• @doodledup
    link
    English
    124 months ago

    They don’t have reproducible builds afaik (unlike Signal). You can have a completely different code running on your phone than on GitHub.

    Besides, who is using Secret Chat anyways? All default chats and group chats are unencrypted.

    • @woelkchen
      link
      English
      04 months ago

      You can have a completely different code running on your phone than on GitHub.

      Just use the F-Droid version if there is any doubt.

      Besides, who is using Secret Chat anyways?

      Probably Russians who used Signal before.

      • @doodledup
        link
        English
        74 months ago

        The F-droid version is also not reproducible. The binary you install has a different hash than the one you build from the GitHub.

        • @Nonononoki
          link
          English
          14 months ago

          It’s reproducible if you compare it with F-droid’s tarball, which has all the source code in it.

        • @woelkchen
          link
          English
          04 months ago

          The F-droid version is also not reproducible. The binary you install has a different hash than the one you build from the GitHub.

          F-Droid builds from source, so any suspicion whether the Google Play version has been tampered is completely irrelevant for the F-Droid version.