Something worth noting is that F-Droid is both an app to download other apps but they also maintains a repository of apps. You can use alternative store apps (like Droid-ify) with the F-Droid repository OR you could use the F-Droid app with a different repository (like IzzyOnDroid). You can mix and match to meet your needs.
I use the Droid-ify app with the F-Droid, IzzyOnDroid, microG, NewPipe, and Collabora repositories.
Once you start down this rabbit hole, give Obtanium a look.
Neostore is also a good alternative to the normal f-droid client
Yep. Their permission and tracker built in viewer is a super qol feature
I just have the basic f droid app, the layout is awful and confusing. Is there one you suggest?
I’m a big fan of Droid-ify.
I think he did suggest droid-ify with fdroid repo: https://github.com/Droid-ify/client
Looks good, I will try it out. You have it in F-droid :)
I would avoid adding other repositories because you are risking malware and anti features.
F-droid is slow to get updates but it also verifies each app
There is safety there, but you’re just as safe using the the developer’s own repository for their apps, like NewPipe, Collabora, or the Guardian Project.
Been using Fdroid to the point where my first boot into a new phone is:
Open chrome > download fdroid > open settings > uninstall/disable every single application I can > open fdroid > install all the relevant apps I require for making my phone useful
I’m just waiting for a small life upgrade in order to be able to support some app developers; it will be money better spent than using the standard google apps.
You might want to consider your next phone to be a pixel+grapheneOS.
any lineage os supported device is enough, i think
LineageOS isnt degoogled by default
I’ve always had a niggling worry that downloading apps from 3rd party app stores came with a higher risk of getting apps with viruses and spyware.
any truth to this?
Not really.
Fdroid is a secure repositorie and the applications are reviewed before being made available for end users.
The repository is also highly focused on privacy and security and will warn if applications have security flaws or depend on non free services.
As an example, I use NewPipe instead of the standard YT app and it has a warning it depends on non-free services.
One other example I can give is Librera. It’s a very feature rich ebook/pdf/etc reader. At some point, a security flaw was discovered and the app was instantly flagged has having such problems and users were advised to not install it.
Fdroid is a secure repositorie and the applications are reviewed before being made available for end users.
Reviewed by who though? Malicious apps even get through apple and Google’s screening. I can’t see how fdroid can match the capabilities of those guys.
[This comment has been deleted by an automated system]
Even small companies have to deal with, “supply chain”, attacks, criminals putting code into open source repositories to steal data and get access to servers. App stores are major targets too.
There have been weather apps that need your location to show you weather and oops we also send your location history to our data center in China and sell that data.
There have been, “document scanner”, apps that help you take pictures of things like credit card statements and did we not mention we send those images to Russian servers?
Do use a major brand phone like Samsung, keep your OS up to date, and don’t expose private info to these apps or give them special privileges, especially, “accessibility”, or, “screen reader”, and you should be okay.
Love F-Droid but be aware of the risks and always try to use a developer repo when possible…
[This comment has been deleted by an automated system]
Doesn’t affect the end user… beyond diminished security. Are you implying I should trust Fdroid devs as much as I would trust Google devs?
[This comment has been deleted by an automated system]
The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.
Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.
If you have a lower threat model, this post isn’t for you…
[This comment has been deleted by an automated system]
I went through a phase where I played every game on there, most were gloriously unfinished or ported from the zx spectrum. There were some real gems too.
That was years ago, what’s it like now? Is there android wesnoth? Did any of the RPGs ever get to a fished state?