Hacker News new | ask | show | jobs
by rigid 766 days ago
Hm f-droid provides privacy friendly https://fdroid.gitlab.io/metrics/ for some time now.

I'm not sure what sort of "control" they have over the Play Store compared to f-droid, but I'd rather have a trusted 3rd party do the building transparently and verifyable.
2 comments
noirscape 766 days ago
F-Droid uses a package maintainer-esque process where the maintainers of F-Droid can intervene and prevent an update to an app from reaching users if it's deemed to be malicious or to add anti-features.

It's of particularly high need on mobile since popular apps, even those who were originally FOSS, are sold to scummy publishers who fill it with ads and subscription schemes (oft called anti-features, since removing them could be seen as a feature in and of itself), ruining the original. You can't really trust mobile app devs because the track record is downright awful. Recently that happened with the "Simple" collection of apps, where the Play Store version got filled with junk but the F-Droid maintainer froze the version and marked the apps as outdated since nobody could conceivably want the new versions.

Of course, that strokes poorly with developers who a. don't want to deal with potential third parties in their distribution chain rejecting their updates or b. are planning to add anti-features to their apps later down the line. With signal, I'm gonna guess it's mainly a; the Play Stores checks and balances are much less invasive than the sort of thing an F-Droid maintainer might check for. (As I understand it, Google Plays checks mostly are anti-exploit and keyword scans.)

link
rigid 766 days ago
> where the maintainers of F-Droid can intervene and prevent an update to an app from reaching users if it's deemed to be malicious

That sounds like a feature you want when using FOSS.

Imagine distros wouldn't have been able to intervene quickly and malicious xz would be still deployed through their channels just because the authors want to.

link
noirscape 766 days ago
Oh yeah, it's an absolutely wonderful feature. F-Droid is pretty much the main app store I'd recommend to get "the basics" from if you're ever in the unfortunate position of having to manage the mobile devices of family members. Having a maintainer "on the lookout" gives so much peace of mind. Not suddenly having the gallery app turn into a data collection machine and baiting less tech-savvy people into vaguely defined subscriptions is a value that's too good not to pass up on.

FOSS isn't really the important part for me there; it's nice, but the real value is that F-Droid is pretty much the only app store that has some reckoning on how the relationship between mobile devs and mobile customers should be far more adversarial than on any other platform due to the poor track record of mobile devs and empowers users to be able to deal with that in a way that restores some degrees of trust.

It's a fucking shame there's not an equivalent on iOS where you can just say "yeah, what you find here can be trusted" and then not have that gets polluted a year down the line. Apple used to somewhat police the App Store back in the early 2010s for similar peace of mind, but that's not the case anymore.

link
kuschku 766 days ago
> With signal, I'm gonna guess it's mainly a; the Play Stores checks and balances are much less invasive than the sort of thing an F-Droid maintainer might check for. (As I understand it, Google Plays checks mostly are anti-exploit and keyword scans.)

It might have been b as well – Signal did keep their server code proprietary for many months to add their custom cryptocurrency to it, and added this cryptocurrency for microtransactions into the app as well. There may be many more features like this planned, some of which F-Droid might oppose.

link
CorrectHorseBat 766 days ago
Their problem is that F-Droid releases are signed by F-Droid, not by Signal. This way F-Droid could potentially insert a backdoor in an update.
link
rigid 766 days ago
That's not true tho. f-droid supports (true) https://f-droid.org/en/docs/Reproducible_Builds/ for quite some time now. Those are signed by both, f-droid and the author.
link
CorrectHorseBat 766 days ago
I should have checked before I posted something from memory. These are the reasons they list:

https://community.signalusers.org/t/signal-android-app-on-f-...

F-Droid with reproducible builds signed by both parties seems the best of both worlds to me, now I don't understand why Signal is so stubborn about this.

link
jjav 765 days ago
> This way F-Droid could potentially insert a backdoor in an update.

Google requires app developers on play store to give goole the keys that enable google to insert backdoors in any release. I can't trust anything on the play store for this reason. There is no way to tell which apps have been backdoored by google for whatever reason (the usual reason is a NSL).

link