Bazaar2 Monthly Report - March 2017
Finally, after many months of doing behind the scenes plumbing, we now have a steady stream of very visible progress. The big news is that we launched our first client app alpha of the totally new user experience, after an intense development sprint. You can get it now in F-Droid by finding F-Droid in installed apps, and then selecting version 0.103-alpha from the list.
+ Implemented totally new designs for the Categories/Main/Updates screens
+ Better support for offline usage of F-Droid
+ Drastically improved workflow for bulk downloads + updates
+ New support for screenshots, feature graphics, and localized descriptions
We had a good meeting with Fairphone at their lovely Amsterdam office, and nailed down a plan to get F-Droid integrated in Fairphone Open OS, which can be installed on any Fairphone2. They are also working on shipping Fairphone OS devices directly. From Fairphone, we learned about https://uhuru-mobile.com/ which already includes F-Droid as its app store. Uhuru provides an open source “Mobile Device Manager” service which will integrate nicely with the F-Droid Repomaker service being developed from the “2 Curation Tools” effort.
There was also a lot of presentation activity in March. Torsten and Seamus attended the Internet Freedom Festival. Hans presented F-Droid at the Android Security Symposium (https://youtu.be/yBxIVM0-3Vk) and RightsCon, and attended Tor Dev Meeting and Iran Cyber Dialogue, where F-Droid was a topic of discussion. Seamus was also at Iran Cyber Dialogue and RightsCon.
At the Android Security Symposium (https://usmile.at/symposium/), there were lots of related discussions at the various private meals for the speakers, which included key security people from Google, AT&T, universities and private security research companies. There was agreement that the most effective single security measure is limiting access to what apps can be installed on the device. We agree, and are working to support this kind of setup, since it will be very useful for lots of high risk users. This is the same model used by Copperhead, Uhuru Mobile, Fairphone Open, and many DIY projects. To make this possible, the essential part is giving organizations control over the apps that they make available, and making this as easy as possible to manage.
Also, Nico Alt has joined us working on F-Droid as part of the Bazaar2 funding. He's a long time F-Droid contributor, working on the client, leading up the new forum, and the new website design.
Objective 1 Simple multi-pronged distribution
The new “binary transparency log” feature is now available. The idea is to publish an append-only log of all the binaries that an update system has published. Then anyone can check that the binary that they received on their device matches the official list based on hash. This feature has two parts:
1. Any F-Droid repository can make its own binary transparency log directly when `fdroid update` runs. This first example of this can be seen here: https://github.com/guardianproject/binary_transparency_log
2. Anyone can point the new `fdroid btlog`command at any F-Droid repository to make their own local log. This is designed to be run often so it will stay updated. Here is the first public version of a version we had running privately since 2014 that was pointed at https://f-droid.org: https://github.com/guardianproject/f-droid.org_binary_transparency_log
- Reproducible builds bug in the Android SDK bug reported by us was officially confirmed https://code.google.com/p/android/issues/detail?id=231886 Google is interested in reproducible builds these days, and seems to be fixing them.
- The F-Droid server tools now support fully localized app metadata, including screenshots, feature graphics, and descriptions.
- A full Android SDK is now included in Debian Stretch, so you can `apt install android-sdk` https://bits.debian.org/2017/03/build-android-apps-with-debian.html
- We have preliminary free software Android emulator images that we aim to ship, since Google now only ships proprietary Google Play images. This makes it easy for people to develop using only the F-Droid stack: https://gitlab.com/fdroid/emulator-system-images
- F-Droid server tools can now automatically upload releases to Android Observatory and VirusTotal. These services generate lots of useful indexes for discovering and tracking malware.
Objective 2 Curation Tools for Organizations
The first functional prototype of Repomaker (https://gitlab.com/fdroid/repomaker), the current name for the web tool building built to make it easy for anyone to build and manage F-Droid repositories. Here is a video of the prototype in action: https://youtu.be/GbpEX1LroRk There is also a video of the design prototype: https://youtu.be/yc4K9D7BCDU
We are also looking at the Flyve Mobile Device Management software since it provides some complementary and some overlapping functionality. It looks like the full source is available. It is also a web app, but written with PHP rather than Repomaker’s Python. The source is here: https://github.com/flyve-mdm and a free demo is available here: https://flyve-mdm.com/
Objective 3 Modern App Store with Built-in Circumvention
In March, the new user experience was mostly completed and is now available as an alpha release: 0.103-alpha. In addition, there were some additions to the UI which were implemented in response to the two user tests that we ran, one in Texas and the other in Vienna. F-Droid client now has much better support for the following, long awaited features:
- App screenshots, localized descriptions and graphics: The F-Droid server tools integrate with two popular free software tools for managing these assets: Fastlane Supply (https://docs.fastlane.tools/getting-started/android/release-deployment/) and Triple-T Gradle Play Publisher (https://github.com/Triple-T/gradle-play-publisher).
- Bulk Download: The previous stable release of F-Droid had rudimentary support for downloading multiple apps at once. However the feedback to the user was incomplete and it was prone to forgetting that a user had downloaded some apps (e.g. if they close F-Droid and come back later).
- Now there is first class support for viewing the status of each download in one location, the "Updates" tab. This also includes all of the apps which
can be updated, and will make it easier in the future to show other important information about each app (e.g. if security vulnerabilities are found, or if an app has to be removed from the repo).
- Offline queue for download: One thing F-Droid can do that other stores cannot, is to let the user browse through apps while offline. Now, users are notified that they are using F-Droid without internet access. As they view apps, they are prompted to "Download later" which puts apps in a queue, to be shown in the "Updates" tab. This queue is automatically downloaded when they next come online. This feature is completed, but not yet merged into master.
- The totally overhauled website is nearing launch. We have the full website built now using the Jekyll static site generator. We just need to nail down a secure and automated deploy process. This whole setup makes it much easier to run the F-Droid infrastructure since there will be almost no server-side code running. And it can be flexibly reused in custom app stores based on F-Droid.
- We polished up the “F-Droid Privileged Extension”, which allows F-Droid to work without Unknown Sources, and do fully automated background updates. We worked with CopperheadOS to make sure that this system works well in the latest Android release, 7.1.1.
- We submitted a complete patch to FairphoneOS to build and include the F-Droid Privileged Extension into their Fairphone Open builds as the core of the F-Droid integration: https://code.fairphone.com/gerrit/#/c/27/
- We worked with security researchers who work on the CVE system and prototyped a way to support Android/Java libraries in the CVE system so that the automated scanners that we have implemented can use the CVE system as a source of data about known vulnerabilities. This data can then be used downloaded by the F-Droid client app to report known issues with any apps that are installed.