Run the md5.
Of course that only tells you that you got what the author intended, not that what they intended is “safe”
this post was submitted on 14 Jul 2025
62 points (97.0% liked)
Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ
62787 readers
341 users here now
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
Rules • Full Version
1. Posts must be related to the discussion of digital piracy
2. Don't request invites, trade, sell, or self-promote
3. Don't request or link to specific pirated titles, including DMs
4. Don't submit low-quality posts, be entitled, or harass others
Loot, Pillage, & Plunder
📜 c/Piracy Wiki (Community Edition):
🏴☠️ Other communities
FUCK ADOBE!
Torrenting/P2P:
- !seedboxes@lemmy.dbzer0.com
- !trackers@lemmy.dbzer0.com
- !qbittorrent@lemmy.dbzer0.com
- !libretorrent@lemmy.dbzer0.com
- !soulseek@lemmy.dbzer0.com
Gaming:
- !steamdeckpirates@lemmy.dbzer0.com
- !newyuzupiracy@lemmy.dbzer0.com
- !switchpirates@lemmy.dbzer0.com
- !3dspiracy@lemmy.dbzer0.com
- !retropirates@lemmy.dbzer0.com
💰 Please help cover server costs.
 |
 |
|---|---|
| Ko-fi | Liberapay |
founded 2 years ago
MODERATORS
That's the fun part!
So russian roulette it is.
Just run them on a machine you don't care about, if you're concerned.
This, and/or in a work profile (Shelter), or even better a separate android user
By making sure (as much as you possibly could) the source you got it from is safe.
You'll reduce the risk.
Run them in a test sandbox environment, maybe run some network analytics to see if weird outbound or inbound calls start getting made... hope they are not more clever than your sandbox environment.
For APKs specifically... official support for Hypatia from the original team ended last year, but a 'MaintainTeam Organization' seems to be attempting to pick up the slack, and keep updating with new malware signatures.
https://apt.izzysoft.de/fdroid/index/apk/org.maintainteam.hypatia
https://github.com/MaintainTeam/Hypatia
... not sure if its... actually getting regular updates though.
EDIT: derp, yeah
Also, as upstroke says, do a hash comparison from the actual proper source to verify you aren't getting a malformed or spoof version of whatever APK.
Verify their hash signature.
The only real answer - same as with any other software/code.
Apks can be unpacked. There are plenty of offline scanners with high or no size limits too.
There are probably also Android-specific scanners.
I don't. I just consider them compromised and block network connection. Usually that works fine unless it's a ransomware or something..
IDK install it on a VM?
religion
5/10 ragebait
what
hast thou never said “i pray for…” thy whole life
What the fuck kind of program is that large?
Games
Oh. Split the .apks apart. That might help.
What kind?
subnautica
APK and APKS are just renamed zip files