App pages on the website say,
“Although APK downloads are available below to give you the choice, you should be aware that by installing that way you will not receive update notifications and it’s a less secure way to download. We recommend that you install the F-Droid client and use that.”
After looking at the security model,
what makes downloads less secure? Is there an assumption downloaders will not use Tor and check signatures, or is there more to it?