Bazaar2 Monthly Report - June 2016
In June, there was two main pushes in the work:
1. Re-architecting the client app while starting the UX redesign discussions
2. Reworking the f-droid.org build tools to be flexible tools for general use
Objective 1 Simple multi-pronged distribution¶
Improved Malware Resistance¶
Copperhead started working on integrating dynamic malware scanning tools into the F-Droid build infrastructure, based on tools like drozer.
Updated Build Server¶
The build server setup tools got some much needed attention. They have served well for running the f-droid.org infrastructure over the years, now we’re working to make them into a general purpose tool so that people and organizations can easily run their own F-Droid infrastructure, including a “verification server” to make sure that the apps that they use match exactly what’s generated from the source code. Our biggest blocker here is getting things to run in a virtualized environment, since the build server itself is a virtual machine. VirtualBox on top of KVM seems almost impossible, so we are trying KVM on top of KVM.
The Debian Android Tools team now has basic working builds using Android SDK components built entirely from source and included as official Debian packages
Objective 2 Curation Tools for Organizations¶
We have been exploring some use cases and app ideas for how best to handle the curation. For example, would a simple Android app be more useful than full featured desktop app? There are lots of ideas for making easy to use curation tools, but it is quite difficult then to provide the same level of security with, say, a dead simple web app for curation. We’re looking for feedback on how much the curation tools should prioritize security vs. ease of use. On one extreme, if the curation tools are really easy, and end up just being used as a malware-ridden piracy enabler, then we’ve clearly failed. On the other extreme, if the perfectly secure tool is so difficult to understand that it requires a training to understand, then its usefulness is severely curtailed. Based on current feedback, it seems that we should aim more for the secure side of things, but it is still an open question.
Objective 3 Modern App Store with Built-in Circumvention¶
We have started weekly brainstorming sessions for discussing how we can redesign the F-Droid client app’s user experience in a both efficient yet effective way. As compared to “corporate” budgets for app UX overhauls, we are operating on a much smaller level. We make up for that with creativity and community contributions. We have currently surveyed a number of app stores, including two of the larger Chinese stores, for ideas about what users are used to and how to represent things in an intuitive and familiar way:
It turns out that F-Droid current UX is closer to lots of Chinese app stores than it is to Google Play, especially with the use of tabs and app lists. We’re looking for all sorts of feedback and ideas about what an app store experience should look like. Join the conversations! The discussion items here:
The new plumbing for this work is performing well: the latest stable release of the Android client, v0.100.1, includes lots of our recent big changes, is fully deployed and in wide use. We also have 0.101-alpha1 out with lots more changes, and we are already receiving a lot of feedback.
Objective 4 Partner Deployments¶
We have been discussing with Storymaker how to best structure their “content packs” to make it easy to distribute them in F-Droid, Google Play, CafeBazaar, and other app stores. We have implemented support for “APK Extension” OBB files, which are Google’s standard way of distributing large media collections aka content packs for apps, games, etc.
Objective 5 Usability Research on In-country Developers¶
We have almost hired someone to lead these research efforts. We aim to start a sprint on UX Research in August.