Comment by heavyset_go

They are the largest vector of scams and malware because they've centralized it and it's hard to deliver malware and scams otherwise. That malevolence will always happen and centralizing it ensures a single avenue that can be controlled and measured and importantly sued when they fuck up. I can't sue f-droid when they allow malware on my device, that's one of many reasons why I don't use it, that's why nobody uses it in real life. Every day on HN I see people who seem to unironically think "enshittification" is a real term normal people use, a generally understood term by people who don't follow links to Corey Feldman's blog.

HN tends to forget that linux is not a target for general malware because nobody gives a single fuck about linux as a real malware target because they're smart, and therefore not the target of most scams. HN has the cute attitude that technology is king and that as long as you inspect it and open source it and care enough and have full control, then that's enough. Often the same people ignoring that AI has made it way easier to fuck stupid people over with no effort at all.

I don't not want unlimited control over the hardware that I buy from vendors like Google but I don't know yet of any better way to keep stupid people from kneecapping themselves other than introducing harder and harder quizzes. If you think it's an advantage that third party vendors like f-droid are absolved of responsibility then you deserve and own the fault when you get hacked and fucked over. Most people don't want that. They have real life to deal with. In real life you can kill people or sue them and it's harder to kill people over the internet.