• c0mmando@links.hackliberty.org
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    1 year ago

    Doesn’t affect the end user… beyond diminished security. Are you implying I should trust Fdroid devs as much as I would trust Google devs?

      • c0mmando@links.hackliberty.org
        link
        fedilink
        arrow-up
        0
        arrow-down
        1
        ·
        1 year ago

        The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.

        Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.

        If you have a lower threat model, this post isn’t for you…