Surely US investors won’t harvest data and/or enshittify the product!

Should have just fired the CEO instead, would’ve saved millions and the company in one go.

Just last week, they were posting job listings for DevOps engineers. Glad the CEO’s bullshit stopped me from even considering it.

Sure, but I didn’t mean to say that FOSS couldn’t be insecure. Software itself can obviously be insecure, like we saw with xz. At least with FOSS though, it’s more difficult for it to be hidden.

Apologies, I deleted my comment instead of editing it, but I meant to add that even with the shady workaround, if you have sandboxing it likely greatly reduces this risk.

Be very wary of what apps you install, and in fact, try to only use FOSS.

Yes, it would. Those basically create sandboxes.

So the first line says that it’s for older versions of android before 2022. But the next paragraph says:

For extremely specific use cases such as file managers, browsers or antivirus apps, Google grants an exception by allowing QUERY_ALL_PACKAGES permission, which provides full visibility into installed apps.

So this may still be possible, however sandboxing, especially GrapheneOS’ implementation likely mostly, if not entirely reduce this risk.