Privacy

31219 readers

875 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

399

F-Droid - Free and Open Source Android App Repository (f-droid.org)

submitted 11 months ago by naut@infosec.pub to c/privacy@lemmy.ml

33 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] nodsocket@lemmy.world 4 points 11 months ago (1 children)

How do I know a Boinc project doesn't have malware?

[–] makeasnek@lemmy.ml 8 points 11 months ago* (last edited 11 months ago)

BOINC has been around for decades and no project containing malware has ever happened. Ultimately you have to trust the BOINC project you are running code from. Most of them are run out of major universities or research institutes.
BOINC also features code-signing to prevent mitm attacks or somebody breaking into a project server and distributing malware that way. Projects are encouraged to keep the signing keys on an offline machine or at least a different machine, which probably generally is what happens. Most developers do their coding work on one machine and then publish that to a server. Using your server for development would be inconvenient and questionable practice.
With Android specifically, I don't know the extent to which malware could even do anything as there's built-in sandboxing.
BOINC does also have a sandboxed mode available on Windows, but it will prevent BOINC from using your GPU if you want it to do that. On Linux, BOINC typically runs as an unprivileged user.