(Rant)
At somepoint, HSBC decided KDE Connect installed via F-Droid is less secure.
Then it decide non-whitelisted keyborads are a security risk. Only Gboard and Samsung Keyboard is confirmed within the whitelist.
I understand the point that risk can be introduce at various points, yet this is simply too much. Yeah there are people phone infected by malware but from Play Store. Not a single time I heard one ever happened on F-Droid distributed apps, at least not from the official repo. Also, I will put more trust on an open source keyboard than any proprietary keyboard.
Furthermore, I’m shocked that an app can read my app list, and current keyboard (introduced in Android 14). This just make building a profile much easier as I belive everyone almost have an unique set of apps they like. I don’t think any apps need such functionality. Why the f it needs to care what input devices I uses? This make me worry more about untold (aka burried deep in Privacy Policy) data collection.
how the fuck do they see that you have these apps?? Wasn’t it google’s justification for destroying /proc and all resource monitor apps with it that they have put querying of installed apps behind a permission?
I saw a bank in my country requiring to have the permission for apps usage, the one that you have to go in settings and toggle it. Refuse and it closes the app
Perhaps you could report it to Google Play for that?
Google enforces rules only against small devs. Big companies are allowed to do what the fuck they want.
Example with one of those “ad viewing apps disguised as games”, every single screenshot is misleading, showing a different game to what actually will be downloaded. It’s clearly a violation of Google Play terms that read:
In the example not a single screenshot demonstrate the actual game experience.
Google sees the big cash influx from ad impressions and IAP from whales and is closing all the eyes
Tencent and Alibaba instead are still allowed to illegally fingerprint and track the user by placing tracking data in /Pictures/.gs_fs0 which for some reason they can access even without storage/photo permission
So /proc is virtual so it is only processes and not apps.
The app probably requires a permission that grants it access to that information.