We rarely hear from academics and researchers, but we know that F-Droid is important to their work because they cite F-Droid as a source in so many papers:
- arXiv lists more than 200 results
- Semantic Scholar lists more than 200 results
- Google Scholar lists more than thousand results
Here are a couple that we found particularly interesting:
- Deobfuscating Android Applications through Deep Learning
- Reliable Third-Party Library Detection in Android and its Security Applications
We welcome everyone using F-Droid as a resource, this is one valuable thing
that only Free Software can provide. Free Software means giving people the
freedom to use the software for things they are interested in. F-Droid is
not only providing Free Software apps, but also lots of Free Software tools,
as well as a whole collection of cleanly organized data about all that
software. We are happy to see our hard work be put to use towards making a
better Android ecosystem. We especially enjoy the attention of malware
researchers, who have yet to find malware in F-Droid. F-Droid also provides
tools to make building lots of apps much easier, like
fdroid import to set
up building apps from the source URL, and the full build stack, which
automates building and deploying apps to a repo.
As part of the NLnet-funded Tracking the Trackers project, we are also cleaning up and expanding our tools for detecting tracking. For example, there is now the reusable issuebot for running these checks in GitLab. We are also generating a lot of data about how tracking works, and will be publishing as much of that as possible. We will be syncing with Exodus Privacy’s ETIP database, and we encourage others to use that as the common, public database about tracking.
In order to encourage more creative reuse, we have been pushing to make all
of our data in standard formats in easy to find places. The whole app
collection is now in fdroiddata YAML format. Using
from fdroidserver import index
provides easy access to the data in the repo index files
(e.g. https://f-droid.org/repo/index-v1.jar). There are also a number of
binary transparency logs to keep a record of key binaries used in the
building process: gradle
guardianproject.info/fdroid binary transparency
Download All the Things!
Our whole repository of APKs, source tarballs, icons, etc. is available for download and use. For example, it is often used as the “clean set” of APKs for malware research. There are a number of ways to get the full collection from a repo. f-droid.org is now mirrored on many standard Free Software mirror servers, three of those currently provide rsync, which is the preferred way to download a lot (the repo section is about 70 GB, and the whole archive is nearing 400 GB).
rsync -axv mirrors.tuna.tsinghua.edu.cn::fdroid/repo
rsync -axv ftp.fau.de::fdroid/repo
rsync -axv plug-mirror.rcac.purdue.edu::fdroid/repo
Please use mirrors, don’t download from f-droid.org, since it can
overwhelm the main server. Also, there is no more need for custom crawlers
for those who want to mirror other F-Droid repos. We have our own:
mirror. And lastly, if you are going to keep a copy of the f-droid.org
repo, you can give back by opening it up as a public mirror. We are looking
for public mirrors outside of the EU, especially Africa, Australia, and
The F-Droid robot does not run itself, it takes time and money to keep going. So we ask all those who rely on F-Droid in their research to give something back to keep F-Droid going. Here are some suggestions:
- Donate money!
- Get involved in working on issues
- Hire an F-Droid contributor to help with your project
- Host some infrastructure for F-Droid
- Review some apps in fdroiddata or rfp
Lastly, if you are a researcher or academic working with F-Droid data, please come by and say hi! We are always interested to hear about how people are using our work.