this post was submitted on 08 Sep 2023
4 points (100.0% liked)
Privacy
31934 readers
622 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The most insecure Android stack
Edit: Because people will just blindly down vote this, here is some references to help you make more informed choices
https://privsec.dev/posts/android/f-droid-security-issues/
https://hacks.mozilla.org/2021/05/introducing-firefox-new-site-isolation-security-architecture/
https://bugzilla.mozilla.org/show_bug.cgi?id=1565196
I disagreed particularly with:
While yes, this may be a bad thing for some, certain apps, like termux (terminal emulator, even lets you make a linux chroot, some ppl play games using wine in it) only work properly on sdk's older than a certain version, since newer versions can be somewhat locked down.
I don't want to say that that article is "google good, f droid bad", but that's what a lot of what it's points are. It completely neglects to mention the downsides of google's various security models, especially for a foss community like this one. App bundles, for instance, are secure yes. But they are also an advanced form of drm (at least when made by google), must be compiled server side for each device, and other things that make them not work for the foss community.
And criticizing f Droid because it has multiple repos? That criticism is completely incompatible with the common FLOSS ideas that things should be less centralized.
Don't get me wrong, some of the points it brings up are valid, but they are biased, only focusing on on one side.
And I also don't feel the need to be alarmed by these points. What does it matter that google signs everything (in a supposedly better way) when "everything" includes malware?
As usual, no app or product can replace human discernment. Security is a process, not a product.