No user accounts, by design (opens in new tab)

Not really a counter point because you mention a lot of other issues with f-droid that sound valid (I haven't used it myself) - but as a tangent regarding auto updates, I disable them basically everywhere because I seem to have buggy experiences too often if I allow stuff to update all the time.

I then go through the list of updates in the Play Store once a week or so and install those that I think might improve app functioning/stability. I look over and install Windows updates once a way-too-long (need to work on this).

Feel like everyone is skimping on QA these days or something else fishy is going on. In the last handful of years there have been 2 or 3 Windows updates that either permanently erased data or caused some other insane issues. I didn't get them (tbf I understand that most people didn't), partially thanks to having auto updates disabled.

> UPDATE_PACKAGES_WITHOUT_USER_ACTION

I actually tried to play with this not long ago, and it is so broken that it makes me think they just wanted to "check the box" in case some judge thought this was abusive behavior. It probably still is.

Not only this API is available only on Android 12, it also _only_ works for programs that have Android 12 as target level API (i.e. when you try to upgrade older programs the prompt will still show up), and only works for programs that your package manager installed in the first place. GPlay does not have this limitation and will happily update packages you installed, after which your package manager is no longer allowed to upgrade them. It's all a big mess.

> ...but it's just not usable in practice.

> ...this makes using packages installed through F-Droid a nightmare.

I run 2x Androids with near 80%-90% of the packages installed from F-Droid repos (to include Bromite and Bitwarden custom repos); it has quirks and is not perfect - but far from "not usable" and "nightmare" as your hyperbole would suggest.

>So it's manual clicking for each update.

You need to install the F-Droid Privileged Extension, or use a ROM that has it pre-installed. That way it can update apps without user interaction.

Hmm, sounds great to me. I loathe automatic updates and consider them a great way to ruin the software I'm used to. I can't possibly count the number of times an update to a piece of software (especially on closed platforms like iOS) broke something I rely on and I had to either wait until the developer fixed the issue, or just accept that the software is never again going to work the way it used to.

Further, I disable notifications for nearly everything, so that point doesn't matter to me either.

I'm definitely relieved that the most-upvoted comment critiquing F-Droid doesn't raise anything of concern for me! I was worried I was about to read something that might push me away from making a de-Googled Android device my next smartphone... haha

Just FYI, NewPipe has their own F-Droid repo with faster updates. https://newpipe.net/FAQ/tutorials/install-add-fdroid-repo/

So does Bromite browser. https://www.bromite.org/fdroid

I have been using F-Droid for about 2 years now as the main source for the few apps that I use and updates are coming through without interaction. Bitwarden/Aegis/Tutanota/Syncthing/K-9 all receive regular updates as far as I've experienced during this time.

I also haven't had issues with update flow. When was the last time you used F-Droid for a prolonged period of time?

I'm OK with manual updates, I disabled autoupdates on Google Play too because I can't trust the apps to actually update them and not remove some functionality or worse.

You are right that the download / install process is very quirky. It often fails to provide the right feedback about what's going on and errors are common. Is it downloading, is it installing, did it get my touch? However I really want to install from there and not from Google.

I believe this is a result of fdroid wanting to support older android versions for longer than google does. They could probably make two versions to allow this though but that would require more maintenance

In order to reduce disruption from updates, I've found it necessary to turn them off. I'll go into the play store and update the ones I want to update, when I want to.

So for at least some users, this isn't a problem at all. It's a better default.

Issue tracking here: https://gitlab.com/fdroid/fdroidclient/-/issues/2316

Slightly hyperbolic in saying it's "usable in practice", but only slightly, and everything you said is true per my own experience. That just makes these issues super annoying. Normal people won't put up with it, and they shouldn't have to. Hacker types might be motivated to continue using F-Droid, but power users and others probably won't.

I just use SkyDroid. It's way faster, less buggy, and compatible with Shinzuku which allows rootless auto-updates by making use of newer developer options (Android 11+)

This action is supported by Droid-ify, an unofficial client.

I find the distributor-does-the-building-and-signing to be problematic from a security point of view. I would much prefer that each developer does a build, signs it, and a notarization of some kind is added by the distributor.

It seems to me that if you can compromise the f-droid infrastructure you can compromise millions of handsets.

What's been professionally frustrating me for years as a developer is how much of the engineering and operational budget for a project is tied up into identifying and tracking users. The first time this happened to me we had some idiot who insisted that we needed to display exactly how many logged on users there were on every page load. There was no point in doing so, and we had proven that it was at least ten percent of the cost of each page load. In fact it was higher than that but 10% is what we could proved. My current project is about our customers, not the users, and probably 80% of the operating budget is about making the customer feel like they're running the show. Often with demonstrable and even clichéd consequences for the users.

Without customization or user tracking, many, many workflows shift to read-mostly. Many are idempotent. Some can be fully cached. Some can be edge-cached.

The dark secret of 'social' media that has been slowly coming out is that they aren't social. They aren't about 'Us', they're about me. Me, me, me. So of course the whole workflow is build around who I am and what I want. That's not just unhealthy, it's also really fucking expensive. And if it's really expensive we can't just eat the cost as a 'value add', we now have to monetize it. So things were already pretty dark and then compensation came into the picture and now it's positively dire.

What about abuse/vandalism? If the whole web has edit privileges, what's to stop someone from scripting changing all of the titles to random strings every hour? Do you do a captcha on every edit or something?

I think the main idea around user accounts is that they centralize a point of applying captchas as well as a tiny bit of data collection (some form of contact information) that can be used for antispam (e.g. banning certain email address domains from creating accounts, or banning certain email addresses, etc).

Mullvad allows Bitcoin purchases of tokens, which can then be used as a serial for the VPN that works for the time period you've purchased. Users can change tokens any time. That's probably close to what you're already doing.

Still hopeful to get a proper Linux phone someday.

F-Droid is about user freedom, so there are clients that are more like Linux package managers, for example https://github.com/mvdan/fdroidcl

I have been experimenting with trying to draw a line between wants and consequences where I work. It's tough, and I'm only barely making headway, but on a large project what you often end up with is people adding costs to the system without a clear payoff, and without cost accounting.

I am trying to get telemetry in place to demonstrate how much of our capacity is going to particular features, so that we can say, okay, that wizbang thing is costing us $100k a year. Our profit is 1:X (we make $X for every dollar we spend). Is this lowering or raising our profit margin?

I think we are completely disconnected from opportunity costs and the entire center of most orgs I've been in are all about covering your own butt and telling stories. Until the layoffs happen and then we discover that the investors, advisors and some of the C suite actually care about whether spending $1 for the prospect of making $1.50 is a complete waste of time and energy. And I often wonder if some of the narratives I hear about who got laid off and why are not seeing this calculus in the results.

Yeah, but I think a lot of things could do well with just a pseudonym and a passphrase. Sure, that's still a user account, but no email or phone number or other stuff required (unless you want notifications, or to be able to reset your passphrase).

And maybe prefer procedurally-generated identicons rather than photo avatars if you want a visual aspect.

> I would still have privacy from them.

No, they have an unexploited asset and you think you're safe because nobody has exploited it yet. This is false security. If money gets tight they'll exploit it. If they get bought out the new owners will exploit it. If they get hacked, the entire Internet will exploit it.

I would highly recommend that you spend a little bit of time thinking about or working with groups of dissidents, other oppressed groups, even people who have been sexually harassed. I have seen so much wrong-thinking about what Security actually is and it's always people living in a privilege bubble, not thinking of actual, real life existential threat that exposure can represent until they have some user in hiding because they got death threats after being doxxed. Or just plain disappearing because their government black-bagged them over something they posted online.

It’s actually not that simple – Firefox Focus and Firefox Klar are two different apps, with different packages.

The official Firefox Klar builds originally contained slightly less tracking than the official Firefox Focus builds. Nowadays it might be only the trademark that keeps them separate, but originally there were clear differences in code.

The way mega.nz works is the sharable url contains a decryption key in the hash. The server only sees encrypted data, the client requests that data then decrypts it. This design ensures they have no ability to see user content, while still enabling users to share links on the web.

What if you embedded the diff in the html link itself, like PlantUML does for their web version?

We're just talking about software delivery here. Its the same as Debian not requiring you register before using `apt` to install packages (or every other linux distro).

It depends on context, but often having an object representing the user is at best a speed bump to a bad actor. Social media's an obvious example here. I know Twitter does quite a lot to limit bad actors, but the outcome is still not great.

The vast bulk of sites want to make signup easy, meaning user objects are cheap. Cheap user ids are easily disposed of and replaced. So if you need to keep bad actors out, user accounts may not help a ton.