To help drive home the privacy angle, you might consider open-sourcing it and also making it available on F-Droid. Also, why does it say "in-app purchases"? If this is a simple calendar I don't see why any purchasable extras should be necessary.
(While many in the HN crowd lack the requisite equipment to make use of your project, we do have girlfriends, wives, sisters, and daughters who might benefit from a privacy-respecting app like this.)
Congrats on the launch!
Since this is on Google Play Store I want to ask why is it not viable with user's consent to just sync app data with your own(user's) Google account?
I understand (and support) the reluctance to register and save data in some third party server which likely will use or sell your data but isn't app data in your Google Account very safe?
Google App Backup is basically storing user data in their own Google Drive Account, and is more like a sqlite dump isn't it? https://developer.android.com/guide/topics/data/backup
And as many suggested, you should consider listing it on F-Droid too if your app requires no account at all.
Good luck!
Thanks! The backup feature is already on my roadmap to offer it as an optional feature - but since you can manually import and export your data, it's not a high priority yet. F-Droid may be an option - but for now the project is not open source. so I think that's not possible
I'd argue that it's a falsehood to call a closed source application privacy friendly.
You would? How?
Presumably because there is no way to verify the claim.
There are ways to check what data is send trough the network...
Not really, not anymore. Many apps are now using certificate pinning to make it impossible for the user to to modify the trust store. This means that unless it is open source, it is very difficult for people to verify, even when they know very well what they are doing.
But you can verify that the app does not use the network at all, right?
Yes you could, although the bar is still a lot higher than if it's open source. You will have to fully re-test all possible paths in the app every time a new release is made if it's closed source. If it's open, you just need to look at the git log.
Plus if there is one legitimate network call, then this strategy is out since you can't know what that request contains. OP using in-app purchases, so I'm willing to be there's at least one network call in there.
If there is no network access permission at all, then I think we agree, that's a reasonable guarantee.
There's always a way, even if it's a lot more painful now! https://mas.owasp.org/MASTG/techniques/android/MASTG-TECH-00...
I think that isn’t it, because it would be easy to say something like “we can’t verify the claim that it is privacy respecting so we should assume otherwise.” Which is a totally reasonable position to take.
I think it is important to be specific, clear, and to have evidence if one wants to call somebody a liar, though.
Or maybe it is something else, it could be interesting if they have some other definition of “privacy respecting” that precludes closed source apps, for example. That is, to “respect privacy” could be understood to actually be to provide users with verifiable evidence that their private info isn’t compromised. I think this isn’t the conventional definition definition of privacy respecting but I’m definitely ready to be pulled on-side if anybody starts pushing it.
The only proof we have of privacy is a claim made by an internet account. With source code, auditing that claim is a lot easier. “Trust but verify.”
I agree that it isn’t as easily verifiable that it is privacy-respecting without the source code but that’s a couple steps from saying that it is “a falsehood” to say it is.
What made me wonder about it is that this is very specific wording that indicates that they proactively know the author is lying, when it would be very easy to instead say something along the lines of what you said, that it is too hard to verify without access to the source code.
Indeed, I think it used to be doable because I installed an app without source available from F-Droid a few years ago, but I don't believe it is anymore. Would be super cool if you did though! My wife is still using pen and paper to track because of privacy concerns, but my daughter finds this abhorrent and wants to use an app :-D
I may be wrong but I don't think your app needs to be open source to publish it on F-Droid.
Edit: Sorry, seems I was wrong [1] but you can host your own F-Droid repository which can be added to F-Droid by users to install your app from.
https://forum.f-droid.org/t/non-open-source-apps-are-allowed...
What's the point in "privacy friendly" if you're backing up to google?
"privacy friendly" does not mean not relying on any service at all. Its about understanding when and where your privacy is respected.
If the user is already using a Google Account for the app (you need a google account to officially download apps from the Play store), they are okay with minimal use of the Google account.
Google might be evil in its ways but the google app data is far different than sharing your personal data with startups or other apps who use your data for other purposes when saved on their servers.
AFAIK, the google appdata does is like a data dump on the user's own google drive, its private to the user, and not used by Google or shared with anyone else, it only can be used and accessed by the app which saves it. Please do correct me if I am wrong about this.
Its about understanding when and where your privacy is respected.
Then you certainly shouldn't be using Google (or any third party service that isn't encrypting customer data in an end-to-end way) for this, as Google is subject to law enforcement requests and right wing states have already tried to use this to access healthcare data. The whole point of this app seems to be to prevent that.
Is it your contention, then, that a law enforcement officer can “request” that Google turn over the contents of your user documents on Google Drive without a warrant? And that Google will allow such access to data?
If the user is already using a Google Account for the app (you need a google account to officially download apps from the Play store), they are okay with minimal use of the Google account.
I'm using an unofficial Google Play client, Aurora Store, which can use anonymous accounts instead of your own account.
Anyway, giving the user an option to backup data in Google is better than no option at all, although I'd also add a simple export to file, too.
I’d like to post a different sort of off-topic comment. As someone who’s married to a brilliant programmer and has a daughter almost a year old, thank you for showing a public example of simply being a woman in tech.
We don’t plan on shoving our daughter in front of an editor from a young age — we have no expectations of her, and she’s free to be whoever she wants to. But one reason my wife didn’t get into programming till her mid 20s was that there weren’t any examples of people like herself doing it. It didn’t occur to her that she might have a talent for it, or even enjoy it. It’s a bit like a man not realizing he might be a great dancer, simply because most dancers are women, and so he never explores the question.
I guess I’m just grateful you’re tipping the scales in the other direction. The work doesn’t need to be anything spectacular or solve all the world’s problems; solving your own problems with code is the essence of hacking. I hope that our daughter Kess grows up in a world filled with many more people like yourself.
I went back and forth about whether to even post this, for obvious reasons. But ultimately I have no way of thanking you other than this, and it meant a lot to me to see your work on the front page. I hope you have a wonderful week, and that your project achieves everything you were hoping for.
Thank you for your positive comment. I really appreciate that – the topic of women in the tech industry is particularly close to my heart!
I wish you and your family all the best – you made my day :)
I was honestly terrified to post it. I didn’t want to cause you any problems (e.g. if the replies turned into a dumpster fire) or any weirdness (it’s really hard to strike a balance between saying everything you want to, and not being overbearing about it). It’s a relief that the message made it to you and brightened up your day a bit more.
All the best to your family as well — we hope to have two one day too.
I debated saying something like this too because I've had it backfire, but in a way I didn't expect.
My daughter was excited to go to a coding camp with me, until several people (not all at the same time) each stopped to praise her for being a girl, and me for bringing my daughter. Everyone truly had the best of intentions, but the unfortunate impact was it gave her a bunch of attention that she didn't want, and only served to raise her awareness of how few girls there were. It made her feel more like a misfit and an alien. Afer she realized that it wasn't "normal for a girl to do coding," she didn't want to go anymore. That was a hard and heartbreaking lesson for me. I don't know if it's even applicable outside of my circle, but figured I'd mention it in case it's helpful to others who are trying to create a warm/welcome/inclusive environment. Since then I basically just try to "act normal." It's a hard problem.
That! This! Thank you for talking about it and putting it into words. Not only is it applicable, I’ve had so many discussions about it with my wife. Her central theme is "treat us normally; stop making it a big deal" but with the added context of "it sucks that there aren’t many examples of that." So it’s a balance between the two. I told my wife your story and she said yup, that checks out. I wanted to touch on this but couldn’t figure out how to fit it in.
She points out that the thing not to do is to be like "wow, you’re a girl!" and instead showcase examples of women coding. It’s the showcasing part that helps them feel like they belong. She notes that it would be cool if people would just say "this is Ada Lovelace, she was the first programmer" instead of doing the usual thing of saying "the first programmer was a woman". They might seem equivalent to us, but it feels way different to experience, and it’s something that I couldn’t appreciate until a few instances of me feeling out of place as a man. And then I realized that’s how women feel in tech.
That’s also why OP’s example meant so much to me. It was completely casual, which is the only way my daughter might feel like she belongs too.
Thanks again, and you also have a wonderful week.
Another person’s explanation: <https://news.ycombinator.com/item?id=14702676>
I hope that our daughter Kess
Voyager fan by chance? :-D
My wife says "it’s because we liked the name, not because of the show" but for me, it was totally the show. :)
Turns out there are only like a few dozen people named Kess. It’s one of the rarest names, yet short and simple, which is neat.
I sometimes worry I’ve cursed her with the association, since she might find that question annoying someday. But in a decade I doubt there will even be many Voyager fans left, sadly. It’s easy to forget that the show was from 1995, almost three decades ago. Ten years from now Voyager will be turning 40.
> It’s a bit like a man not realizing he might be a great dancer, simply because most dancers are women, and so he never explores the question.
No offense but that stereotype is incomprehensible. Outside of gay and lesbian clubs, [roughly} half of all dancers are men and the other half women. I suspect you are specifically talking about ballet dancers, but those are a tiny minority, and don't even exist in most of the world.
Here's a really cool dude dancing a really cool dance for men (Zaouli, from Cote d' Ivoire):
In the States "dancer" is used colloqiually to describe a profession, not simply a person engaged in the act of dancing. It's that "...most dancers are women..." bit that indicates that that's the context in which the parent is speaking. Certainly, that subtext is a little unclear, but if I talked about "dancers" at a wedding, I believe most people would expect that I was describing people dancing professionally. If I instead talked about "people dancing" at a wedding, its more likely I'm talking about people dancing for fun.
There's room for "dancer" to mean "person who is actively dancing", e.g. "Jim is a great dancer, but I am not". But I've never heard someone say "I'm a dancer" to simply mean "I dance [at all]". Its technically correct to say "I'm not a dancer", but most people say "I don't/can't dance".
In the States, you'll find that the gender ratio in the average dance class (ballet, tap, jazz, hiphop, etc) is strongly skewed toward girls and women. You see similar ratios in college dance degree programs.
If you pursue professional training to dance, odds are you're a woman.
I spent 7 hours last night picking out and building pre-summer flower arrangements and gift bundles for our wonderfully patient and kind office managers.
If my grandmother hadn't been forced to learn ikebana as a young woman and continued that on her own in the US as a florist, and if I hadn't had to help her while I was growing up, I in all likelihood would never have been able to appreciate a good table setting or any of the floral arts, let alone thought to learn them as an independent pursuit - it had to start somewhere.
As an adult, I love it, and it used to melt the stress off my ex's face during the holidays when she was planning everything else and I said I'd take care of decorating.
Mother's Day is fast approaching, but there's never a bad time to appreciate what the women in your life have taught you and reflect on the effort it took to learn and pass it down.
Well done! It's great to see more female developers building apps for women. I agree with other commenters that you'd get a lot of mileage out of open sourcing it and doubling down on the privacy / local storage angle. It would help you get press coverage if you want to grow the user base.
you'd get a lot of mileage out of open sourcing it
I’m not sure. Maintaining an open source project requires even more time than a closed source project. You can have a community-oriented closed source project, too.
and doubling down on the privacy / local storage angle
Yeah!
Open sourcing would just be a PR tactic IMO. Since it's all local storage anyway, there shouldn't be many security maintenance issues. I just think it gives a nice story angle for bloggers and tech press. But agreed, trying to build an active open source project with a community around it is a whole other ballgame and likely not worth the trouble.
It's not just a PR tactic. If the app is closed source, how do you know it's all local storage? Because someone on the internet said so? These days you can't really MitM and investigate the network connections.
Agree with you if privacy first is the goal then open sourcing it is absolutely the right move. However, it IS still possible to MITM these days - although more difficult.
frida.re has a ton of useful features and community tooling built around it including scripts that will let you "un-pin" certificates by hooking and rewriting the functions that verify whether cert pinning worked or not.
https://codeshare.frida.re/@masbog/frida-android-unpinning-s...
Neat, thank you! I hadn't heard of frida.re. I'll definitely have to dig in to that!
There's a difference between open sourcing and "maintaining an open source project".
Realistically most open source android apps do not receive many, if any, contributions from outsiders. Being open source does however signal the app isn't likely to become a paid shitfest.
Hosting the source code outside of Github/Gitlab/etc is enough to make maintenance easier already.
Exactly. I wish people would get over this idea that the only two options are closed source or setup and maintain a vibrant community of contributors. It's perfectly fine to just put the code on github and never look at it again. If you're willing to take an additional 30 seconds to be honest in the README.md about your intentions, even better.
Code doesn't have to be perfect to be open.
Other options that are open source include:
drip. https://dripapp.org/
Bluemoon https://gitlab.com/ngrob/bluemoon-android https://www.nilsgrob.ch/work/bluemoon
Periodical https://arnowelzel.de/en/projects/periodical
Sorry to hijack a bit here, but have any good links to open source baby tracking apps that allow sharing between partners? The popular options out there on the app stores are a privacy dumpster fire.
I’d recommend FindMy, but it only works for iBabies.
tell me about it. And I can never Green text bubbles from my droid baby.
I used this for our newborn recently and was very impressed with how flawlessly the partner sharing worked - https://mangobaby.app It is not open source. But didn't look suspicious like the other apps on the store. The privacy labels on the iOS App Store seemed acceptable too (for us).
If you're up for self-hosting, there's BabyBuddy[0]. There's no first-party native app, but it is a decent web app and there's some third-party apps/integrations. And of course, multiple users is a priority. No affiliation, just a user :)
No experience but Alternativeto.net might help.
The sharing part makes that a little less common.
My wife is a big fan of Euki which is privacy focused and developed by a non-profit.
Great idea, especially since many popular cycle tracking apps have a bad rep of sharing data eagerly with Facebook and other entities.
One thing though: I know it's popular in these apps to show the cycle as a "clock face", but if you think about it, this is a weird representation, because of the variations in cycle lengths (of natural cycles not changed by contraceptive hormones). So, if one cycle is 26 days long and the next cycle is going to be 30 days long, the clock face will show an average of 26 days for the next cycle and the handle looks stuck "5 minutes before 12" and every day, the handle doesn't tick one further, but the unit (day) becomes more compressed.
This makes comparing cycles unintuitive and suggests that natural cycles always have the same length. In reality, the majority of women have fluctuations of 8 days or more in their cycle's lengths per year.
many popular cycle tracking apps have a bad rep of sharing data eagerly with Facebook and other entities
Many no longer have a choice as to whether to turn their data over to law enforcement who may use it to deny lifesaving medical care. (Florida briefly tried to make reporting periods mandatory for student athletes, too, but that fortunately failed)
In my opinion if you're running something like this in a location where you might be forced to share the data for such malicious purposes with law enforcement then it should be your responsibility to (re-)design the app to provide users with a local-only option for data such that there's then nothing personal on the servers to be requested by law enforcement.
law enforcement who may use it to deny lifesaving medical care
what? details please
Yeah - you are right. But I like it that I can see how many days are left - even if it's not 100% correct and I get stuck at "5 minutes before 12" because then I see that it can appear every time. Maybe I'll add an option for another representation... something like the commit graph in github (don't know the name...) That would be nice too.
To compare the cycle length there is an extra statistic section. I want to add a graph there to make the fluctuations more clear.
Options / customizations is often the way the go
Cycle makes a ton of sense to me, because it is a cycle.
The issue of lack of exact ability to predict will be an issue no matter what, because the whole point of this app is to help you predict when your next period will start. It doesn't matter if that's displayed as a countdown, or as a calendar, or what.
But perhaps one way to alleviate the "5 minutes to midnight" issue is to have the entire section between, say, 9 and 12 be the potential start of the period, with a less-certain color at the start and a more certain color by 12. For people with a lazier period, the "maybe it will start here" section could be wider, and for people who are super regular it could just clearly show it starting at 12.
For comparing between cycles, it looks like there's a very clear statistics tab with that info.
The comments on this post are interesting:
1. Some insist that the source code be made public.
2. Some insist that there be no in-app purchases.
3. Some insist that there be no analytics whatsoever.
Each of the above has some legitimate reason. However, do privacy-focused apps need to play by different set of rules?
If so, what special monetization models would make sense to folks on here? #AskingForAFriend
- Patreon if what you're doing lends itself to regular updates - PayPal or other payment processor if your project could use donations - Subscription based Server As A Service for things that need data syncing between multiple platforms (eg: the public/client parts can be Free Software, the server part just exposes an API, and you make it clear what data is transmitted to the server remaining solely on the user's device) - Consultancy to assist with installation/training if your product is complex
Menstruation consultant
Probably some sort of donation model that would result in a coffees worth of money for a 100 hours of work.
I think this will be the model case for future historians to study software market in our pathetic times.
Period tracker app is something a programming student can do. (Maybe with some questionable choices resulting in potential data loss, but this can be fixed.) You don't need a degree to make basic cycle prediction, and you can't reason about anything else without real medical knowledge. So this is something that can be done once in open source, and put onto F-Droid for everyone to use (and, of course, it already has such apps). Something as simple as calculator does not need “cloud account”, nor internet connection at all.
But how are we going to make money on that? How do we grab data that can be sold from users?
So the snake oil festival starts. From cute backgrounds to “AI advice”, lots of nonsense gets invented to grab and hold user attention, and hordes of paid biological word generators pretend that they have never felt “safe” before using “this app”. Many choose to directly ask for sex and pregnancy planning data to be sure they are the first who can sell it. Everything is done to smoke-screen the fact that users are only needed to input as much data into the machine as possible.
“Privacy focused” is just one of such fake labels. It means “we will try hard to protect any data we can sell from other bastards who want to do the same”.
Needless to say, little data brokers just follow the example of platform owners who run the circus, and dream to become data mafia kingpins one day. They benefit from each other, so you won't find simple apps with no strings attached being recommended by the app stores, because they are Bad for Business™.
As for third party “analytic solutions”, in simple terms, you simply let them collect some data on your users to get some charts and generally useless information (useful information costs money — sometimes a lot of money; each time Google or Apple decide whether they should do X or not, it costs Facebook a large sum, and new agreements behind closed doors).
I don't know, I think shotgun-style generalized criticism that doesn't always apply (or 'applies' but comes from a place of 'everything-should-be-free-entitlement' which is toxic to indie creators) is pretty standard fare for Show HNs. Not good, to be sure! But to be expected haha :)
I don’t have experience with the Android App Store, but normal subscriptions/IAP/initial purchase on iOS would protect the user info during purchases.
Apple tells you nothing about the user. You can choose to give them a UUID that they’ll echo back when you query their API about the subscription/transaction, but that’s up to you.
Apple will not give a name, email, Apple ID, phone number, location, or anything else.
See the data here: https://developer.apple.com/documentation/appstoreserverapi/...
I actually built a simple one (also for Android) as there wasn't anything easy out there.
One thing that my gf wanted as additional features was the possibility to also track mood (I let her choose among 5 ranges of emojis) and add tags to each day: for example she can create a tag "pains" and set if she had cramps a day or not. All that can be expected to csv/xslx for her own analysis.
If you add these features, I'll recommend this app to her instead :)
Also my app has a minimum SDK 20, so it works with her ancient phone.
My app needs a minimum sdk 19. So at least that would fit. But to be honest: I don't think I'll add those features in the near future. The mood tracking is already on the feature list. But the one with the tags.... I write it down to evaluate it. Also you can export the data - but that will result in a json file - not a csv
Is your app open source? Could really use something like this and only need something simple. To me the most important feature is open source (for privacy and longevity).
That sound a lot of Pixels[1] but with first-class menstruation tracking?
Great work and not to hijack – are there catalogs of “privacy focused” apps that don’t collect data or make remote requests? I would love a “ Kosher” badge like OU that tells me it’s a simple app (like yours) that provides utility without snooping
Using resources like F-Droid can help you find open source apps, which generally speaking, are very privacy friendly. I believe admittance into the default F-Droid repo doesn't allow trackers at all. Certain alternative front ends to the F-Droid repos, like Neo Store, can display privacy "scores" for individual apps.
There's also many groups that produce privacy-friendly apps, such as SECUSO[0] and Fossify[1]
[0]: https://github.com/SecUSo [1]: https://github.com/FossifyOrg
Great starting point thanks !
Shout out to secuso! Their apps might not be the prettiest but they absolutely work and they work well. Very useful
Are the use cases for period tracking: 1. helps planning (e.g. same way a weather app helps decision making around when to do / not do various activities), and 2. improves accuracy of estimating whether conception may have occurred (vs not tracking).
Are these correct; are there others?
Use cases: health indicators, avoiding conception, achieving conception, and accurate pregnancy dating.
A well developed period tracking system with a long history is the Creighton Method. Briefly, individuals are trained person-to-person to collect consistent, reliable repeatable data. This can be compared between users, and has many uses. However, the data collection is inconvenient or in some cases impossible, and they will only train married women.
and they will only train married women.
Who is 'they'? I'm going to have to dive into google aren't I?
Edit: Ok. Returned from rabbit hole. They = religious types who have thoughts about conception and contraception.
If you’re regular and become irregular, it’s often a sign that something is off, or if you’re into middle age, that your body’s hormone balance is changing. In either case it’s something to pay attention to and maybe mention to your doc next time you see them.
Is it US specific? I got "Not Found" error when I clicked on the link.
Dev's website is in German, so I'm guessing it's not US specific
Works in the UK
Just switched from Clue, thank you so much for creating this :) I love the simplicity and export feature
Thanks - that was my previous app too ;)
As a counterpoint to the sibling commenter, who seems intent on being negative: good job, I hope that the app is useful for plenty of folks!
Isn’t this feature built into the HealthKit stuff in iOS?
Just to be pedantic about it, the app is just called health or Apple Health. HealthKit is the SDK that allows other developers to interface with the Apple Health App.
But yeah, it’s available in Apple health, which may be a reason why this is an Android App on Google Play.
That's awesome, thank you! So many of the existing women's health related apps are creepy like that (cloud).
Thanks!
This is cool, I always thought ovuview was a little too public, with its notifications. Are you planning on features that track likely ovulation time for fertility purposes?
I'm not planning on that at the moment. The next feature is a graphical representation of the period duration. But I added this on my list
I'll check this out! The Fitbit tracker I use is routinely off on cycle start/end notifications, even though I'm on a 21/7 birth control cycle. I have to edit the "smart" cycle predictions every few months when they start diverging.
Also: fitbit is owned by Google, if I'm not mistaken, so privacy is an afterthought at best.
Congrats! Adding 2 cents here: my wife only used a menstruation tracker when we were trying to conceive. Having the app predict/notify the ovulation day was useful.
The opposite can also be true - at least for knowing the relative risk of getting her pregnant.
This is neat. I'm going to try this out. I have to admit though I do cloud sync on my existing app because it's convenient in case I switch devices. I favor convenience over privacy in this case. Do you have a system for when switching devices or is it just as simple as copying the backup data into the new device?
Yes, you can export and import the data in the app
For me, a simple calendar is enough where I can add a few notes if necessary.
Sounds like paper would suffice. The risk of data leaking via the cloud is near zero.
How is this comment helpful? Obviously the developer created the app because there was also a benefit of it being on their phone, but that hardly seems necessary to spell out.
I love this! I created a digital watch that also tracks your cycle with no app (Immi Watch) - basically, we added extra screens that tell you key info about your cycle (what day you're on, when your next period is due to start, avg cycle length). I had really similar pain points to you, just wanted something simple and private. We're actually now doing a desktop version of what you've done! Would be amazing to connect, I love that there's more innovations in this space to meet different women's preferences :)
Nice to hear - I googled your watch and wrote you a DM on instagram
Lady Log sounds more like a poop tracker, but I only say that because I'm a shitposter.
Rock on. I hope you make a smart menstural cup that does automatic logging and other measurements while maintaining privacy.
Log Lady would be better.
Yeah, lady log sounds like a different kind of log.
Excellent job. I'm a huge advocate of offline first, privacy forwards apps - consider open sourcing and making it fully offline.
Good, it's great to have alternativew in this space. My gf uses Drip [1] and it's a very good app for this, it allows to also track mood, sexual activity, aches, etc...
This looks great! I'm curious what your roadmap looks like too!
There are so many great ways to understand our fertility, not just our periods, by tracking things like cervical mucus and basal body temperature, which can not only help us get more reliable predictions about when bleeding will start (almost always the same number of days after ovulation, though the days between the start of bleeding and ovulation can vary a lot), but also have better data for health practitioners to sort out how our hormonal health is!
It's not necessarily easy to find practitioners who know how to interpret the data, but they're out there, and having a good way to collect it and share it with them is a key part of the process!
It would be awesome to have a temperature tracker here as well.
(Unfortunately, like most people here, I can’t actually speak to the experience using this app. Sorry.) That said I think you have a duplicated set of screenshots (maybe an old set?) that you might want to clean out.
It's really happy to see more female developers building apps for women. Hope for more apps in the future.
I think it's such a great name, simple and endearing. Thanks for sharing it I'll be sure to have a look.
this app make me think of my lady, it might be useful for her
I really like your on-device storage approach. I did something similar with an app for my smartwatch a few years ago to prompt/track my gym workouts. At the time and on the particular platform, other apps felt very spammy/scammy, and I just didn't care to go through the hassle of pushing/pulling my data with another application for what seemed like little to no value to me.
I haven't touched it in a while, but I've been thinking of a sync-to-another-device capability that I could then use with a locally-running AI instance to dig into. (Disclaimer: this is purely exploratory on my part; I'm sure someone will say 'why not do so-and-so'). As always, your mileage may vary. :-)
When I was on Android I looked for a period-tracking app but could only find cloud-based ones, so I didn't track my period for many years. Appreciate you.
If you want to avoid Google, F-Droid also has options: https://search.f-droid.org/?q=period
Are you male or female?
Very good! These apps are really valuable in a world where many of these apps get really bloated
Great work! I've been following Benedicte Raae [1] for a while, who built an end-to-end encrypted period tracking web app [2].
Also agree with other voices here: open-source (or at least open distribution via f-droid) would help building trust in the product.
For anyone on iOS, there is a cycle tracker built into the Apple Health app, so no third party app needed.
Great work!
Noone's asked yet? What was your dev stack?
Very cool, I tried to find good software foe this a few years prior when my girlfriend asked me about these menstrual tracking android apps and there was a distinct lack of good options, woth clear information on how private data was handled — most software looked actively shady.
I am going to check it out.
Ah that's great, because that's a category of apps that's not doing great in terms of privacy: https://foundation.mozilla.org/en/privacynotincluded/categor...
(And unfortunately this is also fairly sensitive data in some regions...)
My girlfriend thanks you!
I just use a calendar with a code word. Nobody but me needs to know what it means and I don’t have to use a 3rd-party app.
Planned Parenthood produces one too
https://www.plannedparenthooddirect.org/spot-on-period-track...
one of the hypotheses regarding the Ishango Bone* is that it might have been a 20'000 year old tracker (physical notches being fairly private as records go)
The in-app purchases are a dealbreaker. Not only is there no reason for it, but it necessitates the integration of Google Play Services.
If the goal was to be privacy-centric, it already fails at that for this alone.
And if the goal was to profit off of women's need for privacy-centric period tracking, then there is absolutely no reason not to find a proper FOSS alternative that cares about its users more than making passive income for the developer.
An in-app purchase is an automatic dealbreaker? Doesn’t that depend on what it actually is?
It could be an in-app purchase for themes or something like that. It can be a “thanks for supporting the app” cosmetic badge, completely optional, just there to buy a coffee for the author. But you’re dealbreaking it before you even see it?
In-app purchase != data collection
Also, regarding FOSS alternatives, you should know that FOSS does not mean “free from payment.” It technically doesn’t even mean “free from data collection.” It just means that the source code is available under a free and open source license. FOSS isn’t necessarily “free as in beer” and the FSF explicitly defines it that way. It’s more important that you’re offered the freedoms of the open source license and ability to get the source code. Whether or not you pay is a separate issue entirely.
it is the moment google allows you to target who have spend on that app.
but yeah, you already have:
- system apps for play service which run all the time and can access all apps' storage.
- all apps can ask the OS for a list of other installed/recently open apps. whats app request that list every minute.
- etc. not going to list all the crap you can use to target individuals on apple and android. there's plenty.
my point is, in the end. apps with purchase option are the least worse from the official stores. chill.
Are you responding to the right comment? What you’re saying seems completely unrelated to what I was responding to RIMR about.
If your issue with this app being posted to HN is the mere existence of the app on the Play Store (including all of the store and the OS’ existing flaws), I don’t see how that’s supposed to be a constructive or useful discussion relevant to this app.
They are responding to the part of your comment that says
Hardly unrelated
Don’t tell someone to chill just because they take an opposing viewpoint. It’s disingenuous and attempts to paint them as emotional and irrational.
REALLY? That was blocked on iOS like a decade ago.
Damn, that's quite the lecture. Where did GP say that FOSS means free of payment? I only see criticism of the payment method (along with justification), not the need for payment. There are other ways of collecting payment than using Google Play Services. Plenty of apps that are open source are not free-as-in-beer (as you pointed out). OP could keep a Play Store version with in-app payments for users who don't care, but also release an F-Droid open source version that takes payments through Stripe or some other alternative. This would be approximately 10x better anyway due to "commission."
It's unfair to expect someone to work for free. In-app purchases are a common and reasonable way for programmers to sustain themselves while providing a valuable service to users. After all, programmers, like everyone else, need to make a living.
GP did not say they expecting someone to work for free. They took issue with the payment method and explained why.
If the app required payment by giving your name, address, credit card, and more to "Jimmy" (some person you don't know and don't trust) who will be contacting you to collect, and somebody said "I don't know Jimmy and I don't really trust this. I'd prefer to use a trusted method of payment" would you reply, "You just don't want people to make a living!" I would really hope not.
It turns out "I want privacy first and open source" is still a dog whistle for "I don't want to pay for anything".
OP seems to embrace Google Analytics, as stated on their own site.[1] So, you might be barking up the wrong "if you want true privacy, avoid Google" tree, here, sadly.
(I agree with you but OP probably thinks/feels differently about Google - itself.)
[1] - https://www.siekmoeller.com/ladylog/impressum.html
I use GA only for the homepage not the app itself
Fathom Analytics offers a straightforward, privacy-focused alternative to Google Analytics.
Unlike Google, which collects extensive data to build detailed user profiles (read the link for details), Fathom uses a variety of techniques such as hashing to anonymize data, ensuring it cannot be traced back to individuals.
Their approach complies with major privacy laws like GDPR and CCPA, removing the need for intrusive cookie consents.
Plus, with Fathom, you get essential analytics in a simple, user-friendly format, making it a smart choice for sole-developer sensitive health-related applications.
https://usefathom.com/why-fathom-analytics/privacy-focused-w...
Or check the plethora of great GA alternatives like:
Plausible
Piwik Pro
Simple Analytics
Wide Angle Analytics
Pirsch
Umami
etc.
https://european-alternatives.eu/category/web-analytics-serv...
For a solo dev that would rather spend time on other things, who prioritizes ease of use and minimal setup, Fathom might be the better choice.
If they value transparency in how tools work and possibly require some customization, Plausible’s open-source platform could be more suitable. Both offer strong privacy practices.
Each of the others you list also offer flavor variety: Piwik Pro for comprehensive, regulation-compliant analytics; Simple Analytics and Wide Angle Analytics for straightforward, cookie-free tracking; Pirsch for performance-sensitive server-side implementations; and Umami for developers who prefer open-source solutions with full control over their data.
Rather than going into depth on all that, we've found recommending Fathom is the simplest thing that can possibly work for someone just getting visitor and campaign info off their web home page, very fire and forget, read the weekly emails.
If that's ever not enough, the others do have their places.
(I am a maker of Wide Angle Analytics)
Wide Angle is cheaper and grows with your needs.
You can start simple, and then dive deeper. Additionally, we support consent-based tracking and optional Personal Data processing for those who require more in-depth data.
But nothing stops you collecting just clicks/views/sources/campaigns with no set-up beyond dropping in a small script. No cookie banner required by default.
And yes, I am biased. :)
I’m a plausible fan. Very simple and affordable. Privacy friendly
Is this an ad? It reads like an ad.
It's a product with a high NPS, meaning, people who choose it for use cases are likely to "ad"-vocate for it for those use cases.
I wasn't aware they made their NPS public.
In-app purchases: You can buy another theme if you want. There is no need to do that - the whole functionality is available anyway. I thought it would be nice to at least have the opportunity to make some money from it...
I haven't thought about open-sourcing it... Maybe I'll think about it...
Making additional themes be in-app purchases seems like a reasonable way of funding the project. You might want to specifically say in the app description in the store what the in-app purchases are. I was kind of suspicious until I saw this explanation.
"Free on F-Droid, $3 on the Play Store" is another approach I've seen (e.g., Conversations and DAV5x).
Good point - I changed the description!
You can always pop it on GitHub with no license. You retain copyright, nobody can do anything with it. Would enable users to report bugs there in the Issues area, or you could make a basic GitHub Pages site, or there's a wiki or discussion forum.
If you did add a license, users could submit PRs of bug fixes or new features. If you don't have a lot of users it probably would get very little traffic and so not become burdensome. (And you can always ignore it... Not ideal, but life comes first)
If you care about privacy and want to have some fun with the license idea, you can add an Ethical Source license, so anyone who uses your code has to comply with a code of ethics. (https://ethicalsource.dev/licenses/) Maybe a license that says you cannot use this if you actively work against women's reproductive health/freedoms?
Nothing wrong with wanting to make some money. Especially with something like additional themes.
Please just don't hide existing/important features :).
What's the status of trustworthy reproducible build systems for deploying open source code to apps on Android?
well, zero. just like apple. since there's no convenient way for the user the validate anything they are installing other than "the app store said so"
This is a response to a question of Google Play’s reproducibility which is moot because of the distribution mechanism. *Android* in general does have reproducibility especially from third party repos like F-droid.
correct.
sadly fdroid usage is close to zero. and even there verification requires adb hacks and very expert users, even for basic hash checking.
https://f-droid.org/docs/Reproducible_Builds/
I think Signal also does this for their Android app. I'm not sure of much else in this space.
Indeed, given the legal complications of reproductive health in some states, privacy would be at the top of my mind if considering to use an app like this.
Not sure why you're being down voted, this is a great point. And a depressing one.
Not a woman, so take this with a grain of salt.
A few years ago, I wouldn't have been very bothered by the privacy implications of an application like this, but for obvious reasons it's become much more prudent to consider them. Were I a woman I'd be deeply troubled to use an application like this, no matter how good, without some kind of ironclad proof of a privacy respecting codebase. Imagine logging patterns indicative of a pregnancy followed by an abortion, and then imagine selling this data to Texan bounty hunters[0] or any other nefarious actor in your jurisdiction. The stakes have become too unacceptably high to use an application like this without knowing with perfect certainty that it is safe to use.
Which isn't to cast any aspersions on OP for developing it. But the game has suddenly become very dangerous, and despite their reassurances, this is in fact a weapon of potentially lethal consequence.
[0] https://www.villanovalawreview.com/post/2229
Exactly. A few years ago I would have thought that this kind of take was absurdly paranoid... but here we are.