I wouldn’t recommend using fdroid due to security concerns. When you download a fdroid so it is signed by fdroid instead of the developer, what this means it’s if fdroid gets hacked all your fdroid apps are insecure and can receive malicious updates. You also trust fdroid as another party in the chain, when in reality you should remove as many parties as possible. They also tend to host outdated apps with no updates in years. Use obtainium as it will pull directly from the developers GitHub page and will be signed by the developer instead.
What happens if the developer starts shipping anti features though? F-droid adds a layer of protection and verification. F-droid also allows you to find apps quickly.
Wdym anti features? The only thing fdroid does is take the developer APK, sign it themselves and release it. If any anti features exist (I assume you’re talking about the anti features tab in the fdroid app) it won’t make any difference where you obtain it as fdroid doesn’t do code checks. They only check to make sure it’s under a open source licence. Fdroid adds no protection to any apps and you trust them to ship clean packages. If you get packages from the developer and they sign it and it happens to be malicious it’s only one app instead of all your apps you have from fdroid. You trust them a lot and I’d recommend reading this if anyone is interested. https://privsec.dev/posts/android/f-droid-security-issues/
Freedom from what? Good security practices? Open source does not equal security nor freedom. You’re pedaling digital politics instead of fact based privacy and security. Trust me I’d love my apps to be open source but ignoring blatant security issues is going to put someone at risk. You can’t have privacy without security and vice versa.
edit: like I mentioned previously, use obtainium and you can still use open source software
Open source gives you all the freedoms that free software gives. So it factually equates.
You are also spreading the misinformation that F-Droid guarantees that the software there is 100% libre even when it is an external repo. Totally wrong.
You are trying to tell me that caring about free software is misinformation now?
When did I say that? Are you stupid?
You can’t convince people when you are just repeating what Stallman says without understanding it.
There is no completely free software, even if you take out the Intel ME (which is a very bad idea as it’ll leave you super vulnerable) The Intel chip will never be open source or FOSS at a hardware level. Even RISC-5 being open still has trust issues. Unless you setup a chip fab you’re at the helm of someone. And as the closed source hardware runs the open source software, is it really free?
Like everything in life it’s about balance, using too much foss software and hardware could put you in much more risk, while using proprietary software won’t give you the control or privacy you want. Once again foss software is great, but it is not perfect and should not be treated as such.
I wouldn’t recommend using fdroid due to security concerns. When you download a fdroid so it is signed by fdroid instead of the developer, what this means it’s if fdroid gets hacked all your fdroid apps are insecure and can receive malicious updates. You also trust fdroid as another party in the chain, when in reality you should remove as many parties as possible. They also tend to host outdated apps with no updates in years. Use obtainium as it will pull directly from the developers GitHub page and will be signed by the developer instead.
What happens if the developer starts shipping anti features though? F-droid adds a layer of protection and verification. F-droid also allows you to find apps quickly.
Wdym anti features? The only thing fdroid does is take the developer APK, sign it themselves and release it. If any anti features exist (I assume you’re talking about the anti features tab in the fdroid app) it won’t make any difference where you obtain it as fdroid doesn’t do code checks. They only check to make sure it’s under a open source licence. Fdroid adds no protection to any apps and you trust them to ship clean packages. If you get packages from the developer and they sign it and it happens to be malicious it’s only one app instead of all your apps you have from fdroid. You trust them a lot and I’d recommend reading this if anyone is interested. https://privsec.dev/posts/android/f-droid-security-issues/
F-droid rejects any code that doesn’t respect you basic freedom.
Freedom from what? Good security practices? Open source does not equal security nor freedom. You’re pedaling digital politics instead of fact based privacy and security. Trust me I’d love my apps to be open source but ignoring blatant security issues is going to put someone at risk. You can’t have privacy without security and vice versa.
edit: like I mentioned previously, use obtainium and you can still use open source software
Open source doesn’t equate to free software (as in libre)
You are seriously lost. Stop spreading misinformation
I’m sorry, what? You are trying to tell me that caring about free software is misinformation now? You can read about why open source misses the point here https://www.gnu.org/philosophy/open-source-misses-the-point.en.html
I respect your option but calling anything you disagree with misinformation is unprofessional at best.
Open source gives you all the freedoms that free software gives. So it factually equates. You are also spreading the misinformation that F-Droid guarantees that the software there is 100% libre even when it is an external repo. Totally wrong.
When did I say that? Are you stupid?
You can’t convince people when you are just repeating what Stallman says without understanding it.
There is no completely free software, even if you take out the Intel ME (which is a very bad idea as it’ll leave you super vulnerable) The Intel chip will never be open source or FOSS at a hardware level. Even RISC-5 being open still has trust issues. Unless you setup a chip fab you’re at the helm of someone. And as the closed source hardware runs the open source software, is it really free?
Therefore we shouldn’t even try? I do my best to steer clear of proprietary software.
Like everything in life it’s about balance, using too much foss software and hardware could put you in much more risk, while using proprietary software won’t give you the control or privacy you want. Once again foss software is great, but it is not perfect and should not be treated as such.