Got a DJI drone as a birthday present and instead of having me install from the Play store they want me to install an apk directly from their website.
Does anybody know why this app isn’t on the play store? Is this legit or just a vector for malware?
Regardless of company size or popularity, that is sketchy. While not perfect by any means , google play affords some security scanning and privacy awareness info on apps that are published there. Others are probably right. And I bet DJI probably wanted to skip that step to trade for ease of management. But any time you install something off a non play store repo you take on a little extra risk.
First of all: DJI is on a sanctions blacklist, so I doubt they’re even allowed to upload apps to the Play Store.
Second: Google Play’s privacy dashboard is entirely based on what the developer provides and some “AI” analysis that checks things like “is there a link to a file called privacy.html”. Their security scanners often miss malware as well.
Google runs some malware analysis on their servers (and on your phone) but if you download a candy crush clone from a no-name developer through the Play Store, I wouldn’t trust their checks to keep viruses out.