this post was submitted on 21 Nov 2024
14 points (93.8% liked)

F-Droid

8173 readers
54 users here now

F-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.

Website | GitLab | Mastodon

Matrix space | forum | IRC

founded 3 years ago
MODERATORS
fossdd@lemmy.ml
testman@lemmy.ml
14
Why are the installation instructions aimed towards Linux? (sh.itjust.works)
submitted 21 hours ago by maxi@sh.itjust.works to c/fdroid@lemmy.ml
13 comments fedilink hide all child comments
 

Sorry if it sounds a dumb question but I always thought using the official playstore that comes pre-installed is the safest so everything related to F-Droid is new to me. Did anyone had apprehension on installing F-Droid when you had bare to none knowledge how it works? I like to be cautious and on the page it has a Instructions to verify the download page and it only tells how to check from Linux but not from Android, what am I missing here?

you are viewing a single comment's thread
view the rest of the comments
[–] shortwavesurfer@lemmy.zip 10 points 20 hours ago (1 children)

I will be totally honest, I've never verified the signature, primarily for the same reason as other people. It has HTTPS connection, and I would highly doubt that the website had been hacked while I was trying to download it. However, that really is a terrible excuse, and I really should do better in the future. But honestly, I don't know how to verify signatures myself.

[–] possiblylinux127@lemmy.zip 6 points 20 hours ago* (last edited 20 hours ago) (1 children)

How do you know the signature hasn't been compromised?

I think it is a big rabbit hole I don't have time to think about

[–] shortwavesurfer@lemmy.zip 3 points 20 hours ago

I dont. As I said, I actually don't really know how to verify signatures. And even if I did, I know that you have to get the signature from somewhere else that is not run by them so that if they were compromised, the signature would not be compromised as well.