To help drive home the privacy angle, you might consider open-sourcing it and also making it available on F-Droid. Also, why does it say "in-app purchases"? If this is a simple calendar I don't see why any purchasable extras should be necessary.
(While many in the HN crowd lack the requisite equipment to make use of your project, we do have girlfriends, wives, sisters, and daughters who might benefit from a privacy-respecting app like this.)
The in-app purchases are a dealbreaker. Not only is there no reason for it, but it necessitates the integration of Google Play Services.
If the goal was to be privacy-centric, it already fails at that for this alone.
And if the goal was to profit off of women's need for privacy-centric period tracking, then there is absolutely no reason not to find a proper FOSS alternative that cares about its users more than making passive income for the developer.
An in-app purchase is an automatic dealbreaker? Doesn’t that depend on what it actually is?
It could be an in-app purchase for themes or something like that. It can be a “thanks for supporting the app” cosmetic badge, completely optional, just there to buy a coffee for the author. But you’re dealbreaking it before you even see it?
In-app purchase != data collection
Also, regarding FOSS alternatives, you should know that FOSS does not mean “free from payment.” It technically doesn’t even mean “free from data collection.” It just means that the source code is available under a free and open source license. FOSS isn’t necessarily “free as in beer” and the FSF explicitly defines it that way. It’s more important that you’re offered the freedoms of the open source license and ability to get the source code. Whether or not you pay is a separate issue entirely.
it is the moment google allows you to target who have spend on that app.
but yeah, you already have:
- system apps for play service which run all the time and can access all apps' storage.
- all apps can ask the OS for a list of other installed/recently open apps. whats app request that list every minute.
- etc. not going to list all the crap you can use to target individuals on apple and android. there's plenty.
my point is, in the end. apps with purchase option are the least worse from the official stores. chill.
Are you responding to the right comment? What you’re saying seems completely unrelated to what I was responding to RIMR about.
If your issue with this app being posted to HN is the mere existence of the app on the Play Store (including all of the store and the OS’ existing flaws), I don’t see how that’s supposed to be a constructive or useful discussion relevant to this app.
They are responding to the part of your comment that says
Hardly unrelated
Don’t tell someone to chill just because they take an opposing viewpoint. It’s disingenuous and attempts to paint them as emotional and irrational.
REALLY? That was blocked on iOS like a decade ago.
Damn, that's quite the lecture. Where did GP say that FOSS means free of payment? I only see criticism of the payment method (along with justification), not the need for payment. There are other ways of collecting payment than using Google Play Services. Plenty of apps that are open source are not free-as-in-beer (as you pointed out). OP could keep a Play Store version with in-app payments for users who don't care, but also release an F-Droid open source version that takes payments through Stripe or some other alternative. This would be approximately 10x better anyway due to "commission."
It's unfair to expect someone to work for free. In-app purchases are a common and reasonable way for programmers to sustain themselves while providing a valuable service to users. After all, programmers, like everyone else, need to make a living.
GP did not say they expecting someone to work for free. They took issue with the payment method and explained why.
If the app required payment by giving your name, address, credit card, and more to "Jimmy" (some person you don't know and don't trust) who will be contacting you to collect, and somebody said "I don't know Jimmy and I don't really trust this. I'd prefer to use a trusted method of payment" would you reply, "You just don't want people to make a living!" I would really hope not.
It turns out "I want privacy first and open source" is still a dog whistle for "I don't want to pay for anything".
OP seems to embrace Google Analytics, as stated on their own site.[1] So, you might be barking up the wrong "if you want true privacy, avoid Google" tree, here, sadly.
(I agree with you but OP probably thinks/feels differently about Google - itself.)
[1] - https://www.siekmoeller.com/ladylog/impressum.html
I use GA only for the homepage not the app itself
Fathom Analytics offers a straightforward, privacy-focused alternative to Google Analytics.
Unlike Google, which collects extensive data to build detailed user profiles (read the link for details), Fathom uses a variety of techniques such as hashing to anonymize data, ensuring it cannot be traced back to individuals.
Their approach complies with major privacy laws like GDPR and CCPA, removing the need for intrusive cookie consents.
Plus, with Fathom, you get essential analytics in a simple, user-friendly format, making it a smart choice for sole-developer sensitive health-related applications.
https://usefathom.com/why-fathom-analytics/privacy-focused-w...
Or check the plethora of great GA alternatives like:
Plausible
Piwik Pro
Simple Analytics
Wide Angle Analytics
Pirsch
Umami
etc.
https://european-alternatives.eu/category/web-analytics-serv...
For a solo dev that would rather spend time on other things, who prioritizes ease of use and minimal setup, Fathom might be the better choice.
If they value transparency in how tools work and possibly require some customization, Plausible’s open-source platform could be more suitable. Both offer strong privacy practices.
Each of the others you list also offer flavor variety: Piwik Pro for comprehensive, regulation-compliant analytics; Simple Analytics and Wide Angle Analytics for straightforward, cookie-free tracking; Pirsch for performance-sensitive server-side implementations; and Umami for developers who prefer open-source solutions with full control over their data.
Rather than going into depth on all that, we've found recommending Fathom is the simplest thing that can possibly work for someone just getting visitor and campaign info off their web home page, very fire and forget, read the weekly emails.
If that's ever not enough, the others do have their places.
(I am a maker of Wide Angle Analytics)
Wide Angle is cheaper and grows with your needs.
You can start simple, and then dive deeper. Additionally, we support consent-based tracking and optional Personal Data processing for those who require more in-depth data.
But nothing stops you collecting just clicks/views/sources/campaigns with no set-up beyond dropping in a small script. No cookie banner required by default.
And yes, I am biased. :)
I’m a plausible fan. Very simple and affordable. Privacy friendly
Is this an ad? It reads like an ad.
It's a product with a high NPS, meaning, people who choose it for use cases are likely to "ad"-vocate for it for those use cases.
I wasn't aware they made their NPS public.
In-app purchases: You can buy another theme if you want. There is no need to do that - the whole functionality is available anyway. I thought it would be nice to at least have the opportunity to make some money from it...
I haven't thought about open-sourcing it... Maybe I'll think about it...
Making additional themes be in-app purchases seems like a reasonable way of funding the project. You might want to specifically say in the app description in the store what the in-app purchases are. I was kind of suspicious until I saw this explanation.
"Free on F-Droid, $3 on the Play Store" is another approach I've seen (e.g., Conversations and DAV5x).
Good point - I changed the description!
You can always pop it on GitHub with no license. You retain copyright, nobody can do anything with it. Would enable users to report bugs there in the Issues area, or you could make a basic GitHub Pages site, or there's a wiki or discussion forum.
If you did add a license, users could submit PRs of bug fixes or new features. If you don't have a lot of users it probably would get very little traffic and so not become burdensome. (And you can always ignore it... Not ideal, but life comes first)
If you care about privacy and want to have some fun with the license idea, you can add an Ethical Source license, so anyone who uses your code has to comply with a code of ethics. (https://ethicalsource.dev/licenses/) Maybe a license that says you cannot use this if you actively work against women's reproductive health/freedoms?
Nothing wrong with wanting to make some money. Especially with something like additional themes.
Please just don't hide existing/important features :).
What's the status of trustworthy reproducible build systems for deploying open source code to apps on Android?
well, zero. just like apple. since there's no convenient way for the user the validate anything they are installing other than "the app store said so"
This is a response to a question of Google Play’s reproducibility which is moot because of the distribution mechanism. *Android* in general does have reproducibility especially from third party repos like F-droid.
correct.
sadly fdroid usage is close to zero. and even there verification requires adb hacks and very expert users, even for basic hash checking.
https://f-droid.org/docs/Reproducible_Builds/
I think Signal also does this for their Android app. I'm not sure of much else in this space.
Indeed, given the legal complications of reproductive health in some states, privacy would be at the top of my mind if considering to use an app like this.
Not sure why you're being down voted, this is a great point. And a depressing one.
Not a woman, so take this with a grain of salt.
A few years ago, I wouldn't have been very bothered by the privacy implications of an application like this, but for obvious reasons it's become much more prudent to consider them. Were I a woman I'd be deeply troubled to use an application like this, no matter how good, without some kind of ironclad proof of a privacy respecting codebase. Imagine logging patterns indicative of a pregnancy followed by an abortion, and then imagine selling this data to Texan bounty hunters[0] or any other nefarious actor in your jurisdiction. The stakes have become too unacceptably high to use an application like this without knowing with perfect certainty that it is safe to use.
Which isn't to cast any aspersions on OP for developing it. But the game has suddenly become very dangerous, and despite their reassurances, this is in fact a weapon of potentially lethal consequence.
[0] https://www.villanovalawreview.com/post/2229
Exactly. A few years ago I would have thought that this kind of take was absurdly paranoid... but here we are.