Bootstrapping Trust¶

In order to have a trusted platform for sharing files, the Bazaar app needs to be installed

• how to represent the choice
  • as much auto-detection as possible
  • wizard?

User-preferred File Transfer Method¶

There are so many apps and techniques that people are using for sharing files on phones. We should make it straightforward for people to share the Bazaar app via their own preferred method

Implementation¶

• make the Bazaar APK easily available via standard Android methods
  • in Bazaar, a Share APK option, which triggers a SEND Intent
  • make Bazaar copy its own APK to the SDCard, and regularly verify its the same as the installed APK.

Issues¶

• should not encourage insecure methods, like emailing APKs
• far too broad to document
• unknown security issues

Bluetooth File Transfer¶

Most phones have a built-in method of transferring files via Bluetooth. Since its very local, and there is some security in the pairing process, there is some level of trust in the process.

Implementation¶

• test if APK can be sent, if so send it
• rename APK to apk.zip, then transfer and instruct the user to rename

Issues¶

• stock Android blocks transferring .APK files
  • rename file to .ZIP to transfer, then remove .ZIP on receiving device (there is no default method of renaming files)
  • zip up APK then unzip on receiving device
  • tiny unzipper app could be NFC'ed or maybe QRcoded over.
• Bluetooth pairing can be confusing

local HTTPS¶

The Bazaar app can run a local HTTP server that shares out the bootstrapping app, and the rest of the process, including the index.jar.

Implementation¶

• app generates cert for signing index.jar and HTTPS
• transports
  • detect whether on wifi, and present current IP
  • create own wifi AP (WiFi Direct)
  • adhoc wifi
  • mesh

Issues¶

• dealing with a self-signed cert is often painful
• perhaps just HTTP only and enforce local-only traffic

NFC¶

NFC provides an easy way to locally swap a bit of data, which can be used to easily setup another higher bandwidth connection, like Bluetooth.

Implementation¶

• set up a Bluetooth connection via NFC: https://github.com/Mobisocial/EasyNFC
• install an unzipper app via NFC, then Bluetooth a zipped APK

Issues¶

• limited device support
• APKs not allowed to be transferred on many devices
• unproven security

ChatSecure/OTR¶

If ChatSecure is installed, then we have a trusted channel to communicate over. This would provide an easy way to bootstrap the Bazaar app.

Implementation¶

• use Sharing

Issues¶

• ChatSecure must already be installed

Kerplapp with Pinned F-Droid¶

We can make a version of Kerplapp for the Google Play Store that includes the ability to download an F-Droid.apk and then check the hash against an included sha256. Then it could download it from multiple sources, and still be able to verify it. CiaranG said they can give us a static URL to a specific version of F-Droid for this. We can probably also rely on the APK being in the archive repo, i.e. https://f-droid.org/archive/org.fdroid.fdroid_45.apk

Bootstrap Decision Tree¶