Last thing, I trust Appverifer more than I trust F-droid verification

I think Obtainium is objectively better since you have 24 sources including F-droid and Google play store with Shizuku or Sui

I don’t think adding a Chinese source is necessarily bad, what if they have users in china that want local apps?

“Due to their process of building apps, apps in the official F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet modern security standards.” This is what PrivacyGuides says. Also you have Appverifier integration in Obtainium which verifies signatures or smth, I know it’s a lot better than comparing hashes

Since you get your apps straight from the source. Also F-droid is recommended against in Privacyguides. And lastly you can download F-droid apps in obtainium. Just make sure to use Appverifier or at least compare hashes if Appverifier doesn’t support the app

Quite the opposite, I rather be up there so I see it’s running. Altough not that it matters much since I have a killswitch

Oh that’s very cool, I didn’t know that. Although I think it isn’t the most useful for me since I don’t have lockscreen notifications and I have all my apps on the home screen

Obtainium > F-droid

I’m moving away from Proton, and self hosting is cooler anyway. Instead of Proton I’m trying out Tuta, Mailbox, Addy.io and Bitwarden

It’s audited and open source

It happens to the best of us

I haven’t really dived into this but I’m pretty sure GOS dev are one of the groups to recommend against it

People in the comments already have “Avoid Gecko-based browsers like Firefox as they’re currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn’t have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android.”

I mean Gecko based browsers are actively recommended against on mobile. Chromium based browsers are recommended. Also I use mullvadVPN DNS based ad blocking, and I also have Brave that has built in ad blocking. Do yourself a favor and ditch adblock in favor of Ublock origin

Firefox is not secure on mobile, Vanadium is a great browser made by the GrapheneOS devs

Thank you kind stranger

Ofc, I always have killswitch on my VPN, using alternatives didn’t cross my mind so thanks, I’ll also keep the client in mind

Ah I just now realized, my mistake dude, my brain is fried from my mental state. It seems I was the delusional one all along

The browser itself is open source https://github.com/brave/brave-browser. The rewards and VPN are not (it seems rewards is open source on IOS)

Cromite, but I have switched to brave since, it has better fingerprinting protection, more updates, better security and better sandboxing and isolation. At least that’s what Deepseek R1 with websearch has to say