Is it true that the VPN apps distributed via Play Store are worse than those from F-droid with respect to security?
No, not true.
- If you’re gonna make a scam app you probably want the largest install base, and that’s going to be on Play.
- All FDroid apps are open source so it’s going to be very easy to see if there is shitfuckery afoot. Most scams are trying to avoid transparency as much as possible.
I think you misread OP’s question…? Both your arguments support Play apps being potentially worse, after all…
Op didn’t make an argument. They asked a question…?
But they ask if vpns on the play store are worse than the ones on fdroid, and you reply ‘no’ even though your points lean more towards yes
My point is neither is inherently better or worse. Many apps are available on both.
You said “No, not true”, then argued precisely in favor of OPs ideas with both of your numbered points. That doesn’t seem a little weird to you?
if an app is available both on fdroid and the play store, and you already have google services installed, then it is almost always better to use the play store version. unless fdroid has changed recently, the way apps are signed is more robust and the chain of trust more resistant to manipulation for apps on the play store.
if you are asking if the selection of apps on each distributor are on the whole more secure in the way they provide their service, that’s a more complicated question i can’t answer.
I was asking for Windscribe and Proton VPN.
F-Droid (default repo) offers old versions. Good luck downgrading apps from Play Store.
It also makes it easy to find open-source apps. Generally they also provide more info useful to me as a regular user - manuals and changelogs. Open-source app changelogs often show far more info, even library version changes. Meanwhile the average Play Store app changelog is “small improvements, better ad experience”
Play Store needs to implement version archive and license filters. Oh, and easier beta access. Currently the registration takes extra time, and can only be done with the original account the app was installed with.
Distribution method doesn’t really make a difference. If you’re concerned about compromise, you should be validating it regardless.
If it’s free, then it’s 100% a security risk. If it’s from a reputable company like Nord VPN or Windscribe, you will be fine.
I don’t trust NordVPN. There was a lot of shady behavior by that company.
