Comment by mcsniff
1 day ago
Ugh. This 100% shows how janky and unmaintained their setup is.
All the hand waving and excuses around global supply chains, quotes, etc...it took pretty long for them to acquire commodity hardware and shove it in a special someone's basement and they're trying to make it seem like a good thing?
F-Droid is often discussed in the GrapheneOS community, the concerns around centralization and signing are valid.
I understand this is a volunteer effort, but it's not a good look.
As someone that has run many volunteer open source communities and projects for more than 2 decades, I totally get how big "small" wins like this are.
The internet is run on binaries compiled in servers in random basements and you should be thankful for those basements because the corpos are never going to actually help fund any of it.
It's a shame mozilla wont step up to fund it. They've spunked way more money on way dumber things.
Imagine the good they could do if they didn't pay their CEO 6 million a year.
2 replies →
"I understand this is a volunteer effort, but it's not a good look."
I would agree, that it is not a good look for this society, to lament so much about the big evil corporations and invest so little in the free alternatives.
You can't just host servers in your own basement! You need to pay out the ass to host servers in some big company's basement!
I don't have a problem with an open source project I use (and I do use F-Froid) hosting a server in a basement. I do have a problem with having the entire project hosted on one server in a basement, because it means that the entire project goes down if that basement gets flooded or the house burns down or the power goes out for an extended period of time, etc.
Having two servers in two basements not near each other would be good, having five would be better, and honestly paying money to put them in colo facilities to have more reliable power, cooling, etc. would be better still. Computer hardware is very cheap today and it doesn't cost that much money to get a substantial amount of redundancy, without being dependent on any single big company.
5 replies →
Graphene is a great product but their incessant mud slinging at any service that isn't theirs is tiresome at best.
Some of their points are valid but way too often they're unable to accept that different services aren't always trying to solve the same problem.
> their incessant mud slinging at any service that isn't theirs is tiresome at best.
100%. But you know, sadly I've noticed that non-experts are impressed by elitism. So you don't have to be good, you just have to shit on others, and passerbys will interpret that as being very competent.
Which is super ironic, from a project which about privacy but only supports hardware built by the biggest surveillance company.
It's like ya'll are so eager to crap on a thing that you don't even read tfa.
> this server is physically held by a long time contributor with a proven track record of securely hosting services.
So you are assuming it's a rando's basement when they never said anything like that.
If their way of doing business is so offensive either don't use them, disrupt them or pitch in and help.
> I understand this is a volunteer effort, but it's not a good look.
What does make a "good look" for a volunteer project?
> What does make a "good look" for a volunteer project?
It's an open-source project. It should be... open. Not mysterious or secretive about overdue replacements of critical infrastructure.
What would that look like in this case?
> this server is physically held by a long time contributor with a proven track record of securely hosting services.
This is effectively a rando's basement. It doesn't matter that they've been a contributor or whatever. Individuals change, relationships sour. Securely hosting how ? By locking the front door ? By being a random tech company in the midwest ? Or by having proper access control ?
As a little reminder, F-Droid has _all_ the signing keys on its build server. Compromising that is somewhere between "oh that's awful" and "stop the world". These builds go out as automatic updates too. So uh, yeah, I'd like it if it was hosted by someone serious and not my buddy joe who's a sysadmin don't worry
> This is effectively a rando's basement. You. Do. Not. Know. Stop straw-manning stuff its so pointless.
1 reply →
> F-Droid is often discussed in the GrapheneOS community, the concerns around centralization and signing are valid.
Clearly the GrapheneOS community is clueless then.
You can host F-Droid yourself, which is the opposite of centralized. If the GrapheneOS community actually is concerned about centralization they can host an instance as well.
Futhermore, each author signs their own software, which again is the opposite of centralized. One authority signing everything would be centralized.
So F-Droid is decentralized in authorship and distribution. Google store is only decentralized in authorship.
"Nothing is ever good enough" (tm)
If I were running a volunteer project, I would be dumping thousands a month into top-tier hosting across multiple datacenters around the world with global failover.
the _if_ is doing a lot of heavy lifting there. You're free to complain about it but Fdroid has been running fine for years and I'd rather have a volunteer manage the servers than some big corporation
4 replies →
> commodity hardware
Apart from the "someone's basement", as objected to in this thread, it also doesn't say they acquired "commodity hardware"; I took it to suggest the opposite, presumably for good reason.
> it also doesn't say they acquired "commodity hardware"; I took it to suggest the opposite, presumably for good reason.
This seems entirely like wishful thinking. They were using a 12 year old server that was increasingly unfit for the day-to-day task of building Android applications. It doesn't seem like they were in a position to acquire and deploy any exotic hardware (except to the extent that really old hardware can be considered exotic and no longer a commodity). I'd be surprised if the new server is anything other than off the shelf x86 hardware, and if we're lucky then maybe they know how to do something useful with a TPM or other hardware root of trust to secure the OS they're running on this server and protect the keys they're signing builds with.
I'm just reading what was written, especially "the specific components we needed", and assuming they're not as incompetent as is being suggested, given they've served me well. Perhaps you haven't been tendering for server hardware recently, even bog-standard stuff, and seen the responses that even say they can't quote a fixed price currently. At least, that's in my part of the world, in an operation buying a good deal of hardware. We also have systems over ten years old running.
> shove it in a special someone's basement
They didn't say what conditions it's held in. You're just adding FUD, please stop. It could be under the bed, it could be in a professional server room of the company ran by the mentioned contributor.
100%. Just as an example I have several racks at home, business fiber, battery backup, and a propane generator as a last resort. Also 4th amendment protections so no one gets access without me knowing about it. I host a lot of things at home and trust it more than any DC.
> Also 4th amendment protections so no one gets access without me knowing about it.
If there's ever a need for a warrant for any of the projects, the warrant would likely involve seizure of every computer and data storage device in the home. Without a 3rd party handling billing and resource allocation they can't tell which specific device contains the relevant data, so everything goes.
So having something hosted at home comes with downsides, too. Especially if you don't control all of the data that goes into the servers on your property.
Isn't a business line quite expensive to maintain per month along with a hefty upfront cost? For a smaller team with a tight budget, just going somewhere with all of that stuff included is probably cheaper and easier like a colo DC.
> Also 4th amendment protections so no one gets access without me knowing about it
laughs in FISA
> Also 4th amendment protections so no one gets access without me knowing about it.
Hahaha
at best you're getting a warrant. Slightly better you're getting a warrant _and_ a gag order. Then it escalates, and having your door kicked in at 6AM is about the best you can hope for.
But sure, you'll know about it. Most likely. Maybe.
Just don't keep anything important in there eh ?
(Note, this definitely applies to colocations too. It's just maybe a tiny bit harder to find which rack is yours, and companies of that size generally have lawyers to prevent that from happening. I'll take my chance with the hosting company.)
Which one of those things do you think you can't get in a datacenter?
4 replies →
I read it a bit differently: you don't need to be a mega-corp with millions of servers to actually make a difference for the better. It really doesn't take much!
Also, even 12-year-old hardware is wicked fast.
The issue isn’t the hardware, it’s the fact that it’s hosted somewhere private in conditions they wont name under the control of a single member. Typically colo providers are used for this.
Is it one person? Is it an organization/professional company with close ties to F-Droid? There are a lot of worst-case assumptions in this thread.
Eh. It's just a different set of trade-offs unless you start doing things super-seriously like Let's Encrypt.
With f-droid their main strength has always been replicable builds. We ideally just need to start hosting a second f-droid server somewhere else and then compare the results.