Which 'store' to use?
Some people have started downloading apps directly from Github in a web browser, using an RSS feed to find updates. This avoids many of the pitfalls of both Fdroid and Play Store but is also very cumbersome.
[deleted]
- Edited
roddyd It's cumbersome for one and it's only works with developers that choose to a) publish their APKs at all (eg. developers of Wireguard don't) and b) somewhere with an RSS feed. But nevertheless, it's a nice approach if you only require a handful of apps.
Personally, F-Droid is always my first choice. If an app I want to install is not available in F-Droid I will get it from the Aurora store. I do not use the Google Play store for anything.
Depending on your thread model, F-Droid's security shortcomings may be relevant. That is something you will have to determine for yourself. https://privsec.dev/posts/android/f-droid-security-issues/
As was pointed out, this topic has been all but beaten to death here in this forum and elsewhere online. As you can see in this thread, even within the community there are a variety of differing viewpoints; the best you can do is research the topic for yourself and decide on your own how you would like to handle package management.
[deleted] Daniel seems to think similarly if one doesn't want to defer to the advice of some blog.
It's still the opinions of one side. Just because someone chooses GrapheneOS, doesn't mean they must agree with Daniel on every security related opinion.
Right now there is a pissing match and extensive drama on this topic. This happens quite frequently with devs in this space. Frankly, the drama/accusations/insults/arrogance is the biggest reason I hesitated with GrapheneOS. But I am glad I ignored all that, because I do really enjoy the OS so far.
[deleted]
It's still the opinions of one side. Just because someone chooses GrapheneOS, doesn't mean they must agree with Daniel on every security related opinion.
No, it doesn't. It does however seem that this particular OP would be served quite well to just defer to what the lead developer thinks, much like myself frankly. I'm not taking sides here.
drama/accusations/insults/arrogance is the biggest reason I hesitated with GrapheneOS. But I am glad I ignored all that, because I do really enjoy the OS so far.
My exact experience too.
- Edited
Thank you all for the answers.
To be honest it has become more confusing, but that makes sense since everyone has their own opinion and preference.
I have also read some things about a custom F-droid repo like IzzyOnDroid or Newpipe, what is your opinion about this? I too personally want to leave as little digital imprint as possible within this mass surveillance era.
Maybe we can make a specific order and see if we can agree with each other. For instance:
- Source (github)
- Custom F-droid repo
- Main F-droid repo
- Aurora
- Sandboxed playstore
@abcZ @[deleted] @Graphite @BluishHumility @Piwepil @Grkrz @SgtApple @robalob
- Edited
abcZ
What is the point to “backdoors” or “trackers” on Google Play Services when 99,9% of people use some variation of Android where Google has privileged access to everything on the device via privileged Google Play Services? Meanwhile on GrapheneOS Google Play Services are sandboxed.
Google Pixel devices have proprietary firmware which is made by Google maybe there are backdoors or trackers in that and it has their SoC AKA Tensor so maybe they have hardware backdoors in that too? There are NO LIMITS to being paranoid about something.
All of the apps that someone install on GrapheneOS are STRICTLY sandboxed so they only can do what you let them to do.
The Play Store provides many services used by apps including Play Asset Delivery, Play Feature Delivery, in-app purchases and license checks for paid apps. The Play Store app is also the most secure way to install and update apps from the Play Store.
Source: https://grapheneos.org/usage#sandboxed-google-play-installation
You trust GrapheneOS by using it then might aswell trust them when they say that Play Store is the most secure way of installing apps. If you create anonymous/throaway account with VPN or Orbot then it can be private too.