F-Droid - Free and Open Source Android App Repository
f-droid.orgF-Droid is an installable catalogue of FOSS (Free and Open Source Software) applications for the Android platform. The client makes it easy to browse, install, and keep track of updates on your device.
You must log in or register to comment.
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 84 users / day
- 537 users / week
- 1.5K users / month
- 6.58K users / 6 months
- 1 subscriber
- 2.3K Posts
- 53.3K Comments
- Modlog
InnerTune: https://f-droid.org/packages/com.zionhuang.music/
I can’t use F-Droid without the Play Store but I tend to check there first to see if there is something available there before installing something from the Play Store.
You should check out aurora store on f-droid if you haven’t already, its basically an alternative front end for the play store, which means you can remove your google account from your phone (if you want to)
Love F droid ! It’s great
F droid is EXCELLENT
removed by mod
deleted by creator
removed by mod
deleted by creator
removed by mod
deleted by creator
cromite, bromite is dead.
removed by mod
Ok
I made a website to help finding well-maintained F-Droid apps through Github/Gitlab metrics here: https://dbeley.github.io/fdroid-insights/
I use Nebulo for DNS over HTTPS, it works well. F-Droid repo for Nebulo: https://fdroid.frostnerd.com/
The Nebulo version on the Play store is years behind the F-Droid version.
You also can use androids built in encrypted DNS. I think its DNS over TLS though
I have never found anything useful in it. And god I have tried. I end up uninstalling it every time.
Here’s mine:
Thanks for the mentioning GadgetBridge. Just revived an Amazefit Smartwatch that I wasn’t using because of the default app!
I found some good stuff there :)
List made using List My Apps Plus signal FOSS , several VPN apps etc…
And the stuff you do want to use is often best installed from the Dev’s repo because fdroid takes forever to update theirs.
And last time I checked they still hadn’t implemented the now years old APIs that would let them to silently update apps, so unless the phone is rooted you need to click for every update…
Try f-droid basic, it lets you update automatically
Mull browser, termux, nextcloud, Jerboa, Infinity reddit, organic maps, and espeak just to name a few
Ok, yeah, I use termux on my android tablet, and it’s awesome. But other than that, I don’t find any other app interesting. Who knows, maybe with time.
deleted by creator
I know this thread is already a little old, but here is the list of my favorite apps from F-Droid/Izzy. I use a lot of these almost daily and just thought I would share these in case someone might find a new app they find useful
Geometric Weather has a more active fork called Breezy Weather.
Quillnote has a more active fork called Quillpad
Breezy however is not and (according to author of that fork) will not be in F-Droid repo. You can download it form IzzyOnDroid or wait for their own F-Droid repository.
Thank you
Sexy weather app. Thanks for the follow up comment. No more ads when I want to check the weather.
Default app store for my Volla phone. I’m the ultimate hipster and I’m proud of it!
F-droid app seems to be not that great though. Using Droid-ify instead.
I use Neo store , used droidify before. Works great
I think OP meant the app store, not the client itself
Droid-ify just a client for f-droid, no?
Yeah it doesn’t seem like there are that many differences besides the UI and I think it may list repositories making it a little easier to add them.
https://github.com/Droid-ify/client
It’s also available through F-Droid
https://f-droid.org/packages/com.looker.droidify/
There is . The F-droid app has issues since it’s targeting android 5 . Neo store and droidify are better that way, security wise
Is this the article you are referencing?
https://privsec.dev/posts/android/f-droid-security-issues/
I do see some of the concerns you mentioned but it doesn’t seem to me like a night and day difference
No ,it’s just that the client app is old , targeting android 5. Good if you are using an old phone. But not so good if you are using a new. Higher SDK have tighter checks and limits. But a minor issue, I still recommend using one of the newer ones. Droidify or neostore. Also I think I read somewhere there is work going on to update the F-droid one as well. Edit read up on the article and yea it makes a good point on the SDK level. But yea a minor thing imo. Edit2 apparently it’s android 7
I personally like it but that’s just me
I use iOS now though had f-droid installed on my old android phones :)
If you sell your IPhone now it may not be too late for you! :-)
Even better obtanium installs direct from the Devs host. You could use fdroid to find the homepage/where they host and add it to obtanium
I prefer F-droid as it adds a layer of checks to hopefully keep the devs from doing something malious
are you under the assumption that fdroid has security benefits?
Its not security I’m looking for. If I wanted security I would be running stock with all of the apps from large corporations.
What’s good about F-droid is the freedom you get when you use it. All of its apps are libre. You have the ability to tweak them anyway you want and the source code it yours to study, learn, modify and distribute.
not… after… security… hmm. 😶
Some people like to live dangerously.
That’s correct
Installing through F-Droid is way easier tho and the IzzyOnDroid repo actually uses the binaries from the developer
Though, last I checked, IzzyOnDroid does warn that they usually only host things not found on F-droid. Once something they host gets included in F-droid it’s often removed from IzzyOnDroid without warning.
You could use Droid-ify and have the best of both worlds
I don’t know if you didn’t understand their comment or if Droidify has a feature I didn’t knew about.
Droid-ify offers apps from different repositories so you can have Izzyondroid and F-droid at the same time. It also scans for updates and does auto-updates if possible.
Yeah I know about that but what has that to do with IzziOnDroid apps which pulls the apps from GitHub being removed after they’ve been added to the official Fdroid repo
Apparently it seems that I don’t get it indeed.
I said Droid-ify is a 'best of both worlds because it offers the easy of use of F-droid but also pulls from IzzyOnDroid/GitHub.
This is actually the way
Does anyone have a good foss ebook and pdf reader?
Thanks!
Librera reader is pretty good
Librera (f droid)
KOreader. But it’s more aimed at ereaders.
if you’re looking for a legit READING app, KOReader is the only way to go. especially if you have an ereader tablet too that uses KOReader too and/or use Calibre. I moved to it from Kindle + Kindle app on Android and I just have no idea what the purpose of Kindle is anymore unless you buy ebooks directly from Amazon. in which case you should… well… stop.
Yeah, it’s pretty good. But at first it’s difficult to get the hang of it
I use Librera every day: the user interface looks a bit outdated but has support for any format known to man and a ton of features (and I mean A TON)
LibreraFD
@moitoi @possiblylinux127 mupdf
I second MuPDF viewer for quickly viewing PDFs, it acts exactly as I expect it to and feels very slim.
But I am not sure if it is a good ebook reader. I use KOReader in connection with Calibre on my Laptop.
Love F-Droid but be aware of the risks and always try to use a developer repo when possible…
https://privsec.dev/posts/android/f-droid-security-issues/
[This comment has been deleted by an automated system]
Doesn’t affect the end user… beyond diminished security. Are you implying I should trust Fdroid devs as much as I would trust Google devs?
[This comment has been deleted by an automated system]
The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.
Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.
If you have a lower threat model, this post isn’t for you…
[This comment has been deleted by an automated system]
If you think Fdroid security is on par with Google security… then I got a bridge to sell you
How does a supply chain attack work?
An upstream compromise that affects downstream hosts. A good example is the NPM supply chain attack -> https://hackaday.com/2021/10/22/supply-chain-attack-npm-library-used-by-facebook-and-others-was-compromised/
I actually would go for the main repo as all the software in the main repo is reviewed by the main Dev team
Did you even read the article? F-Droid signs all the apps in the main repo…
The author of this article completely misses the point of F-droid. They clearly are used to a world of proprietary software that takes “security” over freedom
So yes I did read the article and no it doesn’t change anything. If your going to make an argument you shouldn’t just link to someone else’s work. Part of the problem with the internet is no one thinks for tuemselves
Sure, I’ll spell it out for you since apparently the point went right over your head. Fdroid devs are a single point of failure by signing every application themselves. This introduces a potential for supply chain attack, not to mention Fdroid running on EOL servers.
When you use an individual dev repo, you can avoid any trojanized apps from Fdroid because the developers maintain their own infrastructure and sign their own apks.
That’s called… D I S T R I B U T E D T R U S T
Everything the F-droid team does is out in the open. Your welcome to audit it once in a while and suggest changes to make it better. I’m sure they wouldn’t mind the help.
F-droid is the best tool we got. Its not a silver bullet but it is better than anything else I’ve seen
The reason F-Droid builds from source is to ensure that they can enforce their inclusion criteria. If you go outside F-Droid you lose that guarantee. For example, self-published apks in github or google play may contain anti-features or proprietary code that are forbidden by the F-Droid standards.
From another point of view, what you call a single point of failure is a third party that represents the interests of the user community, independent from individual developers. This is the same model used in GNU/Linux distributions, and Drew DeVault explains here the role that software distributions play in the free software community.
Of course, this represents a trade-off, in that you are placing trust in the software distribution instead of or in addition to the upstream developer. The question is, how can you solve the problem without foregoing F-Droid’s inclusion standards? The answer is reproducible builds, where F-Droid builds from source and compares to the developer’s apk, and publishes the developer’s apk with their signature if the build reproduces successfully.
Until Reproducible builds are the norm in the Android free software world, I accept the trade-off because I value having software freedom in my computing, and I know I can’t trust upstream developers to care about that as much as F-Droid or I do.
Sure, atleast you admit there’s a trade off (security) for (FOSS) and maybe some additional privacy.
People should be made aware of the risks and choose according to their threat models, which is why I’ve highlighted some of these issues to begin with.