Eh I think that’s fair. You don’t have to trust fdroid per se, so much as trust that they’re not collaborating with a specific developer. It’s a much, much narrower condition. (Or alternatively, trust in their competence to have developed a system that works, but not that they are doing things without being malicious, which is a worthwhile discussion, but not quite the same as the one we’re having here.)
F-Droid has verified and reproducible builds.
On the Play Store or iOS App Store, though, anything goes.
Well this also assumes you trust fdroid but yeah
Eh I think that’s fair. You don’t have to trust fdroid per se, so much as trust that they’re not collaborating with a specific developer. It’s a much, much narrower condition. (Or alternatively, trust in their competence to have developed a system that works, but not that they are doing things without being malicious, which is a worthwhile discussion, but not quite the same as the one we’re having here.)