F-Droid
F-Droid is a community-maintained software repository for Android, similar to the Google Play store. The main repository, hosted by the project, contains only free and open source apps. Applications can be browsed, downloaded and installed from the F-Droid website or client app without the need to register for an account. "Anti-Features" such as advertising, user tracking, or dependence on nonfree software are flagged in app descriptions.[2]
Screenshot of F-Droid 1.2 on Android showing the latest apps | |
Developer(s) | Ciaran Gultnieks, F-Droid Limited |
---|---|
Initial release | 29 September 2010 |
Stable release | 1.8 (29 April 2020[1]) [±] |
Repository | |
Written in | Python (server tools), Jekyll (software) (site), Java (client) |
Operating system | Android system (client), Linux, OSX, Windows 10, FreeBSD (server) |
Type | Digital distribution of free software, Software repository |
License | GNU GPLv3+ |
Website | f-droid |
The website also offers the source code of applications it hosts, as well as the software running the F-Droid server, allowing anyone to set up their own app repository.[3][4][5]
History
F-Droid was founded by Ciaran Gultnieks in 2010. The client was forked from Aptoide's source code.[7][8] The project is now run by the English nonprofit F-Droid Limited.[8]
Replicant, a fully free software Android operating system, uses F-Droid as its default and recommended app store.[9][10] The Guardian Project, a suite of free and secure Android applications, started running their own F-Droid repository in early 2012.[11] In 2012, Free Software Foundation Europe featured F-Droid in their Free Your Android! campaign to raise awareness of the privacy and security risks of proprietary software.[12][13] F-Droid was chosen as part of the GNU Project's GNU a Day initiative during their 30th anniversary to encourage more use of free software.[14]
In March 2016 F-Droid partnered with The Guardian Project and CopperheadOS with the goal of creating "a solution that can be verifiably trusted from the operating system, through the network and network services, all the way up to the app stores and apps themselves".[15]
Scope of project
The F-Droid repository contains a growing number of nearly 3,000 apps[16], compared to over 1.43 million on the Google Play Store. The project incorporates several software sub-projects:
- Client software for searching, downloading, verifying, and updating Android apps from an F-Droid repository
- fdroidserver – tool for managing existing and creating new repositories
- Jekyll-based website generator for a repository
F-Droid builds apps from publicly available and freely licensed source code. The project is run entirely by volunteers and has no formal app review process.[17] New apps are contributed by user submissions or the developers themselves. The only requirement is that they be free of proprietary software.[18] On July 16th 2019, the project issued a public statement that it will no longer stay neutral in the ongoing free speech vs hate speech debate with respect to the types of applications it hosts.[19] This statement was issued to address the controversy about the projects approach to actions taken by two hosted fediverse clients against the social media website Gab.
Client application
To install the F-Droid client, the user has to allow installation from "Unknown sources" in Android settings[20] and retrieve the APK (installable file) from the official site. Installation is not available through the Google Play store due to the non-compete clause of the Google Play Developer Distribution Agreement.[21]
The client was designed to be resilient against surveillance, censorship, and unreliable Internet connections. To promote anonymity, it supports HTTP proxies and repositories hosted on Tor onion services. Client devices can function as impromptu "app stores", distributing downloaded apps to other devices over local Wi-Fi, Bluetooth, and Android Beam.[22][23] The F-Droid client app will automatically offer updates for installed F-Droid apps. When the F-Droid Privileged Extension is installed, updates can also be conducted by the app itself in the background.[24] The extension can be installed via rooting, or by flashing a zip file on the device.[25]
Key management
The Android operating system checks that updates are signed with the same key, preventing others from distributing updates that are signed by a different key.[26][27] Originally, the Google Play store required applications to be signed by the developer of the application, while F-Droid only allowed its own signing keys. So apps previously installed from another source have to be reinstalled to receive updates.[28]
As of 2017, Google Play encourages developers to let Google Play manage the signing keys,[29] offering a similar service to what F-Droid has offered since 2011, and F-Droid now lets developers use their own keys via the reproducible build process.[30]
References
- "F-Droid on F-Droid repository". F-Droid client code repository. F-Droid Limited. Retrieved 25 July 2019.
- "Client 0.54 released". F-droid.org. 5 November 2013. Archived from the original on 26 April 2015.
- Hildenbrand, Jerry (27 November 2012). "F-Droid is the FOSS application store for your Android phone". Android Central. Archived from the original on 16 June 2018. Retrieved 29 August 2013.
- Nardi, Tom (27 August 2012). "F-Droid: The Android Market That Respects Your Rights". The Powerbase. Archived from the original on 3 December 2013. Retrieved 29 August 2013.
- "F-Droid Server Manual". Archived from the original on 6 November 2013. Retrieved 30 August 2013.
- "Commits by year and month of F-Droid data reported by gitstats". 2017. Archived from the original on 9 July 2017. Retrieved 19 July 2017.
- "F-Droid initial source code". F-Droid. 19 October 2010. Archived from the original on 10 December 2014. Retrieved 10 December 2014.
- "F Droid About". Archived from the original on 23 January 2014. Retrieved 28 January 2014.
- "FDroid: a free software alternative to Google Market". Replicant Project. 26 November 2010. Archived from the original on 17 January 2015. Retrieved 17 January 2015.
- "FDroid". Replicant Wiki. Archived from the original on 9 March 2018. Retrieved 8 March 2018.
- "Our New F-Droid App Repository". The Guardian Project. 15 March 2012. Archived from the original on 23 March 2017. Retrieved 29 August 2013.
- Walker-Morgan, Dj (28 February 2012). "FSFE launches "Free Your Android!" campaign". H-online. Archived from the original on 23 July 2014. Retrieved 27 July 2014.
- "Liberate Your Device!". Free Software Foundation Europe. Archived from the original on 15 August 2014. Retrieved 27 July 2014.
- "GNU-a-Day". GNU Project. Archived from the original on 28 July 2014. Retrieved 23 July 2014.
Day 9: Have an Android phone? Install F-Droid, a repository with hundreds of free software apps.
- "Copperhead, Guardian Project and F-Droid Partner to Build Open, Verifiably Secure Mobile Ecosystem". The Guardian Project. 28 March 2016. Archived from the original on 20 April 2016. Retrieved 19 April 2016.
- "F-Droid Main Repository". IzzySoft and F-Droid. Retrieved 12 March 2020.
- "Contribute". F-Droid. Archived from the original on 18 March 2015. Retrieved 29 March 2015.
- "Inclusion Policy". F-Droid. 4 April 2014. Archived from the original on 25 March 2015. Retrieved 29 March 2015.
- "Public Statement on Neutrality of Free Software | F-Droid - Free and Open Source Android App Repository". f-droid.org. Retrieved 3 August 2020.
- "Android Open Distribution". 31 October 2012. Archived from the original on 24 March 2018. Retrieved 31 October 2012.
- "Google Play Developer Distribution Agreement". 31 October 2012. Archived from the original on 18 August 2016. Retrieved 31 October 2012.
- "Client 0.76 Released". F-Droid. 14 October 2014. Archived from the original on 2 February 2017. Retrieved 28 March 2015.
- Brandom, Russell (10 June 2014). "Your survival guide for an internet blackout". The Verge. Archived from the original on 8 August 2014. Retrieved 2 August 2014.
- "F-Droid Privileged Extension". F-Droid. Archived from the original on 19 June 2018. Retrieved 19 June 2018.
- "org.fdroid.fdroid.privileged.ota_2070". F-Droid. Archived from the original on 19 June 2018. Retrieved 19 June 2018.
- Marlinspike, Moxie (12 February 2013). "moxie0 commented Feb 12, 2013". Archived from the original on 10 January 2018 – via GitHub.
- "Signing Your Applications". Android Developers. Google. Archived from the original on 15 April 2016. Retrieved 16 April 2016.
- "Release Channels and Signing Keys". F-Droid. 12 August 2014. Archived from the original on 2 April 2015. Retrieved 29 March 2015.
- Glick, Kobi (6 September 2017). "Enroll for app signing in the Google Play Console & secure your app using Google's robust security infrastructure". Android Developers Blog. Google. Archived from the original on 10 July 2018. Retrieved 16 April 2016.
- "Reproducible Builds". F-Droid. Archived from the original on 11 July 2018. Retrieved 10 July 2018.
Further reading
- Amadeo, Ron (29 July 2014). "The great Ars experiment—free and open source software on a smartphone?!". Ars Technica. Retrieved 29 July 2014.