July 15, 2023
(Guest post from F-Droid, originally on f-droid.org) Seven core contributors and one board member met in Scotland, the birthplace of F-Droid, for the …
February 5, 2022
Guardian Project has been awarded a grant from the Filecoin Foundation for the Decentralized Web (FFDW) to work on decentralizing veracity and …
December 18, 2017
The Android APK signing model sets the expectation that the signing key will be the same for the entire lifetime of the app. That can be seen in the …
March 13, 2017
In Debian stretch, the upcoming new release, it is now possible to build Android apps using only packages from Debian. This will provide all of the …
February 22, 2017
Most people get their Android apps from Google Play. It is usually the simplest and most secure option for them. But there are also many people who do …
June 2, 2016
App stores can work well without any tracking at all Attackers are increasingly seeing app stores as a prime attack vector, whether it is aimed at the …
December 29, 2015
It is time to update to a stronger signing key for your Android app! The old default RSA 1024-bit key is weak and officially deprecated. What? The …
June 2, 2015
One core piece of our approach is thinking about very high risk situations, like Ai Weiwei or Edward Snowden, then making the tools for operating …
February 24, 2015
I recently received a very interesting phishing email directed at developers with apps in Google Play. One open question is, how targeted it was: did …
October 16, 2014
Update: now you can do this with Tor Onion Services Many software update systems use code signing to ensure that only the correct software is …