I'm sometimes asked why #fdroidserver implements somethings in #Python rather than scraping #apksigner output. Reliably and securely parsing CLI output over the long term is really hard to get right because deployed fdroidserver code has to be future proof, in that it has to support newer apksigner versions that might have changed its output. 1/3
We're starting a sprint to look at all the issues preventing #ReproducibleBuilds in all the apps we ship. Most of the issues are simple fixes in the upstream code, like unsorted outputs or timestamps included in the build.
You can help make the #FreeSoftware #Android ecosystem be more reproducible! See the failures here and help us report them upstream: https://verification.f-droid.org/failed.html
We wrote a blog post about trust and how to have a verified installation of our client.
One such source for the client could be our CLI tool, that recently got the ability to download the F-Droid.apk.
This week in #FDroid (TWIF):
- european-alternatives.eu lists software and apps that come from the EU, some of them are regular guests in our TWIF
- we found a YouTube video about apps that are NOT on a centralized app store
- aTox and UniPatcher were updated again after a long hiatus
- Kodi fixed many bugs
- OsmAnd~ has a lot of new features
- Status, VLC and Zulip were also updated (and 111 more apps)
- MRT Buffy is new and helps you commute in Dhaka
Read more at https://f-droid.org/2024/11/21/twif.html
This is the example of the kind of feature that the #DigitalMarketsAct is driving #Google to implement. It could have been implemented long ago, but there was no pressure for Google to do so. Notice how they implemented it in #PlayServices, not Android. Apps that implement this are then tied to Google's proprietary stuff. That's their way of maintaining control of the ecosystem. https://www.theverge.com/2024/11/21/24302562/android-restore-credentials-transfer-restore-key
I would love to see an analysis of the power dynamics of how all the browser companies are working together on the #Chromium code base. Of course, #Google has an oversized influence, both because #Chrome is dominant but also because Chromium is a Google project. I can't imagine #Microsoft is a pushover there. #Brave, #Opera and #Vivaldi probably have much less sway, but could join together. Are there useful avenues for #Firefox resources to have more impact in the Chromium ecosystem?
When the ÖAMTC ambulance helicopter flies overhead in #Austria, it is an experience. Its fast, loud and strikingly low to the ground. Its the only helicopter I see. For me, this event represents the social system. It flies in reserved airspace, private aircraft aren't allowed. Trips are covered by health insurance. I compare this to living in #NYC, where most helicopter flights are some rich asshole flying around for no good reason. This helicopter reminds me another world is possible
It seems we have some excellent news! The SDK now seems to be licensed under GPL 3.0, making the @bitwarden client fully open source again: https://github.com/bitwarden/clients/issues/11611#issuecomment-2436287977 (https://github.com/bitwarden/sdk-internal/commit/db648d7ea85878e9cce03283694d01d878481f6b). If this change stabilizes into the next release, I can remove the warning in my blog post again.
H/T Philipp Hofer, thanks for noticing and sending me the links!
🎉 PSA: F-Droid users! 🎉 The Tuta Calendar app is now available on F-Droid 🥳
❤️ You can get the Tuta Calendar app here: https://f-droid.org/en/packages/de.tutao.calendar/
@jcaleitao thanks for running a public #IPFS gateway. Yours is currently returning 502 errors.
Could someone please train an AI image generator on a data set without any porn at all? Or is this just a bias in the free ones? I feel like half the time I try to generate an image mentioning the word "woman", it rapidly goes towards porn. Try generating with a term like "breast feeding" and its impossible. This is a bias on the internet we really do not need to reproduce or spread further. Paid services might be better but most of the world will use the gratis ones. #enshittification coming up
We were busy last week!
In short:
- Our DNS entries were finally transferred to us as a legal entity: https://f-droid.org/2024/09/30/dns-security-and-bus-factor-improvements.html
- This week in #FDroid (TWIF) was published again with news about the next F-Droid client update with fixes for TetheredNet and many app news: https://f-droid.org/2024/10/03/twif.html
- And the website is now available in Czech: https://f-droid.org/cs/2024/10/04/czech-language.html
All the details are in the linked blog posts, so please feel free to read them ;)
#Bundestrojaner – Was ist das eigentlich? Auch im aktuellen Wahlkampf ruft die @volkspartei wieder lautstark nach der Überwachung verschlüsselter Kommunikation.
🛑 Was daran so gefährlich ist:
Given my work on #privacy, #censorship circumvention, #ech, etc. this #Brazil #Musk case is giving me pause. I have lots of questions, but no clear answers yet. Are there parallels to the DoH case here? Is making the internet more private contributing to centralization of power? e.g. billionaires like Musk can broadcast over the whole internet whatever they want, and governments have no power to stop it. The 99% do have to follow our govs.
In the end, it was a series of six meetings, each lasting two hours, with 75 pages of quite technical background material. We really need more public interest involvement in these kinds of things, but it is no surprise that few people want to do this kind of thing in their spare time. I always thought I'd contribute code, I'm still surprised to be invited to these things. It is clear that #FreeSoftware voices carry a lot more weight in this setting. How can we get more people involved?
Looks like the existence of this study is public info, here's the EC tender https://digital-markets-act.ec.europa.eu/dma-commission-launches-call-tenders-study-mobile-ecosystems-2023-09-19_en
There were some other key people there too on their own time, I'd like to thank them for their work too! And some people there for their job were also giving valuable input. (I can't mention who anyone is because of the NDA).
On my own time, I have to read a ~50 page document produced for the #EuropeanCommission in order to effectively participate in a two hour meeting where #FDroid is pitted against #BigTech on the #DigitalMarketsAct and its requirements around installing and allowing other #AppStore options.
Its all NDA'ed so I can't ask for help.
This game is really rigged for the megacorps. Wish me luck! Here's to fighting the good fight!
More fun with #DigitalMarketsAct meetings! This time I'm in some meetings organized by the European Commission, run by a super expensive, multi-national consultancy. We are in with well paid representatives of #BigTech, some academics, and a couple public interest techies like me. Volunteers like me are again driving the key points that will make or break the #DMA. I applied to #FordFoundation to fund our work, but was rejected. How can we in the #EU get more people paid to represent users?