So I’ve been in the rabbit hole of android privacy for some time, last I joined the GrapheneOS community but let’s just say that they doesn’t have a “healthy” opinion about other projects like f-droid.

So I am looking for generic communities that focus on mobile privacy that doesn’t have drama or toxicity or “extreme opinions”. Any suggestions? I prefer chat based communities like matrix or simplex instead of like reddit or lemmy.

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    3 months ago

    Fdroid is introducing another trusted party to your supply chain, which should be a factor in anyone’s threat molding.

    https://f-droid.org/docs/Reproducible_Builds/ However, with reproducible builds now a package is built and signed by both fdroid and the original developer, so you get a net security benefit of having a third party attesting they can independently reproduce the binary from source. Problem solved right? Well, yes but mostly no. Most projects and packages don’t have reproducible builds, so if your using fdroid for most packages your still trusting droid.

    I think a lot of the online hate comes from people making assumptions that their use case and threat model applies to everyone. That’s why I prefer discourse where we just talk about the attributes and not “you should”