F-Droid Hands-On: your very own private, free, secure, and flexible Android app store

From IFF Wiki
Jump to: navigation, search

Session Description

Mass surveillance and targeted attacks on mobile devices are getting easier and more common. Android apps and app stores are increasingly being abused for both kinds of tracking. Many countries and companies are working hard to both monitor mobile app users as well as block and filter apps deemed undesirable. An of course, we are all being monitored on the internet. The XCodeGhost exploit clearly demonstrated that developers are vulnerable to targeted attacks that can have massive impacts. A great number of mobile apps have been developed to assist users protect their privacy, but little has been done to address the issues facing distribution of the apps themselves. Basically all of the app stores except F-Droid track their users in detail, and we are working to make F-Droid even more private. Google Play is blocked in many countries, and app stores like iTunes often censor to comply with regional law, whether just or not. Regional app stores are often cesspools of malware. In many countries, people exchange apps through web forums, email, bluetooth, SD Cards, or any other method they can figure out, whether safe or not. Effective techniques for circumventing censorship and internet outages exist, and work in many places, but none work in all, and it is very difficult to keep track of them all. This current state requires users, trainers, developers, and organizations to be fluent in many technical details in order to effectively get and distribute mobile apps and media around the world. On top of all that, Internet access is not easily affordable and available to many smartphone owners in the world. In Cuba, only 5% of the population have internet access, but many have smartphones and computers and share files using mesh networks and thumb drives. In Vietnam, swapping apps and media with Bluetooth is widespread. In China, the internet is ubiquitous but heavily filtered and monitored; but "collateral freedom" techniques have proven effective. Each of these workarounds can also be useful in many other parts of the world so F-Droid is including them all in a unified user experience. Basically all of these distribution methods are ripe candidates for the kind of automation that software does so well. Many big app stores have demonstrated that this model works well for distributing media as well as apps, we will be adding support for media as well. We have a collection of working prototypes for a wide variety of techniques from the first phase of the Bazaar project. The next step is encapsulating all of them into a single system that provides smooth interactions for developers, organizations and end users. * The developer uses a simple set of commands that automate the entire distribution workflow for making highly secure, reproducible builds then getting them out through all possible channels (even Google Play) * Organizations and trainers can use these tools to make curated collections of apps and media use, without getting caught up in the technical details of the whole process. * The end user gets a familiar app store experience, regardless of the complexity behind their successful connectivity. In 2016, we will be heading up large, focused effort to implement the entire system and user experience for the Android platform, the most popular OS in the world. In this session, we will introduce F-Droid, the problems it solves, and how people can start using it. We will also discuss people's needs and threats, to kick off our user experience overall. In the hands-on part, we will get people set up, and walk them through the possibilities, especially with direct, device-to-device app "swapping" that works without internet. This is a combined effort of the F-Droid community's volunteer contributors as well as a large chunk of funding to provide the focused work to achieve this whole vision. Open Tech Fund (OTF) is funding Guardian Project to lead this effort (known internally as "Bazaar").

F-Droid Hands-On: your very own private, free, secure, and flexible Android app store
Presenter/s Hans-Christoph Steiner
Organization
Bio/s Hans-Christoph Steiner spends his time making private communications software usable by everyone, designing interactive software with a focus on human perceptual capabilities, building networks with free software, and composing music with computers. With an emphasis on collaboration, he has worked in many forms, including free software for mobile and embedded devices, responsive sound environments, free wireless networks that help build community, musical robots that listen, programming environments allow people to play with math, and a jet-powered fish that you can ride. To further his research, he teaches and works at various media art centers and organizes open, collaborative hacklabs and barcamp conferences. He is currently building encrypted, anonymous communications devices as part of the Guardian Project as well as teaching courses in interaction design and media programming NYU's Interactive Telecommunications Program and workshops around the world.
Language English
Topics

Session Comments