Basically title. I waited on installing F droid for a long time because my phone threw many scary warnings when I tried a long time ago. But now I have it, and I got some fossify apps, but since there is no “Editor’s Picks” on F- droid I dont really know where to go from here.
What apps do you recommend I install first to remove my dependence on closed ecosystems?
What is my vulnerability surface ie, which sort of apps should I watch out for?
Are there any bad faith companies in the open source sphere?
What apps you install depends on your needs and preferences. It might help others if you include those in any future requests for suggestions.
I suggest not worrying too much about “removing your dependence on closed ecosystems” immediately. Just do as you did before, changing apps as you find better alternatives—only, this time, considering the advantages of FOSS. Simply by giving F-droid apps a chance before opening (I assume) the Play Store, you’re already doing better than the vast majority of people.
Regarding discoverability and security, I believe participation in the community helps:
- The Venn diagram of “FOSS app users” and “software enthusiasts” is closer to a circle. People like talking about useful, good software they like. Word of mouth recommendations is how I got into this stuff.
- You’ll be more likely to hear urgent actionable news (e.g. X app developer sold to bad company, here’s the fork that will carry the torch onwards).
And so that this comment isn’t completely useless… Mozilla are currently working on a mobile version of Thunderbird for Android, built on top of K9 mail. Been using the beta and liking it so far. If you want a FOSS e-mail app, keep an eye on that one.
P.S. I much prefer the dark side, and don’t forget the cookies!
Important note: app developers don’t publish their apps on the official F-Droid repository. Other people (maintainers) download source code and compiling these apps. Therefore, updates are delayed by a week. You cannot update the app from other source because F-Droid version signed by a different key, so you must reinstall the app, deleting all the data.
I started using Obtainium to get updates directly from GitHub. It also has support for F-Droid and many other sources. I use F-Droid website mostly to discover apps.
Oh wait so its going to be lesser hassle the sooner I move to Obtainium?
Depends on whether you’re going to install apps from the official F-Droid repository or not. Third party F-droid repos (like IzzyOnDroid) are not affected by this.
Suppose you have some app (a hypothetical Lemmy app) installed from the official F-Droid repo. You logged in an account, changed some settings. Then the developer announces an update: new features, bug and security fixes. It is published on GitHub and Google Play. F-Droid version will come after a few days, when the maintainer builds the app from source and publishes that update.
You may don’t want to wait till update comes to F-droid. But you can’t install it from GitHub or Google Play, because it is signed by a different key. You’ll have to reinstall the app, which will erase your settings and require logging in again.
This is the hassle you probably may encounter in the future. If you want to avoid it, install official packages from the developers (from GitHub or Google Play). Obtainium can check for updates on GitHub, official and third-party F-Droid repos, and more.
Thanks for the detailed answer. It seems prudent to install from Obtainium.
I’ll offer a counterpoint to all the Obtainium fans here: F-Droid is good and “middlemen” aren’t always pointless.
F-Droid enforces their own inclusion standards on every app they build. This mainly ensures that all apps are built from source and are 100% free (libre) software. When you “go outside the middleman” and “go directly to the source” you lose that assurance.
I don’t think it’s worth it for slightly faster updates. I enjoy knowing that I have the four freedoms with every app I install.
Tell me more about these four freedoms
A program is free software if the program’s users have the four essential freedoms:
- The freedom to run the program as you wish, for any purpose (freedom 0).
- The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
- The freedom to redistribute copies so you can help others (freedom 2).
- The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
Thanks for the explanation.