search

termux / termux-packages

A package build system for Termux.
https://termux.dev
Other
13.33k stars 3.07k forks source link

[Information]:People releasing apps(on playstore) that promote hacking on termux #11048

Closed T-Dynamos closed 2 years ago

T-Dynamos commented 2 years ago

Some examples

https://play.google.com/store/apps/details?id=termux.tc.commands https://play.google.com/store/apps/details?id=termux.adv.tools.ter.mx.dev https://play.google.com/store/apps/details?id=termux.working.tools.commands https://play.google.com/store/apps/details?id=com.shinwari.app.TTC

This may lead to playstore warn termux as harmful app

ghost commented 2 years ago

Pretty much nothing we can do apart from reporting it by contacting its developer email, some of those apps that mislead information existed for a while now like ones released from 2020 and probably lots more

Application "potentially harmful app" assessment is probably done by reporting the application itself through PHA reporting or google play policy compliance, note that Termux play store has security vulnerabilities which it has to be removed which would have been slight possibility for google to mark Termux as PHA but unlikely since it hasn't been updated for almost 2 years

Those apps that promotes hacking won't affect Termux app in either way since those apps are just book apps that complies to the play policy because they aren't really hacking/malware tools and there are several apps available that involves "how to hack". those apps classified as User Generated Content

T-Dynamos commented 2 years ago

Also one these apps got removed with 50k downloads a month before ( developer was in my contact ) Ie https://play.google.com/store/apps/details?id=com.termux.command.and.usage.af

Efreak commented 2 years ago

It might be worthwhile to have an "official" termux app that's just a WebView for the wiki or some such. It probably wouldn't help much, but it wouldn't hurt, either.

ghost commented 2 years ago

Termux has "help" option in the context menu (long tap > more > help) which loads the online wiki. so having a separate app would be redundant and unnecessary.

sylirre commented 2 years ago

https://play.google.com/store/apps/details?id=termux.tc.commands https://play.google.com/store/apps/details?id=termux.adv.tools.ter.mx.dev https://play.google.com/store/apps/details?id=termux.working.tools.commands https://play.google.com/store/apps/details?id=com.shinwari.app.TTC

Those are considered as providing "educational" resources and Google will not care whether they are about hacking or something else. It doesn't really matter whether primary subject is "Termux" or "Kali Linux" environment in such kind of applications.

Termux will be considered as PHA only if will deliberately embed harmful functionality within APK file or in automated way download such code from the Internet.

I'm closing the issue since it isn't really a problem.

Think about this: it is not possible to control user generated content. Attempts to censor the derivative work made by community of free/open-source project may lead to certain issues. Restriction about hacking topic here on GitHub, our Reddit, Gitter, Discord, etc is made only to avoid skid-like behavior. But users still can read, use or produce the hax content on their own.

T-Dynamos commented 2 years ago

@sylirre Happy to see you