• 0 Posts
  • 22 Comments
Joined 1 year ago
cake
Cake day: June 13th, 2023

help-circle










  • The desktop security model is insecure in general. Phone OSes are much more secure.

    Reasonable desktop OS to use is Qubes, Fedora, MacOS, ChromeOS, or Windows pro/enterprise (hardened)

    Phones are much more secure especially the Pixel 8/pro with MTE immensely reducing remote exploitation. GrapheneOS is the only distro that enables MTE by default and recently implemented it in their Vanadium browser.

    Secure phones (secure elements are important): IPhones and Pixels (GrapheneOS or stock)

    Also yes, Chromium is much more secure on Linux than Gecko based browsers because of its great internal sandboxing and site isolation. Firefox on Windows is catching up though, but still bad on desktop Linux and android.

    This all doesn’t matter if you’re running an EoL device. Make sure your receiving official security and firmware updates.

    that’s about it




  • This is why Accrescent is amazing. It has automatic updates for Android 12+. Also leaving the bootloader unlocked is a security risk. Using stock or GrapheneOS (better option) on Android is best because you can lock the bootloader.

    I don’t mind Fdroid being around. If you’re okay with the security risk, I have no problem. I’ve explained to you the security issues and the misinformation that people give that FDroid is secure. I was just explaining their security vulnerabilities and explaining why Accrescent is a much better option for installing apps.


  • I think your thinking im against FOSS but you’re not understanding. Many people in the FOSS community only care about privacy and ignore security. A developer can implement security benefits to FOSS but many people don’t care to do it.

    Accrescent is FOSS and it has much higher security benefits than F-Droid. Accrescent allows both open and closed sourced apps because there’s no benefit being exclusive to having FOSS apps in their catalog.

    If the user chooses to not use proprietary apps on Accrescent, they don’t have to install them.


  • 2 - Manual installation methods can be insecure because a lot of people don’t update their apps all the time. Obviously rooting a phone is insecure, but having no auto updates in 2023 is crazy.

    4 - It is very true, having zero quality control on new apps. The flagging of apps with problems is just following the FOSS philosophy. Any FOSS app can be added to F-Droid.

    5 - Not sure why you would want to install abandoned apps on F-Droid, let alone use an EOL device. A lot of people don’t check if apps are maintained because they trust their app store.

    6 - FOSS doesn’t automatically mean its secure or private. Also, why is it that I have to install proprietary apps only on the Google Play Store?

    7 - FDroid signing keys isn’t an advantage because it requires an extra layer of trust. I’m already trusting the developer by installing their app, so the developer should be signing the keys. This is a reason why Signal is not on F-Droid.