|
|
|
|
|
|
by lvh
2806 days ago
|
|
|
As I've mentioned elsewhere: you do not need the source code to verify what something does, that's not generally how you'd audit this. Audits may be source-assisted, but you'd still bang at it from the actual binary. If you're more comfortable reading source and compiling from scratch then fine, do that: but we should not pretend that Conversations on the Play Store is generally more trustworthy than anything else because the source code is publicly available. The random update bit is real! But also real for Conversations or whatever, and more real for small developers less likely to have their opsec in check. For the vast vast majority of people in this fashion WhatsApp is identical to Conversations and Signal. |
|
|
WhatsApp is a proprietary app and as such it's only available on the Play Store. Conversations is open source so you can download it from the Play Store, or from F-Droid, or compile it from source. So if you care, you can be significantly more sure that your version of Conversations "does what it says" than you can be of WhatsApp.