I won’t argue one way or another. The argument against f-droid is this
‘The issue with F-Droid is that all apps are signed by the same party (F-Droid) which is also not the developer. You’re now adding another party you’ll have to trust since you still have to trust the developer anyway, which isn’t ideal: the fewer parties, the better.’
There are other examples too, and Divestos (which I have a lot of respect for) maintains their own repo.
So just because each follows their own standards does not disqualify one from another in my mind.
I have shifted to Obtanium as my source, a personal choice, and I am happy with it. I get more timely updates direct from the source. The developer could introduce Pixel tracking, or Google AdMob, but i scan all installs with App Manager, and RethinkDNS is set to block those anyway.
The developer could introduce Pixel tracking, or Google AdMob, but i scan all installs with App Manager, and RethinkDNS is set to block those anyway.
This is not something most users practice. Many users did not even know that SMT was acquired. When SMT was acquired, the F-Droid team disabled auto-updates to safeguard users and mentioned it in their weekly news. Whereas on the Google Play Store, trackers and new permissions were added to the apps, and I wonder how many users noticed that.
Therefore, I try to recommend safer and simpler methods.
Ultimately, it is up to each user to consider all sides of the discussion and make an informed decision.
No disagreement there, everyone should do due diligence, many will not. I was only pointing out that the community is not agreed on F-Droid being the best choice. Especially with the recent infighting there.
I won’t argue one way or another. The argument against f-droid is this
‘The issue with F-Droid is that all apps are signed by the same party (F-Droid) which is also not the developer. You’re now adding another party you’ll have to trust since you still have to trust the developer anyway, which isn’t ideal: the fewer parties, the better.’
https://privsec.dev/posts/android/f-droid-security-issues/
There are other examples too, and Divestos (which I have a lot of respect for) maintains their own repo.
So just because each follows their own standards does not disqualify one from another in my mind.
I have shifted to Obtanium as my source, a personal choice, and I am happy with it. I get more timely updates direct from the source. The developer could introduce Pixel tracking, or Google AdMob, but i scan all installs with App Manager, and RethinkDNS is set to block those anyway.
This is not something most users practice. Many users did not even know that SMT was acquired. When SMT was acquired, the F-Droid team disabled auto-updates to safeguard users and mentioned it in their weekly news. Whereas on the Google Play Store, trackers and new permissions were added to the apps, and I wonder how many users noticed that.
Therefore, I try to recommend safer and simpler methods.
Ultimately, it is up to each user to consider all sides of the discussion and make an informed decision.
No disagreement there, everyone should do due diligence, many will not. I was only pointing out that the community is not agreed on F-Droid being the best choice. Especially with the recent infighting there.