In the text you are linking Moxie is making some good points, but IMO he is not stating that Google Play is saver than F-Droid.
It may be an unpopular opinion, but I think the two worst security moves that an average user [“newbee”] can make are rooting their device, or ticking the “allow 3rd party APKs” box in Android’s settings.
I agree, if you don’t know what you are doing you shouldn’t do either of those, especially not the combination of both. This could lead to you downloading malware that gains root access (although they can do that without you having root enabled too) and does serious damage.
That is why some custom ROMs make F-Droid a “known source”, so you don’t have to allow unknown sources to download F-Droid Apps. I’m hoping this will be possible with FP Open OS too some day.
We are reluctant to distribute raw APKs for a few additional reasons:
He’s not exactly talking about F-Droid here, but about apks to download/share anywhere.
- No upgrade channel. Timely and automatic updates are perhaps the most effective security feature we could ask for, and not having them would be a real blow for the project.
Another good point and probably the reason why it’s not on F-Droid. F-Droid are checking every update of Apps from their repository to make sure the update doesn’t add malware, adware, spyware or anything like that to the app. This takes some time and if they have to build the app themselves every time (like they did with Fennec F-Droid) this costs much time, which they probably don’t have.
- No app scanning. The nice thing about market is the server-side APK scanning and signature validation they do. If you start distributing APKs around the internet, it’s a reversion back to the PC security model and all of the malware problems that came with it.
I’m no expert, but I believe he’s just describing the difference between downloading from an app repository with signature checks (which F-Droid does too, right?) to downloading the apk from some website.
- No crash reporting. We are able to react very quickly to crash bugs through exception reports.
I know from some apps I use that crash reports are working with apps from F-Droid. They just mention (automatic) crash reports as an anti-feature as they could include sensitive data and the user should have a choice whether he wants to send those or not.
- No stats. We are largely dependent on Play for knowing how many users we have, what types of devices they’re running, and what version of Android they have. This allows us to make decisions about where to prioritize development and which platforms we should be supporting.
Or in other words: “We are using Google’s spying tools to find out how to make cash money. We are not a non profit after all.” Which is fine of course, but not a point for security.
- Avoiding Play alone is not a privacy win. Many people seem to be under the impression that avoiding Play prevents their device from phoning home to Google, but that’s not the case. On 2.2+, if you have the GSF on your device, it will phone home whether you have a Play account registered or not.
That is so true, but avoiding all Google Spyware is a big big win for privacy.