#Apple is not the only one dreaming up new features. There are many of us. @fdroidorg on making the most trustworthy app distribution platform, following as many best practices as possible. Many Apple has not implemented, like app reviews of source code rather than binaries, or #ReproducibleBuilds. We require human review or apps. Over 60% of our apps are reproducibly built. Apple encrypts app files, making reproducible builds impossible. It continues to only review binaries apps not source code
@eighthave @fdroidorg
I love your work.
This guide is currently getting traction.
https://www.anarsec.guide/posts/grapheneos/
Under "How to Install Software" it explicitly advises against installing software with fdroid in its current form.
A blog post from fdroid that responds to it would be great I think.
@desirable_dialogue @eighthave @fdroidorg
F-Droid doesn't allow proprietary dependencies and lists non-free servers as a misfeature. Graphene devs consider this silly or even bizarre.
In general, the criticism of F-Droid is valid from the viewpoint of maximum security. However not everyone's threat model is the same, and not all of the criticism is important for everyone. I can ignore the part about displayed permissions being misleading, for example.
2/2