For context, this video got me a little spooked about my current OS, I never was super comfortable with their “overnight update” style despite it being more secure. How do they prevent unsafe binaries from a rouge employee being pushed to the device, deviating from / hidden in its open source roots, I know manually self-compiling to validate is complicated and may get diffrent results than the official rom. If I need to switch away, what to? I need update integrity over speed. Also Magisk would be nice.

  • degen@midwest.social
    link
    fedilink
    English
    arrow-up
    8
    ·
    1 year ago

    This comment explains the drama and concerns pretty well. In short, the problematic lead stepped down and there isn’t really a reason to discredit the dev team as a whole.

    As far as auditing goes, the code is available on GitHub. Only slightly joking, following release updates would be a good way to see what’s changing at a high level.