61
Non toxic mobile privacy community
(sh.itjust.works)
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
Oh. Same is true for Google Play and literally every self updating app/program on the planet lmao.
For Google Play: Google has root on play devices which is a separate issue, but the apps are actually signed by their developers and not google.
This is not true... play store now requires you to give up your signing keys to google so they can sign the app themselves after injecting whatever they feel like. F-Droid does the same because they also compile your apps for you. Another reason some don't trust F-Droid (or Signal, Tor and a bunch of other free/open source software for that matter) is that they received funding from OTF which is funded by the US government and some people don't like that. And yes I know computers and the internet also came from the government /shrug
I have no skin in this game, I am not intentionally trying to spread any FUD (but I realize some people will still claim so, they are free to do so), just relaying information I have seen elsewhere. Happy to provide sources if anyone likes.
https://support.google.com/googleplay/android-developer/answer/9842756?hl=en#zippy=%2Capp-signing-key-requirements
Thats a good point, but it looks like they still let you use your own keys if you want to, but they even say 90% of apps let google sign on their behalf. yeah, ok, full trust with google then.
Before 2021 all apps used their own keys it seems
Play App Signing is required for new apps.
Also now required is giving up your government identity document to google in order to keep publishing on the play store.