Comments (8)
Instructions for reproducible build are published in: https://github.com/muun/apollo/blob/master/BUILD.md#reproducible-build
I also created another Containerfile to compile the app at: #16 (comment)
So you can retest it and publish newer report at: https://walletscrutiny.com/android/io.muun.apollo/ which currently show FTBTS (fail to build from source) for older version which is not the case anymore for newest version 45.1
from apollo.
Hey @Giszmo, thanks for taking the time to analyze the app and report your results!
We'll add clear instructions for building, and research the viability of having reproducible builds.
Sadly, it appears that the mobile ecosystem is moving in a direction where reproducible builds are harder and harder: https://developer.android.com/platform/technology/app-bundle
from apollo.
Hi @esneider , yes, app bundles are a big concern of mine, too but that only makes me hurry more with this project as only education can help to get people to care.
App Bundles are a nightmare to me as they mean that Google gets the release keys and the developer doesn't. This is shifting all trust to Google.
With App Bundles, the developer can assign permissions and revoke them on a per key basis, assuming the release key doesn't leak but it leaves the device vulnerable to Google being evil and sending to whatever target for whatever reason a correctly signed but bad version of your software.
Sure, the system as it always was, also is flawed, as you can't force an ex-employee to delete the signing key but to simply trust Google to not be evil appears to me the way worse solution.
Spread the word and hope you are not using App Bundles already. If you are, please let me know as this would be of special interest as it would mean that we would have to analyze a combinatory explosion of apps and collecting them alone could be difficult. I assume though that the diff would be in missing files compared to the bundle, only, so verification would still work.
from apollo.
We aren't using app bundles, and we don't plan to use them in the near future.
Since Google controls the operating system, the support library, the play services, etc, almost every Android app is already vulnerable to them being evil. I don't think that having reproducible builds protects you from them. It does protect you against other attack vectors though.
from apollo.
We aren't using app bundles, and we don't plan to use them in the near future.
Great! Same here. And I strongly hope there is enough of us so Google can't just force us.
Since Google controls the operating system, the support library, the play services, etc, almost every Android app is already vulnerable to them being evil. I don't think that having reproducible builds protects you from them. It does protect you against other attack vectors though.
There are people who do not install the Google apps and keep an open stack. Android is still open source after all. I must admit investigating dependencies and their openness and reproducibility in case binaries are used, is still on my todo-list. Do you know that some of those dependencies we all use on Android are not open source?
from apollo.
Google play services isn't open source for sure. The rest I don't know.
from apollo.
We'll add clear instructions for building, and research the viability of having reproducible builds.
3 months passed. How is the progress on this?
from apollo.
We have updated the instructions for building, and we won't be producing reproducible builds for the time being.
from apollo.
Related Issues (20)
- [proposal] Muun version that will work without Google Services HOT 2
- Boltcard (Lightning network NFC card) support? HOT 2
- I've been waiting for 2 hours, it's not confirmed, bitcoin isn't going HOT 2
- [Feature Request]: BIP351 Private Payments Support HOT 2
- [Feature Request]: Display amount value in "Main currency" on the "Send bitcoin" form HOT 3
- Support LUD-01 Fallback Schemes
- Add lightning-network as a topic to this repository
- Default to paying fees that are less than transfer amount
- Specify fee amount in error message?
- Make note optional when sending BTC HOT 1
- Add a option to disable PIN HOT 1
- enable wallet sync with koinly HOT 3
- development roadmap etc HOT 3
- [feat]: External node or electrum server support HOT 1
- Ability to set expiration time for lightning invoices to meet other apps needs HOT 2
- [Feature Request] lnurl-auth login with lightning support HOT 1
- Send bitcoin without a note HOT 2
- Add Cuban Peso (CUP) price with free market rate. HOT 1
- LNURL withdraw bug: HTTP vs. HTTPS HOT 2
- Will there ever be a muun desktop wallet (windows) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from apollo.