You must log in or register to comment.
Be aware that this is a closed source app, and since lemmy doesn’t currently have proper oauth, that it could potentially be storing your login creds. Be very wary of any lemmy app that isn’t open source.
That said, this dev is a legend and has been around for over a decade. His reddit app was monetized directly through buying a pro version of the app.
I’m a big fan of trustless computing, which requires apps to be open source, or at the very least, source available.
Trust and security just don’t mix in my eyes, since supply chain attacks are much easier when using a trusted platform vs a trustless platform, where it’s still possible to perform a supply chain attack, but since there are more eyes on it, it is much harder.
Yeah, and also I left reddit not to use other proprietary software.
An Open Source app that you don’t compile yourself after reviewing the source code has the exact same risks.
There is no guarantee that the version of Jerboa you install from the Play Store corresponds to the source code you see on GitHub.
It’s also on f-droid, which does their own builds, and you could also compare the build with one you do on your own machine. So no, you don’t have to trust me.
Is Lemmy planning on implementing a proper oauth down the road?
There are some ideas for it, and a PR which puts some of them out there, but not anytime soon.
This is kind of where I’m at. Using Jerboa (thanks for that, btw) rn, and probably going to switch over to LemmInfinity once that’s more stable.