Comment by benoau
1 month ago
I think in general their plans are contrary to the DMA if they prevent F-Droid from existing. The big bet seems to be that Trump can coerce the EU into repealing the law entirely.
> (50) [...] In order to ensure that third-party software applications or software application stores do not endanger the integrity of the hardware or operating system provided by the gatekeeper, it should be possible for the gatekeeper concerned to implement proportionate technical or contractual measures to achieve that goal if the gatekeeper demonstrates that such measures are necessary and justified and that there are no less-restrictive means to safeguard the integrity of the hardware or operating system.
> (54) Gatekeepers can hamper the ability of end users to access online content and services, including software applications. Therefore, rules should be established to ensure that the rights of end users to access an open internet are not compromised by the conduct of gatekeepers. Gatekeepers can also technically limit the ability of end users to effectively switch between different undertakings providing internet access service, in particular through their control over hardware or operating systems. This distorts the level playing field for internet access services and ultimately harms end users. It should therefore be ensured that gatekeepers do not unduly restrict end users in choosing the undertaking providing their internet access service.
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv%...
Surely most governments have a compelling interest in preserving the ability to sideload apps on Android for software development, information security research, and preserving the open competitive ecosystems that so many bought into and invested in with such terms.
The ability for open source software developers to write and run applications on their [fork of AOSP with a bunch of binary closed source out-of-tree kernel modules] devices should be protected, in order to prevent anti-competitive practices from squandering the open platform the community has helped to build.
Play Store requires a DUNS number and registration therefore these days.
F-Droid does not require a DUNS number for app upload.
(F-Droid is one of a number of third party APK registry and APK installer services. The F-Droid web service hosts signed Android "APK" software packages and updates which can be uploaded by registered users and downloaded without registration or login. The F-Droid application installs APKs from the F-Droid web service; though app install and update requires more taps to install or update multiple packages due to Android's lack of functionality to add third-party package repos with keys, a standard feature in modern Linux software package management systems.)
Android app developers can already choose whether their app can be installed or run on a device that doesn't pass Play Integrity checks.
If non-rooted third-party AOSP forks with recent Security Patch Levels fail Play Integrity checks and thus cannot work with retail banking apps for example, then old versions of Android for which there are no longer updates should also fail Play Integrity checks.
Open standards for modern software management include: schema.org/SoftwareApplication , W3C Verifiable Credentials, Sigstore, SLSA, and OCI Artifact registries which already support signatures.
There are various tools which sideload APKs over HTTPS without any checksum or signature (e.g. from GitHub releases instead of from for example an OCI Registry) which are as reckless as curl | sh.
Couldn't bash and zsh run in a container2wasm WASM container that, in a browser tab without install, gets its own SELinux security context like all apps since Android 4.4+?
Does ls -Z work in Android Terminal (or termux, or the ChromeOS term)?
Students and Family Link accounts are currently denied access to containers on Chromebooks.
So on a Chromebook the same curriculum is limited to JupyterLite in WASM which almost works offline in a browser, instead of a local repo2docker container or a devcontainer.json (because there is no money for students to have server resources (like shells, CI, GitLab+k8s resource quotas) other than their provisioned computer).
container2wasm: https://github.com/container2wasm/container2wasm :