In the GrapheneOS forum, I encountered a claim that F-droid is insecure (and not good at privacy as well). These links (and more) were given as an evidence:

While there are some attitude against FOSS app, I think the arguments are generally sound and in good-faith. Which makes me confused, as I’ve been hearing good words about F-droid in lemmyverse.

I am not good at assessing arguments, so I want to ask you guys for more aspects and information.

Also, if not F-droid, what should I use? Is Aurora store, a frontend of play store, not fine to use as well?

  • @utopiah@lemmy.ml
    216 days ago

    If it’s not Linux from Scratch, then we don’t know exactly what is running, and we need to consider that.

    What about Precursor? It’s “just” RISC-V System-on-Chip (SoC) yet that’s the entire premise, trying to know all the way to the processing unit instructions.

    • @jokeyrhyme@lemmy.mlEnglish
      316 days ago

      Yeah, that’s going beyond the software and making the physical supply chain possible to validate by a sufficiently equipped and educated consumer

      The trade off here is that it’s very difficult to produce verifiable circuitry that is also fast