Lutin DiscretI wonder if android closing, making de facto @murena @iode #grapheneOs #volla and other alternative roms the only OS being able to install and run apps from @fdroidorg apps, a way to gain market share 🤔. Like would that be a good thing?
Jon PENNYCOOK@lutindiscret @murena @iode @fdroidorg is this a good time to suggest #SailfishOS with Android App Support?
Kurt
Torsten Grote (@[email protected])
Attached: 1 image Google has news on what you will need to do for still being able to sideload apps: * enable developer options * confirm that you are not tricked * restart phone and re-authenticate * wait one day * confirm with biometrics that you know what you are doing * decide if you only want unrestricted installs for 1 week or forever * confirm that you accept the risks * enjoy the few apps that still have developers motivated to develop for a user-base willing to put up with this https://goo.gle/advance-flow
@Kurt I've read that. It's bullshit, noone will go to such a pain. Installing floss must be easier than from google play store uf we want to win
@lutindiscret it's easier than installing a custom ROM
@Kurt still to hard for normies who already struggle to just install fdroid afaik
Scanner DiciestDon’t use F-Droid and Aurora store for security, use Obtainium, Accrescent and AppVerifier.
https://privsec.dev/posts/android/f-droid-security-issues/
https://xcancel.com/search?f=tweets&q=from%3AGrapheneOS+Aurora+Store
F-Droid Security Issues
F-Droid is a popular alternative app repository for Android, especially known for its main repository dedicated to free and open-source software. F-Droid is often recommended among security and privacy enthusiasts, but how does it stack up against Play Store in practice? This write-up will attempt to emphasize major security issues with F-Droid that you should consider. Before we start, a few things to keep in mind: The main goal of this write-up was to inform users so they can make responsible choices, not to trash someone else’s work.
@a53bdb the article downplays Google signing keys as "opt in" (it's not) and calls reproducible builds "interesting but largely unused".
Today you can't add an App to Google Play without Google signing it, but 2/3s of F-Droids repo is reproducible.
@CjMalone This article is a little outdated, but I’m surprised that most of these criticizes are still true.
@a53bdb no. I don't trust apk from github. I favir fdroid who rebuild everything from source.
@a53bdb thanks for the article. Will read
@lutindiscret Why would you trust the developer but not the APK directly from them?
gritibaenzhttps://taz.de/Vor-den-Landtagswahlen-am-Wochenende/!6163983/ da gab es vor Jahren doch mal so ein Projekt in Brugg
