If you have the budget, on GOS I have a record button in calls

What do you mean? In Obtainium you pick the source you want, it doesn’t automatically choose anything

I see, I’ll keep this DeltaChat in mind. So far I’ve been really enjoying SimpleX, It’s one of my favorite apps

I mean you could choose not to use the source

I see, I’ll admit I’m not very knowledgeable on this, I thought appverifier was better than normal hash comparison

Well I’m not the most technical but on SimpleX you have no user ID’s, routing through TOR and running your own servers among many other features (like the one that adds a radom delay to measages)

Why not SimpleX?

Just use Molly (the app)

By their own logic doesn’t exempting themselves mean they want to abuse children?

Last thing, I trust Appverifer more than I trust F-droid verification

I think Obtainium is objectively better since you have 24 sources including F-droid and Google play store with Shizuku or Sui

I don’t think adding a Chinese source is necessarily bad, what if they have users in china that want local apps?

“Due to their process of building apps, apps in the official F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet modern security standards.” This is what PrivacyGuides says. Also you have Appverifier integration in Obtainium which verifies signatures or smth, I know it’s a lot better than comparing hashes

Since you get your apps straight from the source. Also F-droid is recommended against in Privacyguides. And lastly you can download F-droid apps in obtainium. Just make sure to use Appverifier or at least compare hashes if Appverifier doesn’t support the app

Oh that’s very cool, I didn’t know that. Although I think it isn’t the most useful for me since I don’t have lockscreen notifications and I have all my apps on the home screen

Obtainium > F-droid

I’m moving away from Proton, and self hosting is cooler anyway. Instead of Proton I’m trying out Tuta, Mailbox, Addy.io and Bitwarden

It happens to the best of us

People in the comments already have “Avoid Gecko-based browsers like Firefox as they’re currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn’t have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android.”

I mean Gecko based browsers are actively recommended against on mobile. Chromium based browsers are recommended. Also I use mullvadVPN DNS based ad blocking, and I also have Brave that has built in ad blocking