this post was submitted on 07 Oct 2025
746 points (99.6% liked)
Programmer Humor
27444 readers
1594 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Do they have any evidence that F-droid serves more malware than Play Store?
I was curious of the same a few days back, and my research couldn't find a single instance of malware being distributed by the F-Droid store.
But even if it does, what's it to them if something they have no say over affects people not using their stuff?
Oh yeah, it's bullshit that reduces user agency and choice either way, I just don't believe for one second that it will improve security as Google is claiming. Its just about control and google consolidating power.
Like Bluetooth requiring location permissions?
That's actually good since bluetooth alone can be used to estimate your location. If the app can see all other bluetooth names, thet can be correlated to other user's data where the oosition is known.
And if you hit "pair new device", you phone will likely blast it's name out to all other bluetooth devices, givingyup it's position to any other nosy device/app.
Same goes for wifi.
~~Ad block~~ malware being distributed by the F-Droid store
Since they force everything to be open source and i think has strict rules, no
I mean, there are many excellent open source malware.
The ??? Is mostly phishing campaigns, I think.
That's the thing though if it's open source and 99.9% don't check that 0.1% checking it will be enough.
The trouble with smaller open source software is that there's no 0.1% checking it. And from time to time a small projects becomes widely used and everyone assumes someone already checked it; it's a widely used open source software, after all.
I have the same skeptical mindset as you here, but like Wikipedia still seems fine.
I think most early users do check further than open source licenses. It's possible they'll add things later, but if they add after it has enough users we have significant number of users to have some people check. And if the user base is small then they're probably more involved, or are reading/modifying code for their use cases.
Of course it's not foolproof, but it has worked for a long time because of things like that
Thank God for Tylenol.
By definition in order to have . 1% then the sample size must be greater than 1,000. The vast majority of open source projects will not get to this level.
I think for a open source projects with such a low number of users, the first few users will definitely look further than "it's open source".
According to them, when they added a similar registration process and requirements for the playstore they saw a SIGNIFICANT drop on malware.
I don't find that shocking, and to be honest, I don't really see too much of a problem with forcing people to give that information to be on the play store. But to let people make programs that run on the hardware at all is crazy. Forbidding third party app stores is the most anti competitive bullshit ever.
That's because the playstore caters to everyone, including the children and the dumbest people on the planet.