@murks The console points to apt.izzysoft.de/fdroid/repo/co… – which at our last check (see floss.social/@IzzyOnDroid/1159…) was reported clean even by their own scanner.

And this time they not only MARK it as POTENTIALLY malicious – they block the entire site. So if you have a browser with "SafeBrowsing" enabled, you cannot download a single APK.

IzzyOnDroid ✅

2026-01-24 09:24:10

Yupp, trust Google. The one running googleapis.com, where you can find your daily scam. They marked us once more for an APK their own scanner marks clean. See gitlab.com/-/snippets/4909577 for more details.

And always keep in mind: that's the actor that wants to define which apps are safe for you to install on your Android devices, and disable you from installing the others. Because, security, you know?

And here's the VT for the app you got red for: virustotal.com/gui/file/966dd1… – all green

Netcraft false positives, Google Safebrowsing shenanigans ($4909577) · Snippets · GitLab

GitLab.com

^GitLab

@thomas Thanks for checking!

It also doesn't make it better that they do not tell us WHICH files are affected and WHY. Their console just gives a single example (the linked APK), and says "go figure yourself".

And isn't it funny that the APK triggering this insane BS is an APK downloader? What was that with "allowing alternative app stores" (even Droid-ify is blocked now)? And the crap with "developer registration"? One ring to rule them all?!?

@thomas Dunno if it is related, but it seems that besides Google, Ikarus is misdecting StreetMeasure APK from izzy as being infected by "Trojan-SMS.AndroidOS.FakeInst"

e.g. I've downloaded de.westnordost.streetmeasure_7.apk from izzy, and it is exactly the same file as one downloaded ages ago from Google Play (with sha256sum 9711592efeab66fc47454a628abcb88d25356d24a80de34882b2ff4cd1f921af)

and virustotal says this: virustotal.com/gui/file/971159…

@thomas Yeah, I fully agree that google is also driven by capitalism towards more and more #enshitification 😢 . And ability to reach a human there was getting very hard even decades before #AI, nowadays it is nigh impossible and incredibly frustrating.

I hope those "it is safe" reports would make it more likely for a problem to be fixed; but I worry it depends more on luck than that 😭

@Sempf even their own ones, I guess – like "back then"? support.google.com/webmasters/…

Yeah, nice description: "spam service". Pun intended? Most spam (or should I say: scam?) I see here nowadays is hosted at storage.googleapis.com. But yeah, tell us whom to trust…

Would be interesting to know who else is affected. Only us with the APKs – or e.g. ApkPure (which copies the APKs from PlayStore) as well? 🤔

@ahills Heard that the second time now. And getting more reports that their entire "spam service" (haha, yeah) seems to have gone nuts – like, marking each and every incoming mail as "spam".

So much about that "internet police". Which – by their PR – is the only one you can trust…

@sousse Thanks! Let's hope we're shaking something loose there – and that it's just a quirk at their end, which they quickly fix, removing those unwarranted blocks and red pages.

I doubt they'll ever apologize for the mess they caused there. Wish they'd surprise me positively once. Like, "as reparation, we've filled your OpenCollective with a (6+ digit) sum" (that would even come out of their "petty cash")… Well, one can dream, right? *Sigh…*

@lexinova Help with the latter appreciated! We're currently not sure if it's explicitly us (and other "app stores") being affected, or a general failure" of Google's systems (as we also got reports of "all incoming mails are being marked spam" and such).

If you know someone who would help us with such "legal stuff" (pro bono, as we could not cover much cost), please recommend.

We can also talk this when we meet at the weekend in Brussels (looking forward to meeting you!).

@lexinova Thanks! @noybeu was also the first coming to my mind. We'd be really thankful if they'd take this up. I'm pretty sure we're not the only ones affected this way. As you've put them in copy already, let me link my snippet for reference again: gitlab.com/-/snippets/4909577 (document "02" there is about the multiple issues we had with them already, just within a single month). I'll try to keep that updated.

I'd say blocking ALL our Android app pages, can count as DMA violation, no?

Netcraft false positives, Google Safebrowsing shenanigans ($4909577) · Snippets · GitLab

GitLab.com

^GitLab

This is Google "Safe browsing". Even Firefox has it enabled by default. So yes, this is Google.

As I understand it your browser downloads a list of banned sites from Google every now and then. So not actively scanning what you browse (though they can do that for most sites with all the trackers they have), but I have to be honest I don't know all the details on "Google Safe Browsing". Documentation is scarce.

@germanfr It's a "feature" called "Google Safebrowsing". In intervals, it downloads allegedly malicious URLs to your browser, which then compares each visited URL against those.

Google isn't hosting our repo – we do that (currently at Hetzner in Germany). But yes: this way, Google has the power to decide which pages you're allowed to see – and which… not. In this current case, one could count that as anti-competitive, and a violation of DMA.

@admin I've updated my snipped with information collected from this thread, on how to disable Google Safebrowsing on Android browsers:

gitlab.com/-/snippets/4909577#…

So far, we have hints on Firefox and Brave. If you know it for other browsers, please let me know and I'll add it.

Note that, while I'm very much tempted to, this is no "recommendation to disable it". For our site it is safe (to our knowledge), but there are real dangers out there (like, googleapis.com 🙊). So be careful, please!

Netcraft false positives, Google Safebrowsing shenanigans ($4909577) · Snippets · GitLab

GitLab.com

^GitLab

Ah, so to follow the instructions on the error message you have to know how to bypass their attempts to block mobile users from using about:config. Lovely.

I filed a bug report with Mozilla too. As far as I'm concerned this is a serious UI defect, especially considering that the desktop version offers significantly more detail and also a bypass link. So sick of mobile users getting screwed over by Mozilla...