Show more

I'm often surprised to hear that many people believe that was this new radical idea in software development that came about in the 80s. That is actually backwards. Open Source was the default way software was developed before the 80s, and development changed that. The movement was a direct response to software going . It put front and center as the reason why should be free and open.

Episode 57: F-Droid (featuring Sylvia van Os & Hans-Christoph Steiner!) fossandcrafts.org/episodes/057

F-Droid, a repository of free software on your Android device! @cwebber interviews F-Droid developers @SylvieLorxu and @eighthave@social.librem.one alongside chair of the F-Droid board... @mlemweb!!!

#WhatsApp implementing #KeyTransparency is pretty nice, and definitely an excellent step in the right direction against shadow accounts and the service provider trust problem. However, without the client being #OpenSource, it is not that meaningful. Yes, of course somebody could implement an independent monitor for the transparency log to check keys registered for an identity, but what percentage of the user base will actually do that when the only realistic way to use the service is to rely on the #proprietary client, which can still be used to maliciously target (groups of) users to break #E2EE?

Secure messenger clients should both use identity security protections like #KeyTransparency and have a *default* implementation that is #OpenSource and, ideally, be distributed with #BinaryTransparency and verified through #ReproducibleBuilds. Oh, and allow other identifiers than just phone numbers (still looking at you, @signalapp - which is otherwise ticking a lot of the right checkboxes).

* Make software that works on older devices, the older the better.
* Make software that will keep on working for a very long time.
* Make software that uses the least amount of total energy to achieve its results.
* Make software that also uses the least amount of network data transfer, memory and storage.
* Make software that encourages the user to use it in a frugal way.

#FrugalComputing

RT @Iwillleavenow
Biden issued an order that doesn't even fully ban commercial spyware, just spyware that has a few high-risk issues (controlled by a foreign gov, previously used by foreign nation to access U.S. gov devices, etc.) and the industry is in a full panic.
thehill.com/policy/cybersecuri

"Microsoft Edge sends a request to bingapis .com with the full URL of nearly every page you navigate to"

Microsoft secretly tracks people across myriads of websites/apps via pixel. Now it was caught tracking them directly in the browser, by default. Wild.
theverge.com/2023/4/25/2369753

@mxmehl @fdroidorg ah nice, the export/import workflow should help smooth the process. I'm interested in hearing about how many users find it worth it to do that kind of procedure. It is possible to fully automate it, but would take a chunk of work. A key question is: how many users are not going to update because of this? This will be valuable information as more apps transition to in

#WireGuard becomes the first VPN app on #FDroid to be built reproducibly! This means that WireGuard on F-Droid is now guaranteed to be 100% (bit-by-bit) equal to the WireGuard the developer builds.

If you're using WireGuard from F-Droid, please export your tunnels and re-install to switch to the developer's signature and continue receiving updates.

More details in the official WireGuard announcement: lists.zx2c4.com/pipermail/wire

New to reproducible builds? Check out f-droid.org/en/2023/01/15/towa

Have you heard about #ReproducibleBuilds? This is one of the biggest #security benefits of #FOSS. On #Android, this technique ensures that the #FDroid version of an app exactly matches the developer's version.

Read our article below for more details and to see how easy it is for developers to get set up:
f-droid.org/en/2023/01/15/towa

🎉 We're growing! Our global #FDroid community is pleased to announce that we now have an official governance plan and a brand-new volunteer Board of Directors. We're excited to work with them to keep improving the leading all #FOSS mobile app catalogue!

f-droid.org/en/2023/03/20/f-dr

#FreeSoftware #OpenSource #Android

When the tool-chain you've got to use (#flutter) doesn't care about #gdpr or #privacy in general:

`flutter config --no-analytics`

It would be nice to have a package for gitlab.com/fdroid/sdkmanager, I have no access to , but I can assist. It should be easy, it has very minimal dependencies.

Show thread

Do you sometimes just want one tool from the in a container or VM, and don't want to deal with the whole pain of setting up and everything? Try the sdkmanager instead of the official one. For example, `apt-get install sdkmanager` then `sdkmanager platform-tools`. Plus this verifies all packages using `apt-get` style GPG-signed index with SHA256 values. Useful in on etc. In pypi, Debian, Ubuntu, and gitlab.com/fdroid/sdkmanager/

Congrats to co-founder @matthew for rocking the last , there was still quite a bit of buzz about how the live bridging demo carried a ton of weight, despite the lobbying efforts from , you can see it at around 14:00 in the live stream recording webcast.ec.europa.eu/dma-works

was almost mentioned at : one key point was that mobile operating systems in 2008 were in a race to get developers. and were tiny newcomers with no developers. The idea from app stores came from free software and hackers. APT started in the 90s, was on iOS when was still saying web apps were the only way. And of course, used as a key strategy to get interested in their platform.

It is so disappointing to see @ubuntu reverting to #DarkPatterns and #Microsoft-style fear-mongering to increase sales.

The entire message is designed to make people believe that there are #security updates they're not getting without #UbuntuPro (which as far as I understand is not true). #DeceptiveDesign
CC @beuc @finnmyrstad

The have huge resources as compared to the regulators, so regulators must be strategic and pool resources. Also, communities based on tracking and reviewing the actions of the can also play a role here. know the APIs they have to work with, and can report fishy business. Bloggers can report on key technical details that steer things towards the . can show when things ate technically possible, despite what say.

Show more
Librem Social

Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.

Stay safe. Please abide by our code of conduct.

(Source code)

image/svg+xml Librem Chat image/svg+xml