Conversation

Notices

1. Embed this notice
   翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 27-Nov-2024 16:00:59 JST 翠星石

   • Strypey
   • F-Droid
   @strypey @fdroidorg The Android SDK ("the nonfree Google SDK") is proprietary software, under a proprietary license; https://developer.android.com/studio/terms
   
   The Android SDK contains malware as evidenced by; "3.4 You may not use the SDK for any purpose not expressly permitted by the License Agreement. Except to the extent required by applicable third party licenses, you may not copy (except for backup purposes), modify, adapt, redistribute, decompile, reverse engineer, disassemble, or create derivative works of the SDK or any part of the SDK."
   
   If it didn't contain malware, there would be no reason to forbid reverse engineering.
   
   The SDK may or may not inject proprietary malware into the software it builds.
   
   F-droid's site very clearly states that they use Google's nonfree Android SDK to build apk's.
   
   
   Therefore, f-droid .apk's compiled after the date they switched from a free SDK to a nonfree SDK may or may not contain proprietary malware.
   • Embed this notice
     翠星石 (suiseiseki@freesoftwareextremist.com)'s status on Wednesday, 27-Nov-2024 16:18:19 JST 翠星石

     in reply to

     • Hildegunst von Mythenmetz of programming
     @condret If I'm concerned with malware, I just don't install and run it.
     
     Reverse engineering is incredibly time consuming and I reckon google would send a death squad to get you if you find the malware in the SDK and proved it in a way they couldn't refute.
   • Embed this notice
     Hildegunst von Mythenmetz of programming (condret@shitposter.world)'s status on Wednesday, 27-Nov-2024 16:18:20 JST Hildegunst von Mythenmetz of programming

     in reply to

     • Strypey
     • F-Droid
     @Suiseiseki @fdroidorg @strypey if you are so concerned with malware, just forget about the stupid license and reverse engineer it anyways