• sfgifz@lemmy.world
      link
      fedilink
      arrow-up
      72
      ·
      edit-2
      1 year ago

      You just posted a link to some app most people don’t know about a “better Signal” , with no explanation of why. That’s classic spammy vibes.

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      19
      ·
      1 year ago

      Most people are not going to click the link, they might click in to see what you’re talking about, but you just link to something else, so most people are just going to charitably just go away.

    • CaptainAlchemy
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      I wouldn’t recommend using fdroid due to security concerns. When you download a fdroid so it is signed by fdroid instead of the developer, what this means it’s if fdroid gets hacked all your fdroid apps are insecure and can receive malicious updates. You also trust fdroid as another party in the chain, when in reality you should remove as many parties as possible. They also tend to host outdated apps with no updates in years. Use obtainium as it will pull directly from the developers GitHub page and will be signed by the developer instead.

      • Possibly linux@lemmy.zipOP
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        What happens if the developer starts shipping anti features though? F-droid adds a layer of protection and verification. F-droid also allows you to find apps quickly.

        • CaptainAlchemy
          link
          fedilink
          English
          arrow-up
          6
          ·
          1 year ago

          Wdym anti features? The only thing fdroid does is take the developer APK, sign it themselves and release it. If any anti features exist (I assume you’re talking about the anti features tab in the fdroid app) it won’t make any difference where you obtain it as fdroid doesn’t do code checks. They only check to make sure it’s under a open source licence. Fdroid adds no protection to any apps and you trust them to ship clean packages. If you get packages from the developer and they sign it and it happens to be malicious it’s only one app instead of all your apps you have from fdroid. You trust them a lot and I’d recommend reading this if anyone is interested. https://privsec.dev/posts/android/f-droid-security-issues/

            • CaptainAlchemy
              link
              fedilink
              English
              arrow-up
              5
              ·
              edit-2
              1 year ago

              Freedom from what? Good security practices? Open source does not equal security nor freedom. You’re pedaling digital politics instead of fact based privacy and security. Trust me I’d love my apps to be open source but ignoring blatant security issues is going to put someone at risk. You can’t have privacy without security and vice versa.

              edit: like I mentioned previously, use obtainium and you can still use open source software

                • CaptainAlchemy
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  1 year ago

                  There is no completely free software, even if you take out the Intel ME (which is a very bad idea as it’ll leave you super vulnerable) The Intel chip will never be open source or FOSS at a hardware level. Even RISC-5 being open still has trust issues. Unless you setup a chip fab you’re at the helm of someone. And as the closed source hardware runs the open source software, is it really free?