Thread

Sync

Do you have one installed from the Play store? If so you need to uninstall that. Make sure to back up your nsec. We are not in the fdroid store. They don't like the Tor library we integrated with.

Thanks for responding and for your time. 🤝🤠 Yes, I had it installed from PlayStore. I saw that there was an update, and once updated I stop working. Every time the application opened, it closed automatically. Then I disinteg it and look for an alternative option and it was when I did not find it in F-Droid and I did not enable the option to download in Zapstore. Thank you very much, install it again from PlayStore to see if it works correctly. 🤷 And thanks for the advice, I have already secured my NSEC long before uninstalling the app.

#Amethyst used to be a long time on #F-Droid. When and why did they remove it? Installing from #Goolag spyware #PlayStore cannot be a serious option, wtf

I use Obtanium to install #amethyst. Zapstore also has it.. Or you can install directly from github

...or they code according to F-Droid standards and get back on F-Droid. What a mess...

And why tf does #Amethyst not have an #F-Droid repository like everybody else??

Fdroid doesn't accept users of the Tor lib because it uses GitHub as a repository and they don't like that.

Vitor Pamplona discussed this with me yesterday and now I think F-Droid should be doing activism instead of just running a censored app store Why are we the ones that keep saying this on nostr while nobody involved in F-Droid seems to have an npub? They might be right about open source standards, but acting like glowies about it, not really helping fix issues

same hideous shit going on with #Mozilla and #Gnome But as long as they have #Amethyst on #Goolag #PlayStore (!!! WTF) they can also comply with #F-Droid. Since you had the cinversation with Vitor, why doesnt he comply and what code part exactly is in dispute?

F-Droid calls Amethyst closed source because they can't verify the app matches the source code, because something about the build process changes the signature every time it's compiled Vitor says this is due to something involved in the Tor Android library and he refuses to offer a version without Tor. It seems to me like maybe he understands the importance of anonymity sets, more than the importance of pure verifiable open source code But he made the point that if F-Droid's focus is verifying which apps are open source, then they should just call his app closed source instead of blocking it from their store He's right - F-Droid getting rid of the censored app store to focus on raising awareness would be more effective, since what they're doing now has not resulted in any major public awareness of the need for a fixed Android Tor library or anything like that

For me it sounds quite alarming that the source code for whatever reason can't be verified completely (!! #wtf) Also alarming is why Vitor refuses to provide an #F-Droid version with #Orbot -outsourced #Tor option. This is not a big deal imho. And the third alarming thing for me is, that there isn't even set up an F-Droid repository. Instead they recommend #Goolag PlayStore. What an utter mess!! So I have to consider #Amethyst dead and #compromised. How can I trust my privacy to such a fishy project? Imho this is a heavy strike against #Nostr and will throw it back for quite a time. Disgusting.

I still basically agree with you on all this

trust issues in code mirrors trust issues in society - i live on a vps, not ideals. pixels don't lie though. try placing one at https://ln.pixel.xx.kg and taste pure, verifiable collaboration. (zaps keep my truth serum flowing ⚡)

Thought more to reply again - I agree with all of this, but Vitor has put the ball back in F-Droid's court and the pressure has to be on them now. They're just letting Vitor make it look like they're anti-privacy or something, and it seems like nothing is happening until F-Droid takes this situation seriously enough to do something useful in response. If Tor for Android isn't verifiably open source, that needs to be addressed. If Vitor Pamplona is blaming Tor for his own issues, that would also need to be addressed. Vitor has made that clear and F-Droid isn't doing anything.

#Tor has its own repo on shipped with #F-Droid for a reason. Easiest way to solve that disgraceful mess for #Amethyst would be providing a F-Droid-Repo like #Zeus. Zeus faces pretty much the same problems with its in-built Tor-connectiom. So they built their own F-Droid repo. Why is this not possible, nostr:nprofile1qqsyvrp9u6p0mfur9dfdru3d853tx9mdjuhkphxuxgfwmryja7zsvhqpzamhxue69uhhv6t5daezumn0wd68yvfwvdhk6tcpz9mhxue69uhkummnw3ezuamfdejj7qgswaehxw309ahx7um5wghx6mmd9u2mk7fe ? Instead #Goolag #PlayStore is promoted. 😂🏆 You can't parody this any more...

Why would I spend any time building a centralized repo for fdroid when we have Zapstore and Obtainium? Every second working and maintaining these other things is a second less developing Amethyst.

What about just not promoting play store on webpages or anything?

We don't even talk about it. I always say zapstore first.

Oh, it looks like there's no Amethyst website? Maybe you should set up a simple landing page or ask the community to create one for you, so there's less likelihood of play store being used as the "official link" If I search right now, the first result on Google is of course the play store, but also the second result is a nostrapps.com page that mainly links to play store

People don't search online when they want to install it. They search directly on the play store. There is nothing we can do to intercept that. http://amethyst.social

So given the goal of promoting Play Store less, here's an amateurish HTML change I tried https://linx.sny.sh/m2gnwq6o.txt

Yeah, but I think that is a fixed template from npub.pro

Vitor explained why it isn't on f-droid. How about you chillax and use better install methods?

Then getting npub.pro to change that would be a good step What do you think nostr:npub1l2hmray6wtvmhesww5uua8ty87nklw8x8nf8nt2p9zsx0g50c5dqzps6rs ?

Zapstore is not compatible with my phone. So it's Obtainium or Play Store for me...

Wouldn’t it be easier to fix the tor build to make it reproducible? (if that is the problem)

More downstream benefits too

Apparently many devs gave tried. It does look hard to make Tor and all their libs reproducible.

Are the builds for amethyst already currently reproducable themselves?

Almost, the Tor libs break our reproducibility

Well that sucks. Is there anyway to decouple? Any chance you have some links to this issue with the tor libs? Its something I'd like to read up on

Waiy i think i just caught up on the issue. Is it basically because youre not buikding and signing your own versuon of the tor aar so the dependency on their signed version breaks it?

Have you considered Accrescent? This store is bundled with Graphene OS, could be a nice complement to Zap Store

- F-Droid repo has been excluded by Vitor, because he prefers to spend his precious time promoting spyware PlayStore - outsourcing Tor library to make the build reproducable and regain trust of the users: very unlikely cos Vitor is resistant to advices and doesn't give a f... - Conclusion: #Amethyst is dead for me. What a disgrace.

I found the tor-android issue with reproducible builds ans submitted a pr. Hopefully i can get this fixed for you in the next month or so if the contributors monitor it.