F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
Fdroid is a secure repositorie and the applications are reviewed before being made available for end users.
The repository is also highly focused on privacy and security and will warn if applications have security flaws or depend on non free services.
As an example, I use NewPipe instead of the standard YT app and it has a warning it depends on non-free services.
One other example I can give is Librera. It’s a very feature rich ebook/pdf/etc reader. At some point, a security flaw was discovered and the app was instantly flagged has having such problems and users were advised to not install it.
Malicious apps can make it onto F-Droid as they can onto any app store. The biggest difference is that F-Droid compiles apps from the published source code rather than accent uploads from the developer directly. That means only apps with source available are installable by default, built from the source everyone else can read.
If there’s any malware in these apps, the malicious code can be found in the public source code.
There is a manual vetting process before an app is accepted into the repo which should detect shady behaviour but updates aren’t subject to this strict process, so it’s not a full fix.
Not really.
Fdroid is a secure repositorie and the applications are reviewed before being made available for end users.
The repository is also highly focused on privacy and security and will warn if applications have security flaws or depend on non free services.
As an example, I use NewPipe instead of the standard YT app and it has a warning it depends on non-free services.
One other example I can give is Librera. It’s a very feature rich ebook/pdf/etc reader. At some point, a security flaw was discovered and the app was instantly flagged has having such problems and users were advised to not install it.
Reviewed by who though? Malicious apps even get through apple and Google’s screening. I can’t see how fdroid can match the capabilities of those guys.
Malicious apps can make it onto F-Droid as they can onto any app store. The biggest difference is that F-Droid compiles apps from the published source code rather than accent uploads from the developer directly. That means only apps with source available are installable by default, built from the source everyone else can read.
If there’s any malware in these apps, the malicious code can be found in the public source code.
There is a manual vetting process before an app is accepted into the repo which should detect shady behaviour but updates aren’t subject to this strict process, so it’s not a full fix.
How is Librera to download now?
Works fine for me.