PrivSecAnon - Virus Scanner Apps: VirusTotal, Hypatia, CRXcavator, etc.

[Adhjie]

So are there a possibility of Obtainium having 2 flavors or versions of the .apk, besides the other flavors for app-stores, automated it like how ReVanced teams done their patches?

Take this as a suggestion so don't feel burden by this, I'm just describing it here based on the current state of online security's RSS/CC YT Channel/blogs, AVs scanners (Though, I'm clueless on mobile AVs, current setup of mine are Kaspersky, and Malwarebytes when I really need it, since it's heavy on mobile), etc.
I know, it is not an easy task without PR helps; but I could only do proposals since I can't code either.

So my proposals for the flavor is Obtainium-libre (Hypatia?) (or other kind of labels?) and Obtainium-Non-Libre (VirusTotal?), or other catchy package name.

How about sharing code with other developers, e.g., VirusTotal API integration, apks split installer integration from SAI into AppManager by MuntashirAkon (So many features could be implemented/collabed with each other since both are app managers, although license probably need to be agreed upon first, more copylefted for collab or current one are fine?)?

• 
• 
• 

Different flavors of apps by Aves, KeePassDX, etc. in other FOSS projects.

• 
• 

PR-is-welcome tag by Hail dev:
https://github.com/aistra0528/Hail/issues?q=is%3Aopen+is%3Aissue+label%3A%22PR+welcome%22

Situations are always changing whether it is going full copyleft to defend against fork contender but still going OS:Bitwarden (as an anti-thesis, there are KeePass forks to choose as a fallback backup using guides by TroubleChute, Awesome Privacy, Security, Awesome-List pages in GitHub)

Turning a new leaf, though it is sudden:Fossify old app:
SimpleMobileTools/General-Discussion#241 (At least this one is not ghosting like Reddit direct image extension)
Refactoring of old app into app 2.0:SD Maid SE

Criteria scale between OS okay, any audit (of PrivacyGuides and other similar sites' criteria of audited, CRXcavator DIY auditor?), Hypatia, Shizuku
vs
Okay clean track record so far so good enough CS (Close Source apps) that are good enough to be use (inspired by a Reddit post title:

• https://searxng.ch/search?q=reddit+what+closed+source+apps+that+are+as+good+as+open+source+apps%3F
• https://www.reddit.com/r/opensource/comments/15hzbh1/apps_that_the_open_source_alternative_is_just/

), e.g., X-Plore, ZArchiver, Files by Marc (along with documentsui barebone, but doesn't always work to access data and obb folders against Shizuku and AppManager), Wizfile (until DocFetcher index is seamless), VirusTotal, Kaspersky and others tested by Security YT channel: https://www.youtube.com/watch?v=3co-80OeHQE , https://www.youtube.com/watch?v=Sf2UdT53yFw ?

These apps are not set in stone, so why not flow with the Zeitgeist (trend) and dynamically changing, bringing the good features, avoiding bad SOP or OpSec?

ImageGlass case/example is solved, not sure how it would be rated in awesome list, and PrivacyGuides, but it's a track record problem. Not a current problem.

Forgot to mention, always ask both developers and the AVs companies that flag apps; are these actual viruses or false positive cases: many examples from varied ranges of developers/apps:

• Links to report false positives to a lot of AVs (I forgot another link from a GitHub issue by an app dev): https://github.com/yaronelh/False-Positive-Center
• ExplorerPatcher
  https://github.com/valinet/ExplorerPatcher/wiki/Antivirus-false-positives
• UniGetUI killed by CrowdStrike in enterprise setting.
  [CRASH] Crowdstrike is Killing UniGetUI marticliment/UniGetUI#2803
• NirSoft Utilities (also could be linked with Sysinternals suites).
  https://www.nirsoft.net/false_positive_report.html
  http://blog.nirsoft.net/2009/05/17/antivirus-companies-cause-a-big-headache-to-small-developers
• https://community.chocolatey.org/packages/nirlauncher#Notes
• https://www.techsupportalert.com/how-to-report-malware-or-false-positives-to-multiple-antivirus-vendors
  https://web.archive.org/web/20190116140042/https://www.techsupportalert.com/content/how-report-malware-or-false-positives-multiple-antivirus-vendors.htm
• https://malwaretips.com/threads/how-to-report-malware-or-false-positives-to-multiple-antivirus-vendors.8365/page-2 - log of the article linked in NirSoft webpage
• https://malwaretips.com/threads/how-to-report-malware-or-false-positives-to-multiple-antivirus-vendors-feb-2016-updates.56620

Closed Source Apps:

• https://github.com/bpc-clone/bypass-paywalls-chrome-clean
• https://store.rg-adguard.net
• Any Android package name could be checked in each app tab in AppManager, 3C-All-in-One-toolbox (I can't think of an OS apps for app manager currently. Obtainium is limited by its sources so it's more akin to app installer right now, imho).

If the privacy, security, anonymity aspects are to be held of utmost important then make different versions/flavors of the apps. If it's too cumbersome, how about a toggle, with the default settings after installation being the most barebone with just core functionality?
For example AppManager has internet feature disabled by default, and this is only for VirusTotal feature right now.

Links:

• https://www.reddit.com/r/antivirus/wiki/index
• CRXcavator sources auditor for browser extensions: https://www.reddit.com/r/Enhancement/comments/1cyh6d7/comment/l6s5ce4/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button
• https://crxcavator.io/source/imiakeaigofbcfdjajmgjfnohjlekndg/1.0?file=rules.json&platform=Chrome
• 

backup of the log:
#4 (comment)

Edits:

1. wording changes, last one was too forceful.
2. An apt and maybe more of a tl;dr comparison picture of Privacy, Security, Anonymity spectrum.

From: http://www.youtube.com/watch?v=e0Qp-AOBj54&t=263

For example, QubeOS for Security, Whonix for Anonymity, and I haven't found one to compare for the privacy alternative.

edit_2:
1 more example: I just noticed even Autoruns by microsoft developer uses VirusTotal for the security rating of the listed executable, DLLs and others inside Autoruns app.

AppManager is mobile, it uses VirusTotal.
Autoruns is desktop, but KeePass fork has no trouble using mono in mobile. (mono: .NET port in mobile)

commented on: [Feature Request] Option to run APK through VirusTotal #462