1
0
This commit is contained in:
Wonderfall 2022-01-03 16:34:52 +01:00
parent 33be2b458b
commit ffba659e65

View File

@ -58,7 +58,7 @@ F-Droid also **doesn't enforce a minimum target SDK** for the official repositor
## 4. General lack of good practices
The F-Droid client allows multiple repositories to coexist within the same app. Many of the issues highlighted above were focused on the main official repository which most of the F-Droid users will use anyway. However, having **other repositories in a single app also violates the security model of Android** which was not designed for this at all. As a matter of fact, the new unattended update API from Android 12 that allows seamless updates for third-party clients without privileged access to the system won't work with F-Droid. It should be noted that [Droid-ify](https://github.com/Iamlooker/Droid-ify/issues/20) is trying to figure out a way to make it work, although the underlying issues about the F-Droid infrastructure remain.
Their client also lacks **TLS certificate pinning**, unlike Play Store. Certificate pinning is a way for apps to increase the security of their connection to services by bundling known-good certificates for these services. This can avoid some cases where an interception (*man-in-the-middle*) could be possible and lead to various security issues considering you're trusting the app to deliver you other apps.
Their client also lacks **TLS certificate pinning**, unlike Play Store which does that for all connections to Google. Certificate pinning is a way for apps to increase the security of their connection to services by bundling known-good certificates for these services. This can avoid some cases where an interception (*man-in-the-middle*) could be possible and lead to various security issues considering you're trusting the app to deliver you other apps.
F-Droid also has a problem regarding the adoption of **[new signature schemes](https://source.android.com/security/apksigning)** as they [held out on the v1 signature scheme](https://forum.f-droid.org/t/why-f-droid-is-still-using-apk-signature-scheme-v1/10602) (which was [horrible](https://www.xda-developers.com/janus-vulnerability-android-apps/) and deprecated since 2017) until they were forced by Android 11 requirements to support the newer v2/v3 schemes. Quite frankly, this is straight-up bad.