Question About Using F Droid

Hi, does anyone else use F Droid in addition to the /e/ apps store? Are there any reasons you would/would not? And lastly, can it cause issues with updating if you have apps installed from both?

What about with the new app lounge? Version 0.23 has not been pushed to terracube yet so I am still running 0.22. Does App lounge automatically come with the 0.23 version?


Regain your privacy! Adopt /e/ the unGoogled mobile OS and online servicesphone

I use it instead of /e/ Apps. And I have Apps set to not automatically install updates: I always do updates using F-Droid. That said, there shouldn’t be a problem updating with either, as Apps gets updates of FOSS/F-Droid apps from which claims to get them from F-Droid, so you’ll be getting the same versions - it just takes a bit longer to get the through Apps. The same is true - for now at least - of App Lounge which also gets FOSS updates from


I’ve used F-Droid since 2014, on standard Android, and now on /e/; in fact, it’s the only store I used on standard Android, as I had disabled all the Google apps on my device. And on /e/, I have only rarely used the included App store.

I’ve never had any problem whatsoever with F-Droid apps, and I consider their vetting/building process to be very secure.


Have a look at this article:

What is your opinion? Thanks.

So do I so far, but have a look at this article:

I will be honest, not being much of an expert on this stuff, I only understood maybe 60% of what I read. I kind of feel like it is tough to know :frowning:

What’s the problem?

  • You will find a lot of interesting apps in F-Droid.
  • The apps there are open source, free and in the very most cases sufficiently safe.
  • You will frequently get updates for your installed apps (more than in Apps).

As petefoth said it’s a practicable idea to use F-Droid more than or even instead of Apps.

Firstly, neither /e/OS nor any other version of Android is a secure phone OS: if you need a secure phone, then look elsewhere.

Secondly, I am very dubious about paying too much attention to stuff written by people who choose to remain anonymous, and give no indication of how qualified or otherwise they are to comment or theorise on whatever it is they are writing about. All we know about the author is what they state about themselves on their blog:

un pauvre type passionné et curieux sur plein de sujets : développement, sécurité, pharmacologie, neurosciences, les sciences en général. Fut un temps où je faisais des études médicales, et je me suis un peu perdu dans la vie, mais je sais que ma curiosité ne partira jamais.

I did spend some time reading the article, and the following points occurred to me:

1: The author quotes and links to a paper (all of whose authors appear to work for Google) which says (my emphasis)

Based on a definition of the threat model and Android ecosystem context in which it operates, we analyze how the different security measures in past and current Android implementations work together to mitigate these threats.

Yet shortly after that the author states (again, my emphasis)

These analyses do not account for threat models and personal preferences. As the author of this article, I’m only interested in facts and not ideologies.

A “threat model” is not an “ideology”, and attempting to discuss security without mentioning what threat models you are attempting to secure against is (in my opinion) meaningless.

2: The author also states that

A lot of information in this article is sourced from official and trusted sources, but you’re welcome to do your own research.

Yet apart from the paper linked above, the author does not state what those sources are. It would be easier to do our own research if the author had provided references or links to those “official and trusted sources”, or even just listed them.

Finally, the paper seems to suggest (and I am paraphrasing) that installing closed source apps from Google’s Play store is more secure (against the threat models that the author refuses to account for) than installing open source apps from F-Droid: apps built and signed either by the developer or by F-Droid from a supplied source tarball. Such a conclusion is - in my opinion, which you did ask for - laughable, and makes me think that I have already wasted too much of my time reading, thinking, and now writing about the contents of the article.

Feel free to draw your own conclusions, but I have already spent too long engaging with someone who is wrong on the internet, and I’m not going to get sucked into spending any more time on it.


I am using F droid. There may be problems but I trust them more than google.


Thanks for this, it clarifies. The article in question has been spread via Twitter in some Fairphone bubbles yesterday.

example of a good app on f droid, osmand**+** I think the best offline-map app ever…

1 Like