112
Should I add any other repo? (lemmy.ml)
submitted 6 months ago by lemmyrolinga@lemmy.ml to c/fdroid@lemmy.ml
49 comments fedilink hide all child comments

That's it. Would you recommended any other repository?

you are viewing a single comment's thread
view the rest of the comments
[-] shortwavesurfer@monero.town 1 points 6 months ago* (last edited 6 months ago)

That is a fair point. The protection of the main fdroid repo is that they build it from source and then compare the binaries to make sure they match if i understand reproduceable builds correctly.

Edit: But if a hacker hacked the developer, wouldn't they just change the source code as well so that they still match? Like if I wanted to hack Monerujo id want to get the git repo if possible along with the repo keys so i could push malicious code to the git repo, build a binary from that malicious code, publish it on the devs fdroid repo and then when fdroid compares the binary to source they match even though they are malicious.

this post was submitted on 16 Mar 2024
112 points (95.9% liked)

F-Droid

7418 readers
8 users here now

F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

Website | GitLab | Mastodon

Matrix space | forum | IRC

founded 3 years ago
MODERATORS
fossdd@lemmy.ml
testman@lemmy.ml