all I can say at this point is, if this "researchxxl" person ships malicious code to thousands of devices via @fdroidorg after #Fdroid dismissed as "FUD" the repeated warnings from community members that something suspicious may be going on, and then they get sued as a result of impacts from that, they're gonna be on the hook for legal fees regardless of whether or not they win the cases 🤷
undefined
selfhosting.couchsurfing
@surfhosting@mastodon.pirateparty.be
Posts
-
the #Syncthing Android drama is exploding. -
the #Syncthing Android drama is exploding. -
the #Syncthing Android drama is exploding.extremely tone-deaf initial response from @fdroidorg in this issue:
https://gitlab.com/fdroid/fdroiddata/-/issues/3712
at this point I have to conclude that the @GrapheneOS guy has a point that #Fdroid can't be fully trusted as a software source
-
the #Syncthing Android drama is exploding.@fdroidorg you need to think about whether you want to continue being a distribution channel for this app until this is resolved
-
the #Syncthing Android drama is exploding.the #Syncthing Android drama is exploding.
https://github.com/researchxxl/syncthing-android/issues/16
@fdroidorg at this point is being used to push out an app with sensitive permissions that's been taken over by an unknown individual who refuses to engage with its large community of users and developers.
I STRONGLY recommend disabling updates from Fdroid, if not uninstalling and manually installing 2.0.11.2, or installing the Google Play version which has a different maintainer.
this is extremely shady and it's just looking worse as time goes on. I'll link to the Syncthing forum thread from about where I left off last time in a subsequent post.