Thanks, your previous response was very well put

What do you mean? In Obtainium you pick the source you want, it doesn’t automatically choose anything

I mean you could choose not to use the source

I see, I’ll admit I’m not very knowledgeable on this, I thought appverifier was better than normal hash comparison

Last thing, I trust Appverifer more than I trust F-droid verification

I think Obtainium is objectively better since you have 24 sources including F-droid and Google play store with Shizuku or Sui

I don’t think adding a Chinese source is necessarily bad, what if they have users in china that want local apps?

“Due to their process of building apps, apps in the official F-Droid repository often fall behind on updates. F-Droid maintainers also reuse package IDs while signing apps with their own keys, which is not ideal as it gives the F-Droid team ultimate trust. Additionally, the requirements for an app to be included in the official F-Droid repo are less strict than other app stores like Google Play, meaning that F-Droid tends to host a lot more apps which are older, unmaintained, or otherwise no longer meet modern security standards.” This is what PrivacyGuides says. Also you have Appverifier integration in Obtainium which verifies signatures or smth, I know it’s a lot better than comparing hashes

Since you get your apps straight from the source. Also F-droid is recommended against in Privacyguides. And lastly you can download F-droid apps in obtainium. Just make sure to use Appverifier or at least compare hashes if Appverifier doesn’t support the app

Obtainium > F-droid

Lemboys