Core Concept¶
This is the concept for the first phase of Bazaar. For the second phase, see Concept Note
A worrying trend that is a major impediment to current mobile users’ basic freedom is that increasingly users are moving away from the open (or semi-open) web, and towards download applications. Apps themselves are not necessarily bad, though if not open-source, they do inherently lack the power of “view source” that made the HTML-based web spread in the first place. It is the fact that access to apps are controlled by stores or markets, curated and controlled by the device manufacturer or mobile operator. These stores provide little transparency to why certain apps are allowed in or not, or removed, and even worse, often outright censor apps deemed to be incompatible with some sort of unclear rule of law or ethical guidelines.
It is in fact true that the fears of SOPA/PIPA style censorship, not to mention Great Firewall style censorship, are already well underway in many of the mobile stores and markets. While Google has provided some amount of openness with Google Play, at least at point of publishing, they still log every install, active use and can retroactively remove or update apps installed on any device. In this model, the store or market is not so much a filter, as a complete backdoor.
There are however some benefits to the app store model:
- Centralized, semi-trustworthy distribution point backed by a known entity
- User feedback and reputation system
- Malware testing, scanning and filtering
- Binary signature verification on download
- Tracking of downloads and active use by region, device, language for app publisher
Here is a list of problems again we see with the centralized distribution model:
- App Markets are centralized, closed ecosystems, or worse authoritarian censor-states
- Some stores are incompatible or hostile to open-source / free software
- Most require registration of developers and users
- App Market back-end tracks all downloads and usage
- App Markets can remove applications retroactively from devices
- App Markets have unclear security or privacy requirements, like HTTPS or support for circumvention or anonymity proxies
- App Markets contain content that is protected by DRM, or otherwise not easy to reshare
- App Markets are driven by a premium for-fee model
With that, we propose to engage in creation of a new model for secure and social app distribution, because we recognize the benefit of apps, and some of the benefits of the current store and market model, but believe we can build a better, more social, decentralized model, that can better serve users in both free and heavily surveilled regions of the world.
Instead of a vending machine model, employ a swap, barder, trade design.. think more of a Moroccan Souk or Flea Market (or perhaps just a jam session or free library). The emphasis is not solely on freely licensed, like with the F-Droid project, but more about freedom to curate and re-share through a non-centralized model. We know that ringtones and mobile 3gp videos spread rapidly through Bluetooth in some parts of the world, and we think that same phenomenon can be taken advantage of here.
Will be based on existing projects focused on new modes for app distribution:- Guardian Power Up bundle installer (https://github.com/guardianproject/powerup)
- F-Droid open source repo app (http://f-droid.org/)
- Market itself is secure, privacy by design
- provides very secure, hash verfied downloads of all installer files can download apps via Android Market (if available) or via direct HTTPS, including over Tor or other proxy no logging, no analytics, no user backdoors, or tracking
- if root enabled, can modify core device (update CACerts, change fonts, remove bloatware)
Person-to-person/device-to-device sharing - can also deploy with a built-in bundle of compressed apps on SDcard for quick install
- every item can be easily shared via Bluetooth, NFC or WIFI lan
- Provide a default set of curated collections
- apps, books, videos, podcasts, etc.
- must be freely licensed content and code
- Also provide specialized categories for relevant interests
- privacy & security apps: guardian apps, whisper apps, droidwall, beem, etc
- hacker, open-source culture/dev
- free culture: doctorow books, CC licensed, wikipedia
- media content can include epubs, videos focused on tech training, human rights, advocacy, etc