It's obvious what GP meant - we can verify that the apps we download are the apps everyone else downloads.

We can't do this with Proton where our mail is supposedly end-to-end encrypted. They can easily view our mail if they can send us a different code when we load their site.

> That isn't what "sandboxed" means, it has nothing to do with checking hashes. And no, mobile apps are not really sandboxed

Apps ARE somewhat sandboxes and GP didn't mean than sandboxing == checking hashes. It was 2 sentences appearing one after the other.

▲

asadotzler an hour ago | parent [-]

You cannot. An app can update just like a browser tab. In fact, a very many apps are just frickin' webviews.

	▲	palata an hour ago \| parent [-]
		Well, you can verify that the code that you downloaded is the same that everyone else downloaded. Even if it contains webviews. Now if it contains webviews, it brings the security issue of... the webapps, of course. Personally, I want an open source app. You can audit an open source app and even compile it yourself. You can't really do that with a website. And I don't mean just mobile apps, that applies to desktop apps, too. I wouldn't run a web-based terminal, for instance (do people actually do that?).