AWAGMI? on Nostr: why would you trust the developer to provide untampered binaries/releases? with ...
why would you trust the developer to provide untampered binaries/releases? with f-droid you'll either get reproducible builds or the binaries are built by a party who's main job is providing untampered builds (not a priority for app developers). i see it similarly to trusting a VPN with your traffic vs trusting an ISP with your traffic. if there is something i am missing please educate me.
Published at
2025-01-15 07:00:40Event JSON
{
"id": "a971f959cf4a5492344c64678359e1e1b636c0effd5c21e55e89331351048d44",
"pubkey": "fae88c1d3b0d83d2ab6b08588271f189b854452527b89a7f0106480abcadbeb2",
"created_at": 1736924440,
"kind": 1,
"tags": [
[
"e",
"bb9405021e8e2a05ef9e7d8bd4d6116d89f149e88714ae543a6d155eea2f76e0",
"",
"root"
],
[
"p",
"4eb88310d6b4ed95c6d66a395b3d3cf559b85faec8f7691dafd405a92e055d6d"
]
],
"content": "why would you trust the developer to provide untampered binaries/releases? with f-droid you'll either get reproducible builds or the binaries are built by a party who's main job is providing untampered builds (not a priority for app developers). i see it similarly to trusting a VPN with your traffic vs trusting an ISP with your traffic. if there is something i am missing please educate me.",
"sig": "a17fd7484025796578a7a4e69f8e5d270305dc2ce35fede2b5f79b8c2c7df6e377a4aaf8af4919be5097c75739f600515598ba4be7b0bb2e553e95cd75b3dbb6"
}