If this can happen, is it possible that once mandatory developer verification comes into effect, all 3rd party apps will be uninstalled at first and require a re-install?

Concerning this specific case, NFCGate is a tool on which malware (family) titled NGate by ESET is based, thus likely causing a false positive.

Oh, and no bypass is available anymore (aside from disabling play protect):

    • lyralycan@sh.itjust.worksEnglish
      251·
      21 天前

      They flagged Rustdesk a while back, which is a probably harmless open-source remote access software. Because of this I learned that Google not only has Play Protect in Google Play settings, but a second, separate setting in Security called Advanced Protection, that prompted me to remove Rustdesk, and a second time after it re-enabled itself. It reminds me of the days I ran Windows and the antivirus would kill vital programs or script files for some games.

      • ɔiƚoxɘup@infosec.pubEnglish
        92·
        21 天前

        I don’t know. advanced protection protects against stingrays though, so I’m not sure I want to disable that just yet except for when I have to update an app and then I re-enable it

        • lyralycan@sh.itjust.worksEnglish
          101·
          21 天前

          Well, from what I can find it doesn’t seem that much of an attack vector –

          – My phone does not have 2G compatibility, this probably only tracks location if you’ve switched on location services and I’d wager most people use IM calls and texts rather than cellular. If the phone is old enough to have 2G or 3G, perhaps there’s a threat. If you live in the US it’s ironically probably smart to leave it on – state forces are a bigger threat than malicious conglomerates atm

          • ɔiƚoxɘup@infosec.pubEnglish
            71·
            21 天前

            There are newer stingray type devices that are effective against 3G and 4G devices as well, and I think there’s one that’s coming out soon or has already been released that works on 5G to some extent but not completely. I haven’t read up on it fully lately, but there’s definitely more out there than just 2G/3G devices.

            • skuzz@discuss.tchncs.deEnglish
              9·
              21 天前

              If you read the alleged protection dialog, Google’s only blocks against 2G networks. The same of which many carriers allow, enable, or enforce blocking, and if not *#*#info#*#* let’s you do it yourself.

              “2G network protection - Avoids 2G networks, which are less secure”