This is your periodic reminder to install Amethyst (and all other Nostr clients) through Obtainium instead of Google's PlayStore.
You not only receive faster updates (the PlayStore is currently 4 versions behind) but you also start the process of freeing yourself from your invisible digital overlords.
Just follow this video: https://cdn.satellite.earth/2bd7e308c1797d64fca09b1d61e9bde24c68dd45e501c7383eff1e85392df11f.mp4
#privacytechpro tip: use #obtainum to get your #android and #grapheneos apks.
as a long time obtanium user it's nice to see nostr:npub1gcxzte5zlkncx26j68ez60fzkvtkm9e0vrwdcvsjakxf9mu9qewqlfnj5z promoting it as the official method for getting #Amethyst
here are all the sources you can pull apks from:
#cybersecgirl #obtanium #amethyst
https://www.youtube.com/watch?v=JiN37bn0OE8
A good overview for those new to obtainium
What's obtainium? I always just download from GitHub
It does exactly that, download from GitHub and install.
It also checks GitHub daily for updates so you don't have to. That's the main advantage over manual download & install.
I'm an Obtainium user, but I have concerns over security. If an APK gets compromised, it's straight on my device without any checks an app store performs.
Fair?
Android checks the dev signature when updating. That's why you can't install from the PlayStore and update it with Obtainium. You always have to uninstall first to change the signature profile.
But first time installs are still not checked. But that is the same for the usual Play Store. And if the dev decides to go rogue and add some malicious code, neither Google, nor F-droid, nor Obtainium will find it before releasing it.
What are these magical checks that people imagine the Play Store is performing.
I thought there was a level of technical vetting. Not the case?
They run a standard anti-virus if that's what you mean by "technical vetting". :)
Nope. Although they plan to introduce mandatory testing where 10 friends of yours have to swear they ran it and and it appeared to work. In a way outsourcing the technical review.
Can you share some cools apps you use? Thanks
Do not use Obtainum
When using Obtainum you must trust all developers and all platforms they use to push updates.
How do you verify apks using Obtainum?
Check twice what this girl is saying. She's a privacy, security celeb i.e. "expert"
When it comes to GrapheneOS.
Disable auto-updates and their App app.
Disable all connections to Graphene servers.
Don't allow them to collect data about you.
Download updates using Tor and sideload them.
Not sure downloading through Tor changes the fact that there's an element of trust with app developers.
Disabling updates is a security risk.
