• @c0mmando@links.hackliberty.org
        -110 months ago

        The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.

        Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.

        If you have a lower threat model, this post isn't for you…