So I’ve been in the rabbit hole of android privacy for some time, last I joined the GrapheneOS community but let’s just say that they doesn’t have a “healthy” opinion about other projects like f-droid.
So I am looking for generic communities that focus on mobile privacy that doesn’t have drama or toxicity or “extreme opinions”. Any suggestions? I prefer chat based communities like matrix or simplex instead of like reddit or lemmy.
This is not true… play store now requires you to give up your signing keys to google so they can sign the app themselves after injecting whatever they feel like. F-Droid does the same because they also compile your apps for you. Another reason some don’t trust F-Droid (or Signal, Tor and a bunch of other free/open source software for that matter) is that they received funding from OTF which is funded by the US government and some people don’t like that. And yes I know computers and the internet also came from the government /shrug
I have no skin in this game, I am not intentionally trying to spread any FUD (but I realize some people will still claim so, they are free to do so), just relaying information I have seen elsewhere. Happy to provide sources if anyone likes.
https://support.google.com/googleplay/android-developer/answer/9842756?hl=en#zippy=%2Capp-signing-key-requirements
Thats a good point, but it looks like they still let you use your own keys if you want to, but they even say 90% of apps let google sign on their behalf. yeah, ok, full trust with google then.
Before 2021 all apps used their own keys it seems
Play App Signing is required for new apps.
Also now required is giving up your government identity document to google in order to keep publishing on the play store.