub, GitLab, or Codeberg etc. using Obtanium
- If the app is on Accrescent, use Accrescent
**2. F-Droid**
Use only in these cases:
- When it's the developer's chosen release channel
- When no other distribution option exists
Most devs will put F-Droid instructions or a download button on their Git page or website. Use the developer's official F-Droid release repository or recommended repository whenever available (eg: many devs use IzzyOnDroid F-Droid repo for their releases instead of creating their own).
**When using F-Droid:**
- Use the official "**F-Droid Basic**" client
- Benefits: Automatic background updates without privileged extension or root
- Enhanced security through reduced feature set and attack surface
- Do not use alternative clients like Neo Store
**3. Google Play Store**
Use only if the app is unavailable through any other official channel.
Some prefer to use Aurora Store (a Google Play Store client which does not require a Google account, Google Play Services, or microG to download apps).
This is threat model and usecase dependent.
I prefer to just use Google Play since I have it installed on GrapheneOS where I use some paid apps not available anywhere else, and I want to keep all of my apps all in one place.
(Optional) Create an anonymous Gmail account and use it for Google Play.
---
*Note: This approach aligns with PrivacyGuides and GrapheneOS recommendations, as well as modern security standards. Third-party F-Droid clients are not recommended.*
```
#Ikitao #OPSEC #Privacy #Android #GrapheneOS