Show more

@mxmehl @fdroidorg ah nice, the export/import workflow should help smooth the process. I'm interested in hearing about how many users find it worth it to do that kind of procedure. It is possible to fully automate it, but would take a chunk of work. A key question is: how many users are not going to update because of this? This will be valuable information as more apps transition to in

#WireGuard becomes the first VPN app on #FDroid to be built reproducibly! This means that WireGuard on F-Droid is now guaranteed to be 100% (bit-by-bit) equal to the WireGuard the developer builds.

If you're using WireGuard from F-Droid, please export your tunnels and re-install to switch to the developer's signature and continue receiving updates.

More details in the official WireGuard announcement: lists.zx2c4.com/pipermail/wire

New to reproducible builds? Check out f-droid.org/en/2023/01/15/towa

Have you heard about #ReproducibleBuilds? This is one of the biggest #security benefits of #FOSS. On #Android, this technique ensures that the #FDroid version of an app exactly matches the developer's version.

Read our article below for more details and to see how easy it is for developers to get set up:
f-droid.org/en/2023/01/15/towa

πŸŽ‰ We're growing! Our global #FDroid community is pleased to announce that we now have an official governance plan and a brand-new volunteer Board of Directors. We're excited to work with them to keep improving the leading all #FOSS mobile app catalogue!

f-droid.org/en/2023/03/20/f-dr

#FreeSoftware #OpenSource #Android

When the tool-chain you've got to use (#flutter) doesn't care about #gdpr or #privacy in general:

`flutter config --no-analytics`

It would be nice to have a package for gitlab.com/fdroid/sdkmanager, I have no access to , but I can assist. It should be easy, it has very minimal dependencies.

Show thread

Do you sometimes just want one tool from the in a container or VM, and don't want to deal with the whole pain of setting up and everything? Try the sdkmanager instead of the official one. For example, `apt-get install sdkmanager` then `sdkmanager platform-tools`. Plus this verifies all packages using `apt-get` style GPG-signed index with SHA256 values. Useful in on etc. In pypi, Debian, Ubuntu, and gitlab.com/fdroid/sdkmanager/

Congrats to co-founder @matthew for rocking the last , there was still quite a bit of buzz about how the live bridging demo carried a ton of weight, despite the lobbying efforts from , you can see it at around 14:00 in the live stream recording webcast.ec.europa.eu/dma-works

was almost mentioned at : one key point was that mobile operating systems in 2008 were in a race to get developers. and were tiny newcomers with no developers. The idea from app stores came from free software and hackers. APT started in the 90s, was on iOS when was still saying web apps were the only way. And of course, used as a key strategy to get interested in their platform.

It is so disappointing to see @ubuntu reverting to #DarkPatterns and #Microsoft-style fear-mongering to increase sales.

The entire message is designed to make people believe that there are #security updates they're not getting without #UbuntuPro (which as far as I understand is not true). #DeceptiveDesign
CC @beuc @finnmyrstad

The have huge resources as compared to the regulators, so regulators must be strategic and pool resources. Also, communities based on tracking and reviewing the actions of the can also play a role here. know the APIs they have to work with, and can report fishy business. Bloggers can report on key technical details that steer things towards the . can show when things ate technically possible, despite what say.

So far no mention of at the but I guess that's not surprising since it opens with in-app payments as a central topic. It would be great to see free options like and represented. I was happy to meet @murena here, so I know I'm not alone as an -based implementer.

has started, many more suits than I'm used to. The first interesting insight I gathered in conversation: "sideloading" is a loaded word which serves the monopolists. On other platforms, this is called "installing". Sideloading highlights that there is a main source, and installing outside of that source. Of course, many people don't want to think about the source, but we need choice over which is the main source.

πŸ•΅οΈβ€β™‚οΈ Today, the Open Source Programme Office (@EC_OSPO) held a Secrets Management Hackaton for the developers from the πŸ‡ͺπŸ‡Ί Commission.

The goal was to remove secrets from the internal projects' codes so that more πŸ‡ͺπŸ‡Ί projects can become #opensource and be shared on code.europa.eu.

Has anyone ever setup a multihop ? How about chaining more than one commercial provider? If it is easy to setup and fast enough, it could be a nice way to improve privacy without having to entirely trust the provider. mullvad.net/en/help/multihop-w

We have generally avoided recommending providers for since it is a thorny proposition, although they are clearly useful for . We recently mapped out what a VPN provider needs to do to gain users' trust guardianproject.info/2023/02/2

#DMAWorkshop
I have to observe that the stakeholders who only sent a lawyer to this messaging interoperability workshop are clearly indicating their intent by doing so. The people who want to make it work sent people to talk about solutions.

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml