kevin0t
commented
1 month ago a reference image of the warning pop-up
Also i am unaware of the possibility that this addon won't fulfill googles' T&C to be listed on the playstore , so excuse me if i missed on this
Currently on enabling the decryption feature in pcapdroid , it downloads the mitm apk externally and asks the user to manually install it. This step obviously requires the user to enable sideloading apps from unknown sources. Though usually this would be not be huge concern if the user is already using other sources to download and install the pcapdroid app.( for example fdroid or github apk) . Also you may argue that mitm decryption would anyways intended at advanced users so they may as well know how to sideload and what precautions to take But the use case of this is that there maybe people who are not used to sideloading apps or people who are more concerned about their security and would altogether avoid enabling sideloading without any exceptions .(if you are enrolled in google advanced protection program , side-loading is not possible) Also it might be more user friendly , if users were straight redirected to the playstore to install the addon and avoid additional teps. Currently keepassdx on android which requires a yubikey backend to support yubikey function also redirects users to playstore app. This post was also inspired by the fact that google scanning detects this addon as malicious (with an option to "install it anyway") and may confuse users what exactly they should do next . not sure if they will allow listing a "malicious app" .