|
|
|
|
|
|
by lorenzhs
3992 days ago
|
|
|
But that angle of attack only works if they target you from the moment you first install the app. It would be much easier to just push a modified Google application update to your phone if that is what they wanted. What it boils down to is that with the Play store, you can be sure that you're not getting malicious updates from some intermediary, as each developer signs their own APKs, and Google doesn't have the keys. Whereas if f-droid is compromised, all applications they build are compromised. That's a much greater risk. |
|
|