Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
udev4096
9 months ago
|
parent
|
context
|
favorite
| on:
F-Droid Fake Signer PoC
I'm surprised that several audits didn't uncover this signing issue. GrapheneOS devs do not recommend f-droid. Instead, Play Store is the safest option for now, after Aurora Store
cenamus
9 months ago
|
next
[–]
But their goals are also kinda opposed, software security with not much concerns paid to freedom.
udev4096
9 months ago
|
parent
|
next
[–]
What? That's so not true. They give heavy preference to security because without it, your freedom and privacy has no value
t0bia_s
9 months ago
|
root
|
parent
|
next
[–]
How can you trust proprietary software, when you cannot inspect code? It's just a blind trust.
gruez
9 months ago
|
root
|
parent
|
next
[–]
You don't have to. On grapheneos google play service isn't given special privileges and is sandboxed like any other normal app.
fl0id
9 months ago
|
root
|
parent
|
prev
|
next
[–]
Well yeah so Theo goals are opposed. F-droid is foss first and probably say proprietary illusion of security has no value ;)
t0bia_s
9 months ago
|
prev
[–]
Aurora Store downloads apk files directly from gplay servers, why it should be less safe than Play Store?
Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
