Planet F-Droid

April 21, 2023


ChatGPT - Privacy nightmare or helpful tool?

Everyone is talking about what the new AI can do, and lately everyone is starting to look at the ChatGPT privacy implications. The ban on ChatGPT in Italy and the looming privacy issues surrounding the AI chatbot in Germany have sparked a Europe-wide debate between those who are enthusiastic about the tool and those who warn against its development and what ChatGPT means for people's privacy.

April 21, 2023 00:00

April 20, 2023

/e/ foundation

Leaving Apple & Google: /e/OS 1.10 is out, Tired of operators that don’t have the same values as you?; Celebrate Earth Day with a sustainable choice!

Leaving Apple & Google: /e/OS 1.10 is out; Tired of operators that don't have the same values as you?; Celebrate Earth Day with a sustainable choice!

    • /e/OS 1.10 is out
    • Tired of operators that don’t have the same values as you?
    • Celebrate Earth Day with a sustainable choice!

/e/OS 1.10 is out

Our team is proud to deliver the /e/OS 1.10. Enjoy all the new features and improvements it embeds.

You can easily update your phone in ‘System updates’ in your phone settings menu. As always, make sure you have the latest update running on your phone!

Tired of operators that don't have the same values as you?

TeleCoop is the first cooperative operator committed to the ecological and solidarity-based transition. The cooperative helps you to take back control of your mobile consumption and accompanies you towards digital sobriety while respecting your privacy.

Because privacy and sobriety are essential to us, Murena is partnering with TeleCoop.

As a Murena user, get a 10 euro discount on your TeleCoop subscription with the code MURECOOP*. 

*Use this code when you subscribe to TeleCoop. The offer is only valid in France.

Celebrate Earth Day with a sustainable choice!

Do not miss this week’s special offer for Murena Fairphone 4 at 

The offer is valid from 17 to 23 April 2023.

For more details, see Murena’s latest newsletter

Support the project!

User’s data privacy and finding alternatives to regain control over our data has never been a more pressing issue than it is today. The timing is great to build something new!

Your contribution is key to the success of an ambitious project like ours!

Contribute, test & report bugs in /e/OS

Share on social media

Join the Community


by Veronika Pozdniakova at April 20, 2023 09:48


Purism and SLNT Announce Partnership to Provide Security to Mobile Devices

FOR IMMEDIATE RELEASE Purism Announces that they are now offering SLNT® Faraday Bags to Enhance their customers Security and Privacy.  SLNT Inc, the leading provider of high-end signal blocking patented Faraday bags, is pleased to announce their products will now be available through Purism, a company known for their security and privacy-focused software, phones, and […]

The post Purism and SLNT Announce Partnership to Provide Security to Mobile Devices appeared first on Purism.

by Purism at April 20, 2023 08:58

April 18, 2023

Privacy Browser

Privacy Browser Android 2.13

Privacy Browser Android 2.13 was released on 29 October 2018. There is now an activity for exporting and importing settings and bookmarks. Both Privacy Browser and Privacy Browser Free use the same format, so backed up settings can be used to migrate between the two. There is a page that has more detailed information on the database format. Note that in future releases it will be possible to encrypt the exports and automate the export and import process, which will allow for syncing of settings across devices.

This release adds the Read Storage permission, which allows Privacy Browser to import files from public directories. On Android Marshmallow (6.0) and newer, this permission is only available if the user grants it. If it is denied, app directories can still be used. This is the last permission I am currently planning on adding to Privacy Browser.

This release switches the default URL scheme from HTTP to HTTPS. For URLs that are entered into the URL bar at the top of the screen, in the past, if no protocol was specified, http:// would be added to the beginning of the URL. Now, https:// will be added. This is feasible because most websites now are offered over HTTPS. Users can still visit an HTTP website by specifying http:// in the URL.

The blocklist menu items now display the number of blocked items for each list, which are updated live.

The Refresh menu item now becomes a Stop button when a website is loading. If additional app bar buttons are displayed, it is available as an X on the app bar.

User agent and night mode controls are now available from the options layout menu.

A bug was fixed, introduced in Privacy Browser 2.12, that caused the system bars to disappear after viewing a full-screen video. The Clear Data options menu item was fixed to be ghosted when all submenu items are ghosted (previously broken on Oreo [Android 8] and newer). The size problems with the Waiting for Orbot message were partially fixed. Note that in the future I plan to redesign the Waiting for Orbot message to use a dialog.

With this release the target API was bumped to 28 (Android 9 Pie). An updated Italian translation was provided by Francesco Buratti and an updated Spanish translation was provided by Jose A. León. The Russian translation was also updated.

The next major release of Privacy Browser will have the option to encrypt exported settings.

by Soren Stoutner at April 18, 2023 16:53

April 17, 2023

Privacy Browser

Privacy Browser PC 0.2

Privacy Browser PC 0.2 was released on 17 April 2023. Work was done on this release to make sure Privacy Browser works well on GNOME. A crash was fixed that caused a segfault when downloading files on GNOME with local storage disabled. There are currently two file download mechanisms used by Privacy Browser. For downloads with local storage disabled a KIO FileCopyJob is used. This provides advanced functionality like pausing of the download. However, there is currently no way to make FileCopyJob use cookies, which are necessary when downloading files that are only available to a logged-in user. So, when local storage is enabled, file downloads fall back to using Qt WebEngine’s built-in downloader. However, when running GNOME instead of KDE, FileCopyJob causes a segfault. The solution was to always use Qt WebEngine’s built-in downloader when running on a desktop environment that is not KDE.

Missing icons were fixed on GNOME, with the system falling back to icons that are part of the default GNOME theme.

GNOME doesn’t like to draw a proper window boarder, but the situation is much improved compared to 0.1.

Future versions of Privacy Browser will be tested against other popular desktop environments and window managers. If you experience any problems with any Linux environment feel free to file a bug report. In relation to GNOME, there is an outstanding issue with using full screen browsing.

An animated favorite icon is now displayed when loading a website. This is nice because, on KDE’s default Breeze theme, the progress bar is unobtrusive and doesn’t always catch the eye.

The static image doesn’t look like much, but when it is spinning it makes it easy to see which tabs are still loading.

The .deb now has a dependency on KHelpCenter, so that the Handbook opens for those on non-KDE systems.

I would generally recommend that all users read the Handbook, or, at a minimum, peruse the section title and read over the entries that interest them.

The order of entries in the WebEngine context menu were changed.

The spellcheck languages are now easier to click on. Previously, the user had to click directly on the check box. Now, the user can click on the checkbox or the text. The blank space to the right of the text is still not clickable. Even though I would consider that the best experience, making that happen wasn’t easy, so I have left it for a future endeavor.

More languages will be added with Hunsepll package updates after the next version of Debian is released.

HTTP ping dialogs are now only displayed if the HTTP ping was sent by the current tab. There is also a new section of the Handbook that explains what HTTP pings are.

Not everyone who writes internet standards has your best interest at heart.

by Soren Stoutner at April 17, 2023 23:04

April 13, 2023


Fairphone is the first company to pilot Fairmined Gold credits

Through our Fairmined gold credits pilot with Alliance for Responsible Mining (ARM) we celebrate multiple wins alongside contributing to the social and environmental progress of the Fairmined certified mining cooperative La Gabriela in Colombia.


Win for responsible miners:

Since 2016, Fairphone has been working hard to connect responsible ASM gold to our supply chains. Since then, we have managed to do so for 9% of the gold used in our Fairphone 4 and 10% in the True Wireless Earbuds. Fairphone bought Fairmined credits for the gold used which could not yet be connected to certified sources. Each Fairmined credit represents one gram of certified gold produced under the strict social and environmental requirements of the Fairmined standard. Through buying Fairmined credits, Fairphone compensates small-scale miners with Fairmined premium to maintain high standards of responsible production. This incentive is significant for small certified mines, as they often face higher barriers connecting with the market, have greater difficulties in getting fair compensation for work, and heavily rely on the premium to keep going. Fairphone contributed almost USD 20,000 of Fairmined premium to the certified La Gabriela mine that could not sell their entire production for the Fairmined premium price. 

Win for Fairphone buyers:

Did you buy a Fairphone 4 or True Wireless Earbuds in 2022? Then your past purchase now directly contributes to La Gabriela’s responsible gold production. Fairphone’s purchase of Fairmined credits enables us to account for the gold which was not yet sourced from certified sources. Whereas the gold from La Gabriela did not directly end up in our products sold, our impact on fair mining for our gold footprint is the same, as small-scale miners receive the Fairmined premium to maintain high standards of responsible production.

“This first collaboration is a great achievement for our Initiative as it proves new players in the gold industry can engage with the ASM sector and contribute to its transformation”

Morgane Nzelemona, Head of Sustainable markets at the Alliance for Responsible Mining


Win for the industry:

It takes a lot of time and effort to track down everyone involved from product to mine and convince them to use responsible gold sources. Moreover in electronic products, gold is used in very small quantities, spread across many different components with each having their own suppliers and sub-suppliers. Fairmined credits allow companies to easily contribute to responsible production for their full gold consumption. 

The Fairmined credits model provides a flexible way for the gold industry to make an economic, social, and environmental impact in responsible small-scale mining communities and drive the production of responsible ASM gold, without the need to source the gold physically or to make any changes in the existing supply chains of the downstream brands.

You can find out more about our Fairtrade gold efforts and the material flow behind it here.



Read what the experts have to say:

“This first collaboration is a great achievement for our Initiative as it proves new players in the gold industry can engage with the ASM sector and contribute to its transformation. We hope that the Fairmined credits will help fast-track the engagement of the electronics industry and that more actors will follow Fairphone’s inspiring example.” 

Morgane Nzelemona, Head of Sustainable markets at the Alliance for Responsible Mining. 

“Joining forces with ARM is an important achievement for us. We want to show the electronics industry a different way of creating impact through their material footprint.  Fairmined credits are a way of directly supporting miners and their communities,  and helping to improve the professionalization of artisanal- and small-scale mining. With this, we help to bring more responsible gold on the market, in line with the gold we consume ourselves and cannot yet fully trace or certify. We hope the electronics industry will take note and follow our example to help transform the gold industry.”

Angela Jorns, Team Lead Fair Materials and Mining at Fairphone

The post Fairphone is the first company to pilot Fairmined Gold credits appeared first on Fairphone.

by Julius at April 13, 2023 15:24


Introducing Flatpaks on PureOS

If you are using PureOS or any other GNU/Linux distribution you’re probably already familiar with Flatpaks, but if not, here’s a short introduction: Flatpak is a convenient way to distribute apps on GNU/Linux. It allows for a much faster development cycle compared to other distribution systems and it increases security, because software runs inside a […]

The post Introducing Flatpaks on PureOS appeared first on Purism.

by Julian Sparber at April 13, 2023 11:18


Stop Chat Control: EU Study Warns of Law Against Child Abuse

Chat control - one of the worst EU plans that is also being described as a surveillance monster - must be stopped! The draft law is facing huge opposition across Europe. Now, an analysis by the EU Parliament's Scientific Service comes to the conclusion that the law will even be counterproductive. This follows other experts' warnings against the new law, including Mullvad VPN with an anti chat control campaign that fights for upholding citizen's rights to privacy in our free and open democracies.

April 13, 2023 00:00

April 12, 2023


DMA: Security Implications of New EU Anti-Trust Laws

The ongoing power struggle between the EU and Big Tech companies highlights the pressing need for a balanced and nuanced approach to regulatory policies that consider the interests of all parties involved, not in the least consumers. The Digital Markets Act (DMA) aims at achieving this balance, but will it succeed?

April 12, 2023 00:00

April 11, 2023


Belt and Braces: Introducing Faraday Sleeves and Bags from SLNT

We believe in a layered, defense-in-depth approach to security, and that is why we are excited to announce our partnership with SNLT to offer premium Faraday sleeves and bags compatible with our product line. Each of these products is designed to block electromagnetic radiation, so that you can be absolutely sure that once you put […]

The post Belt and Braces: Introducing Faraday Sleeves and Bags from SLNT appeared first on Purism.

by Purism at April 11, 2023 19:20

April 10, 2023

Pine 64

PineTab-V and PineTab2 launch

The PineTab2 and PineTab-V pre-orders begin on April 13th. Both tablets feature a 1200×800 10.1” IPS LCD panel with wide viewing angles, a sturdy metal metal chassis, two USB-C ports (1x USB 3.0, 1x USB 2.0 with charging), a digital video out port, a front 2MPx and rear 5MPx camera as well as a 6000mAh battery. Both come bundled with a magnetically fitted detachable backlit keyboard (connecting...


by Lukasz Erecinski at April 10, 2023 17:39

April 07, 2023


Repo stats

It’s no secret that I will take any opportunity to look in the warped mirror of statistics to glean insights on myself. I did it before for squeekboard, and I dug into the prehistory of my browser tabs. Recently, a new tool appeared, called Git-Heat-Map, and I asked the statistical crystal ball some questions. Which […]

The post Repo stats appeared first on Purism.

by Dorota Czaplejewicz at April 07, 2023 18:14


NewPipe 0.25.0 and 25.1 released: Card view, tappable URLS/timestamps in comments, and PeerTube search filters ahoy!

Well well well. Look at us getting a new release out. We have not really done this in a while, have we? Let’s see if we’ve still got it.

*one month later*

Damn it, we certainly didn’t have it in us to get this blog post out in time. Thanks to @Opusforlife, it did materialize after all, instead of ending up in blog post purgatory.

But for now, first blog post of 2023, so we get to say happy new year! We hope it will be at least as good as 2022 to you, if not better. We certainly tried making NewPipe better with this release. Read on to find out more about all the changes which made it into this version.

Oh, and some of you will have noticed this already: the player notification lost some action buttons on Android 13. This is a known problem. We just need to update our code to match what A13 is expecting of us. It will be taken care of, don’t you worry.

*another month later*

“I love deadlines. I like the whooshing sound they make as they fly by.”

Douglas Adams

In the meantime, another release came out. This is mostly a bugfix release, so we decided to include the contents of that as well. Sorry for the resulting length, we put more screenshots in than usual to make it easier to scroll through.

We will do better with the next one, we hope at least. Mix it up a bit. Look forward to that!

Happy holidays however!

New in 25.0

  • @FireMasterK started work on adding Extractor support for fetching audio track information! This is intended for videos which have multiple audio tracks, such as different languages. Eventually, the Extractor will expose this info so that clients can make use of it. Just a heads up for all the people freaking out about Arabic Mr Beast. There is progress. Breathe.

  • @FireMasterK also changed how YouTube comments are parsed, to make the timestamps and URLs tappable! Moreover, the Extractor now also provides the total comment count for clients to show.

  • @TobiGr added Extractor support for comment replies on PeerTube!

  • @TobiGr also added support for searching for playlists and channels on PeerTube!

We see you searching for "Best 1863 songs of all time".
  • @Isira-Seneviratne added a toast for when no app update is found after a manual check is performed.

  • @Theta-Dev added the subscriber count below the channel name on the video details page. Even more details! All the details!

  • @Jared234 added the Download option to the long-press menu of queue items.

Just because two phones were needed to create this image, it does not mean that someone is unable to do CSS.
  • @Jared234 also made it so that manually setting a local playlist’s thumbnail makes it permanent. As a consequence, the playlist long-press menu has been reworked to add a new option to unset the thumbnail. (If you’re wondering where to find the option to set a thumbnail in the first place, it’s by long-pressing on a playlist video.)

  • @AudricV added a long-press action to hashtags and URLs in the video description, which copies them to the clipboard.

  • @mahendranv added a new card view for videos in lists! You can check it out in Appearance settings. Beware that the thumbnails will look blurry, as support for extracting HD thumbnails is still on the way.

I wonder if these cards are tradeable.

New in 25.1

  • @Jared234 improved the “Add to playlist” dialog tremendously regarding duplicates. While they didn’t get a special treatment before, now playlists already containing the stream will be greyed out. If you still decide to add the stream to the playlist, you will also get a small toast informing you of the crime you have committed.
What? It's good music. Shut up.
  • In another entry in their relentless fight against duplicates, @Jared234 added a menu option to remove duplicates from a playlist.

  • @mahendranv, in their second mention in this post, improved the channel card in search results when using card layout: bigger icon, more lines of the description and changed location for the video count. Looks way better now!

  • @NyanCatTW1, with the help of @Stypox, added an option to the Video and audio settings to let users disable hardware media button events.

  • And finally, @Jared234 improved the “What’s New” feed (and all feeds, really) by turning the Hide button into a menu, and adding the option to hide partially watched videos as well.

Fits perfectly with "What's New" now being a default tab on the main page.

Improved in 25.0

  • @FireMasterK implemented extracting Bold, Italic, and Strikethrough formatting for YouTube text. NoW vIdEO tiTLeS lige like thIS wILl loOk eVEn bETtEr!!!111

  • @AudricV added support for showing the duration for video premieres (upcoming videos). Moreover, the upload date and view count is now shown for playlist items.

Sonic will rage for 1 and a 1/2 hours.
  • @TobiGr added support for extracting a channel’s URL and verification status in SoundCloud playlists. They were already available for YouTube playlists.

  • @AudricV added support for the new “live” URLs on YouTube (of the form, so the app doesn’t reject these URLs as unsupported anymore. We pride ourselves on being inclusive of everything, including links of all kinds.

  • @dhruvpatidar359 removed the redundant/overlapping toast shown on Android 13+ when copying to the clipboard. Android 13 has added its own cool mini-clipboard box thingy that shows for a while in the corner upon copying something, so the toast wasn’t needed anymore.

Yes, we are totally up to date with Android versions!
  • @shivambeohar removed some empty space to the right of the bottom-player close button, thus making it larger and much easier to tap.

  • @Isira-Seneviratne improved the resolution of player notification thumbnails by using smoother bitmap downscaling, which made the resulting image way better!

You can't count the pixels anymore, even if you try!
  • @pratyaksh1610 renamed the “Help” button to “Fast mode” in the “What’s New” tab’s menu, to make it self explanatory.

  • @Poslovitch (with inputs from @Stypox) added a text hint to improve discoverability of the subscription import function for new users. It shows up whenever the user has zero subscriptions.

  • When the user sets the theme to something other than Auto, it causes the Night theme sub-setting to disappear. @Jared234 changed it to become greyed out and disabled instead, to improve discoverability.

  • @Jared234 also changed the player’s seeking behaviour so that it no longer pauses the stream being played while the user is seeking.

  • @pratyaksh1610 added an icon for the “Play All” button in channels and playlists.

You get an icon, she gets an icon, everyone gets an icon!
  • @pratyaksh1610 also added a language suffix to downloaded subtitle filenames. For those people who download subtitles in multiple languages for some reason, you’re welcome.

  • @Redirion made the Samsung DeX availability check run only on Samsung devices, because it’s pointless to run it on your Super-pHone Ultpro MinMax Pikachu Edition.

  • @Marius1501 made “What’s New” a default tab on the main page. This will help users discover a core functionality of NewPipe, which is new stream feeds and updates. So far, users have had to stumble upon it themselves by delving deep into the app settings. They also changed the tab’s icon to better reflect its function, and prevent confusion with RSS feeds.

What's new? That's new! 4 tabs by default.
  • @Marius1501 also made several improvements to channel items in grid lists. The thumbnails have been increased to a sensible size. A truncated channel description is shown, as well as the subscriber count. The description can be 2 or 3 lines high, depending on its size.

  • Finally, @Marius1501 also changed the YouTube Chapters icon in the player from a numbered list (which looked very similar to the queue icon, a bulleted list) to an open book.

We are an open book. (This joke wrote itself.)

Improved in 25.1

  • @Stypox decreased the size of thumbnails in the card view a bit, based on negative feedback from the community. They had been increased earlier in 0.25.0.

  • @Trust04zh improved UI behaivour for the resume playback functionality.

  • @petlyh added support for loading additional comments in Bandcamp! Now scrolling beyond the first page of loaded comments works!

  • @petlyh also ensured that comments show as disabled on Bandcamp radio streams. Because, you know, there are none. None whatsoever. Anyway, this way you don’t get a “Sorry something went wrong” error with a pointless retry button, either.

Fixed in 25.0

  • @Theta-Dev fixed the extraction of subscriber and video counts in search results for YouTube channels which have handles.

  • @lonewolf2208 removed a redundant check for YouTube videos which prevented showing their view count in lists.

  • @TobiGr fixed the error shown when search results contain YouTube channels that don’t have any subscribers yet.

  • @Stypox fixed opening YouTube Music Mix URLs in the app. Earlier, YouTube treated a Music Mix as just a special kind of YouTube playlist. Now it is treated like a YouTube Mix instead, so the code parsing it had to be changed accordingly.

  • @AudricV fixed the YouTube channel ID extraction needed for the RSS feed button in channels, which was broken for users in some regions.

  • @AudricV also fixed the extraction of Likes on SoundCloud.

  • @TobiGr fixed extracting YouTube comments which contain a hashtag, which were throwing an error previously.

  • @han-sz fixed the persistent translucent overlay on the player when in desktop/DeX mode, or using a mouse/non-touch input.

If you want that effect now, you can put paper in front of your TV.
  • @Douile made the Enqueue next option show only when in the middle of a queue, not at the end, where it had the same effect as Enqueue and was hence redundant.

  • @dngray removed the dead Privacy Tools PeerTube instance from the manifest. Unlike URLs of private YouTube front-ends, where only the relevant sub-string is parsed, the app will try to open the actual PeerTube instance behind that URL, which is a dead end in this case.

  • @pratyaksh1610 fixed a crash that occurred upon tapping Add to playlist from the 3-dot menu while the playlist was still loading. Since the Share button is non-functional until the playlist has loaded, a toast was added to inform the user.

  • @evermind-zz enabled using the background player even when there are no separate audio streams! This was achieved by using the video stream as the source for audio. Keep in mind that the entire video stream will still be played, so you will not be saving any data by doing this. For videos with separate audio streams (which means most of them), they will continue to play just the audio part as before. PeerTube was the service most impacted by this limitation, so those users can rejoice.

Who even needs visuals?
  • @devlearner improved the Open action dialogue, so that it can survive screen rotations. They also added the Fetching stream info toast before the Download dialogue, just like the other ones. A bug on older Android versions was also worked around, where the Open dialogue wouldn’t appear on the first try after a cold app start.

  • @devlearner also fixed a bug which caused touch events to be blocked while stream info was loading for the Download or Add to playlist dialogues.

  • @petlyh ensured that the app asks for the Draw over other apps permission when enqueuing a video in the popup player while the queue is currently empty, instead of just crashing.

  • @Jared234 fixed a bug where using the option to Remove watched videos from a playlist also removed the currently playing video from the queue. This also fixed a bug with the same underlying cause, where deleting videos from a playlist and then using the Remove option caused the deleted videos to reappear.

  • @Jared234 also fixed a bug preventing the display of multiple empty playlists in the Bookmarked playlists tab.

  • Clearly on a roll, @Jared234 also fixed a bug where playing a playlist/channel in the background, and then trying to play another stream from the same playlist/channel, caused the player to stop.

  • After @FireMasterK improved the underlying code, @Stypox prevented ellipsised links in comments from being tapped, to not allow garbage URLs to be opened. Previously, too many characters were being truncated while ellipsising, which has now been limited to the last 2 characters.

Fixed in 25.1

  • @Redirion brought joy to the lives of a small portion of our users whose accelerometer is missing but the device has a bug where it still reports auto-rotation as working, thus hiding the full screen button. Now it is shown.

  • @pratyaksh1610 fixed a crash when tapping on empty comments. Still an open question why you would do that, but now you can. Have fun!

  • @Stypox made NewPipe correctly open URLs in the browser, and also fixed opening downloads and external players, all in one PR. This was broken in 0.25.0, but since you’re getting a 2-in-1 blog post, it’s better to know.

  • @pratyaksh1610, in a second contribution, fixed the tiny progress bar on the thumbnail in card view.

  • @Jared234 fixed a bug where the playlist thumbnail doesn’t get updated when a video thumbnail or the video order is changed in the playlist.

  • @AudricV fixed the null comments shown when the original comments had hashtag links. A similar fix was also applied to descriptions containing hashtags.

Localisation in 25.0

Localisation in 25.1

  • Lots of updates, lots of thanks to people continously translating!

Nerd Talk in 25.0

  • dependabot updated: gson, junit-bom, and jsoup.

  • @Isira-Seneviratne improved the code in YoutubeParsingHelper, and bumped the required Java version to 11 in the Extractor. This also allowed using some functions introduced in Java 11.

  • @Isira-Seneviratne replaced custom UTF-8 usage in URL builders throughout the Extractor codebase with StandardCharsets.UTF_8. The app code was modified accordingly.

  • @FireMasterK noticed that Jitpack gradle builds were still defaulting to Java 8, so ensured that they use Java 11 from now on, the minimum required version as mentioned above.

  • @lrusso96 simplified and optimised the code for duration parsing of YouTube videos.

  • @TobiGr fixed the extraction of detailed error messages for certain unavailable streams on YouTube.

  • @FireMasterK updated checkstyle from 9.3 to 10.4, an upgrade that was blocked on making Java 11 the minimum required version, and also removed an unused dependency.

  • @Stypox blocked the wrong nullable/nonnull imports from being used, via checkstyle rules. Now Android-specific ones are used for the app, and Java ones for the Extractor. Earlier, both codebases used a mixture of both, which had to be cleaned up frequently.

  • @Isira-Seneviratne added the Locale.forLanguageTag() function to the app, which was blocked on the minAPI being bumped to 21. Since the Extractor still caters to apps with lower minAPIs, the compat version of the function was used there for backwards compatibility.

  • @TobiGr ensured that the app reports exceptions thrown while getting a PeerTube stream’s subtitles.

  • @Isira-Seneviratne used immutable Map methods in multiple places in the extractor, simplifying a lot of the code.

  • @Isira-Seneviratne made PendingIntents immutable on Android 6.0 and later, to fix compatibility issues with Android 12+.

  • @goyalyashpal changed the image-minimizer bot in our repo to specify image width instead of height, which fixes appearance in multiple display sizes and dimensions.

  • @TacoTheDank updated the Sonarqube, ACRA, Android Gradle Plugin, and Desugaring libraries. @TobiGr and @Isira-Seneviratne later updated the latter two.

  • @Isira-Seneviratne replaced some bare math operations with a safer, dedicated function.

  • @Isira-Seneviratne used SparseArrayCompat instead of the regular version to avoid integer boxing, which reduces RAM usage for thumbnail previews, searches, and downloads.

  • @Stypox set the compileSdk and targetSdk to 33 (Android 13), and updated LeakCanary from 2.5 to 2.9.1. Several code changes accompanied this SDK version bump.

  • @Isira-Seneviratne refactored VideoDetailFragment and VideoPlayerUi to use lambdas, hence simplifying the code.

  • @Isira-Seneviratne updated RxJava and RxAndroid, which should reduce power consumption on mobile devices! You must spend all that extra battery juice on watching more videos, obviously.

  • @Isira-Seneviratne simplified some code in NotificationModeConfigAdapter by using ListAdapter.

  • @Isira-Seneviratne cleaned up Optional-related code by removing a method no longer needed, and via using Optional method chaining.

  • @Isira-Seneviratne removed Runnable variables from the double-tap and download handlers, and replaced them with lambdas.

  • @Isira-Seneviratne used WindowCompat instead of the regular library to replace deprecated UI visibility flags.

  • @obfusk provided a critical workaround needed to re-enable reproducible builds for NewPipe.

Nerd Talk in 25.1

  • @Stypox reverted the WindowCompat change from 0.25.0 because of some issues with the player that emerged, like having to tap twice to show controls, and being unable to scroll down in landscape mode using the full screen button.

  • @AudricV added the Locale property to audio tracks to help distinguish between languages. Later, @Theta-Dev added support for audio track types (e.g. original, dubbed, or descriptive on YouTube). The long and short is, we’re getting closer and closer to supporting multiple audio tracks!

  • @AudricV also fixed the missing extraction of the “No views” string in stream items in some cases.

  • @bjoernls fixed a parsing exception that occurred when a YouTube video’s comments were disabled.

  • @fynngodau fixed some Bandcamp tests failing due to changed website code.

  • @TobiGr also updated the JDK version from 8 to 11 for the GitHub Action concerning the documentation.

  • @AudricV fixed a failing PeerTube comment test and simplified its code.

  • @Redirion updated ExoPlayer to 2.18.5. This is the last ExoPlayer version that will ever be released. R.I.P. You shall be missed. As a consequence, this will also be the last version of NewPipe to be released. We’re just too sad and broken up about ExoPlayer’s untimely demise, you see. sniffle

  • In case you really believed that, we’re kidding. The ExoPlayer code is just being merged into the main Android Media3 repo. So we’ll just shift to using that after a while.

Where to get this brand-new version

NewPipe notifies you about new versions. You can download them when you press the notification, which will take you to the GitHub Releases page.

If you use the F-Droid app, it, too, notifies you about updates for NewPipe. Please keep in mind that it can take F-Droid a while to update their repository. If you have problems installing the update, you may need to uninstall NewPipe and then install it afresh. (Make sure to backup data by exporting your database from the Settings > Content menu.)

If you already installed NewPipe from F-Droid’s repository, to get this version of NewPipe you can do one of the following:

Note: If you installed NewPipe from GitHub Releases you will not have to uninstall NewPipe to switch to our custom repo. Just let it update your current version. Make sure you back up your data as mentioned in the warning at the top of the FAQ page!

Now that you’ve (hopefully) updated, please let us know what your experience of the latest release is, especially bugs in need of fixing. As usual, you can reach out to us via IRC (#newpipe on Libera.Chat), open issues on GitHub or, ideally, use our built-in crash reporter to send us machine-readable issue reports. You can even send in fixes yourself.

If you have any other questions, feel free to post them in the comments here and someone will reply to you. Also, thanks for reading it until the end! We put quite some time into these blog posts.

April 07, 2023 06:00

April 05, 2023


OsmAnd 4.4 (iOS)

Hi there!

We are glad to announce that iOS app version development does not stand still. The new improved version is already available to install on you devices!

Thank you for your support and feedback.


The minimum iOS version is increased to 15.0.

Please, upgrade your iOS to 15.0 version before OsmAnd installation.

iOS 4.4

What's news:

What's new

Minimum iOS version

Minimum iOS version is increased to 15.0. Please, upgrade your iOS to 15.0 version before OsmAnd installation.

Wikipedia updates

  • The Plugin Wikipedia settings is profile dependent:

    Menu → Settings → App Profiles → Plugins → Wikipedia

    Here you can choose languages in which Wikipedia articles will appear on the map. Choose download or not images and set cache size for images.

  • Added Wikipedia article images for the Context menu.

  • Added Download images menu and Change language menu.


Search for Favorites

Added the search bar for Favorites menu: Menu → My Places → Favorites → Pull down


CarPlay updates

  • added search history and the recent route in the menu:

  • reorganized tracks and favorites list (items visible in the list - 24 items by order newest):

  • device display with navigation info:

  • showing the map on CarPlay Dashboard.

Hiking routes

Added ability to select routes on the map for viewing additional information or starting navigation by the chosen route. Just tap on hiking routes on the map to open the Track Context menu:


Available to start navigation by a track ÷or download it.


Update OpenStreetMap Plugin

Added ability to upload GPX tracks to OpenStreetMap project:

Track Context menu → Actions → Upload to OpenStreetMap


Improved privacy

Added options to disable history logging:

Menu → Settings → OsmAnd settings → History


Map orientation update

Added manually rotated mode:

Menu → Settings → App Profile → General settings → Map orientation → Manually rotated (fixed)

Map orientation

Map ruler update

Improved visibility of the map ruler:

  • Decrease top/bottom padding for text label.

  • Added Stroke for the ruler.

    Map Ruler

Widgets updates

Added Coordinates: map center widget, Developer widgets, and Sunset and sunrise widgets:

Menu → Configure screen

Coordinate widgetsDeveloper widgetssunset and sunrise widgets

External input devices

For this release, we added the opportunity for using external input devices. Read more here.


Dynamic type fot text

Added "Dynamic type" support, text size in OsmAnd will change accordingly to text size in iOS.

Speed camera alerts

Added legal warning about using speed camera alerts.

Voice prompts

Added support for new languages: Catalan, Ukrainian, Bulgarian, Indonesian, Slovenian.

UI improvements

UI improvements for RTL languages.


Added content labelling for map buttons.

New Profile

Added the "Moped" profile.


Follow OsmAnd at Facebook, Twitter, and Reddit!

Join us at our groups of Telegram (OsmAnd News channel), (EN), (IT), (FR), (DE), (RU), (UA), (ES), (PL), (AR), (TR).

Apple AppStore

April 05, 2023 00:00

April 04, 2023


The Hypocrisy of Twitter Going Open Source?

Twitter uses a complex code that - in parts - has now gone open source. Elon Musk expects that providing code transparency will lead to rapid improvement in recommendation quality and help earn user trust. Will Musk's plan work?

April 04, 2023 00:00

Guardian Project

IETF116 Conference Report: Friday March 31, 2023

Day Five of the 116th IETF meeting in Yokohama Japan. For the rundown on Day Four, see my daily report.

With a lot of focus on privacy with respect to Internet protocols, novel new cryptography schemes are an important requirement for new protocol designs. For example, Privacy Preserving Measurement is relying on new cryptography to support distributed aggregation of a wide range of measurements in the advertising domain as well as application telemetry. Privacy Pass is relying on new cryptography to allow web browsing across the broad Internet after a single, lightweight authentication to an authority. IETF Working Groups are encouraged to work with the Crypto Forum Research Group of the Internet Research Task Force (IRTF) to develop, test and refine new cryptography techniques that meet defined security/privacy goals and can scale for Internet-wide use.

One area receiving a lot of attention is signature blinding. Blinding is used when a message’s signing party is different from the message originator (digital cash, electronic voting are examples). There are many types of blind signature, used for different purposes. IETF’s interest is in how these algorithms work at Internet scale (Privacy Pass potentially being the most high-volume example). No fewer than three results [1] [2] [3] were presented on this topic.

Verifiable Distributed Aggregation Functions are a key set of multi-party computing techniques for improving the privacy of Internet measurement - split the counting across a group of non-colluding hosts and reassemble it in a manner only the requester (and not the individual aggregators) can see. While there is consensus around the approach, there is work to be done on the algorithm details, specifically around performance and elimination of attack vectors. PLASMA - a new proposal for distributed aggregation - was presented along with a deeper analysis of two other proposals (PRIO and POPLAR).

There is also worry about the forthcoming era of quantum computing and its impact on the cryptographic tools used today. The search is on for cryptographic methods that are safe post-quantum and, along with them, ways to migrate currently-encrypted data into the post-quantum era. Currently being discussed are hybrid or composite schemes that layer the old techniques and the new techniques. For me, the math goes off into fairy land pretty quickly, but if Composite Key Encapsulation Mechanisms turns you on, there’s plenty happening at IETF nowadays [1] [2] [3] [4].

It turns out, it’s not just me whose eyes glaze over at the mathematics involved in much of this work. IETF has found that IRTF’s research in this area should recognize that a presentation acceptable to other mathematicians might not be too useful for protocol implementers. With this in mind, the Crypto Forum is pulling together a set of guidelines for writing cryptographic specifications within the IETF context.

April 04, 2023 00:00

April 01, 2023

Pine 64

March Update: Tablet Bonanza!

We end the first quarter of the year with news that Star64 will be available for purchase on April 4th and that the PineTab2 and PineTab-V(ery good!) will launch the following week on April 11th. In this month’s update we also cover PineNote development (I know many of you have been waiting for this) and discuss how software on the device has really taken off in recent months. Finally...


by Lukasz Erecinski at April 01, 2023 15:59


OsmAnd 4.4 (Android)

Great news for Android users!
We're happy to announce the new 4.4 OsmAnd release for Android devices.

Android 4.4

What's news:

Tracks menu

"Tracks" menu has a new design and more simple UX. It's easy to choose a needed track for showing it on the map, change appearance (⋮ more than one track) or make an import (⋮):

OsmAnd menu > Configure map > Tracks


Localized POI names

Added localized POI names for Map context menu. Click on the POI name to open the full name list.

POI namesPOI names

After route creation in OsmAnd you can generate and send a link.

Navigation context menu > Details > Share button


Route link for example:

Map orientation

Added new fixed mode for Map orientation:

  • Manually rotated (fixed)
map orientation

Display position

Added the new settings for "Display position":

Menu → Configure profile → General settings→ Display position

Here you can choose three variants of your location on the screen map:

  • Center: use center screen position for the cursor ("My location"),
  • Bottom: use bottom screen position for the cursor ("My location"),
  • Automatic: bottom for movement direction, center for all others.

Simplified Start screen

Restructure the Start screen. Now there is an opportunity to open OsmAnd Cloud.

start screen

Speed/Slope graph

Added Slope/Speed mode for Analyze track on the map.


Nautical miles and feet

Added "Nautical miles/feet" for Units & formats.

App language for Android 13

Added support for OsmAnd language preferences (Android 13):

App info (OsmAnd) > App languages

Downloand Overlay/Underlay maps

Added possibility to download online tiles used as "Overlay" or "Underlay" maps:

Map Context menu → Actions → Download map

Download/update tiles menu will be opened.

Imperial measurement

Added support of imperial measurement units for "Vehicle parameters".

Open Menu → Settings → Profile → General settings → Driving region → USA

Now, you can choose inches for Vehicle parameters: Menu → Settings → Profile → General settings → Navigation settings → Vehicle parameters

Moped profile.

Added new profile - Moped. It use a "moped" routing profile, have a bicycle as a parent, and be disabled by default.

Moped profile

Redesign Simulate location

We redesigned "Simulate your position" by adding a new screen with settings.

simulate your location

Bugs fixs

Android Auto

  • the issue: movement direction map orientation is flipped and jiggles,
  • the split-screen issue,
  • fixed crash with GPX selection,
  • the issue with the Navigation info panel,
  • added support Android Auto map mode: Day, Night, Automatic.

Vegan places POIs

Fixed the issue: "Most vegan places don't show".

Map gestures

Fixed map gestures for tilt, zoom and rotation:

Australian roads shields

Fixed Australian roads shields.

Follow OsmAnd at Facebook, Twitter, and Reddit!

Join us at our groups of Telegram (OsmAnd News channel), (EN), (IT), (FR), (DE), (RU), (UA), (ES), (PL), (AR), (TR).

Google Play
Huawei AppGallery
Amazon AppStore

April 01, 2023 00:00

March 31, 2023


Anonymous email: Create an email address without a phone number.

Tutanota is the best free anonymous email provider you can get as it lets you create an email address without a phone number! Plus, there's no IP logging, no tracking, and all data is end-to-end encrypted. Tutanota is built by a team of privacy-enthusiastic engineers committed to protecting your right to privacy. We aim to develop the most secure mailbox by focusing on automatic encryption and privacy-by-design.

March 31, 2023 00:00

March 30, 2023

/e/ foundation

Leaving Apple & Google: Support /e/OS and get a tax credit. We have added new supported devices!

Leaving Apple & Google: Support /e/OS and get a tax credit! We have added new supported devices!

  • Support /e/OS and get a TAX CREDIT!
  • We have added new supported devices! 

NEW: Support /e/OS and get a TAX CREDIT!

Help us free your data from Google! 

/e/OS would be nothing without its vibrant community that helps in different ways to make it grow to offer the best user experience without having your data constantly leaked to Google and other parties. Only this past year your support gave us the opportunity to launch /e/OS v1, to improve your privacy control with new features such as Advanced Privacy, that lets you cut trackers and ads, to offer all Android apps in /e/OS via App Lounge, to grow the number of supported devices to more than 200.

In only a few years /e/OS has become the leading pro-privacy smartphone operating system, confirmed by academic research, and this without sacrificing usability!

Thanks to your contributions, /e/OS can remain independent and implement improvements much faster. Our goal remains the same since day one: let as many people as possible on this planet enjoy life without constant surveillance from the Big Techs!

And we have some great news for  our European donators! From now on, your donation may qualify you for a tax credit!

The reason behind this is that e Foundation is meeting the criteria to qualify as an organization in the public interest.

Practically speaking:

  • support e Foundation this year
  • we will have a donation receipt send to you
  • next year you will be able to apply at your fiscal administration for a tax credit 

The amount of these tax credit can be signifiant in some countries: it can go up to 66% of the donation in tax credit, which means that for a 100 € given to the project in a year, your financial contribution will be 34 € only.

However, please note that Tax credits related to donations are subject to your countries laws, so please check how much you can get in return. We will try to maintain useful information for each country at this page.

We have added new supported devices!

We have great news for you: /e/OS now supports 15 new devices! Which brings the total amount of /e/OS supported smartphone models to 229

The newly supported devices are as follows: 

  1. Motorola edge 2021 berlna  
  2. Motorola edge 30 dubai 
  3. Xiaomi Mi 11i / Redmi K40 Pro / Redmi K40 Pro+ / Mi 11X Pro haydn 
  4. Motorola one fusion+ liber 
  5. Xiaomi 11 Lite 5G NE / 11 Lite NE 5G / Mi 11 LE lisa 
  6. Xiaomi Redmi 7A / 8 / 8A / 8A Dual Mi439 
  7. Xiaomi Redmi 4A / 5A / [Note 5A / Y1 – Lite] Mi8917 
  8. Xiaomi Redmi 3S / 3X / 4 (India) / 4X / [Note 5A / Y1 – Prime] Mi8937   
  9. Nubia Z17 nx563j 
  10. Nubia Z18 Mini nx611j 
  11. Sony Xperia 1 II  pdx203  
  12. Xiaomi Mi MIX 2S polaris 
  13. Motorola edge 20 pro pstar  
  14. Xiaomi Mi 11 Lite 5G renoir 
  15. Xiaomi Mi 8 Explorer Edition ursa 

In addition, we have also upgraded 13 of the existing devices to /e/OS S: 


  1. Oneplus Nord avicii
  2. Fairphone 3


  1. Motorola moto g7 play channel
  2. Xiaomi Mi 5 gemini
  3. OnePlus 7 Pro guacamole 
  4. OnePlus 7 guacamoleb 
  5. Lenovo Z5 Pro GT heart
  6. OnePlus 7T Pro hotdog 
  7. OnePlus 7T hotdogb 
  8. Xiaomi Mi 5s Plus natrium
  9. Motorola edge s / moto g100 nio
  10. Xiaomi Mi MIX 2S polaris
  11. F(x)tec Pro pro1

Support the project!

User’s data privacy and finding alternatives to regain control over our data has never been a more pressing issue than it is today. The timing is great to build something new!

Your contribution is key to the success of an ambitious project like ours!

Contribute, test & report bugs in /e/OS

Share on social media

Join the Community


by e_admin at March 30, 2023 12:55


Did your Gmail data train the AI Bard?

Last week a tweet went viral asking whether Google's AI Bard was trained on Gmail data. The question was underlined by the fact that Bard itself said it was trained on "Google Search, Gmail and other data".

March 30, 2023 00:00

Guardian Project

IETF116 Conference Report: Wednesday March 29, 2023

Day Three of the 116th IETF meeting in Yokohama Japan. For the rundown on Day Two, see my daily report.

The long-running work on MASQUE - proxying all network-layer datatypes over QUIC (HTTP/3) - is nearing completion, with the specification for Proxying IP in HTTP in IESG review. With these components in place, the original MASQUE concept - a non-probable relay for client traffic providing privacy guarantees - has been revived, now defined within the new framework and leveraging HTTP Unprompted Authentication.

Privacy-preserving measurement is much on the minds of IETF attendees as the Privacy Preserving Measurement Working Group continues to make progress. Two new concepts were debuted in the Privacy Enhancements and Assessments Research Group PEARG meeting: Secure Partitioning Protocols and Interoperable Private Attribution. Partitioning is new work looking at how multi-party statistical aggregation can be efficiently accomplished with improved privacy guarantees and is applicable to the on-going work on the Distributed Aggregation Protocol DAP. Private attribution measures events that occur in different contexts to the same person (shown an ad, then bought the product, for example). As a sort of counterpoint, PEARG attendees also heard about the design decisions made in the development of a privacy-preserving contact tracing application rolled out during the recent COVID-19 pandemic. Perhaps the defining characteristic of the design of this app was purpose limitation - building out features that specifically can not be used for any other purpose (such is the wide-spread fear of these applications being used as the infrastructure of a much more broader system of social control).

March 30, 2023 00:00

IETF116 Conference Report: Thursday March 30, 2023

Day Four of the 116th IETF meeting in Yokohama Japan. For the rundown on Day Three, see my daily report.

The IETF is getting serious about interoperability among messaging services (this might have had something to do with it). The charter for the Messaging Layer Security Working Group (MLS) specifically excluded interoperability, though the group organized a draft that addressed the basic concepts that would allow MLS-compatible systems to federate. In early 2023, a new Working Group - More Instant Messaging Interoperability (MIMI) - was chartered to expand on the MLS federation work. Given IETF’s relatively long and somewhat checkered history with messaging, the Working Group’s charter included this reminder to itself:

Numerous prior attempts have been made to address messaging interoperability, including the IETF's extensive prior work on XMPP, SIP/SIMPLE, and their related messaging formats. The MIMI working group will draw lessons from these prior attempts, seek to avoid re-hashing old debates, and will focus on the minimal standards suite necessary to facilitate interoperability given the feature set of modern messaging applications.

Thus, its remit had some strict limits:

The More Instant Messaging Interoperability (MIMI) working group will specify the minimal set of mechanisms required to make modern Internet messaging services interoperable. 

minimum being the operative word. So, what’s in scope?

  • messaging interoperability
  • user discovery
  • messaging content format
  • (an appropriate) MLS profile
  • message delivery service and transport mechanisms
  • establishment of end-to-end cryptographic identity
  • identifier naming conventions

Specifically out of scope are:

  • metadata processing to manage spam and abuse
  • interoperable mechanisms for group administration or moderation across systems
  • extensions to the MLS protocol (if needed, requirements will be referred to the MLS working group or other relevant working groups in the security area)
  • definition of completely new identity formats or protocols
  • extensions to SIP, SDP, MSRP, or WebRTC
  • development of anti-spam or anti-abuse algorithms
  • oracle or look-up services that reveal the list of messaging services associated with a given user identity without the user’s permission

This being the first formal meeting after group charter, discussions are still at the stage where defining what in scope means is still open, as are the most basic tenets of the technical mechanisms to implement the required features. Grab your popcorn!

March 30, 2023 00:00

March 29, 2023


New Automatic Power-On firmware for Librem Mini

Our latest coreboot/SeaBIOS and PureBoot releases bring new firmware configurations for the Librem Mini v1 and v2!  Many users use the Librem Mini as a headless server and have asked for firmware that would boot up automatically when powered, like an appliance. Once enabled, the setting persists as long as the RTC battery is plugged […]

The post New Automatic Power-On firmware for Librem Mini appeared first on Purism.

by Jonathon Hall at March 29, 2023 15:27

Guardian Project

IETF116 Conference Report: Tuesday March 28, 2023

Day Two of the 116th IETF meeting in Yokohama Japan. For the rundown on Day One, see my daily report.

The OHAI Working Group has submitted the core draft of Oblivious HTTP Application Intermediation to the RFC Editor for editorial finalization and publication. OHAI is designed to support transational uses of the HTTP protocol that seek IP address privacy (by means of a relay pair, one associated with the client and one associated with the target resource). The target resource is, thus, said to be oblivious to the requester’s IP address. While the initially-imagined use case for OHAI was access to the DNS service (with some in the IETF feeling DNS-over-HTTP did not go far enough to protect user privacy), the dominant use case imagined today is telemetry - monitoring vendor-, application- or operating system-defined usage parameters on centralized systems.

It’s fair to ask how OHAI-capable services are to be discovered. The OHAI Working Group is proposing to use DNS Service Binding Records (SVCB, defined here and well-described here). TLS 1.3 Encrypted Client Hello is among the other IETF standards leveraging SVCB. SVCB records, similar to the (also new) HTTPS records, allow a host of define multiple ways to make connection with parameterization using just the DNS lookup (as opposed to the multiple round-trip mechanism of HTTP’s Alt-Svc header). The draft - Discovery of Oblivious Services via Service Binding Records has been under Working Group discussion since IETF113 and is close to submission for last call (technical completion).

Speaking of TLS 1.3 and Service Binding Records, Encrypted Client Hello ECH was, in fact, the reason SVCB records were defined. DNS lookup is the only point at which certain cryptographic information can be made available before all the connection encryption starts to happen. Unfortunately, the SVCB draft is stuck in the RFC Editor work queue behind ECH, even though there is language in ECH that references SVCB. The Working Group is therefore required to remove all the SVCB language from the ECH draft so that it may proceed. This procedural detail - and accompanying delay - has important consequences: the major open source software package that requires modification before ECH can expect wide adoption (OpenSSL) is waiting for ECH to become a full-fledged RFC before the submitted pull requests will be granted. Meanwhile there is plenty of experimentation with ECH happening on the live Internet with Mozilla/Firefox and Cloudflare running experiments.

It turns out there’s an alternative (or perhaps parallel) proposal for TLS 1.3 - CompactTLS - an effort begun in 2019 and now in it’s eighth revision. cTLS proposes to save bandwidth by trimming obsolete material, tighter encoding, a template-based specialization technique, and alternative cryptographic techniques. cTLS is not directly interoperable with TLS 1.3 or DTLS 1.3 since the over-the-wire framing is different. cTLS is undergoing formal analysis and implementation work proceeds, though no results are currently available.

The HTTPbis Working Group formally adopted the HTTP Unprompted Authentication specification in the month before IETF116. As a reminder, Unprompted Authentication allows a server to offer authenticated services without advertising that it does so (meaning the authenticated resources can not be actively probed). A number of semantic elements are under discussion, mostly to understand how this new feature is unique among existing HTTP features (and can, or can not, be aligned with adjacent capabilities). An action item for IETF117 is a formal analysis of the cryptography used, with several alternatives being proposed.

March 29, 2023 00:00

March 28, 2023

Privacy Browser

If You Have Too Many Tabs, Sometimes They Disappear

Programming for Android is an interesting experience. One of the most annoying things I didn’t anticipate is how Android will just kill your app whenever it wants and often for no good reason (it’s a little like doing battle with a chaos monkey). This has to do with what is called the Android Activity Lifecycle.

Believe it or not, this chart represents a simplified model of what really goes down.

When an app is not in the foreground (displayed on the screen) Android can, at any time, kill it. Android does this for at least two reasons, the first being that other apps might need the RAM and there isn’t enough to go around. The second has to do saving battery power. To make things even more complicated, this is one aspect of Android that is often modified by different OEMs, so that how often and for what reasons an app might be killed can vary by device.

When an app has been killed (the orange item on the left of the chart above), a small amount of data is preserved in what is known as the SavedInstanceState. When the user switches back to the app, the SavedInstanceState is passed to onCreate(), at which point it is up to the developer of an app to attempt to recreate the state of the app in such a way that the user doesn’t notice that it has been killed and restarted.

There is a surprising amount of code in Privacy Browser (and in any other good Android app) to try to successfully handle this background killing of apps. Most of the time, this works out fairly well and users aren’t aware of the magic that is going on behind the scenes to make everything run smoothly. However, in their infinite wisdom, not only did Google decide it would be a good idea to just randomly go around killing apps, but they also decided to set an amazingly small limit of 1MB for the entire SavedInstanceState. It turns out that if you have enough tabs open at once, you can exceed this 1MB limit. In which case, Android will just drop the SavedInstanceState and restart the app with no saved tab information.

Most browsers handle this by writing the information about the current tabs directly to a database on the flash storage. However, as I have written before, that is not a solution that is acceptable for Privacy Browser because I am opposed to anything that automatically stores a browsing history just by engaging in normal browsing behaviors. There is too high a probability that data written to the flash storage can be compromised for me to be comfortable with automatically populating it with a user’s browsing history.

I can understand why users can be unhappy if a bunch of their open tabs suddenly disappear. This isn’t a problem I run into in my typical workflow, because I tend to frequently run Clear and Exit. I rarely have more than ten tabs open at once, which isn’t typically enough to trigger this problem. Part of the reason why I do that is because any zero-day exploit in WebView is most likely to allow one tab to steal information from another tab, so keeping the number of running tabs small lowers my personal attack surface. I don’t have any problems with users who choose to run a lot of tabs at once, and I am happy to do everything reasonable to make it work well for them, but I won’t lower the security of Privacy Browser to do so. In that case of Google’s 1MB SavedInstanceState limit, that means that users who choose to have lots of tabs open at once will periodically discover than Android will close them for them.

It should be noted that Privacy Browser PC doesn’t suffer from this problem because desktop systems don’t tend to go around killing programs, so users can keep as many tabs open as they like. On Android, if there is a set of tabs you always like to have open there are a couple of ways to quickly open a lot of bookmarks.

by Soren Stoutner at March 28, 2023 23:37

Saved Instance State

Beginning with Privacy Browser 3.5, the app now saves and restores the instance state if killed in the background by the OS.

For those who might not be aware of the abomination that is memory management on Android, I would point you to the picture below, which was taken from the official Android Lifecycle documentation.

They make sure to let you know that this is a simplified representation.

Notice that nice App process killed item on the left. Turns out that Android likes to do this all the time.

Those of us who grew up using desktops have a general expectation that programs keep running until we close them. To work around this on Android, apps have the option to save their instance state and recreate it when onCreate() is run again. This creates the impression that the app has been running continuously without such actually having been the case.

Needless to say, there are a lot of possible pieces of information that would need to be saved to recreate the exact state of an app after it has been restarted. Previous to 3.5, Privacy Browser did not attempt to do this at all, but with the new Day/Night theme, it became a high priority to do so, because the app restarts whenever the theme changes.

There are three data storage methods that can be used to store this data: ViewModels, saved instance states, and persistent storage. These are described in the saving UI states documentation. The important detail for our purposes is that ViewModels only exist in RAM, saved instance states exist in RAM, but can be written to the flash storage if the OS needs to recover RAM for other purposes (the previous line has been removed from the linked documentation, which hopefully means that with current versions of Android it is no longer the case), and persistent storage always exists on the flash storage. The bookmarks and domain settings databases are examples of persistent storage used by Privacy Browser.

One of the primary design philosophies of Privacy Browser is to minimize the amount of data that is stored on the device. Specifically, just browsing to a website should not create a record of where you have been. There are far to many examples of tricky ways this information can be exfiltrated from a device to compromise a user’s privacy. As such, I really wanted to handle all data storage using ViewModels. Unfortunately, because of limitations in the type of data that ViewModels can store, Privacy Browser also has to use a saved instance state to correctly reinitialize after being restarted by the OS. (With the apparent changing of the system to no longer write the saved instance state to storage, this is no longer a problem.)

The following pieces of sensitive information are stored in the saved instance state:

  • The list of all the currently open tabs, including each URL.
  • The WebView history for each tab, including the URL of each item in the history.

Depending on what happens, this information can be written to a system area of the flash storage. I consider this to be suboptimal, but there is no way to prevent it from happening if Privacy Browser is to function well on Android. (Again, this is happily no longer a problem.)

The good news is that running Clear and Exit from the navigation menu or by tapping the X to close the last tab deletes the saved instance state. Those who have significant privacy needs can enable Incognito Mode, which wipes the WebView history every time a new website is loaded.

by Soren Stoutner at March 28, 2023 23:23


Security for all: Recommend Tutanota to your friends! 🎉

Everyone deserves privacy! That's why Tutanota is now launching a refer-a-friend program. As a Tutanota user, you can now refer Tutanota to your friends and family, even to your doctor or lawyer, and you both benefit.

March 28, 2023 00:00

Guardian Project

IETF116 Conference Report: Monday March 27, 2023

This post begins a daily blog, live from the 116th meeting of the Internet Engineering Task Force in Yokohama, Japan, March 25-31, 2023. We’re focusing on standards activities of importance to the Internet Freedom community.

Since IETF114 (report), the Privacy Preserving Measurement Working Group has been deliberating over two distinct proposals offering very different technical methodologies for undertaking measurement activities while respecting user privacy. STAR offers an approach called k-anonymity - reporting a measurement value only if k or more parties are also reporting the same value. This approach theoretically prevents rare values being used to single-out individuals. Distributed Aggregation Protocol, DAP, uses an approach that distributes individual measures across a set of aggregators, none of which gets to see all the granular measurement data - the fully-aggregated total only seen by the third-party who requested it (who, in turn, gets to see none of the granular measurements). At IETF116 we’re learning about the operational experience with these technologies, with multiple implementations of both running in different testbeds. Performance analysis has also been undertaken.

Though it’s very early days, it’s becoming clear that both approaches have had to make operational modifications (based on privacy vulnerabilities or performance or security) that seem to decrease their uniqueness and call into question the need to have two approaches. Both approaches, for example, are considering adding differential privacy features. Operationally, STAR performs best when k is within the range 10-100 and it is being argued that such a range is insufficient for Internet-scale use cases. Operationally, DAP can benefit from a more distributed computation model (using helpers) but this is offset by performance loss due to the volume of network traffic generated. DAP is already at a performance deficit compared to STAR, partially because it handles the negative impact of malicious clients (those that purposely submit erroneous values). Will we see a unified approach in the future? I sense there’s a long way to go here.

The concept of web filtering - raised initially at IETF115 - was again discussed in a side meeting hosted by the Internet Watch Foundation who are focused on combating child abuse, trafficking and exploitation, a problem they say is exacerbated by the distribution of specific types of content on the Internet. IWF is raising this problem within the IETF in hope of a technical solution to finding and removing the types of content that encourage, they say, these behaviors. This problem area strikes at the heart of the design of the Internet which, at its core, is content-neutral. Perhaps more importantly, there is significant concern that tools developed to suit this particular use case could be easily adapted to induce censorship of less well-defined content and for less-altruistic purposes.

March 28, 2023 00:00

March 27, 2023

Privacy Browser

Privacy Browser Android 3.13.4

Privacy Browser Android 3.13.4 was released on 27 March 2023. The timing of this release was dictated by a fix to a problem introduced in 3.13.3. That release fixed a serious bug that sometimes caused the active tab to not be the current tab when the app was restarted, which meant that doing things like enabling JavaScript on the current tab would actually enable it on a different tab. In fixing that problem a new one was introduced, which caused the app to crash if it was restarted through an intent that didn’t create a new tab (like tapping the icon in the launcher) and then the user attempted to do something like change the URL of the current tab without switching tabs first. This was caused because, instead of setting the wrong tab to be active, no tab was sometimes set to be active in these circumstances.

Two other changes had already been queued up and were included in this release. The first was the addition of a monochrome icon that users can opt to use beginning in Android 13.

Cute kids! Also, some people like icons that are all the same color.

The minimum API was bumped to 24 (Android 7) because Google has cut off WebView updates for older versions of Android. This means that devices running Android 6 (the previous minimum API) will not be able to update to 3.13.4.

Now that Privacy Browser PC 0.1 has been release I intend to spend a little more time working on Privacy Browser Android. I expect this to be the last release of the 3.13 series, with the next version being 3.14.

by Soren Stoutner at March 27, 2023 21:15


Meet my Friend, Jack

It’s only been a few weeks since we last talked about Librem-EC, but here we are again!  This time instead of power management, we’re looking at the headset jack, which had two longstanding issues.  Although headphones worked, the jack detect did not, so you had to select the output manually.  Microphone input has never worked. […]

The post Meet my Friend, Jack appeared first on Purism.

by Jonathon Hall at March 27, 2023 15:45

March 24, 2023


3 reasons why updates are important: No. 1 is Security!

If you search the web for why software updates are important, you will get loads of results that say there are "3 or 5 reasons why software updates are important". While this may be correct, there is only one major reason why you must keep your software up to date: Security. This has been dramatically proven by the LastPass breach.

March 24, 2023 00:00

March 23, 2023

Privacy Browser

Privacy Browser PC 0.1

Privacy Browser PC 0.1 was released on 11 March 2023. It is the culmination of a lot of work, but just the beginning what is needed to get Privacy Browser PC to the stage where it can create some serious browser competition on PCs.

Users are encouraged to read the Handbook (press F1 inside the program). At this stage a few core features are implemented, like domain settings. However, there are still many features that aren’t implemented and a number of other features that have significant bugs.

Users are encouraged to submit bug reports against any existing features that are not working correctly. At this point it generally isn’t helpful to create feature requests for all the missing features, but users can expect that all the implemented and planned features in Privacy Browser Android will also be implemented in Privacy Browser PC. I will add feature requests for them as each one gets closer and I have a better idea of how to implement them.

The changelog and downloads page has links to the source code and a .deb package. The .deb is available in the Debian experimental repository. Debian is currently in freeze in preparation for the release of Bookworm (Debian 13), which is why the Privacy Browser package targets experimental. Once Bookworm is released, Privacy Browser will be uploaded to unstable and then follow the normal migration process.

Currently there are only Debian Linux packages. As most Linux distributions descend from Debian, this should be installable for most Linux users. When the project reaches beta status I intend to also have a Windows binary (which might be based on Windows Subsystem for Linux if I can make it work well).

by Soren Stoutner at March 23, 2023 18:37

March 22, 2023


Bootstrapping Trust with Anti-Interdiction

How do you bootstrap trust when you have to order a trusted computer from an untrusted one? One way is with our anti-interdiction services and in this article I will talk through how that works. There are many different reasons why customers add our anti-interdiction services to their phone or laptop orders. When you sign […]

The post Bootstrapping Trust with Anti-Interdiction appeared first on Purism.

by Kyle Rankin at March 22, 2023 16:30

March 21, 2023


Forbes Cybersecurity Trends For 2023 Meet Purism Supply Chain Security Standards

PureOS Offers End-to-End Supply Chain Software and Firmware Security According to the Forbes Article, “Cybersecurity Trends & Statistics for 2023”, there are eight macro risks to watch out for in 2023 according to the Bipartisan Policy Research Center which include the following: Evolving Geopolitical Environment- Supply chain threats due to the Russian Ukraine war. Accelerating […]

The post Forbes Cybersecurity Trends For 2023 Meet Purism Supply Chain Security Standards appeared first on Purism.

by Rex M. Lee at March 21, 2023 15:25


US federal agencies required to adopt post-quantum security, private sector advised to follow

New US legislation aims to protect federal systems and data from the threat of quantum-enabled data breaches and cyber attacks. Becoming "quantum resistant" is now a strategic goal for the US government. The same is going to be true for the private sector soon.

March 21, 2023 00:00

March 20, 2023

This Week in F-Droid

A new F-Droid board for a new era of growth

THE INTERNET, 20 March 2023 — The global F-Droid community is pleased to announce that it has officially accepted the merge request to adopt an official governance plan, and an inaugural board of directors consisting of community-nominated members.

The community has been legally established through The Commons Conservancy, a Netherlands-based foundation (“Stichting”) that exists as a home for technology efforts in the public interest. While The Commons Conservancy is our official and new legal home, F-Droid has established its own independent volunteer board of directors, who are entrusted by the F-Droid community to develop strategy, identify areas of improvement, help to resolve conflicts, and oversee technical projects and decisions by the community to reduce risk and increase trust of F-Droid users around the world. With so many recent changes to existing app store policies and government regulations, it’s an interesting time for FOSS app stores like F-Droid. (Our new board member John Sullivan recently spoke about this during FOSDEM 2023.)

For the past several months, prospective board members drafted and refined internal organizational statutes and regulations which will become part of The Commons Conservancy’s organizing documents, and which will also live and grow in the existing F-Droid administrative repositories where community members can provide feedback over time to improve governance. The official statutes were voted and approved by the board on 19 January, and the first official meeting of the board took place on 16 February.

Inaugural board members were selected through F-Droid community discussion and will serve in staggered 2-year terms: Morgan Lemmer Webber (Chair), John Sullivan (Vice Chair), Michael Downey (Treasurer), Matthias Kirschner, Andrew Lewman (Clerk), and Max Mehl. The Board also includes a special role of Technical Lead which will ensure representation of the F-Droid developer community, initially filled by Hans-Christoph Steiner.

Screenshot of Jitsi meeting with several board members and observers, following signing of statutes. Board members and community observers attend the virtual singing of the board statutes.

Although announcements of new governance bodies for free & open source software projects often include plans for the new organization to raise money, the F-Droid community plans to retain its existing donations model with individual donors contributing directly to community members via Liberapay and Open Collective. The newly-established Board of Directors has created a treasurer role, who will work with the existing stewards of those funds to help ensure funds are spent on the most impactful and important community priorities.

“The significant investments of creativity and energy by our community volunteers has made F-Droid the leading FOSS mobile app catalogue,” said Morgan Lemmer Webber, the newly-elected Chair of the Board of Directors. “We are very excited to be able to help guide the project through its next phases of growth and maturity by providing advice and resources to everyone who has been involved in making F-Droid a success, and those who are eager to join us with their individual talents and skills.”

The new Board would like to thank everyone from the community who participated in this process over the past few months, with extra thanks to those who helped in drafting our new foundational documents, including Rivka Karasik, Andrew Lewman, Michael Pöhn, Jochen Sprickerhof, and Licaon_Kter.

To download F-Droid and start using it today, head to For more information about the new F-Droid Board of Directors, review the newly-adopted Statutes or Roles & Regulations documents in the F-Droid administrative code repository. And if you’d like to contribute to our ongoing work, we look forward to you joining the community! We also look forward to hearing from you in our online forum, chat channels, and on the Fediverse.

For more information about The Commons Conservancy, visit:

by downeym at March 20, 2023 00:00

March 17, 2023


Conversation with Kyle Rankin, President, Purism and Matthias Kirschner, President at Free Software Foundation Europe.

Matthias Kirschner, President at Free Software Foundation Europe, recently launched Ada & Zangemann: A Tale of Software, Skateboards, and Raspberry Ice Cream. This children’s book is delightfully illustrated by Sandra Brandstätter. The book is published under CC-BY-SA and can be purchased online at FSFE or here. Kyle Rankin, President caught up with Matthias Kirschner to […]

The post Conversation with Kyle Rankin, President, Purism and Matthias Kirschner, President at Free Software Foundation Europe. appeared first on Purism.

by Purism at March 17, 2023 08:44

March 16, 2023

/e/ foundation

Leaving Apple & Google: Take part in our survey, Welcome /e/OS 1.9

Leaving Apple & Google: Take part in our survey, Welcome /e/OS 1.9

  • Take part in our survey
  • Welcome /e/OS 1.9 

Take part in our survey

Contribute to the project by sharing your feedback!

We are currently conducting an anonymous segmentation survey to better understand our user base regarding technology and privacy related services. This will, in turn, allow us to continue to improve the OS and services we offer as well as help us find more people for whom /e/OS would be a good fit.

The survey is available in English, French, German, Italian and Spanish. If you would like to participate and share about your experience with /e/OS & Murena you can follow the link here.

Your feedback is invaluable to the success of the project!

Welcome /e/OS 1.9 !

We are happy to release a new version of /e/OS! Enjoy new improvements it embeds. 

We’ve made slight changes in widget names for better consistency, added improvements & fixes in several apps (App Lounge, Mail, Advanced Privacy & eDrive…). 

To benefit from all new features and improvements, update your phone in ‘System updates’ in your phone settings menu to /e/OS 1.9.

As always, make sure you have the latest update running on your phone!

Support the project!

User’s data privacy and finding alternatives to regain control over our data has never been a more pressing issue than it is today. The timing is great to build something new!

Your contribution is key to the success of an ambitious project like ours!

Contribute, test & report bugs in /e/OS

Share on social media

Join the Community


by Veronika Pozdniakova at March 16, 2023 14:34


Toward Matrix support in Chats – Part 2

Matrix integration within the Chats app is progressing and this post is detailing the development progress since the last one. This update is not so much about new features but more about bug fixes and great improvements that make Chats slowly becoming an everyday “1 to 1” and “small groups” messaging app for both SMS/MMS […]

The post Toward Matrix support in Chats – Part 2 appeared first on Purism.

by François Téchené at March 16, 2023 14:19

March 15, 2023


Desktop Apps on the Lapdock

The Librem 5 and Librem 5 USA is our pocket-sized computer running nearly the exact software as our Librem 14 Laptop. Some desktop applications don’t yet adapt to the Librem 5 screen, but with a Lapdock Kit you can run a full suite of desktop applications like on the Librem 14. Let’s look at some […]

The post Desktop Apps on the Lapdock appeared first on Purism.

by David Hamner at March 15, 2023 21:57


WhatsApp joins the fight against UK’s proposed version of the Online Safety Bill

Secure communication apps are lining up to oppose measures in the U.K.’s Online Safety Bill (OSB) that would make the web less safe for everyone.

March 15, 2023 00:00

March 14, 2023

Privacy Browser

Stoutner Will Never Sell Privacy Browser to a Scummy Company

I received the following email this morning:

To the Founder of Privacy Browser,

Greetings to Arizona! I’m Charlie, the founder of Appflip – A Broker for mobile apps that helps communications app owners sell their app for a maximum exit value. My team flagged Privacy Browser because of your 4,2 star rating and your 312 reviews on the US Play Store – very impressive.

We’ve helped multiple owners exit their app for a value they are happy with.

We’ve had founders close a deal for their app within 1 month of our initial call with them.

Are you free for a quick call this week to discuss this further?

Thanks in advance for your reply.

Charlie Ryan – Founder of Appflip

There have been a few good open source projects that have done this, a recent example being Audacity. Every open source project eventually has to transition away from the founder. My plan is that, as Privacy Browser grows bigger, I will hire a core team of open source developers to work on it full time. As I work with that group I will come to know them, their wisdom, and their commitment to the open source movement and what Privacy Browser is attempting to accomplish. When it comes time for me to retire, I will hand the reins to a person or group of people from this development pool that have proven themselves to have the users’ best privacy interests at heart.

If for some reason I am not able to identify a person or group of people who I feel would be good stewards of Privacy Browser, I will move the source code repositories to a platform like GitLab. Those interested in continuing the work can fork it and individual users can pick whichever fork they consider to best continue the original project.

Of course, at any point, anyone willing to comply with the requirements of the GPLv3+ license can fork the code and make a competitor. If anyone is able to do so and better meet users’ needs they deserve to gain a following. However, as long as Stoutner remains true to its stated values, I would expect that other developers will feel inclined to submit their code directly to the parent project.

by Soren Stoutner at March 14, 2023 00:37


Collateral Victims of Sting Operations: The Risks of Closed-Source Software

Law enforcement use closed-source "secure" communication tools to catch criminals, but this compromises the privacy of law-abiding users. Exclu, An0m, EncroChat - these all prove why only open source software can be trusted.

March 14, 2023 00:00

March 13, 2023

Privacy Browser

Privacy Browser Android 3.13.3

Privacy Browser Android 3.13.3 was released on 13 March 2023. It contains a fix for the current tab not always being the active tab after restart. When Privacy Browser is stopped in the background because the OS needs the RAM, it stores the current state of each WebView in an app bundle called the SavedInstanceState. When it is restarted it restores the state of each WebView. All of this happens asynchronously, meaning that each tab is reloaded simultaneously. Sometimes this would cause the logic that restores the active tab to fail, with one tab being displayed to the user but a different tab being set as the current tab. Hopefully this fix handles all the corner cases.

by Soren Stoutner at March 13, 2023 22:31


No more custom domains in Microsoft Outlook?

Microsoft will stop letting you create custom domain email addresses in - but we've got you covered. Check out what Tutanota can do for you!

March 13, 2023 00:00

March 10, 2023


Terrain on the map

Hi Everybody!

OsmAnd has the ability to display terrain offline in a variety of ways: contour lines, hillshades, slopes, altitude graphs..


In the last releases for Android, we added Pro features with Elevation data. The Elevation widget shows a graph with the elevation and slope of your navigation route and your current location on this graph with the current altitude and slope. The graph is plotted on two axes. The X-axis is the distance of your route. The Y-axis is the altitude above sea level, the value of which depends on the relief, and the slope is displayed as a percentage.

The relief of the terrain has a great influence on the trip. Of course, it's very important to know what uphills and downhills await us on the way. In OsmAnd you can see the Altitude graph when building a route. The graphs can be worked with both GPX tracks and routes.

Contour lines and Terrain


Available for Android and iOS. Paid feature.

Contour lines and relief are our first integrated features for the app to customize and display relief information. These features are available for both Android and iOS versions of the OsmAnd app. Read about it in the Contour lines Plugin article.

Contour lines Slopes

Elevation graphs


Available for Android and iOS. Free feature.

During the navigation route building you are provided with Altitude and Slope data in the form of a graph, and with the "Analyze on map" function you can find out additional, more detailed information about the route.

A detailed description of the graph you can find in the Altitude section of the Track Context Menu article.

Altitude graph

OsmAnd Pro terrain features

Our team has added features for users of the Android and iOS versions of the app with an OsmAnd Pro subscription :

Elevation widget


Available for Android only.

The Elevation widget shows a graph with the elevation and slope of your navigation route and your current location on this graph with current altitude and slope. This is a paid feature for OsmAnd Pro subscribers.

Elevation widget

Online Elevation profile


Available for Android only.

Online Elevation profile is our paid OsmAnd Pro subscription feature. It allows you to calculate elevation profile for each points on your GPX track. The feature only works in online mode.

Online elevation profile

3D Heightmap


Available for Android and iOS.

How to start testing 3D relief right now:

  1. Download and install OsmAnd 4.3+ for Android or iOS.
  2. Enable Plugin: OsmAnd Development → Settings → _Heightmap.
  3. Download Heightmap maps for your region in the Download map menu.
  4. Enjoy it.

3D relief offline

"Elevation: map center" widget


Available for Android.

The data of elevation is from Heightmap. How to switch on the widget:

  1. Download and install OsmAnd 4.3+ for Android.
  2. Enable Plugin: OsmAnd Development → Settings → _Heightmap.
  3. Download Heightmap maps for your region in the Download map menu.
  4. Switch on the widget: Menu → Configure screen → Left / Right panel → Altitude.

Map center elevation

Follow OsmAnd at Facebook, Twitter, and Reddit!

Join us at our groups of Telegram (OsmAnd News channel), (EN), (IT), (FR), (DE), (RU), (UA), (ES), (PL), (AR), (TR).

March 10, 2023 00:00

March 08, 2023


Where is My Librem 5? Part 3

This is the third in a series of posts updating our progress in shipping through the backlog of mass-produced Librem 5 orders. If you have not yet read Part 1 and Part 2, I recommend you do so, as in those parts I discuss our current strategy of splitting the remaining Librem 5 orders into […]

The post Where is My Librem 5? Part 3 appeared first on Purism.

by Kyle Rankin at March 08, 2023 20:13

This Week in F-Droid

VPN trust requires free software

VPNs have become popular and are often touted as a tool to improve privacy. While this is sometimes true, it is important to tread carefully when choosing an VPN. A good place to start is looking at which VPN providers meet the requirements for running a trustworthy VPN service. A trustworthy VPNs must be free software, that is non-negotiable. First, inspection is required in order trust software. Having the source is the only way to see all the things the software is doing. F-Droid reviews the apps that we ship on this website, which lets us spot potential issues and anti-features. And we are happy to hear that reputable VPN providers make the effort to get their apps on to build trust with their users. From there, Reproducible Builds provides a strong link between the source code and the actual app binaries that run on the device.

The best VPNs are the ones that use free software both for the client app, and for running the services. Indeed all OpenVPN, Shadowsocks, and WireGuard VPNs are based on free software since those standards are defined by free software projects. F-Droid looks into this as part of the reviews, and marks apps with relevant Anti-Features, like the Non-Free Network Services mark if the server side is not free software. And there are a number of free software projects that make it a lot easier to setup and run a VPN or proxy services. Here are some that are on

So far, none of the VPN providers have taken the plunge into fully supporting reproducible builds. There is some progress: some of the releases of WireGuard, Tailscale, and Mysterium VPN have been reproduced on our verification server. But these apps are not setup for the full reproducible publishing setup, which confirms that the version matches the upstream developer’s version exactly, then publishes with the upstream signature. The F-Droid community is helping more and more apps achieve reproducible builds, which VPN app will be the first?

There are also a number of apps that are dedicated to a given provider. Although there are generic clients available, there are good reasons for a free software provider to ship a custom app. First, it can make configuration dead simple. Calyx VPN and Riseup VPN have no accounts at all, so just install the app, and turn on the VPN. Second, it allows the provider to include multiple methods of connecting and automatically switch between them, depending on what works best. We decide which apps to include based on what is best for the users. A VPN client that offers no additional functionality and just serves as a rebrand of an existing client does not serve users well. In order for an app from a specific provider to be included, it must provide real value to our users. Here is a list of some related examples:

We also get lots of direct messages asking us to include various proprietary VPN apps, or promote various VPN services for a fee. That is of course a non-starter. The first step is free software.

by eighthave at March 08, 2023 00:00

March 07, 2023

Privacy Browser

Recommend Site-Per-Process DevTools Flag

After testing it for a while and finding no downsides besides a personally unnoticeable increase in RAM usage, I have decided to recommend that users enable the site-per-process WebView DevTools flag, which can increase security when malicious JavaScript compromises the rendering process. There are more details on the WebView DevTools page.

by Soren Stoutner at March 07, 2023 22:18

WebView DevTools

Privacy Browser Android uses Android’s WebView to render web pages. WebView provides fairly limited controls compared to the upstream Chromium source. However, there are small set of user-configurable controls that Google has baked into WebView. Users can tweak these controls using WebView DevTools. If you are using a pre-stable channel (Beta, Dev, or Canary) there is a launcher icon for WebView DevTools. Users on the stable release of WebView are not provided with such a launcher, but it is possible for another program, like Privacy Browser, to include an intent that does launch it. Beginning with the 3.12 release, Privacy Browser has a WebView DevTools launcher in the navigation drawer.

Open to me the secrets of the WebView!

By default, if you change any of the WebView flags, a persistent notification will be displayed in the status bar to warn you of how dangerous your life is. But that can be disabled if desired.


It is important to note that any changes made to WebView DevTools affects the way WebView works in all the apps on your device. These are not Privacy Browser specific settings. As such, it will affect any other browser based on WebView, like Lightning and FOSS Browser, as well as any other app that uses WebView to display documentation and information or interact with the internet (there are a number of apps that use WebView to handle logins). Privacy Browser will need to be restarted for any changes made in WebView DevTools to take effect. In addition, changes to WebView DevTools will need to be made on each of your devices and will not be carried over with an import of Privacy Browser’s settings to a new device.

The purpose of this page is to document any options in WebView that are likely to be of interest to Privacy Browser’s users. The available options can change with each WebView release. If you become aware of any option that ought to be added to this page, feel free to leave a comment at the bottom or to post a suggestion to the forum.

X-Requested-With Header

The first flag that most users want to alter is WebViewXRequestedWithHeaderControl.

That doesn’t even sound grammatically correct.

The X-Requested-With header is discussed in some depth in a separate post. Needless to say, Google is highly incentivized to make it easy to track you around the web, and adding this to Android’s WebView makes it easier to do so. I have found that companies like Google, who have such conflicts of interest, often have a very hard time setting defaults that are in the best interest of their users.

Site Isolation

The site-per-process flag enables site isolation.

Everybody keep your hands to yourself!

Site isolation adds an extra layer of protection against malicious JavaScript from one tab being able to steal data from another tab. It requires extra RAM to run each site in a separate tab, but in my testing it isn’t much of a noticeable difference.

by Soren Stoutner at March 07, 2023 21:06


Update for the Librem 5 Support in Mainline Linux

Following up on the higher-level report on the state of  the mainline Linux in August 2021 where we announced a “usable” devkit in fully mainline Linux, let’s focus on the phone and see how things look like right now. As you might know, the latest Linux kernel tree we ship to users contains lots of changes […]

The post Update for the Librem 5 Support in Mainline Linux appeared first on Purism.

by Martin Kepplinger at March 07, 2023 11:17

March 04, 2023

Guardian Project

Arti, next-gen Tor on mobile

For software projects with recurring bugs, efficiency or security issues there’s a joke making the rounds in the software industry: “Let’s re-write it in Rust!” It’s a fairly new low-level programming language with the declared goal to help developers avoid entire classes of bugs, security issues and other pitfalls. Re-writing software is very time consuming, so it rarely happens, especially when just one more fix will keep a project up and running.

Tor-Project was started in 2001 using the C programming lanugage. However a few years ago they set out to actually re-write their project in Rust. That projects codename is Arti and it was first released in 2022. While Arti is working great, it doesn’t have all features of the original Tor implementation yet. However, they are steadily working on getting there. For example, rough Pluggable Transports support was added to Arti in the recent 1.1.0 release.

We already have early test builds of Arti running on both Android and iOS. The integration we came up with is pretty basic, but so far it seems to work reliable for accessing the Tor network. Maintaining code for both iOS and Android in the same project will hopefully simplify shipping new Arti releases for us, make integrating Tor capabilities into any app simpler. To make it useful for the broader mobile developer community, we’re also investigating whether we can provide easy to use API bindings. We’ve created a sample app on Android to test and illustrate what a minimalistic integration of Arti looks like. It’s as simple as adding a few lines of code.

Support for features like advanced censorship circumvention or onion services is not exactly straight forward on mobile operating systems, because they tend to be way more locked down than traditional computers. Currently, we can successfully test pluggable transports in “managed” mode on old versions of Android. However this technique will likely not work on the latest version of Android and never worked iOS to begin with. We have shared our findings with the Arti developer team and hope they’ll work on getting us to full Pluggable Transports support, integraing with our existing IPtProxy Library soon.

March 04, 2023 14:00

March 02, 2023


Sticking with Cobalt Blue

A call upon the industry to engage more – not less! – in ASM cobalt mining.

Seven years after Amnesty International’s report “This is what we die for”, cobalt mining in the Democratic Republic of Congo (DRC) is again in the headlines, with a focus on the continuous dangers and challenges connected to artisanal cobalt mining, and with companies being pointed out for using cobalt from these mines while not doing enough to support improvement.

Cobalt is a mineral used in our Fairphone battery, and is a crucial material for the global transition to green energy, including in the electronics and automotive industries amongst others. At Fairphone, we are the first to say that the working conditions in artisanal cobalt mining in the DRC are still not acceptable, that miners are still exposed to dangers and don’t have protective equipment, and that there are still children working in hazardous and damaging environments at mine sites. In the last seven years, not sufficient progress was made in addressing these issues.

And it’s precisely because of these extreme issues that we co-founded the Fair Cobalt Alliance (FCA) in 2020. With the FCA, we choose to directly engage at the mines on the ground in DRC – because we believe we have a responsibility to invest in and contribute to improvements that are needed to positively change the conditions for these miners and their communities.

The FCA brings together industry, civil society and government and has been working to improve working conditions and health and safety at the Kamilombe mine site. The FCA also established a holistic program to address and remediate child labor in and around mine sites, and is enabling mining communities to diversify their economic opportunities. 

Beyond addressing these risks and harsh conditions that are still a reality in our sectors’ supply chain, the reason why we engage with artisanal miners in the DRC is also that this sector has a huge potential to help develop the region and reduce poverty. Artisanal miners in DRC produce about 13% of cobalt globally, providing income for up to 100,000 people (depending on seasonality and commodity prices), and the DRC (combining both artisanal and industrial production) accounts for about 70% of global cobalt production in total.

But profound and lasting change won’t happen overnight.

With the FCA, we have set out to support the reform of an entire sector. There are no simple or quick solutions to formalize and improve artisanal mining. Demonizing the miners will harm rather than help because banning or excluding the most vulnerable and marginalized in our industry from global supply chains will push them out of their livelihood.

Instead, artisanal mining is a way for the local population to benefit from the increasing demand of critical minerals such as cobalt, needed for the energy transition. Artisanal cobalt miners can earn a significant income (depending on seasonality and prices), in a context where poverty is widespread and few other gainful employment opportunities are available, especially for those with little formal education or job prospects, those who have lost their land due to climate change or other land uses (including industrial mining), or those who have migrated to the area fleeing from conflict.

At Fairphone, we are therefore convinced that artisanal mining can be transformed into responsible and safe small- and medium-scale enterprises over time, creating a multiplier effect in the local economy.

So, we need to ask ourselves, as an industry: If we distance ourselves from artisanal- and small-scale miners, do we help ourselves, or do we help them? For Fairphone it is clear: we want to engage and be part of the solution, rather than disengage to have a ‘clean west’ – which we believe is akin to greenwashing.

A fair transition to an inclusive and green economy means engaging with and investing in the artisanal- and small-scale mining sector in DRC, and it means sticking to it over the long term. From the start, Fairphone’s approach has been to foster progressive improvement, to take one step after the other, to listen to and bring along everyone. 

This is why things take time, and also why so much more still needs to be done: Artisanal miners need legal status and productive mine sites, expertise and infrastructure to build safer mines, protective equipment, and fair compensation for their labor. Children, youth and their families need a safe space and support to go back to school or to learn a trade that can help them provide for themselves or their families, without being exposed to the hazardous environment of a mine- and not just at one mine site, but across the sector. Communities should be able to save their earnings and invest them into health, education and economic activities, and not only bear the brunt of the negative impacts of mining.

All this can only be achieved in a multi-stakeholder effort, such as the FCA. Businesses along the cobalt value chain have a crucial role to play, and so does the government, by helping to create an enabling legal and political context. And of course civil society, to make the voices of miners and communities heard. We can only achieve a transformation of the sector if it is a joint effort with everyone making a long-term commitment. Only in this way can we make sure that the green energy transition does not lead to further exploitation of the vulnerable, and that local communities and the DRC as a country benefit.

We call upon our industry peers to engage and not look away. Collaborate, invest – and above all, listen to the producers, the miners, and their communities. If we truly want a fair transition, we have to do more and we have to do it faster.

You are still reading and want to know more details about Fairphone’s approach to cobalt sourcing?  Here are the answers to some frequently asked questions:

  1. Where does Fairphone source its cobalt from?

Fairphone does not mine or source cobalt directly – rather, cobalt is used in the Fairphone’s battery. Until it gets into the battery from the mines, there are many actors, manufacturing stages and geographical locations in between: from the extraction point at the mine, cobalt typically goes to a processing plant, then a refiner, to precursor manufacturing, to cathode manufacturing, to battery cell and finally battery packaging, before the finished battery is assembled into our phone. At each of these stages, cobalt from different mines and sources is typically mixed together, making it very difficult and uneconomical to differentiate individual mines and sources. However, we know that the DRC accounts for a very large proportion of global cobalt production (74% of globally mined cobalt in 2021), and within that, artisanal sources alone amount to 13% of global production. Therefore it is safe to say that there is a high likelihood of cobalt from the DRC and from artisanal mines flowing into the electronics supply chain, including into Fairphone’s.

This is precisely why we established the Fair Cobalt Alliance – we want to engage and invest where the issues are biggest and where we can have a positive impact on the livelihoods of many thousands of people. We choose to engage and support rather than exclude and marginalize those who are already the poorest and weakest in our supply chain.

  1. How can Fairphone prove that its cobalt is mined ethically?

A significant share of global cobalt production, about 13%, is produced by artisanal and small-scale miners, mainly in the DRC. This cobalt is refined, mixed and processed with other sources at various stages and through that ends up in global value chains – with a high likelihood also in Fairphone’s. 

This is why from the very beginning, Fairphone has been investigating how to improve the cobalt supply chain and production. Instead of turning away from DRC and artisanal miners because there are high human rights and environmental risks, we want to stay engaged on the ground and be part of a solution. ASM is a very important livelihood in DRC, and we want to help improve it and make it safer. This is why we co-founded the Fair Cobalt Alliance.

The Fair Cobalt Alliance’s work is based on an in-depth assessment of the conditions at ASM sites in DRC – this assessment was done in 2020 and published by our partner The Impact Facility here: Digging for Change. Today, the FCA works directly with an ASM cooperative on an ASM mine site in DRC. Two of the key pillars of the program is to professionalize and improve the mine site and working conditions, and to ensure that child labor is prevented and remediated in a holistic way.

Fairphone and the FCA recognize that current conditions are not acceptable and at the same time are convinced that ASM can be done in a responsible way. That is why we focus on a step-by-step continuous improvement approach and why Fairphone, together with the FCA, developed an ASM Cobalt Framework which provides Environmental, Social & Governance benchmarks to measure the progress and improvements at the mine site over time.

All of this takes time, investment and most of all, collaboration with partners on the ground. We are the first to recognize that the conditions on the ASM mine sites are not yet good. But over the course of the last two years, some first improvements have materialized. This includes the training of health and safety captains at the mine site, a system for the provision of personal protective equipment for the women cobalt washers, and establishing a health and safety committee to monitor incidents. For more detailed information on activities and progress, you can access the FCA’s quarterly and annual report here.

There is still a lot to do and many challenges and difficulties to face. And Fairphone is in it for the long term – because only with long term engagement can we get to a point where ASM cobalt production is safe and responsible.

  1. How does Fairphone check its supply chain of cobalt?

On an annual basis, Fairphone requests its suppliers to provide information on all the cobalt refineries in our and their supply chain. This is done by using the Extended Minerals Reporting Template (EMRT) of the Responsible Minerals Initiative (RMI), which forms part of the Responsible Business Alliance (RBA). We then analyze the data from our suppliers and check the reported refiners against the RMI’s list of certified cobalt refiners. These are refiners that are undergoing or have undergone the RMI’s Responsible Minerals Assurance Process (RMAP) – meaning they have been audited against the RMI’s Cobalt Refiner Due Diligence Standard, which certifies that the refiner has put in place the necessary measures to check, prevent and mitigate gross human rights abuses related to the sources and mines it buys from. Where we find refiners that have not yet undergone an audit, we aim to conduct outreach to convince the refiner to undergo such an audit. Where we find a refiner that has failed an audit, we aim to first engage and request improvement and only disengage from it as a last resort if no improvements are made over time. As a small company, we cannot do all of this outreach alone, and also rely on support from industry associations such as the RMI and industry peers.

We publish the list of our cobalt refiners, their location and their certification status in our Supply Chain Engagement Report, which is published annually. Here the link to the report for 2021; the report for 2022 will be published in April 2023.

  1. Why doesn’t Fairphone just use cobalt from other countries than the DRC?

Our goal is to stay engaged and use our buying power to drive for a positive change where improvements are most needed, instead of walking away from difficult contexts and ignoring the challenges there. Artisanal cobalt mining in the DRC is a crucial livelihood for thousands of people who have little other alternatives, due to poverty and the lack of gainful employment. We recognize that this is linked to a lot of challenges and impacts, but this is precisely why we want to engage and invest in this context. We choose to engage and support rather than exclude and marginalize those who are already the poorest and weakest in our supply chain. It is in contexts like the DRC where Fairphone can have the most positive impact.

  1. What does Fairphone concretely do on the ground in DRC to improve things? What has been achieved so far and what are Fairphone’s goals for its cobalt sourcing?

Fairphone engages and invests on the ground in DRC through the Fair Cobalt Alliance (FCA), which it co-founded in 2020. The FCA works directly with artisanal mining cooperatives and surrounding communities around the city of Kolwezi in DRC, where most cobalt is mined. Fairphone’s goals are aligned with the FCA’s, namely: 

  • to professionalize the ASM sector by investing in and supporting responsible and safe mining practices, creating dignified working conditions, and enabling fair compensation of workers
  • to work towards child-labor-free communities, where the root causes of child labor are tackled in a holistic manner
  • And to enable sustainable livelihoods and economic diversification of mining communities.

This year, we aim to work especially on the integration of artisanally mined cobalt into responsible supply chains, linking ASM producers with responsible markets. Ultimately we want to see an ASM sector consisting of responsible and safe small and medium-sized mining enterprises, contributing to the development of local communities and DRC as a whole.

Details about the FCA’s overall goals, its workstreams and activities, and the progress to date can be found on its website.

  1. Can recycled cobalt be an alternative option?

In general, using recycled materials is a first step towards a circular economy, and is therefore something Fairphone aims towards. While cobalt is recyclable in principle, and industry is using recycled cobalt already, there are a few barriers that we still encounter:

  • First, until now, one of the main sources of recycled cobalt came from consumer batteries (such as in mobile phones). But due to the limited quantity and concentration of cobalt in consumer batteries, the corresponding development of recycling infrastructure to recover cobalt from such batteries has been limited. In other words, the available amount of recycled cobalt that can be re-integrated into new batteries is still small. It is not economically attractive at present, because the collection rate and the amount of cobalt are low.
  • Second, the demand for electric vehicles (EV) is now growing fast, leading to enough incentive for recycling cobalt from these EV batteries. However, along with the huge demand growth driven by the green energy transition and EVs, car batteries may last 6-10 years, and only then are they expected to become a large source of recycled cobalt. And even so, there are still challenges in purification and economic feasibility for recycling cobalt from EV batteries to be used in consumer batteries (such as in Fairphone products). We are currently exploring this with our suppliers. Ultimately, researchers predict that recycled cobalt will only account for 15% of the estimated global demand in 2030. It shows that with rapidly increased demand and relatively long battery life, cobalt mining will remain relevant and in need of our attention.
  • Thirdly, collecting more waste consumer batteries is surely an option. But batteries are classified as a hazardous good and therefore their transport, storage and handling are subject to strict safeguards and standards. This is why our take-back program of e-waste from informal waste dumps in Africa with our partners Closing The Loop does not yet cover batteries.

Overall, we are exploring the use of recycled cobalt in our batteries when and where we can, but we also see the need to accompany this with two other measures: 1) Engage in improving mining, because we will remain dependent on mined sources for some time, and 2) contribute to improving recycling rates of batteries.

The post Sticking with Cobalt Blue appeared first on Fairphone.

by Angela at March 02, 2023 15:20

/e/ foundation

Leaving Apple & Google: Discover our new webmail! Watch Murena & /e/OS videos on PeerTube!

Leaving Apple & Google: Discover our new webmail! Watch Murena & /e/OS videos on PeerTube!

  • Discover our new webmail
  • Watch Murena & /e/OS videos on PeerTube! 

Discover our new webmail

We’re happy to introduce a new webmail in, better looking, more convenient to use and safer.  

This redesign will allow faster loading times, better integration with Murena Cloud like sharing a link to a file for recipients to download it, instead of sending the file in attachment. Not only it looks more  modern and refined, it works much better than our previous one.  

This new webmail also supports end-to-end encryption with OpenPGP so it  is now easier to send encrypted emails with a PGP key.  

For the technical users, this new webmail is based on the Snappymail project. We have added a custom theme, that anyone can download and set up on their own Snappy installation, here

We have also contributed with several fixes and feedback to the Snappy project on github.


Watch Murena & /e/OS videos on PeerTube

We are on Peertube! We listened to your kind suggestions, and we are pleased to announce that we have opened our channel on Peertube thanks to Framasoft team.  

We will add more videos shortly, for now, you can watch the replay of our Murena launch event held on May 2022. More videos to come! 

Support the project!

User’s data privacy and finding alternatives to regain control over our data has never been a more pressing issue than it is today. The timing is great to build something new!

Your contribution is key to the success of an ambitious project like ours!

Contribute, test & report bugs in /e/OS

Share on social media

Join the Community


by e_admin at March 02, 2023 11:28


Redesign of Tox’s Cryptographic Handshake

In 2017, Jason A. Donenfeld (known for WireGuard®) reported an issue in Tox’s handshake [1]. This issue is called “Key Compromise Impersonation” (KCI). I will try to explain the issue as simple as possible:

In Tox you don’t register an account (e.g. with username and password), but instead your identity is solely based on (asymmetric) cryptographic information, a so-called asymmetric key pair. Such a key pair consists of a public part (public key) and a private part (private key). The public part, as the naming suggests, is public and contained in your ToxID which you share with your contacts to be able to communicate with them via Tox. The private part, again as the name suggests, needs to stay private! If someone gets in possession of your private key, they stole your Tox identity. This could, for example, be the case if someone got physical access to your computer or successfully installed malware on your system, e.g. a so-called trojan horse, to be able to extract data from it. If this happens, you will most likely have multiple problems and your Tox identity may be just one of them. The password you enter when you create your Tox profile, e.g. when you first start qTox client, is used to encrypt your profile and also your private key on your disk. If you start qTox, you need to enter your password to decrypt your private key, to be able to communicate via Tox. Your private key is then stored unencrypted in memory (i.e. RAM) while qTox is running. This means an attacker either needs to get access to your password (steal or crack it) or to read your Tox private key from memory while your Tox chat client is running.

If someone successfully stole your Tox identity (i.e. this private key), they are you – at least in the context of Tox. So they can successfully impersonate you in Tox. Now in this case the KCI vulnerability leads to “interesting” behavior. It is clear that someone who stole your identity is able to impersonate you. But because of the KCI vulnerability, they may also be able to impersonate others to you. This means, to exploit this vulnerability in practice, someone not only needs to successfully steal your private key, but additionally:

  • Know the ToxIDs of your Tox friends to be able to impersonate them to you.
  • Control the network connection between you and your friend. This could be the case e.g. if they are in the same (public) WiFi as you, or via the Internet – which is way harder and is most likely only possible for state actors (e.g. the NSA).
  • Implement their own version of toxcore because it’s not possible to exploit this issue with the current implementation. There is no public exploit available which can just be used.

In summary, KCI is exploitable, but with a huge effort.

Anyway, this is a real vulnerability and it should be fixed. The current Tox handshake implementation is not state-of-the-art in cryptography and it also breaks the “do not roll your own crypto” principle. As a solution, there is a framework called Noise Protocol Framework (Noise, [2]) which can be used to create a new handshake for Tox. More precisely, the application of Noise will only change a part of Tox handshake — the so-called Authenticated Key Exchange (AKE). Noise-based protocols are already in use in e.g. WhatsApp, which uses it for encrypted client-to-server communication, and WireGuard®, which uses it for establishing Virtual Private Network (VPN) connections. Noise protocols can be used to implement End-to-End Encryption (E2EE) with (perfect) forward secrecy (which is also the case with the current Tox implementation), but further adds KCI-resilience to Tox.

Tobi (goldroom on GitHub) wrote his master’s thesis (“Adopting the Noise Key Exchange in Tox“) on the KCI issue in Tox, designed a new Handshake for Tox based on NoiseIK and implemented a proof-of-concept (PoC) for this new NoiseIK-based handshake by using Noise-C [3]. This PoC has a few drawbacks, which is why it should not be used in practice (see Appendix). If you want to know more about his master’s thesis, see the update in the initial KCI GitHub issue [4].

He applied for funding at NLnet foundation and their NGI Assure fund to continue his work on Tox and to be able to implement a production-ready Noise-based handshake for toxcore. Fortunately, this application was successful [5]. NGI Assure is made possible with financial support from the European Commission’s Next Generation Internet programme (

The objective of this project is to implement a new KCI-resistant handshake based on NoiseIK in c-toxcore, which is backwards compatible to the current KCI-vulnerable handshake to enable interoperability and smooth transition. The main part of this project is to implement NoiseIK directly in c-toxcore to remove Noise-C as a dependency (as the only other dependency for c-toxcore is NaCl/libsodium) which was used in the PoC and therefore improve maintainability of c-toxcore (see Appendix).

The tasks in this project are:

  • Implementation of a Noise-based AKE for the use in Tox’s handshake in c-toxcore
    • This task is to implement and test an AKE for the Tox handshake based on a Noise protocol (most likely Noise_IK_25519_ChaChaPoly_SHA512, but it may change due to new insights in c-toxcore).
  • Implementation of a symmetric transport phase encryption based on a Noise-based AKE/handshake
    • This task includes the implementation of a symmetric transport phase encryption based on the secret key(s) generated during the Noise-based AKE during the Tox handshake and evaluation of Noise’s rekey feature.
    • Subtasks:
      • Decision of which symmetric cipher to use for the Tox transport phase encryption (e.g. ChaCha20-Poly1305 or XSalsa20-Poly1305)
      • Evaluation of Noise’s rekey feature to allow for session rekeying to reduce the volume of data encrypted under a single cipher key (cf. section 11.3 of Noise specification, revision 34). This may not be applicable to be implemented in c-toxcore (e.g. changing keys may be expensive). Also, it may not be necessary for ChaCha20 / XSalsa20. Further, it’s dependent on how the transport phase encryption will be implemented.
  • Support for the Noise-based AKE and the KCI-vulnerable AKE for backwards compatibility
    • This task includes the implementation of a mechanism to fall back to the KCI-vulnerable handshake if one of both peers uses a legacy c-toxcore version to provide backwards compatibility for the handshake transition phase (e.g. via cookie phase (request and response) of Tox’s handshake).
  • Error handling and testing, Documentation, Blog posts

The plan is to implement this new handshake until July 2023. Since it’s not a trivial task, there are still some obstacles:

  1. In Noise it is necessary to differentiate between the initiator and responder of a handshake. Due to the architecture of Tox it is possible that both peers initiate and respond to a handshake at the same time.
  2. Tox is P2P and UDP-based. Therefore packets can be received out-of-order or be lost altogether. In the Noise specification this is only considered for transport messages (cf. [6]).
    • “Note that lossy and out-of-order message delivery introduces many other concerns (including out-of-order handshake messages and denial of service risks) which are outside the scope of this document.” (cf. [6])

Both points are not ideal for a handshake based on NoiseIK (i.e. it would be way easier to implement it in a client-server model using TCP), but it should be possible to work this out.

Tobi is available in #toktok ( as tobi/ and ready for any input, questions, remarks, discussions or complaints.


The PoC shouldn’t be used in practice/in production because it should be improved in the following aspects (for details see chapter five of Tobi’s thesis [4]):

  • The PoC was implemented by using the Noise-C library [3]. Instead of using the library, NoiseIK or more specifically the Noise_IK_25519_ChaChaPoly_SHA512 protocol will be implemented directly in c-toxcore. This will remove Noise-C as a dependency for toxcore (i.e. the only other dependency is NaCl/libsodium) and therefore improve maintainability. Additionally this will reduce the number of possibly vulnerable source lines of code.
    • Notes on maintainability: Noise-C has a lot of code/functionality which is not necessary for c-toxcore. Also Noise-C is currently (?) not actively maintained. If NoiseIK is implemented directly in c-toxcore it is only necessary to maintain the c-toxcore codebase and it is not necessary to care about Noise-C.
  • The PoC implementation uses the ChaCha20-Poly1305 AEAD cipher during the AKE/handshake and XSalsa20-Poly1305 during the transport phase. In this project it should be evaluated if it’s possible to also use ChaCha20 during the transport phase to only use one cipher instead of two different ones (XSalsa20 is not supported by the Noise framework). For details see chapter four of Tobi’s thesis.
  • Further testing of NoiseIK handshake behavior and improved error handling.
  • The PoC implementation is not backwards compatible with the current KCI-vulnerable Tox handshake. In this project a mechanism should be added to enable interoperability with clients based on an old c-toxcore version.


“WireGuard” is a registered trademark of Jason A. Donenfeld.

by tobi at March 02, 2023 04:42


"There is no prosecution at any cost."

On March 1, the German Parliament held a hearing in the Digital Committee on the EU Commission's draft law for client-side scanning to fight child sexual abuse online, also named 'chat control'. IT experts, civil libertarians, law enforcement officials and even child protectors agree: the EU's proposal does not protect children, but poses major risks to fundamental rights.

March 02, 2023 00:00

March 01, 2023

Pine 64

February update: things are taking shape

Let me start by apologizing to everyone for skipping yet another monthly community update. This has largely been my fault as I was rather busy in January and following FOSDEM at the start of February I found myself occupied with things related to the EU store. I hope for things to go back to normal now; you can expect future community updates at the end of each month as per usual. Again...


by Lukasz Erecinski at March 01, 2023 17:38

This Week in F-Droid

New repository format for faster and smaller updates

We just released version 1.16 of the official F-Droid client app for Android which includes many radical changes under the hood as well as many bug fixes for long standing issue. Read on for more details.

Growing repository size

As more and more apps make their way into F-Droid, the official repository index that includes all apps and their metadata also keeps growing. Currently, the size of the compressed index is 8 MB which is 33 MB uncompressed. When updating the repository index, each F-Droid client app has to download and process those 8MB again and again. This problematic trend became apparent a long time ago.

Updating only what has changed

Our repository index is in JSON format and we decided to make use of RFC 7396 JSON Merge Patch to create much smaller JSON files that only contain the changes since your F-Droid app last updated. Technically, this works by downloading a new entry.json file instead of the full index. This entry file points to the full index in case the app had never updated before and needs all app metadata anyway. But the entry also contains pointers to various smaller difference files. The app automatically picks the right diff and only downloads that much smaller file instead of the full index. This not only saves bandwidth, it also makes updating the index much faster as only the minimum amount of data needs to be downloaded, processed and stored. As of writing, the latest diff is 80 KB compressed which is 241 KB uncompressed which is only 1% of the full index. Version 1.16 of the official F-Droid client app for Android supports this new repository format.

Other improvements

The new version has a large number of radical changes under the hood. For example, the entire database had to be replaced to support the new difference based repository format. We also used the opportunity to improve various bit and pieces along the way:

  • improved mirror support: all files (e.g. images) now get loaded from mirrors reducing the load on the main server
  • better support for low RAM devices, because the index now gets streamed into the DB instead of loading all of it into memory
  • hash verification: The SHA256 hash of all files is now part of the repository metadata and gets verified while downloading
  • stronger digest algorithm for repository signing: We now use SHA256 instead of SHA1 for the index signature
  • support for downloading repository files via IPFS
  • many bug fixes that came out of modernizing ancient code

The new version went through a series of alpha releases with extended testing to make sure no severe issues make it into the stable release. It is now considered ready for general use.

Information for repository and client maintainers

Owners of third-party F-Droid repositories can enable the new format by upgrading to the latest version of fdroidserver which will automatically publish the new format in addition to the old ones which we keep around to support older client apps.

Developers of third-party F-Droid clients are encouraged to adopt the new format either with their own implementations or by making use of the new libraries we are publishing to make using this technology as easy as possible and to share as much code as possible between different F-Droid implementations.

This work was funded by the FFDW-DVD grant

by grote at March 01, 2023 00:00

February 28, 2023


Dear Mr. Sunak, will you block access to encryption, just like Russia & Iran?

Following the statement of Signal to 'walk out' of the UK should the Online Safety Bill pass, the encrypted email service Tutanota, says: "We will not 'walk out' of UK. We will also not comply with any requests to backdoor the encryption."

February 28, 2023 00:00