I just noticed today that Signal (not talking Molly) is now available on F-Droid via the “Guardian” repository.

Just wanted to give everyone a heads up.

  • KnightontheSun@lemmy.world
    4·
    2 days ago

    Please forgive if this is a stupid question, but what is the difference between the play store version and this? Assuming it is not altered by a bad actor.

    • Wolfie@lemm.eeEnglish
      6·
      2 days ago

      As i recall, ALL apps in google play store, have to have some sort of google shit embedded into it. Therefore, its better to download something outside of google if you want to remain degoogled.

    • powermaker450@discuss.tchncs.deEnglish
      2·
      2 days ago

      I think the main difference is that the Play Store version can use FCM (Google Play Services) for notifications, while the APK Signal distributes only receives notifications over a background WebSocket connection.

      • KnightontheSun@lemmy.world
        1·
        2 days ago

        That is interesting. Thanks to you and the others.

        Does the use of the google play services allow google to sort of…listen in or be privy to your app usage in any way?

        • powermaker450@discuss.tchncs.deEnglish
          4·
          2 days ago

          Google cannot see any message content of Signal notifications through FCM. It’s more like a “heads up” to the Signal app, telling it “hey, there are new messsges. wake up and check what they are.”. The Signal app then checks for messages and does all the decrypting and whatnot itself.

          While it’s possible that the timing of FCM telling the app to check for notifications could be used to correlate activity, that’s an edge case that if you are concerned about can be easily avoided by just using the background WebSocket or a fork of Signal like Molly that allows you to use a third-party UnifiedPush provider to check for messages in the background, instead of FCM.