return to table of content

Mobifree – An open-source mobile ecosystem

nh2
71 replies
1d2h

F-Droid still has some big tasks in order to be useable for the general public, when comparing it with e.g. Google Play Store.

For example, if you search it for "browser", Firefox will not show up because

A) It's called Fennec

B) The F-Droid search seems to be exact infix search, and Fennec's title is "Fennec F-Droid -- Browse the web", in which "Browser" does not appear, only "browse". So it doesn't find it.

In general, the search has no clue what a "browser" is, and cannot use it for ranking, so in practice you need to scroll a lot in F-Droid until you find what you seek.

janosdebugs
52 replies
1d2h

I think policies[1] are blocking F-Droid more than anything from being a viable alternative. A bank will likely never release their app as open source, nor will any of the big authentication vendors. This means that you cannot completely replace the Google Play Store with F-Droid if you have to use any of these, you can only use it as an additional store, at which point many won't be bothered.

[1]: https://f-droid.org/en/docs/Inclusion_Policy/

jraph
23 replies
1d2h

It's also its strength and raison d'etre. What use is F-droid if it starts including proprietary software?

janosdebugs
20 replies
1d2h

No tracking? Providing an alternative? Not strengthening the Google-Apple duopoly on the mobile phone market? I was looking at it as a platform to publish an app on, which the open source requirement stopped dead in its tracks. I didn't have a viable open source business model for it at this time because it was a straight "customer pays money, gets software" deal with no tracking or other nonsense.

As-is, F-Droid will not be an _alternative_, it can, at most, be an extension to the Play Store.

jraph
15 replies
1d1h

I won't trust no tracking if it's non free.

I know I will sound extreme (although I think it shouldn't be the case in among developers) and no offense, but this sounds like a happy outcome to me. I believe proprietary software to be unethical. I'm not interested in being proposed non free software. The software industry should figure it out and start respecting its users.

However software funding is a real concern and I do believe there's room for some set of builtin solutions allowing free software funding beyond a donate link.

There are many ways to fund free software. I'm not saying it's easy but there are many open source businesses now and as a developer I decided to join one of them.

Support, consulting and paid (but still open source) paid features are some options. I don't think anybody would remove a license check in an app sent to f-droid if it's free software.

Now, I genuinely thank you for having considered an alternative to Google for distributing your software.

I know it's hard to build stuff and bootstrap it. I'm with you on this.

In f-droid, you can still add third party repositories and I heard it's getting easier for users. Not sure it is easy enough.

Now I'm totally aware only free software doesn't cut it for most people yet, and fdroid will not suffice. Most people will do with the play store, but some will use fdroid as a store of "trusty" apps and resort to the play store if really needed. I know people doing this.

janosdebugs
10 replies
1d1h

In this case the software in question was a game. I have not seen any visble business models for truly open source games under the acceptable licenses for F-Droid. There are source-available games, but that would not be enough in this case.

I think the main issue may be how much up-front investment games need that would never be recouped with an open source license, but I'd love to be shown an example to the contrary.

jraph
4 replies
1d1h

Game is its own thing indeed and I'll admit that first, I don't play much, and second, never even started thinking about business models for open source games.

Maybe you could license the data for a fee and have the code as open source?

Of course this is low effort and you know way better than me.

janosdebugs
3 replies
1d

I've done a fair bit of open source work, but the best I could come up with for games is "source available" where you can get the code to recompile for yourself or mod it. (My wife and I put up the source code of our first game as a DLC on Steam as an experiment.)

Re only code: Game engines often tie code and data together and the code without the data won't even compile in many cases, or you won't be able to produce a new dataset because documenting the required settings is a monumental task.

Finally, there is no real benefit to open sourcing a game if you want to make money. There is no complementary product or service you can sell with it. Reviewing and incorporating community fixes requires work and potentially legal review as not everyone in the modding community is also necessarily well versed in IP law. All these things need funding which is not a given if the game is open source in any meaningful way. If a game is truly open source, a less than ethical company with a bunch of cheap labor can go and undercut you, so there is an incentive to make creating an alternative build as hard as possible, defeating the entire idea of open source.

I would like to be able to release on an alternative storefront so people who want to degoogle their phones, but F-Droid's policies (most known alternative) make that impossible. (To be clear, it's a perfectly legit choice, I just wish there was a meaningful alternative to Google.)

jraph
2 replies
1d

(Not commenting most of your comment, I assumed a clear data and code separation because that's typically what doom does, but that's very old and I'm utterly incompetent in this domain)

Finally, there is no real benefit to open sourcing a game if you want to make money.

the same thing can be said for pretty much all software (although it's not always actually true, sometimes open source is a selling point and/or have specific strengths beyond ethics)

a less than ethical company with a bunch of cheap labor can go and undercut you

Isn't the data which is the most costly part in developing a game? Of course I realize you stated that separating the data is not practical.

I would like to be able to release on an alternative storefront so people who want to degoogle their phones

Still 100% with you on this. Also degoogled with some proprietary software is still a step in the right direction

janosdebugs
1 replies
23h22m

I wish that transparency and security were a selling point in gaming, but to me it doesn't seem like it. People will install all kinds of stuff and give them administrator permissions without a second thought. Anti-cheat eating itself into the kernel seems to be perfectly normal for most people. It's an entertainment product and people don't want to be inconvenienced for the most part.

Regarding the development costs, I'm not exactly an expert and I have never worked in a game studio (apart from the company my wife and I are running), but let's take StarCraft 2 for example. If you were to have the engine, but not the art, you could likely easily develop a very capable multiplayer RTS game. Heroes of the Storm was developed out of a StarCraft 2 mod[1]. As another example, Stormgate[2], made by ex Blizzard devs, is getting a whole lot of press coverage for their netcode. It stands to reason that a good engine and netcode are very real competitive advantages in the RTS space. Other game types, such as a walking sim or an adventure game will have a lot less "secret sauce" in the code and more in the art, voice acting, etc. (The Invincible[3] is great in this area) so the code/data split would likely heavily depend on the type of game. (Games can also become very messy between art, visual scripting, engine settings and code, which is what makes releasing the code separately tricky.)

My wife and I are (slowly, next to the day job) working on a Python programming/learning game and hopefully we'll manage to make a clean split between the engine and the art because it would be important for modding. However, I wouldn't feel comfortable releasing it under an open source license because it would cut off a potential source of revenue to license it to educators wanting to make their own challenges and courses. Maybe later we'll figure out that the base game makes enough money and it doesn't matter anymore, but it's really hard to predict success. As a game dev I would really like to make it possible, for example, for game archivists to do their work legally, for people to legally backup and rebuild their games for newer operating systems, or for their kids to be able to inherit their games[4], but carving out specific exceptions, especially for unknown future use cases 10-20 years down the line is exceptionally hard and I'm also not a lawyer, so for desktop the Steam Subscriber Agreement is governing our PC releases for now.

[1]: https://starcraft.fandom.com/wiki/Heroes_of_the_Storm

[2]: https://www.pcgamer.com/an-upcoming-rts-will-incorporate-the...

[3]: https://store.steampowered.com/app/731040/The_Invincible/

[4]: https://arstechnica.com/gaming/2024/05/after-you-die-your-st...

jraph
0 replies
21h54m

I appreciate the thoughts you put into this, and thanks for sharing.

xigoi
3 replies
1d

Why would a game need to be a business?

jraph
2 replies
1d

Because it takes time and quite some work to build one and there's nothing wrong wanting to live from it.

xigoi
1 replies
1d

Sure, but nobody is forcing you to publish on F-Droid.

jraph
0 replies
21h49m

I'm not sure what you are arguing for or against. I think janosdebugs made it quite clear what they are trying to do.

You do realize that many apps on F-Droid are developed by businesses? OSMAnd, Fennec, Jitsi Meet, Element, Telegram being big examples. We also had the Simple family of apps for a while.

onli
0 replies
11h48m

Shattered Pixels is one example of a game with a commercial side that is published on f-droid.

yencabulator
3 replies
19h51m

I won't trust no tracking if it's non free.

Meanwhile, lots of non-mobile free software includes tracking (telemetry) these days. The cynic in me has had to switch to

I won't trust no tracking if it's not enforced by a security boundary.

jraph
2 replies
12h39m

Which free software does this without asking / telling the user? Especially free software that tells you no tracking?

But yes, free software is not a guarantee against tracking. It only allows auditing and be modified.

yencabulator
1 replies
3h38m
jraph
0 replies
2h37m

VSCode is proprietary.

That's why the difference between Codium and VSCode matters. Actually, IIRC the code from the ms repo does not do telemetry, they add it to the binary they distribute.

mid-kid
2 replies
1d1h

I mean, f-droid allows adding custom repositories that don't follow the main one's rules. There's a decent amount of apps that do this for one reason or another. Other apps, like for example OSMAnd, have a special f-droid build with google services removed, leading to the lack of some features like android auto support.

The client doesn't support any form of purchases and I don't think it ever will. I think you'd be best served using any of the other stores that support this or hosting it on your own website.

jraph
1 replies
1d1h

I don't see why fdroid would never provide a payment feature. At least for ethical reasons. Fdroid focuses on free software (and is also concerned with privacy and other features). Free software does not need to be gratis. As long as the payment code is open source. At worst it would be a NonFreeNet anti feature. Could be mitigated by supporting several payment platform.

Of course it could be hard to set up in practice.

mid-kid
0 replies
4h25m

You're right, but I don't think there's any incentive to do it. They pride themselves on having no tracking or otherwise user information (not even app popularity statistics), and adding any form of payment would require managing user accounts or coming up with impractical multi-device proof-of-purchase sharing solutions.

It's also worth mentioning that since everything on the store would still remain free software, making it legal to share purchased copies, people seeking to use it as a business model (like the parent post) would generally be ill-served.

lern_too_spel
0 replies
1d1h

That's what this article is about. Building a federated platform for distributing any type of mobile app, open source or not.

ericjmorey
0 replies
1d2h

An alternative for app distribution outside of Google Play Store.

Ajedi32
0 replies
23h48m

Yeah personally that's what I love most about F-Droid. There's not a very wide selection of applications there, but if you can find an app that does what you want you're almost guaranteed that it'll be open source and free of ads, tracking, and other annoyances.

t0bia_s
13 replies
1d1h

I'm not using Google play or any other services on android over 6 years now. You don't need banking apps for making transactions.

janosdebugs
12 replies
1d

I live in an EU country and I, in fact, cannot use online banking without a Google-enabled Android or an iPhone. There is exactly one bank that offers a desktop authenticator, but we had a really bad experience with them when we tried them for a year.

t0bia_s
5 replies
1d

MicroG could work, but I never used banking app, so I cannot verify it. Adopt paying by other, more secure and private friendly ways.

janosdebugs
4 replies
23h52m

What payment method would you recommend for paying mortgages, utility bills, and company expenses?

rakoo
3 replies
21h17m

You said you're in the EU right ? SEPA works. The only moment I need to confirm identity with my bank is when I buy frivolities, not for my bills.

janosdebugs
2 replies
21h9m

Here's the problem: I can do a SEPA transaction using online banking (with a Google-enabled phone) or by walking to my bank personally.

rakoo
1 replies
18h54m

I might be lucky enough to have online banking work with sms and a pre-shared secret. My bank (also in the EU) didn't tell me I could do it automatically, they only mentioned it when I told them I lost my phone (it was true) and that I didn't know when I could buy a new one. Maybe it'll work with yours ?

janosdebugs
0 replies
12h33m

No, ever since PSD2 came into effect, banks here refuse to do SMS-based verification and have switched to apps. They also don't support hardware authenticators for consumers. I asked.

nh2
2 replies
19h6m

I have accounts at 1 Swiss bank, 2 German banks, and 2 UK banks. None of them require an app for any functionality.

You can get a little hardware thing to generate their OTP codes, as an alternative to apps.

hedora
1 replies
13h3m

The hardware dongle sounds like it might be TOTP. There are plenty of clients for that for laptops and phones, assuming you can enroll your own secret.

1oooqooq
0 replies
4h48m

likely, but it's a custom time based token from RSA that you definitely will never get the keys out. so the implementation doesn't matter much.

whatjadat2
1 replies
10h13m

I live in a EU country as well, Netherlands to be exact. Never had an issue with any bank. What are you talking about?

1oooqooq
0 replies
4h46m

Netherlands today is more like the USA. anything it can fight the EU it will. it's the reason it's the new silicon valley with all tax dodging companies moving there.

1oooqooq
0 replies
4h51m

and it's not going to improve. second factor auth in Europe now legally means "second factor auth via means the gov can positively link your Identity".

for anything EU or eu commission, you must either have an app in stock OS smartphone, or receive a sms on a network they can validate sim is attached to a tax id, or nothing else is allowed. totp et al is legally verboten.

mid-kid
7 replies
1d1h

I'm not entirely sure why this is a problem. Nothing's stopping you from using f-droid as an app source as well as some other store - it doesn't need to cover every use case. It's already a viable alternative for apps which can't go on the Play Store due to Google's policies, like AdAway, NewPipe and Termux.

The fact there's no freedom respecting bank applications is a problem on its own, though. I will continue avoiding them until there is...

Dalewyn
6 replies
13h30m

Google Play Store is, at worst, Good Enough(tm) for the vast majority of people.

If F-Droid wants to compete, they need to be better than Good Enough(tm) and that requires being on par with what Google Play Store has to offer which includes programs that vendors will happily refuse to open the source code to.

hedora
5 replies
13h11m

I’ve never been able to discover decent apps on the Google Play Store. I’m continually surprised how bad its search functionality is.

Usually, I start with f-droid (to avoid spy/adware), then go straight to ddg or kagi.

yashasolutions
4 replies
9h33m

Just to add, F-Droid is not a guarantee against adware. There are definitely adware apps (and by extension, maybe even spyware) on F-Droid.

ycombinator_acc
2 replies
4h25m

I'd never use F-Droid due to how insecure it is. They still modify all app signatures, so you can't even verify what you're installing is authentic.

mid-kid
1 replies
4h5m

"insecure" is a strong word that shouldn't be used willy-nilly like that. F-Droid recompiles all of its applications to ensure that everything in them is free software, and that the source code provided by the upstream is actually what is in the released binary. To this end, they produce reproducible builds, allowing anyone to rebuild the sources locally and verify that they match.

surajrmal
0 replies
2h3m

Which is also how most Linux distros work. So if you use Linux to install software via it's package manager, you already participate in this model. It moves trust to the package repo rather than the app developer.

repelsteeltje
2 replies
1d1h

A bank will likely never release their app as open source, nor will any of the big authentication vendors.

I suppose you're right and I think it's worrying that precisely these kinds of organizations still seem to rely on security through obscurity (to some extent, not solely).

snvzz
0 replies
10h19m

I'll go further and say that a bank should be required by law to implement and enable access to open banking APIs.

As well as not require, under any circumstances, an account holder to install a proprietary application in order to use the bank.

ajsnigrutin
0 replies
4h45m

Not just obscurity, but also requiring you to have a mobile phone, with software made by two spcific companies, (for us europeans) both foreign, and in some cases, not even allow you to have the phone rooted.

I miss the time of totp dongles.

burningChrome
2 replies
21h3m

I used Graphene OS on a Pixel 4 for a few years and loved it. I feel like I'm a total minority user who doesn't attach themselves to specific apps so not having Firefox available wasn't really a huge thing for me. There were several apps I did have to have, but they were all available through the F-Droid store.

Graphene was easy for me but like you pointed out, many will not use it because it doesn't have exactly what they use/need. To some degree this inflexibility reminds me of people not switching to the Windows Phone platform for the same reason - which is sad considering we only have two choices now because people wouldn't take the chance and Microsoft abandoned the OS before really giving it a good opportunity to thrive.

Kind of a sad state of affairs when people are totally comfortable handing over all their personal information to the likes of Apple, Samsung and Google.

Full disclosure: Yes, I'm a totally disgruntled former Windows phone user. Yes, there were a lot of factors that led to its demise, but I felt at the time we finally had an alternative to what we were being spoon fed in Apple and Google.

hedora
1 replies
13h6m

Windows Phone 8.0 was great, partially because of the OS, and partially because MS paid for ports of the top-N apps to it.

GrapheneOS didn’t work as a daily driver for me because I couldn’t reliably use it for uber, lyft, parking or ev charging. The camera support was missing some features.

Most of that is fixable by adding back the google services, but then you lose most of the privacy advantages of having a de-googled phone.

chappi42
0 replies
8h8m

A note regarding your last point:

  - Google Play is sandboxed [1], you have (important) privacy advantages
  - with a second account for banking apps (or in your example) uber, lyft, one can nicely separate "google-play-apps" from free apps, account switching is fast
[1]: https://grapheneos.org/usage#sandboxed-google-play

sanroot99
8 replies
1d2h

Use droidify a alternative fork of fdroid

rjzzleep
6 replies
1d2h

Droidify is so vastly superior it’s not even close. Fdroid still has the privileged extension whereas droidify and Neodroid can use Shizuku and other options.

I do think that droidify is an unfortunate naming choice though.

smusamashah
1 replies
1d

This still doesn't bring up Fennec if searched for 'browser'. Neo Store does.

RealStickman_
0 replies
4h36m

NeoStore can do that as well. It doesn't require root, it's simply an option.

snvzz
0 replies
10h17m

Fdroid still has the privileged extension whereas droidify and Neodroid can use Shizuku and other options.

What is all of this, care to elaborate?

A lot of actually uncommon knowledge is being assumed here.

LukeShu
0 replies
21h26m

Fdroid still has the privileged extension

Not on modern versions of Android.

SushiHippie
3 replies
23h33m

It's called Fennec because it is not from Mozilla and includes patches to removs propietary bits (which are not allowed on F-Droid).

https://gitlab.com/relan/fennecbuild

And fennec was the 'internal' name for firefox on android from mozilla.

mananaysiempre
1 replies
9h33m

because it is not from Mozilla and includes patches to remove propietary bits

More specifically, because Mozilla won’t allow you to do that and still call it Firefox. (Except if you’re Debian, apparently Debian now gets an unwritten free pass after they demonstrated their willingness to protest that with Iceweasel. And either F-Droid is not big enough for that, Mozilla is not the same as it was back then, or both.)

1oooqooq
0 replies
4h44m

fdroid have a non political policy. arch is the same. they won't even patch things nobody like (just document on the wiki and keep building upstream with the least amount of changes from the code repo. even if the upstream maintainers themselves dont build like that)

so, if firefox build builds as fenec by default, fennec it is.

rakoo
0 replies
22h26m

EDIT: I replied to the wrong message, sorry

squarefoot
1 replies
1d

The search for "browser" should have returned Mull, which is a privacy oriented deblobbed fork of Fennec.

1oooqooq
0 replies
4h40m

those projects drive me crazy by not having a change list on the readme

xnx
0 replies
1d2h

Fennec is missing out if it didn't write its store description to include these keywords.

izacus
0 replies
1d2h

That sounds like they don't even deploy something as basic as Solr to drive the search :/

handity
0 replies
23h15m

It's been brought up for some time, and kind of looks like one of those open-source situations where any progress that falls short of perfection is deemed not worth implementing. Just my interpretation though.

https://gitlab.com/fdroid/fdroidclient/-/issues/336

AndrewKemendo
12 replies
1d3h

At this point the access points and the global data and surveillance system is too complicated and interconnected to dis-intermediate the access point and the network itself

That is to say you cannot even connect to IP addresses unless you’re already part of the global whitelist for APs

Try yourself. Get a VPN and then connect from certain regions and to won’t get very far and you’ll be slooooow

You’ll say, oh, that’s because bad actors and are therefore blacklisted - and now you’re back to the same problem: their resource is being limited by some social structure that is by definition constrained

You cannot differentiate the broader system from the access point, so long as the system controls which access point access then it doesn’t matter what you do

The only solution is to build an entirely new Internet from scratch, not controlled by the people currently google, amazon, cloud flare, respective ISPs, Netflix, etc…

The Internet is 99% controlled by a small set of corporations that most people haven’t heard of

Just try launching a competitive DNS service and see how far you get

sneilan1
5 replies
1d2h

The Internet is 99% controlled by a small set of corporations that most people haven’t heard of

I would love to know more if you have time to elaborate.

codexb
3 replies
1d2h

See this post that talks about how hosting email yourself doesn't really work anymore, despite it being an open internet standard -- https://news.ycombinator.com/item?id=32715437

Not sure about people never hearing about them, but the internet is no longer a network of sparsely distributed connected machines hosting and consuming content as it was originally designed. The content is all hosted on very small set of networks controlled by just a few companies -- Amazon AWS, Google, MS Azure, etc. The consumers access the internet through clients that are also controlled by these companies, and so it's easy for them to exclude other networks and hosts even though the network specification is technically "open".

metalliqaz
2 replies
20h56m

personal email failed because email is a flawed system that was initially designed to work in a trusted environment free of bad actors

I'm as worried about massive platforms playing gatekeepers as much as the next guy, but it's also fairly clear to see that any service that isn't constantly moderated will be overcome with a flood of malicious crap. it practically guarantees closed platforms will proliferate

codexb
1 replies
12h36m

I generally agree with you, but there’s a difference between a closed platform, and a platform that prevents you from using any other platforms.

AndrewKemendo
0 replies
4h7m

Every platform that has an controlled access point, which to be clear is the entirety of the public DNS system, is by default a closed platform

There do not exist open HTTPS gateways for all of the major internet services such that anyone can connect - They’re *all* mediated by some access control gatekeeper, it’s like one of the core functions of the current Internet routing system is to not allow for infinite anonymous peers like you would see in TOR or other anonymized routing services

You can say that this should be the case or not but it’s just the facts

It’s precisely the same argument as: “We have plenty of water fountains, As long as you look white then you can use them all you want.”

AndrewKemendo
0 replies
22h6m

https://en.wikipedia.org/wiki/List_of_managed_DNS_providers

I'd venture that even most engineers wouldn't know these by name, which is my point. Not that it's secret, it's just that obscure and niche engineering that holds the internet together is barely understood by anyone not directly touching it (like most critical infrastructure)

For example this wasn't even a big story within tech: https://arstechnica.com/security/2024/05/dns-glitch-that-thr...

spacebanana7
2 replies
1d2h

It all depends what your privacy threat model is.

There are very few organisations capable of identifying the human user behind a Mullvad connection with a VM.

If you're worried about local law enforcement or advertisers it's probably enough.

sanroot99
0 replies
1d2h

Isp often sell data, ip can be deanonymized by buying data from different data brokers and triangulating the ip.

hughesjj
0 replies
1d2h

I'm more worried about future shakeouts and the end of anonymity, one ASN at a time.

We're currently relying on AS' who 'play ball' with anonymous users, but that's not a requirement for AS operators by any means.

Aurornis
2 replies
1d2h

That is to say you cannot even connect to IP addresses unless you’re already part of the global whitelist for APs

Try yourself. Get a VPN and then connect from certain regions and to won’t get very far and you’ll be slooooow

Connecting to a far away VPN doesn’t prove anything about a “global whitelist”

VPN addresses are commonly rate limited and block listed because they’re sources of abusive traffic and therefore trigger all of the common defense mechanisms.

Anyone who has run a forum or other service long enough knows that the spammers and the people trying to evade bans love their VPNs.

VPN services are also oversubscribed, leading to poor performance. Connecting to far away locations also causes throughput problems, especially if the country has poor internet infrastructure. Your connection has to round trip into and back out of that country to get to many services, meaning performance can be very poor.

Just try launching a competitive DNS service and see how far you get

You’ll probably get as far as realizing that it’s an extraordinarily expensive venture to operate with no possibility of income, at which point you’d shut it down unless your hobby is lighting money on fire. There isn’t a conspiracy in this.

immibis
0 replies
9h31m

That's what they said, yes. Only certain access points are whitelisted to access things. If you aren't using one then you're blacklisted. VPNs aren't one. You claim there isn't a global whitelist and then proceed to explain a global whitelist.

AndrewKemendo
0 replies
1d

I’m glad we agree so throughly though I’m not sure what you’re referencing with a conspiracy

jqpabc123
9 replies
1d3h

project works to give European citizens and organizations more choice

Ok but why the geographical restriction?

afavour
4 replies
1d3h

Because European governments are passing/have passed regulations forcing big tech companies to open up their platforms.

(it’s also taking funding from the EU, doesn’t necessarily mean they’re forced to cater only to EU citizens but the combination of these two factors means it makes sense to)

rs999gti
3 replies
1d2h

passed regulations forcing big tech companies

More Euro governance, bleh.

afavour
1 replies
1d2h

That's a pretty reductive take. Is the European Court of Human Rights "More Euro governance, bleh"?

its_ethan
0 replies
1d2h

I'm not gonna claim to know much at all about the ECHR, but this compliance graph from Wikipedia makes it look like a symbolic institution, but one that is largely ignored/ not really respected? Especially given that it's a declining trend, it seems like they may just be doing more and more political theater type stuff instead of "real" work. Anyway, it seems like it could somewhat reasonably fall under "governance bleh" depending on who you ask.

https://en.wikipedia.org/wiki/File:Compliance_with_all_compl...

palata
0 replies
1d2h

Have a look at what the Digital Markets Act is, before you judge.

wyldfire
1 replies
1d2h

It's not restricted, it's a reflection of who funded the effort.

The world can benefit from EU's investment here.

jqpabc123
0 replies
1d2h

So instead of

   "project works to give European citizens and organizations more choice"
it should more accurately say

   "project works to give *the world* more choice"

permanent
0 replies
1d3h

Perhaps because EU just passed a law for third party app stores?

_heimdall
0 replies
1d3h

Unless I've missed a very recent change, F-Droid isn't geographically restricted.

Much of the blog post focuses on the DMA and its impact on Europe. I think the phrase you keyed in on, and really the bulk of the post, is just a marketing push for the European market and a bit of SEO trying to get keywords and phrases in there.

flettcher
8 replies
1d3h

"This project has been made possible by funding from the European Commission's Next Generation Internet (NGI) initiative: www.ngi.eu"

nradov
7 replies
1d3h

EU funding is the kiss of death for technology initiatives. I can confidently predict that this will go nowhere.

nextos
2 replies
1d2h

Yeah, public grants in the EU never work very well. However, some of the consortia members have already delivered good software.

Personally, I think someone should have bought Jolla and open-sourced Sailfish and their Android VM. Perhaps turn it into a foundation, like Signal.

Muromec
1 replies
1d1h

consortia

Wait, there is more than one?

nextos
0 replies
5h45m

Yes, NGI is funding several similar efforts.

mitchitized
2 replies
1d2h

Why? Do they mandate process or procedure policies that kill productive organizations, or what? I'm genuinely curious.

nextos
1 replies
1d2h

I've been part of some large consortia. Generally, there is a ton of paperwork. Lots of project partners focus on filling in this paperwork to pretend they are doing something and pocket grant money. But, usually, nothing good is delivered, aside from some expensive DOCX. With that said, things are changing a bit and becoming a bit more efficient and dynamic.

fabrice_d
0 replies
1d1h

That was the case for big EU funded projects with lots of industrial + accademia participants. I worked at a place where we had people working full time on setting up proposals for these projects. This was a very political game (find partners in countries the EU wants to help this year!), and very low risk too for big partners. We were usually "selling" stuff that had been done already, and the new funding was used to work on new stuff. That meant we could always show successful projects, which in turn helped getting new funding - rinse and repeat.

NGI is different, they seem to focus more on funding individuals and open source projects with relatively small grants. This has good and bad sides of course - a more level playing field, but makes it still difficult for projects that require long term work.

rglullis
0 replies
1d2h

NLNet is an NGO and has been funding a lot of cool stuff.

wicket
6 replies
1d2h

It seems that Mobifree largely depends on the Android/AOSP ecosystem, which is controlled by Big Tech.

palata
5 replies
1d2h

But being open source means that one could fork AOSP. Also the Google proprietary stuff comes with the Play Services, not AOSP.

So AOSP is a lot better than the alternatives, I would say.

I have a different feeling about Chromium: it is open source, but through it Google gets to control the future of the Web. But Android is not a standard, it's "just" one OS, so changes made by Google in AOSP don't really impact, say, iOS.

wicket
2 replies
1d1h

Let me know when the efforts of Mobifree lead to something that will allow me to install mainline Linux.

palata
0 replies
20h1m

Try PostmarketOS?

j4hdufd8
0 replies
1d1h

There are already phones like that. Go for it.

realusername
1 replies
1d1h

But Android is not a standard, it's "just" one OS, so changes made by Google in AOSP don't really impact, say, iOS.

That's interesting because I personally do believe that Android is kind of the mobile standard, it has everything to be one, from the wide variety of devices to the certifications of conformity.

palata
0 replies
19h59m

Much less than Chromium, right? Almost all users run Chromium, whereas you can run iOS and it has nothing to do with the AOSP codebase.

ssivark
2 replies
1d2h

What about this website indicates low quality engineering?

jillesvangurp
0 replies
12h54m

I asked chat gpt to criticize a screenshot of this website. I wont paste the full response here, people can do this themselves. But very briefly, it had a lot to say about inconsistent spacing, typography, use of colors, images, etc.

In short, this is not a great website, to put it mildly. I'm not even close to being a good designer but I've seen good designers make a difference. And nobody that I would qualify as such was involved with this website. Tiny serif fonts, yellow on white CTA, etc. It all makes a bit of an amateurish impression. And that suggests the rest of the thing also might need a bit of work.

I glanced through both the article and the website and it seems all a bit waffly and aspirational at this point and raises more questions than it answers. A lot of good intentions, preaching the virtues of OSS, etc. But not a lot of actionable information for someone that might want to take the logical next step of getting this on their phone. The CTA just leads to a "free your phone" section without links or useful information. It suggest twelve organizations are involved (who?) and lists some shared values. That's it.

Not very encouraging.

bogwog
0 replies
1d

HN is mostly web developers I think, so they tend to look at everything through one particular lens

glenstein
1 replies
1d2h

I fully support the values being expressed put the ratio of talk to action on the website is not great.

It looks like a website from 2007 for a custom fork of a Ubuntu distribution.

Again, I think the initiative, the funding, the rollout of technologies is the important thing and I'm perfectly fine with there being an aspect of public communication that gives it the kind of visibility that bureaucrats need so that it matches their own personal mental model of what a project is. So I at the end of the day those things, rather than the website, are what's important, but I could have hoped for a better first impression for sure.

Apocryphon
0 replies
1d1h

There's something about the font that looks awful but having a 2007 look and feel is fine, in my opinion. There's something charmingly retro about the gradients and AJAX era of Web 2.0 before apps ate everything.

veqq
0 replies
1d2h

I agree. It's a far cry from the greats' HTML 2 comparability.

Grimeton
6 replies
1d3h

They don't explain how they fix even one of the problems they mention at the top. Maybe I'm missing something here but this is just pure marketing bleh.

afavour
1 replies
1d3h

It is marketing, yes. But it’s also announcing a brand new ecosystem that doesn’t exist yet so I’m not too surprised they don’t have in depth implementation details right now.

Marketing isn’t automatically evil. If you’re starting an open source project you want people to contribute to you’re going to want to market it.

hedora
0 replies
12h56m

I don’t think this ecosystem is new. Most of the projects they mention have been around 5+ years.

I think this is a new funding initiative though, and I wish them luck.

rc_mob
0 replies
1d3h

yes it had all the hallmarks of an seo campaign

glenstein
0 replies
1d2h

The first paragraph introduces the idea of a comprehensive initiative for an "all of the above" mobile ecosystem, listing out the key pieces of that ecosystem.

Then there's a lot of mission statement and vision statement type things that appear to be directed at a broad audience, But then specifically they say this:

F-Droid will play a major role in this project, tasked with creating a decentralized distribution system for developers to deliver apps to Android users.

It feels like that's kind of what F-droid does already (sans decentralization, unless we regard the capability of custom repos as adequate to the task).

So I get the vision, I get the idea of it being under the umbrella of some broader project that's about other aspects of the mobile ecosystem such as operating systems, cloud services, and so on. I'm not sure what's different but I welcome the spirit of the initiative and I suppose that's the important thing.

criddell
0 replies
1d2h

I believe F-Droid is operating under a series of grants totaling €4.4 million for the next two years. This release is probably directed at the various groups funding them.

I hope they succeed but I wish they were using something other than Android. A by-Europeans-for-Europeans project shouldn't be based on an American OS IMHO.

https://cordis.europa.eu/project/id/101135795

6510
0 replies
1d3h

I thought the same but eventually I recognized the sound of the government wheelworks of bureaucracy. The article simply explains a single thing elaborately.

butz
5 replies
1d2h

It would be great to have some basic, no nonsense Android applications, with least possible permissions possible and no internet connectivity. Some examples: SMS app, tasks, calculator, authenticator (2FA), weather, audio recorder, image/photo viewer, barcode/qr code scanner, calendar, file manager, music player, etc. Small app sizes, no Kotlin or support libraries. With very limited feature set, to keep maintenance efforts low.

lawgimenez
1 replies
1d1h

What’s wrong with Kotlin?

butz
0 replies
3h21m

I just noticed that apks built with Kotlin are a bit bigger than ones written in Java. Could be my own lack of knowledge, so I would be interested to read up on how to optimize Kotlin apks in size.

nani8ot
0 replies
21h9m

I just noticed your requirement for no Kotlin and libraries. I'm still posting this because they are otherwise pretty simple and solid apps.

Some examples available on F-Droid I've been using for a long time:

- Fossify Gallery

- Fossify Calendar

- Fossify File Manager

- Binary Eye supports reading/creating QR/bar codes and other formats

- Aegis Authenticator

- Fossify Audio Recorder

- Material Files supports SMB, FTP, WebDAV

Fossify is the continuation of Simple Mobile Tools, which sold out out [1]. They also have Phone, SMS, Clock, Audio Recorder apps, and more but I prefer the default GrapheneOS apps.

[1] https://github.com/SimpleMobileTools/General-Discussion/issu...

jwells89
0 replies
1d1h

One issue I’ve read that devs of good, no-nonsense, telemetry-free offline-only/first apps face on the Play Store is that they get review-bombed and reported by their less scrupulous counterparts to drive more users to their ad-filled, IAP-heavy, or borderline malicious apps.

This could be fixed pretty easily if Google took fraudulent reviews more seriously and their handling of reports were less automated and opaque, but they haven’t shown much interest in either.

dvngnt_
0 replies
22h21m

i feel like everything listed can be found on f-droid

porcoda
4 replies
1d2h

Basing something around a Google OS isn’t really an alternative to big tech. Given the reaction I’d expect if a Microsoft Open Source project was the basis of an “alternative to big tech”, I don’t see why something with a Google pedigree should be treated differently.

fisian
2 replies
1d2h

And listing microG as an opensource alternative to Google services is disingenuous. It still uses the same Google servers to make requests, just the client is open.

zaik
0 replies
1d

It seems like the user has a choice to configure microG to use different providers other than Google though.

nani8ot
0 replies
21h4m

It's not possible to do push notifications for proprietary apps without making some requests to Google. The location services of microG support other providers and don't use Google. microG even replaces the Google map some apps integrate with another provider, at least it did a few years ago.

meiraleal
0 replies
1d2h

Expecting Microsoft to create an alternative to big tech. Did I miss the /s ?

izacus
3 replies
1d2h

I can't figure out what "it" actually is. This blog post reads like something AI generated - what exactly are they talking about?

glenstein
2 replies
1d2h

Decentralized mobile app distribution for Android.

For my part I feel perfectly clear on what the "it" is but I'm a little unclear on how it's in a different from what F-Droid already does.

izacus
1 replies
1d2h

But if you open the linked page, it has bunch of projects that aren't app distribution - /e/OS, some 5G edge VPN thing, etc.

glenstein
0 replies
1d1h

Those are mentioned in the first paragraph. Those are under the umbrella of Mobifree.

The part about app distribution is specific to F-Droid.

beretguy
3 replies
12h54m

1. Is it only available for EU citizens?

2. They/somebody needs to make a good quality android/iOS alternative that is NOT based on android and is stupid simple to install on any android and/or develop good quality affordable (< $200) smartphones to run it (some should have 4 inch diagonal screens).

I tried kaios devices, I’ve got pine phone, i cannot afford anymore things like fair phone and the likes. If banks/parking meters/washing machines expect us to use smartphones somebody needs to provide us with a small, simple device that can do those things without spying on us, tracking us, selling our data, etc.

CJefferson
2 replies
12h46m

Why not based on android, out of interest? Basing on android gives you lots of driver support which would be very hard to recreate, and lots of open source apps immediately available.

RachelF
1 replies
9h8m

Large parts of Android (Google Play Services) are not open source.

aembleton
0 replies
8h47m

Develop your own replacement for those parts rather than create a whole new OS and drivers

bogwog
2 replies
1d

Three chat apps.

Why can't Quicksy's contact finding feature be added to Conversations instead of being a whole fork?

Delta chat I kind of get why it's a separate thing since it works differently, but it still seems counter productive to have so many chat apps.

zaik
0 replies
1d

Why can't Quicksy's contact finding feature be added to Conversations instead of being a whole fork?

Quickly is designed to have easy phone number registration and contact discovery like the currently popular walled garden chat apps. Conversations works with any XMPP address and you need to ask people for their chat address (like email).

joh6nn
0 replies
1d

Those aren't meant to be apps representative of the Mobifree "platform", those are existing projects that have agreed to partner with Mobifree towards a common goal. They're bulletpoints in thd same list as Murena the E Foundation.

As far as answering your actual question, you'd probably need to ask the project devs for Quicksy and Conversations?

wkat4242
1 replies
1d1h

Nice! I see MicroG is part of this initiative too: https://mobifree.org/

I hope it becomes a bit more mainstream now. Some custom roms like lineage are very hostile to it because they're afraid Google will do more against them if they include it. You can't even mention it in their community or you will get kicked. It's nothing nasty though, it's just a bare minimum implementation of google play services remade in open source, withholding as much information as possible and giving you the ability to fake things like device model and attestation "safetynet". Luckily there's a fork from the microg team https://lineage.microg.org/ . So this is what I normally use.

But it's a great middle-ground, you can still use google push and you replace all the other parts like the location DB with privacy-conscious alternatives (though with the abolition of mozilla's wifi location database this has become harder).

I'm not a fan of /e/ though, especially because of the name that makes it impossible to google anything. And they are often years behind in android versions.

RachelF
0 replies
9h9m

The main problem now with many custom ROMs is VoLTE support. Many countries are shutting down 3G networks, and many VoLTE solutions (for 4G and 5G voice) are not available in the open source ROMs.

udev4096
1 replies
1d1h

I wouldn't trust anything coming from /e/ because of their horrible track record. For instance, a few years back, their cloud storage had a bug which leaked private files to other storage accounts[0]

[0] https://community.e.foundation/t/service-announcement-26-may...

bogwog
0 replies
1d

That's terrifying

talldayo
0 replies
1d1h

People in hell want ice water.

dhosek
1 replies
1d2h

I’m just thinking that the name is an invitation for Big Entertainment (in particular, LucasFilm, owned by Disney) to sue for trademark infringement since they have a trademark on “droid” (I remember seeing billboards for Android phones sold under the name “droid” back around 2010ish that had footnotes acknowledging the trademark and the licensed use of the term).

ravenstine
0 replies
1d2h

Don't jynx it! ;)

It would not surprise me if Disney lawyers simply have never heard of F-Droid. Given that they were willing to go after the image of Spider-man on some deceased boy's grave stone, it would not surprise me if they at least demanded some disambiguating language from F-Droid, that is if they don't outright ask them to cease and desist. Hopefully they realize it isn't worth their time.

alabhyajindal
1 replies
1d2h

The Mobifree link in the article: https://mobifree.org

Looks sketchy to me.

Our values are different

Why?

Big Tech: bad for people and the environment

Bad for the environment how? Do they think if they operate at the same scale as big tech, they'll be able to do a better job of managing infrastructure?

prmoustache
0 replies
1d2h

Bad for the environment how?

I guess this relate to smartphones being out of support way too early.

reify
0 replies
1d1h

I fully support this work.

I actually use both Lineage and E/OS.

In my experience of installing E/OS on non tech savvy users phones, it takes just a short while for them to get the hang of it.

They of course still want some of the non private data collectors on their phones and thats OK.

I for one am convinvced that the more users we can encourage to move over to alternative android OS's the quicker the word will spread.

We must not forget that these poor people have been brainwashed into thinking there is only one way to access what they like to use and engage with online.

I usually set the E/OS app store to not use open source apps and install droidify to manage those.

It is of course very easy for us who have the knowledge, experience and the confidence to install new OS's on android, but we were once beginners, everyone is.

Its easy for us to know the difference between Fennec and Firefox.

However, Its like me asking you to tell me the difference between the Freudian psychoanalysis and Lacanian psychoanalysis. Its easy for me but not for you.

Even the most tech savvy are difficult to convince:

One of my friends, who used to work for IBM as an engineer back in the day wants to get a new laptop with windows 11. I said "what are you doing you muppet install linux"

He is under the impression that linux has changed very little over 25 years and its all terminal, no GUI or support for things like 3D printers even though I tell him otherwise.

I personally dont use F-droid anymore

I use Droidify which is simpler to use especially adding repositories.

It is a pain adding repo's to F-droid.

rasengan
0 replies
4h40m

where it will be reviewed using F-Droid’s proven ethical review process.

Trade one gate keeper for another.

Something tells me you don’t know what decentralized means.

rakoo
0 replies
9h21m

I think the message is not clear. Mobifree is not a software stack, or a consortium, or that kind of thing. TFA and the official site make a poor job at explaining what it is.

Mobifree is a grant from the EU to any open source maker. This means existing applications can do the changes everyone complains about all the time while its developers see some of their pressure relieved. New software, infrastructure can pop up for the benefit of everyone, hardware projects can iterat a few more times to make something right. Anyone can actually apply for some it through https://nlnet.nl/mobifree : NLNet is an NGO that has repeatedly helped and supported the floss ecosystem, but this time with a focus on mobile. You can see their sub-grant here: https://nlnet.nl/mobifree/

F-droid is the expected partner for this given they only distribute floss software by default.

The grant page has maybe more information: https://cordis.europa.eu/project/id/101135795

kkfx
0 replies
21h8m

Few small notes:

- we can't have privacy on mobile PERIOD. Mobile platforms are not "open" like PCs (witch are less and less open, more and more stuffed of proprietary fw, but still far less closed than mobile SoC);

- we can't win Big Tech at it's game BUT we can win, and relatively easy, at OUR game, witch means self-hosted services, decentralized protocols, the hard issue it's not on sw per se but on humans who do not know nor understand that, fortunately a scam at a time people start to understand that the commercial model turned to subscription is not a good idea for them, so there is a bit of hope anyway.