fdroiddata VS simplex-chat

Fork this repository.

For reference my app: project: https://github.com/balzack/databag merge request: https://gitlab.com/fdroid/fdroiddata/-/merge_requests/12183

You should add a new entry in "Builds". Have a look at how Newpipe does it for each new version here for example.

To me it's not very clear whether those terms practically apply only to their app, since clearly they can't grab logs from Aurora if Aurora doesn't dump those logs for example... but if this is something the F-Droid team should look into, open an issue on https://gitlab.com/fdroid/fdroiddata/-/issues or inquire in one of their official channels on OFTC (#fdroid) or Matrix (#fdroid:f-droid.org).

OsmAnd~ from F-Droid not having Android Auto is a known bug: see the discussions at https://gitlab.com/fdroid/fdroiddata/-/issues/2567 , https://github.com/osmandapp/OsmAnd/issues/13514, https://github.com/osmandapp/OsmAnd/issues/3391 and https://github.com/osmandapp/OsmAnd/issues/15400

You can also get F-Droid Build Status which I believe will let you see apps that are being attempted to be built even if their build isn't succeeding yet, again for the "catching things early experience". Or, just keep an eye on the issues, merge requests and commits at fdroiddata which is where people actually add new metadata for new apps to be built by F-Droid, and it often takes a while between an app being first mentioned, and it being able to be included, for many possible reasons.

For messaging I'm currently on Olvid (E2E with physical key exchange) but since it still use their servers, I'm currently testing SimpleX where I can host my own servers.

Notice how SimpleX (https://simplex.chat/) has no push notifications by default because of this issue.

I've been using SimpleX [0] with a couple of friends recently. It appears to work as advertised.

[0] https://simplex.chat

If you have a mobile phone number, the domestic intelligence agency knows exactly where you are at all times and any LEO (without a warrant) can also find you. In addition, there have been numerous CCC presentations showing how insecure the global (excluding US) and (separately) US carriers are guilty of promiscuous metadata trafficking ($$) and insecure SS7 setups. As a consequence, for low $, you can go to any one of several shady websites and find the last location of almost any phone number (person unique ID) globally. There are additional varying exploitable vulnerabilities depending on the exact combination of {handset x carrier x country} to impersonate them, tap their line, reveal their exact location, and redirect their phone number through a third-party handset or even a PBX. These are more expensive and some capabilities are forbidden for all but a few selective intelligence uses.

Session (Signal fork) doesn't use phone numbers. It's pretty well-designed overall and uses an onion routing approach. It's already a superset of Signal except it doesn't use phone numbers. https://getsession.org

Also look interesting:

* (unproven) https://www.olvid.io/technology

* (unproven) https://simplex.chat

PS: Using regular TOR on home broadband or cloud servers is relatively risky and inefficient. Sybil attacks on it are common. And to network operators and security agencies it gives an easy "flow tag" of your uplink and exit node data traffic as automatically suspicious.

Why not open up a Feature request on https://github.com/simplex-chat/simplex-chat/issues