External Publication
Visit Post

If not able to stop using WhatsApp, how important is it to download it from the Play Store vs WhatsApp's website itself?

Privacy Guides Community [Unofficial] June 10, 2026
Source

There is a good-faith argument to make against:

randomperson:

Even if not perfect, Google or the F-Droid-Team can do a much better job vetting and monitoring the apps and their developers, than I can

  1. As per FDroid itself, do not assume that an app is secure because it came from these third-party repos. Apps are given basic security checks on first upload, and a weaker automated scan for subsequent updates
  2. Attack surface is effectively increased. You arent shifting trust from the developer to the FDroid/Play teams, as developer trust is required regardless. You are adding infrastructure to your stack

Play is far more opaque than FDroid on their process, but given the insane amount of malware distributed through Play Store, its contents are certainly subjected to far weaker checks

So the argument would boil down to: you need to be verifying a trusted developer regardless of installation source, in which case, you can reduce complexity & attack surface by installing the app directly from said trusted developer

Probably more of a ‘subject to your threat model’ situation than an objective right/wrong call

Discussion in the ATmosphere

Loading comments...