The biggest problem with F-Droid is that they sign the apps themselves, so if they ever get compromised, an attacker would be able to send malicious updates to any app installed via F-Droid. So now you need yo trust 2 parties (app developer and F-Droid) instead of 1. This is fixed by reproducible builds, which F-Droid does support but which most developers don’t bother with (F-Droid needs to start pushing for this more aggressively imo).
- 0 Posts
- 4 Comments
Joined 8 months ago
Cake day: October 19th, 2024
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
Did they? Installing APKs doesn’t require an account afaik, just a settings toggle (not even in developer mode, just the regular settings).
0·4 months agoLike what?
“Popular website collects data” is a non-story. What makes this case special? Use an adblocker.