• jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    51
    ·
    1 year ago

    Yes. You’re right. When you make a post you probably should give a body to it rather than just a link to a project. Why do you think it’s a better signal? Otherwise people aren’t going to find it super useful

      • sfgifz@lemmy.world
        link
        fedilink
        arrow-up
        72
        ·
        edit-2
        1 year ago

        You just posted a link to some app most people don’t know about a “better Signal” , with no explanation of why. That’s classic spammy vibes.

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        19
        ·
        1 year ago

        Most people are not going to click the link, they might click in to see what you’re talking about, but you just link to something else, so most people are just going to charitably just go away.

      • CaptainAlchemy
        link
        fedilink
        English
        arrow-up
        5
        ·
        1 year ago

        I wouldn’t recommend using fdroid due to security concerns. When you download a fdroid so it is signed by fdroid instead of the developer, what this means it’s if fdroid gets hacked all your fdroid apps are insecure and can receive malicious updates. You also trust fdroid as another party in the chain, when in reality you should remove as many parties as possible. They also tend to host outdated apps with no updates in years. Use obtainium as it will pull directly from the developers GitHub page and will be signed by the developer instead.

        • Possibly linux@lemmy.zipOP
          link
          fedilink
          English
          arrow-up
          3
          ·
          1 year ago

          What happens if the developer starts shipping anti features though? F-droid adds a layer of protection and verification. F-droid also allows you to find apps quickly.

          • CaptainAlchemy
            link
            fedilink
            English
            arrow-up
            6
            ·
            1 year ago

            Wdym anti features? The only thing fdroid does is take the developer APK, sign it themselves and release it. If any anti features exist (I assume you’re talking about the anti features tab in the fdroid app) it won’t make any difference where you obtain it as fdroid doesn’t do code checks. They only check to make sure it’s under a open source licence. Fdroid adds no protection to any apps and you trust them to ship clean packages. If you get packages from the developer and they sign it and it happens to be malicious it’s only one app instead of all your apps you have from fdroid. You trust them a lot and I’d recommend reading this if anyone is interested. https://privsec.dev/posts/android/f-droid-security-issues/

              • CaptainAlchemy
                link
                fedilink
                English
                arrow-up
                5
                ·
                edit-2
                1 year ago

                Freedom from what? Good security practices? Open source does not equal security nor freedom. You’re pedaling digital politics instead of fact based privacy and security. Trust me I’d love my apps to be open source but ignoring blatant security issues is going to put someone at risk. You can’t have privacy without security and vice versa.

                edit: like I mentioned previously, use obtainium and you can still use open source software

                  • CaptainAlchemy
                    link
                    fedilink
                    English
                    arrow-up
                    1
                    ·
                    edit-2
                    1 year ago

                    There is no completely free software, even if you take out the Intel ME (which is a very bad idea as it’ll leave you super vulnerable) The Intel chip will never be open source or FOSS at a hardware level. Even RISC-5 being open still has trust issues. Unless you setup a chip fab you’re at the helm of someone. And as the closed source hardware runs the open source software, is it really free?