So, isn’t this debacle with SMT an example of one reason to prefer F-Droid over Google Play/Aurora if an app is available from both? If so, PG may want to add an additional explanation to their recommendations, or just outright begin recommending F-Droid. I for one am very glad I got friends and family to download SMT apps from F-Droid rather than Aurora/Play.
6 Likes
I think F-Droid should also be reconsidered, but what about the Github versions as well?
I had downloaded some SMT apps via Github, are they different/identical to Play Store or F-Droid or others?
1 Like
Or from GitHub releases with Obtainium (or RSS), which we definitely do recommend first.
But wouldn’t it be easier for ZipoApps to secretly inject some nefarious code into their GitHub versions rather than the F-Droid versions?
They could but SMT is being forked by one of the devs and there is no reason to use ZipoApps.
Yes, but what about people who are unaware of what’s going on and are currently getting SMT apk updates through Obtanium?
All future updates will be issued by ZipoApps and is there going to be some obvious notice of the business buy out for people prior updating?
1 Like
AFAIK fdroid doesn’t scan any malware of the apps after its first publication.
I guess Fdroid and Github are somewhat the same in the sense that the developers have the capability to push malicious updates (which is unlikely if tons of people are using it, is frequently updated, and audited by third parties publicly).
Even an Fdroid Contributor mentions you need to trust the upstream developers to ensure apps are indeed safe.
(Note: i am not a security tech analyst nor a developer—please correct me for any misinformation I have stated above.)
EDIT: Added “audited by third companies publicly” on 2nd paragraph.
2 Likes
Shame on SMP developper who sold it, even if he has the right to do that, it shows how much he has no respect anymore for its users privacy, what a sad end for Simple Mobile Tools.
I was using Simple Gallery, next update I’ll be consdering switching on Aves.
@IksNorTen Just switched from SMT Gallery ➜ Aves and it’s a pretty decent app so far (a bit laggy sometimes).
Though I wish Aves doesn’t have any internet permissions (it gives me a peace of mind) because AFAIK all of the SMT apps have minimal permissions and don’t require it.
That’s why I’m keeping an eye on FossifyX, maybe I’ll switch to it when it’s available and regularly maintained. But for now, I am satisfied with Aves.
EDIT: slight grammar fixes
2 Likes
We’ve never endorsed any of them because they aren’t particularly privacy friendly in any way whatsoever. They’re just some apps, that were open source. There are plenty of apps that are open source out there that we don’t recommend.
There has been threads about them requiring too many permissions (iirc their file manager). I seem to remember being told something about a PDF app too.
I briefly used their SMS app until I found this bug and basically got no follow up on it
If that’s the case, he probably fell for the marketing.
3 Likes
Aren’t apps like Simple Calendar Pro and Simple Gallery Pro mature, finished products, that also require no Internet connection? You can just block further updates and keep using them for years.
2 Likes
@Regime6045 That’s totally a reasonable thing to do but some people (including me) would rather find other foss alternatives that is regularly maintained and isn’t a “dead” project.
Vulnerability could still exist/being found so software is never 100% mature in the context of its security so that would open yourself up to possible unpatched vulnerability. I still uses closed source app and even when no one can read their code and even when daily update is with 50% chance of not fixing any vulnerability, theres the 50% chance it might too.
With what you’re suggesting, its 100% guaranteed since literal update is being (rightfully so) blocked and refuses to move elsewhere to other possibly better alternative.
Sane advice would be to follow the forked repo results and if it continues the spirit, move to them.
4 Likes
The GitHub account has been already closed…
It appears to have been moved to
4 Likes
Shouldn’t the developer ideally not sell the signing key to the new owners ? Rather than just the code.
My concern is that there should be atleast warning to existing users about the change in terms and conditions and licensing of simple apps.
Probably when a new app update is pushed by Zippoapps it should ask the users to either accept the new T&C of apps or to uninstall the app if they disagree to it.
This way no user is fooled into giving up their privacy to the new owners as simply disclosing the T&C on wesbite and playstore is not enough.
I hope they atleast take consent from users before bringing any monetisation to the app.
Also i am guessing the fdroid version would stop updating ?
1 Like
Very disappointing to hear that the developer sold out. On his github page, people were quite lively in their discussion, and he ended up locking the page so there could be no more discussion. His justification for such was the following:
“While I appreciate everyones contribution, you should know that like 99% of the current code has been written by me and other paid devs, so no need to overreact the licensing thing. Anyway, thanks for the support, but Im locking the conversation as it doesnt really lead anywhere. Wishing you all the best :)”
I personally feel that he is deflecting criticism, and also completely ignoring the contributions of other developers. He is basically claiming that because it’s his program, that licensing/sale concerns are not valid.
I agree with F-Droid’s choice, as mentioned by @anon4510900, and believe there should be no more updates until further notice.
Me personally, I don’t have time for the drama or to see what happens. I have already bailed on Simple Apps. The beauty of open source is that there is always another option. C’est la vie
2 Likes
Which alternative App are you using for calendar? And can it import the export file of Simple Calendar?
Thanks.
I personally didn’t try an export so I can’t comment on that. Currently, I am trying Etar