It’s more about using apis that are there, but not available in jolla store, that are necessary to establish some things.
For example on android/ios telegram can sync your contacts. On sfos, if I were to put yottagram in jolla store i could not achieve it
Currently it doesn’t. And it never will.
Do you have any indication that Jolla does more than a developer would, anyway: Run Jolla’s trivial Store rules compliance checking script, and start the app and tap around a bit (“smoke test”)?
I don’t, and I do not believe they do, because they lack the resources for that.
O.K., that is a valid perspective (though merely so, IMO).
But to deduct from this statement, that …
[…] the Jolla store […] it is likely the most secure one there is.
… is far fetched, because the difference Jolla’s script and a smoke test make is marginal.
To sum it all up there’s one thing we can be 100% sure of:
Nothing will be done about anything we’ve complained and this discussion will produce 0 results.
Thanks jolla very cool
goes back to working on nemo so that he can jump a ship
I remember Jolla not accepting my app based on heavy battery usage, which would have been harmful for a user.
First of all, I think your statement about separate apps @attah, is correct at least 95% of the time.
Since I use a separate app for Youtube on mobile and desktop, I thought I could give a list of reasons:
Note that not all the features are available on mobile.
To make this post fit better into this topic, I’d recommend following @flypig’s work on bringing NewPipe natively to Sailfish, although I’m not sure if it will be compatible with Jolla Store: NewPipe-dev diary
Oh so we’re acting like microtube is not a thing now?
Could you please elaborate?
I didn’t mention anything about Microtube, since it was discussed earlier in this thread already and I don’t see the point in repeating things.
I am really far of from saying an app is a good idea for something a website can do, but one reason for a app can be: Less data to be transfered. If a website is slow because there is a lot of stuff going on GUI wise (images, ads, structure, menu too complex) it can be helpful to have an app.
This is a theoretical scenario and YT only fits into one of these aspects in my opinion.
Best regards
Fuchur
So which one is in your opinion the most secure one if you had to pick one to make it easy to understand?
I’d say Jolla Store is – by a small margin, but likely it is.
Yes thats right, @Fuchur84 . See this forum. It transfers more than 3 MB at first call, and then another more than 3 MB after logging in. Another more than 3 MB when opening a link in a new tab. Only surfing the forum in the same tab needs few data after the first page.
Something is wrong with your browser cache if thats the case
Yes that may be. I have cache switched off to have websites always up to date. I will try soon and report. Thanks @Mister_Magister !
Finally my profession came useful in sfos world!
(I’m webdev by trade xd)
@Fuchur84, this is a question so simplified, that it became senseless. I can think of many such questions, e.g. “Which is the best country to live in, if you are forced to emigrate?”
The properties of these three Stores for SailfishOS-native software are quite different, also under the aspect of “security” (whichever criteria one summarises under this term):
Can software procured in a opaque process be deemed “more secure” than a software where you can inspect every bit in any step of the process, from its source code over the build process (including its machinery) to providing the final RPM package for download? My answer to this question is a clear “No”.
Does that make SailfishOS:Chum “more secure” than the Jolla Store? We do not know, because of the opaque process: It depends on the security measures Jolla employs, hence this assessment is fully based on guesses and then has to be weighed against a completely different security aspect (transparency / inspectability / reproducibility / traceability [i.e. always: for everyone]).
Consequently no proper assessment to answer this question can be made, and even if it would, people would likely still arrive at different conclusions.
[…] if you had to pick one to make it easy to understand?
Even that part of your question does not make sense to me, besides constructing an artificial scenario where one would be forced to provide an easy answer (which does not exist): These three Stores also differ significantly in which software they distribute.
Consequently (as @Mister_Magister pointed out multiple times), if one does not want to run SailfishOS device(s) in the retarded way most sailors seem to do (i.e. only installing SailfishOS-native apps from the Jolla Store, plus Android apps), one has to utilise at least the Jolla Store and SailfishOS:Chum; but as some authors still only publish their software at OpenRepos, basically one has to use all three.
There is a single decision I meet based on “software security”, and believe it does not make much sense to put more considerations into that on Store level (contrary to, for a specific software): If some software is distributed by both, OpenRepos and SailfishOS:Chum, I prefer to install it from SailfishOS:Chum.
BTW, as the situation and Store landscape for APKs is completely different, I came to a quite different conclusion: Only F-Droid and Google Play Store via Aurora Store, because these are the only two APK stores which only had few times malicious software slipping through their (quite different from each other) curation process; all others either have this issue severely (APKPure, APKMirror), or massively (AFAIK all others), additionally some are themselves half- (e.g. Aptoide) or fully malicious.
I have solution to all your problems
devel -su cp /usr/share/applications/harbour-storeman.desktop /usr/share/applications/store-client.desktop
Maybe leave out name and image
I would love a native sailfish newpipe app in the Jolla Store.
That is still well in the realm of a “smoke test” (which is a not clearly defined IT-colloquialism for a slim set of quick tests in contrast to a specifically developed test-plan, which provides good test-coverage in breadth and depth), because such app behaviour can be effortlessly observed with software for monitoring the battery draw (IIRC /dev/…, mcetool and a couple of apps) and / or simple process activity monitoring tools (ps, top etc., and at least three apps).
Point is: Any proper assessment of the security properties of a “third party” app requires significant resources, Jolla definitely does not have.
Actually I also think that is something an app developer have an eye on: Not overly consuming resources (CPU, RAM, storage) and not “leaking” memory (i.e. not correctly freeing memory which is not used any longer by the app, but regularly allocating new memory, resulting in ever growing memory consumption; the same can happen on storage by e.g. not deleting temporary files but creating new ones).
Cool idea: But I think I should rather adapt Storeman’s spec file to do that automatically during installation, reusing their name and image. Har, har.
Actually I’d rather implement this as a new feature for the SailfishOS:Chum GUI app, to provide a more modern app and “more secure™” repo(s) behind it. 
Not in Jolla store it isn’t 