Bolt cutters will probably cut through the cabinet door or side if you can find a spot to get them started and you have a lot of time.

Otoh, maybe you've got a cabinet in a DC with very secure locks from europe.... But all are keyed alike. Whoops.

A drill would be easier to bring in (especially if it just looks like a power screwdriver) and probably get in faster though. Drill around the locks/hinges until the door wiggles off.

>I don’t think a state actor would actually break in to either in this case

Read Jabber.ru Hetzner accident: https://notes.valdikss.org.ru/jabber.ru-mitm/

>Breaking into a data center requires coordination and ensuring a lot of people with access and visibility stay quiet

Or just a warrant and a phone call to set up remote access? In the UK under RIPA you might not even need a warrant. In USA you can probably bribe someone to get a National Security Letter issued.

Depending on the sympathies of the hosting company's management you might be able to get access with promises.

I dare say F-Droid trust their friends/colleagues more than they trust randos at a hosting company.

As an F-Droid user, I think I might too? It's a tough call.

> Data centers are built with redundant network connectivity, backup power, and fire suppression. [...] The question is their relative frequency, which is where the data center is far superior.

Well, I remember one incident were a 'professional' data center burned down including the backups.

https://en.wikipedia.org/wiki/OVHcloud#Incidents

I know no such incident for some basement hosting.

Doesn't mean much. I'm just a bit surprised so many people are worried because of the server location and no one had mentioned yet the quite outstanding OVH incident.

> The question is their relative frequency, which is where the data center is far superior.

as a year long f-droid user I can't complain

That looks cool, which might just be the point of your comment, but I don't think it actually changes the argument here.

You still have to trust the app store to some extent. On first use, you're trusting f-droid to give you the copy of the app with appropriate signatures. Running in someone else's data-center still means you need to trust that data-center plus the people setting up the app store, instead of just the app store. It's just a breach of trust is less consequential since the attacker needs to catch the first install (of apps that even use that technology).

Why have we normalized "app stores" that build software whose authors likely already provide packages of?

I've been using Obtainium more recently, and the idea is simple: a friendly UI that pulls packages directly from the original source. If I already trust the authors with the source code, then I'm inclined to trust them to provide safe binaries for me to use. Involving a middleman is just asking for trouble.

App stores should only be distributors of binaries uploaded and signed by the original authors. When they're also maintainers, it not only significantly increases their operational burden, but requires an additional layer of trust from users.

The F-Droid repos are provided by redundant mirrors: https://f-droid.org/en/docs/Running_a_Mirror/

If this is the hidden master server that only the mirrors talk to, then it's redundancy is largely irrelevant. Yes, if it's down, new packages can't be uploaded, but that doesn't affect downloads at all. We also know nothing about the backup setup they have.

A lot depends on the threat model they're operating under. If state-level actors and supply chain attacks are the primary threats, they may be better off having their system under the control of a few trusted contributors versus a large corporation that they have little to no influence over.

Ah. I took "not just any data center" to mean "in a specific co-location facility where they trust the person responsible for it".

I agree that "behind someone's TV" would be a terrible idea.