On Wed, Aug 02, 2017 at 01:00:43PM -0400, Nathan of Guardian wrote:
> Empowering developers to have freedom in how they distribute their
> software, while also providing their end-users with a reliable, secure,
> update-enabled, usable experience is also a huge point of F-Droid.
For you and everybody who fully trusts you, but a little
bit of separation of powers by having somebody else do
the compilation than the folks who do the coding is
necessary to achieve a minimum of trustworthiness.
It would be paranoid to assume you are conspiring with
f-droid, but it is just a logical deduction of the
current state of US regulations to assume that you have
no choice but to provide some kind of access.
So for as long as apks are not binary reproducible, I
cannot responsibly recommend the use of any guardian
project apps. And this has been bugging me quite a
while, because you are doing excellent work.
> Ultimately, having repositories both hosted by developers, with apps
> signed by their key, and then having F-Droid.org or other notaries,
> reproducibly build and then distribute the developer's signed version,
> is our ultimate hope and dream.
Yes, that would be it. But as long as it clashes
with US laws I must only believe in this dream when
it turns into physical reality.
I repeat, I don't question anyone's integrity. But,
as Clash sing, "I fought the law, but the law won."
We're not in a ballgame where human emotions have
any relevance or power.
--
E-mail is public! Talk to me in private using encryption:
http://loupsycedyglgamf.onion/LynX/
irc://loupsycedyglgamf.onion:67/lynX
https://psyced.org:34443/LynX/
_______________________________________________
Messaging mailing list
Messaging@moderncrypto.org
https://moderncrypto.org/mailman/listinfo/messaging
