If you trust openwhispersystems than on android it is guaranteed to be the same build that was uploaded. All builds are signed by developer unlike apple (where you sign builds to prove that this is your build to apple, not to user).
"If you trust OpenWhisperSystems" is a pretty huge condition – the exact condition we're discussing here. The advantage of open source is that you don't have to trust OWS, you have to trust the source code, which you can do by auditing it yourself.
> The advantage of open source is that you don't have to trust OWS, you have to trust the source code, which you can do by auditing it yourself.
No. That is not the advantage of open source. The advantage is that as long as somebody audits the code, you don't have to.
And in this case, you don't need to trust OWS to do the right thing, only to refrain from pushing rogue updates (ie, to only sign versions that are actual releases). You can still read the code yourself.
And in this case, you don't need to trust OWS to do the right thing, only to refrain from pushing rogue updates (ie, to only sign versions that are actual releases). You can still read the code yourself.
You've missed the subtleties around the word "trust" in the context. You don't need to trust that the WhatsApp people are nice, or want to do what is right.
You need to trust that they and Google haven't been legally compelled to push a "rouge" update - perhaps only to you. Don't forget there is nothing technically stopping a uniquely compiled update being pushed to a single account holder.
The only protection against this is 3rd party auditing and checking the signatures yourself, and that the 3rd party is completely located in a jurisdiction where they are unlikely to be legally compelled to comply with an order that applies to WhatsApp and/or Google.
