Apk detected as containing a virus about omnijaws HOT 6 CLOSED

Hi !
Avast - ticket 20224324 - removed
Symantec - ticket 352544 - removed
Bitdefender - ticket 1008939307 - 'detected because it is signed with a leaked certificate that is widely used for infected applications. The authenticity of such applications cannot be verified. This being said, the detection cannot be removed until this issue is resolved.'

This was the best I could do.
Thanks for the widget!

from omnijaws.

Both detections on virustotal indicate that the apk is signed with a test/public digital signature. This is just a warning and nothing more... Moreover, if you use a different digital signature, it will not be updated over the one already installed in the system.

from omnijaws.

Yes, I also read about false-positive detection in regard to those two types of viruses. My main concern is about the warnings raised by operating system itself (Harmony OS in this case).

from omnijaws.

Now there are more and they differ from what they were.

Besides that the App Manager reports it as a dangerous application.

Would you please comment on that?

from omnijaws.

@hamsterrrr
I pressed check again, now less....
There is no desire to consider the reason for each detection, because no one provides details of what exactly is wrong, and no one is responsible for false positive detections.

On the current three

1. Avast-Mobile -
   Android:Evo-gen [Trj].
   If you google, potentially unwanted apps, generic name, meaning there are absolutely no specifics. Well, also, google finds a lot of complaints from developers about false positive detection of their apps...

2. BitDefenderFalx - Android.Riskware.TestKey.rA.
   I already answered about this above, it usually means that the original app was modified by someone, not compiled from source code.... Which usually has some risk, but very doubtful, since "bad people" adding/doing something "bad" in an application will not use a publicly available digital signature (to avoid such detection), but will use their own/non-publicly available digital signature, which usually takes less than a minute to generate. Again, this application uses this (public) digital signature because most custom rom uses it for the pre-installed OmniJaws, and to be able to update over the installed application, the signatures must match. Use the _platform version, it will theoretically have fewer detections.

3. Symantec Mobile Insight -
   AdLibrary:Generisk.
   Just nonsense, there are no third-party libraries in the application, not to mention ad libraries.... I can't even think what exactly he didn't like, considering that there is no such detection on an absolutely identical apk with a different digital signature (platform).

And yes, I wouldn't really want to continue this topic, because in the case of Virus Total, the more often you check the file that was detected, the more detections there will be in the future from all sorts of obscure antiviruses with completely random names (although Microsoft Defender does the same nonsense).

Regarding the antivirus in your device, you have two options

1. Disable it.
   Or
2. Look either on the internet or somewhere in the interface to it whose databases they use, usually Avast or McAfee, the former most of all. And send them a false positive report... eventually the smartphone warning should disappear.

Regarding App Manager, the only thing I've seen there is the "W^X" label, which is given to all apps with a target Android version lower than 10, and says that all (presumption of guilt) such apps can theoretically download code from the internet and execute it, if such is provided for in the code. First of all, there is no such thing in OmniJaws code, and since it is open source code, which by the way is not that much, you can build/explore it yourself. Secondly, even in applications with target Android versions higher than the tenth, there is still a risk of loading and executing remote code via DexLoad. That's why you can give this label to all applications with internet access...

from omnijaws.

Thank you for your quick response.
First let me clarify why I am so into it. I consider your widget to be the best one among the FOSS weather widgets. I'd really like to use it, the only thing that prevents me is the topic being discussed.
I have submitted tickets to all AV vendors that have found the apk malicious. Will inform you on the results.
Once again thank you for what you do.

from omnijaws.