Sorry if it sounds a dumb question but I always thought using the official playstore that comes pre-installed is the safest so everything related to F-Droid is new to me. Did anyone had apprehension on installing F-Droid when you had bare to none knowledge how it works? I like to be cautious and on the page it has a Instructions to verify the download page and it only tells how to check from Linux but not from Android, what am I missing here?
How do you know the signature hasn’t been compromised?
I think it is a big rabbit hole I don’t have time to think about
I dont. As I said, I actually don’t really know how to verify signatures. And even if I did, I know that you have to get the signature from somewhere else that is not run by them so that if they were compromised, the signature would not be compromised as well.