[liberationtech] Proposal for more-trustable code from app stores; comments welcome.

[John Sullivan]

Karl Fogel <kfogel at red-bean.com> writes:

> Nick <liberationtech at njw.me.uk> writes:
>>The wonderful F-Droid already does this, as pointed out in the 
>>article. So it doesn't seem like a proposal so much as an 
>>explanation of why it's important.
>
> F-Droid does a lot of this.  I couldn't find a standard way to get the
> exact source snapshot a particular app's build comes, nor what the build
> parameters were, although via the web site the app pages do give release
> numbers.  They're hard at work on deterministic builds now, apparently,
> and I would guess that some of these essentially UI fixes will happen
> along with that.
>

That info is in the server metadata file for the app (for example the
git tag for the source that was used to build the app, and the build
parameters). Probably just needs to be exposed in the UI.

-john

-- 
John Sullivan | Executive Director, Free Software Foundation
GPG Key: 61A0963B | http://status.fsf.org/johns | http://fsf.org/blogs/RSS

Do you use free software? Donate to join the FSF and support freedom at
<http://www.fsf.org/register_form?referrer=8096>.