this post was submitted on 31 Aug 2023
1279 points (97.1% liked)

Privacy

31993 readers
449 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] skullgiver@popplesburger.hilciferous.nl 24 points 1 year ago* (last edited 11 months ago) (1 children)

[This comment has been deleted by an automated system]

[–] c0mmando@links.hackliberty.org -4 points 1 year ago (2 children)

The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.

Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.

If you have a lower threat model, this post isn't for you...

[–] skullgiver@popplesburger.hilciferous.nl 6 points 1 year ago* (last edited 11 months ago) (1 children)

[This comment has been deleted by an automated system]

[–] c0mmando@links.hackliberty.org -5 points 1 year ago

If you think Fdroid security is on par with Google security... then I got a bridge to sell you

[–] angrystego@lemmy.world 3 points 1 year ago (1 children)

How does a supply chain attack work?

An upstream compromise that affects downstream hosts. A good example is the NPM supply chain attack -> https://hackaday.com/2021/10/22/supply-chain-attack-npm-library-used-by-facebook-and-others-was-compromised/