GrapheneOS

@informapirata @informatica It would not be the end of F-Droid, it would only require them to stop incorrectly using package names (application ids) not belonging to them. F-Droid doing that already causes issues and we’ve reported it as an issue many times for several years. Simply doing domain-based verification without ID verification similar to Let’s Encrypt would have caused problems for them too unless developers authorized the usage explicitly.

See our post at https://discuss.grapheneos.org/d/26966-f-droids-delevoper-statements-about-googles-registration/3.

@andreabont @informapirata @morrolinux @gnulinuxitalia We only recommend that apps already using the Play Integrity API and unwilling to remove it move to using this instead. This enables them to support arbitrary other devices and operating systems. Other attestation roots can be supported along with arbitrary alternate operating systems via allowing their verified boot keys. That’s much better than the Play Integrity API. We’d prefer if apps didn’t check the device/OS but they insist on it.

@shiva @informatica @informapirata We don’t think these are good recommendations for users who care about privacy and security. There’s a lot more to privacy than simply avoiding Google apps/services.

We recommend https://eylenburg.github.io/android/_comparison.htm for a high quality comparison between Android-based operating systems. The other OSes listed there do not keep up with privacy/security patches which is the bare minimum. CalyxOS updates have also recently been discontinued as a whole (https://calyxos.org/news/2025/08/01/a-letter-to-our-community/).

deleted by creator