Well, what maps do you recommend over Apple or Google?
I have just recently de-googled my phone with GrapheneOS.
I want something that is going to be real-time and respect privacy.
Well, what maps do you recommend over Apple or Google?
I have just recently de-googled my phone with GrapheneOS.
I want something that is going to be real-time and respect privacy.
Anything you can get through F-Droid is better. It’s more well put together, easier to set up than Obtanium, and auto updates work on GrapheneOS.
Its bad practice to use fdroid. No bueno
Not according to graphene documentation. From what I remember it’s because Obtaniuam can’t check the signature of the APK. There is app verifier (recommended by obtanium) but it dosnt work with many apps as they don’t publish the signature. So you can’t verify the APK is what its supposed to be.
FDroid builds the app and signs it. While this may intorduce risk of Fdrpid are doing something dodgey the many eyes and build logs should pick it up.
Graphene doesn’t like MicroG and thinks Play Services is better, and is partnering with Lenovo (“Motorola”) on a Qualcomm chipset for their next phone. Their docs can’t be trusted either.
You are correct, Obtanium has no automated signing process and App Verifier verified like one time for me.
Aurora Store used to not have it either but now it does so it’s a pretty easy recommend for me if you’re trying to ditch Play Store completely.
Graphene devs tend to recommend Play Store over F-Droid because Google does typically have A-1 security and that is their top priority. But not very good vetting apps as I mentioned, and tleven non malware has tons of trackers so I avoid Google’s repository if possible. Also many people on GrapheneOS obviously prefer to not have Play Services…
Why?
See my reply and the one by bladefederation.
This is not correct, the only thing you can say against it is that the main repo builds from source & uses its own signing key instead of just hosting an apk and using the dev’s key. This means you have to trust F-Droid more than usual, but given their hard stance for all apps being FOSS and notating non free services, I trust them more than Google who has hosted straight up malware, or certainly more than downloading from a random Github with Obtanium with no automatic signing confirmation. It also gives somewhat of a guarantee that what is in the code is actually the only thing in the app. Also if the signing is an issue for you, there is always IzzyOnDroid or dev specific repositories that will still let you manage app updates through F-Droid or third party clients like Droid-ify.