10
submitted 1 year ago by Little8Lost@feddit.de to c/fdroid@lemmy.ml

I came to the idea to add more because infinity for lemmy/eternity points to a different source than the official f-droid sources

you are viewing a single comment's thread
view the rest of the comments
[-] QuazarOmega@lemy.lol 3 points 1 year ago

Just a note that I think is rather important from both a security and privacy perspective: until F-droid is the only one that requires reproducible builds, the value in the other repositories is just being able to get apps that haven't landed on F-droid proper yet.

I was bit in the back in the past by a non fully open source app that went on Izzy's repo and it contained malware (that wasn't the open source part 🫠), it was pulled off later, but unfortunately the F-droid software doesn't account for marking as dangerous an app that is removed from the database altogether, so as a user you'd just have to figure out yourself what the heck has happened, if an app suddenly disappears. Now that specifically applies to generalist repos, when you use the official repo of an app it's just that they could act shadily themselves and either way you could use Obtainium at that point

this post was submitted on 23 Aug 2023
10 points (85.7% liked)

F-Droid

8080 readers
20 users here now

F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

Website | GitLab | Mastodon

Matrix space | forum | IRC

founded 3 years ago
MODERATORS