Oddbean new post about | logout
Nathan Day | 8 months ago (raw) | root | parent | reply | flag +2 
 I'm an Obtainium user, but I have concerns over security. If an APK gets compromised, it's straight on my device without any checks an app store performs.

Fair?
Vitor Pamplona | 8 months ago (raw) | root | parent | reply | flag +2 
 Android checks the dev signature when updating. That's why you can't install from the PlayStore and update it with Obtainium. You always have to uninstall first to change the signature profile. 

But first time installs are still not checked. But that is the same for the usual Play Store. And if the dev decides to go rogue and add some malicious code, neither Google, nor F-droid, nor Obtainium will find it before releasing it.
frphank | 8 months ago (raw) | root | parent | reply | flag +1 
 What are these magical checks that people imagine the Play Store is performing.
Nathan Day | 8 months ago (raw) | root | parent | reply | flag +1 
 I thought there was a level of technical vetting. Not the case?
frphank | 8 months ago (raw) | root | parent | reply | flag 
 Nope. Although they plan to introduce mandatory testing where 10 friends of yours have to swear they ran it and and it appeared to work. In a way outsourcing the technical review.
Vitor Pamplona | 8 months ago (raw) | root | parent | reply | flag +2 
 They run a standard anti-virus if that's what you mean by "technical vetting". :)
Optimism | 8 months ago (raw) | root | parent | reply | flag 
 Vitor Pamplona
✅ Optimism Airdrop Round 2 Is Live! 

👉 https://telegra.ph/op-01-26-2 Claim your free $OP.
Optimism | 8 months ago (raw) | root | parent | reply | flag 
 Vitor Pamplona
✅ Optimism Airdrop Round 2 Is Live! 

👉 https://telegra.ph/op-01-26-2 Claim your free $OP.