And if so, why exactly? It says it’s end-to-end encrypted. The metadata isn’t. But what is metadata and is it bad that it’s not? Are there any other problematic things?

I think I have a few answers for these questions, but I was wondering if anyone else has good answers/explanations/links to share where I can inform myself more.

  • Azzu@lemm.eeOP
    link
    fedilink
    arrow-up
    2
    ·
    1 year ago

    How do I know other browsers/messengers actually include the code that is published when they arrive on my phone? Wouldn’t it be possible to simply add tracking/malicious code outside of the open-source repository, build an APK from it and put that on the Play Store instead of the “clean” code on the repository?

    • amanneedsamaid@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      You could compile the software yourself, and the builds they do publish are reproducable, therefore any hidden malicious code would almost certainly be noticed in any popular application.