Our new F-Droid App Repository

For all of you out there looking for a safe way to find and download apps outside of the Play Store (aka Android Market) or random, sketchy third-party app stores and file sharing sites, then your wait is over:

The FDroid Repository is an easily-installable catalogue of FOSS applications for the Android platform. The server contains the details of multiple versions of each application, and the Android client makes it easy to browse, install them onto your device, and keep track of updates.

In other words, F-Droid is like an app store for open-source. More importantly, there is not just one “store”. Anyone can deploy their own repositories of apps, or Repos, much like the way the Debian repo model works.

We’ve now begun creating our own hosted F-Droid compliant repo where we can easily provide the latest greatest versions of all our apps. As we update the apps, F-Droid should notify you and allow you to update quickly and without hassle.

Quick Steps for using F-Droid with Guardian Project Repo

1) Install the F-Droid Client app. You can get it here: https://f-droid.org/FDroid.apk

2) Run the app and go to Menu > Manage Repos > New Repository

3) Enter: https://guardianproject.info/repo/

4) Optionally, disable the default repo if you just want GP apps

5) Return to the main screen, and Menu > Update

6) Verify the repo fingerprint by clicking on the repo to see the repo details view. The fingerprint you see there should match this: 050C8155DCA377F23D5A15B77D3713400CDBD8B42FBFBE0E3F38096E68CECE.

From here you will see the “Available” tab for apps you don’t have the “Installed” tab for apps you have the latest version of, and the “Updates” tab for apps you have, but that are not up to date.

You can open each app by browsing and selecting them, and then via Menu options, choose to install them, or access their websites, source code links, or issue tracking pages.

Tagged with: , ,
Posted in Development, New Release
35 comments on “Our new F-Droid App Repository
  1. F-droid needs to become much much more anti-adware.

    . (all third party interweb ads in app is malware)

  2. cinq says:

    Hi

    the hash key changed?

    cinq

    • n8fr8 says:

      Yes, it did. Our previous directory and keystore somehow was wiped out.

      However, the underlying APKs are still signed by the same guardian project key.

  3. Seth says:

    Is Data Wipe available in the F-Droid Guardian project repos yet?

    • n8fr8 says:

      No it is not. The app, as you discovered, is now called InTheClear, and is on a development hiatus at the moment. We hope to revisit and update it in the near future.

  4. jon says:

    the apps are out of date or am I doing something wrong?

    • n8fr8 says:

      Which apps? Are you using our repo (you must add it manually to F-Droid) or are you just looking at the version of our apps in the default repo?

  5. Hugg Jack says:

    hello there, i need to know what tipe of smart phone is the best to use tor.
    kind regards

  6. Rolf says:

    This is just as unsafe as Google. The .apk file needs to be downloadable to a PC, where it can be checked, then transferred to the tablet and installed there. Nothing else is safe.

    • O Cho says:

      > .apk file needs to be downloadable to a PC

      This is already possible.

      > as unsafe as Google

      F-droid repos are less unsafe than google’s malware tolerance play store. google play allows the nefarious majority to categorize their adware as free; this is a contradiction in terms.

      Adware shifts the COST from financial to human dignity trafficking.

      Treating privacy, a fundamental right and prerequisite to liberty, as a commodity is vile per se. Worse is profiting from this human trafficking whether or not there is informed consent.

      Profit by any means necessary is not only tolerated by google, but promoted as they are frequently [one of] the ad serving platform[s] employed. Don’t misunderstand. I’m not a fan of “fair” trade tithing, carbon tax, coerced union dues, raising taxes to cool the sun, ponzi schemes, erroneous social “justice”, subjective reality, “redistribution” of wealth, moral relativism, genocide, greenness, “renewable” energy despite thermodynamics, fear of biochemical solar energy, the ‘should brush’, or similar idiocy. Corporations aren’t evil by construction, nor is profit.

      Ads are useful for sales but I draw a distinction between passive ads (billboards, magazines, traditional tv, shirts, logos, et al) and aggressive ads which not only look back at you but stalk you in RL and the interweb (third party loaded ad servers, behavioral stalking, false privacy policies, gps breadcrumbs, collating with those you contact, etc) building (collecting, buying, selling) an ever creepier eternal profile on the user that would have made the gestapo drool with lust. The SS would have required everyone to wear google Glass.

      Had google not been in the business of stalking users or selling ads there might not have been as large a concern. There are several generations who’ve remained internets newbies. They are raping the culture and increasing the noise to signal ratio of the interweb. You can drive the sheep to water but you can’t make them drink although drowning them is tempting, and waterboarding them out of ignorance more so.

      Giving consent does NOT mitigate.

      > The .apk file needs to be downloadable to a PC, where it can be checked

      The repo could provide hashes of the apk and links to the online tool(s) used to vet content like iseclab’s anubis. You then could generate a hash locally and compare to either resource.

      > (all third party interweb ads in app is malware)

      Absolutely true! No one can afford the irreparable harm done by using adware. Deliberately providing false information to collection is useful but does nothing to remove the already harvested information.

      > F-droid needs to become much much more anti-adware.

      I am not pleased with the simple notice in red text on the app info page in the repo client. Plenty of F-droid contributors remove-, null-, or disable the malware [adware, spyware, tracking, logging, unique id harvesting] components. All contributors ought perform this public service

      > is now called InTheClear

      I’m watching it develop with interest. Please provide an alternative to old fashioned sms texting also other than email.

  7. vladimir says:

    I LOVE TOR!! MORE TOR-BROWSERS FOR ANDROID MOBILE!

  8. Elaine Noonan says:

    Says download unsuccessful due to space on my galaxy note ive deleted most of my apps. Why is this still showing

  9. Sobhan Mohammadpour says:

    Tor and Fdroid are quite nice in Iran :)

  10. nutpantz says:

    not working 06/14/2013 on my samsung jb 2.12 note today.

  11. asdf asdf says:

    https://guardianproject.info/repo
    Google play has a newer version.

  12. supyo says:

    Are there plans to update the fdroid repo? Its quite out of date now.
    Cheers

  13. jason says:

    you need to give more guidance. Once installed the repo, click to install an app (Orbot, for example) and there’s no way there other than the Play store or Chrome, so what’s the point?

  14. Seegal Galguntijak says:

    So why is it, that in F-Droid, where I’d like to get most of my apps from (rather than the Google Play Store), the latest version of Gibberbot is 0.0.11-RC5 from 06/05/13, while the Google Play Store tells me something about Version 12 and it now being Chatsecure?

    Don’t you update the independent Open Source repositories any more, but rather put everything in the Play Store, so that Google knows exactly who is interested in privacy?!? Well, that’s clever, isn’t it?

    • Anonymous says:

      Does it work on BB10?

    • Concerned says:

      This whole “project” has obveously been created to either Aid in Data Mining by Government Organizations (NOT A BAD THING, AS I HOPE THIS IS THE CASE), or to Cirucumvent it (although not currently, illegal, in most cases) seems rather unnessesary, immoral, suspicious and un-needed to become Anon on the internet, unless you are either:
      1-Super Paranoid
      2-Preforming Illegal Activites(or attempting to) w/o detection
      3-Part of an Organization that is not supposed to exist (with malicious intents in mind)
      4- Are attempting or prepairing a cyber/physical attack, where Anonimity and ID Prevention are essential (unless this is being done by One Gov’t ORG vs Another) this is infact a crime; as to my knowladge there is NO VALID LEGAL REASON TO INITIATE AN ATTACK, as a non-sanctioned Citizen in ANY Country(or ATTEMPT TO).
      5- Attempting to Hide Illegal Transfers or Products/Payments
      6- Transmission of Illegal Content
      7- Set-up of “off the books” P2P meeting to discuss any of ABOVE
      8- Attempting to compromise an already established Secure Server
      9- Are involved in illegal Espionage (seeing as ACTUAL Clandestine Service Officers, not involved in non-sanctioned actions, are generally protected and Anonomized by their Host Organization, not left to “figure it out on their own”, as this would put not only the Officer/Agent, Their Family and HOST NATION at SEVERE RISK if not done correctly) or are attempting to sell/trade/transfer Illegally Obtained Classified Documents*
      *-I do belive there are certain instances where this would infact be needed durring a SANCTIONED OP(e.g. Blown Cover ID, Asset Location, or to “Find a way out”…however, I am almost sure that most if not all Intel communities, have ways to do this on their own that do not involve the use of OPEN-SOURCE SERVICES, as they are infact OPEN to the network of users providing remote access for the service…therfore, NOT ACTUALLY SECURE AMONG USRERS as it would appear that all “shared” connection points are accessable ANY user of the system!!!!)
      10- AND FINAL: ARE ATTEMPTING TO CIRCUMVENT CENSORSHIP EMPOSED BY COUNRY OF ORIGIN’S GOVERNMENT (ALSO ILLEGAL)…not nessesarily opposed to this if Countries where you can ACTUALLY be punished for your opintion (and thoughts/word) NOT ILLEGAL ACTIONS.

      CASE IN POINT: Posts like “Sobhan Mohammadpour says:
      2013/05/20 at 5:48 am
      Tor and Fdroid are quite nice in Iran :)”
      -seem to indicate the true intent of this “Program” (or atleast that particular userea intentions) and point to the Absurdity of this even being Available to ANYONE.

      TO CREATORS AND DEVOLOPERS: PLEASE BE AWARE THAT YOU MAY BE KNOWINGLY OR UN-KNOWINGLY PUTTING THE SAFETY OF MANY NATIONS, INDIVIDUALS, AND ORGANIZATIONS AT RISK, AS WELL AS ARE MOST LIKELY CONTRIBUTING TO THE DISTROBUTION OF ILLEGAL GOODS/SEVICES AROUND THE WORLD AND ONE DAY, THE TARGET MAY YOU OR SOMEONE/SOMETHING YOU ACUALLY CARE ABOUT(ASSUMING THAT YOU ARE A DECENT GROUP OF DEVLOPERS WITH THE BEST INTENTIONS AT HEART)
      -I AM NOT SLAMMING/SLANDERING/ATTEMPTING TO DICREDIT YOUR LIFES EFFORST
      **Personal Opinion Only**

  15. Alberto Aru says:

    I add and updated the repo, but chatsecure didn’t appear on F-Droid

  16. none says:

    Keep getting “file corrupted” when trying to download from f-droid. Has been happening across 3 different phones.

  17. Cathryne says:

    F-Droid 0.58 has the option to enter a repo’s fingerprint alongside its URL. Can you please update this post with the fingerprint? Thanks and greetings!

    • Hans-Christoph Steiner says:

      Yes, good idea, here is the fingerprint of the FDroid repo signing key:
      050C8155DCA377F23D5A15B77D3713400CDBD8B42FBFBE0E3F38096E68CECE

      I also added it above. It is probably easier to verify it after the fact than type that whole long string.

  18. sprech.sucht says:

    Please keep the repo up to date.
    It’s very outdated.

  19. me says:

    Fdroid official repo is pushing out a new version of orbot with a different fingerprint. I wont load it myself but it looks fishy – and if it is it is troubling to see it pop up.

    • Hans-Christoph Steiner says:

      Apps distributed via the official FDroid app repository are signed by a different key than the apps distributed via Google Play or our direct releases page. If you have FDroid installed but installed Orbot from Google Play, then you should set Fdroid to ignore Orbot releases. You can do that from the menu in the Orbot page in FDroid.

6 Pings/Trackbacks for "Our new F-Droid App Repository"
  1. […] Σε κάθε περίπτωση βέβαια, η επιλογή είναι δική σας: ► F-Droid ► Appbrain ► GooglePlay ► APK […]

  2. […] plugin para más iconos), …. Eso sí, para bajarse la nueva versión desde F-droid, hay que añadir un repositorio. Creo que sería perfecta si introdujera la opción de “crear nueva cuenta” de Tigase […]

  3. […] puede ser descargado desde diferentes fuentes: Play Store, Amazon Appstore, repositorios de F-Droid, o descargar directamente la APK desde la web de guardianproject. Solo instalando Orbot no se […]

  4. […] puede ser descargado desde diferentes fuentes: Play Store, Amazon Appstore, repositorios de F-Droid, o descargar directamente la APK desde la web de guardianproject. Solo instalando Orbot no se […]

  5. […] puede ser descargado desde diferentes fuentes: Play Store, Amazon Appstore, repositorios de F-Droid, o descargar directamente la APK desde la web de guardianproject. Solo instalando Orbot no se […]

  6. […] puede ser descargado desde diferentes fuentes: Play Store, Amazon Appstore, repositorios de F-Droid, o descargar directamente la APK desde la web de guardianproject. Solo instalando Orbot no se […]

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Important Links

You can always get the latest information on our blog. Also, track our activity on our Project Site; and request features or file bugs on our Issue Tracker.

Free and Free!

All of our software is free/libre and open-source. You can find our app downloads, code repos and issue trackers on Github.

Get Apps

Featuring Recent Posts WordPress Widget development by YD