F-Droid Is a Key Source for Academics and Researchers

We rarely hear from academics and researchers, but we know that F-Droid is important to their work because they cite F-Droid as a source in so many papers:

• arXiv lists more than 200 results
• Semantic Scholar lists more than 200 results
• Google Scholar lists more than thousand results

Here are a couple that we found particularly interesting:

• Deobfuscating Android Applications through Deep Learning
• Reliable Third-Party Library Detection in Android and its Security Applications

We welcome everyone using F-Droid as a resource, this is one valuable thing that only Free Software can provide. Free Software means giving people the freedom to use the software for things they are interested in. F-Droid is not only providing Free Software apps, but also lots of Free Software tools, as well as a whole collection of cleanly organized data about all that software. We are happy to see our hard work be put to use towards making a better Android ecosystem. We especially enjoy the attention of malware researchers, who have yet to find malware in F-Droid. F-Droid also provides tools to make building lots of apps much easier, like fdroid import to set up building apps from the source URL, and the full build stack, which automates building and deploying apps to a repo.

As part of the NLnet-funded Tracking the Trackers project, we are also cleaning up and expanding our tools for detecting tracking. For example, there is now the reusable issuebot for running these checks in GitLab. We are also generating a lot of data about how tracking works, and will be publishing as much of that as possible. We will be syncing with Exodus Privacy’s ETIP database , and we encourage others to use that as the common, public database about tracking.

Creative Reuse

In order to encourage more creative reuse, we have been pushing to make all of our data in standard formats in easy to find places. The whole app collection is now in fdroiddata YAML format. Using from fdroidserver import index provides easy access to the data in the repo index files (e.g. https://f-droid.org/repo/index-v1.jar). There are also a number of binary transparency logs to keep a record of key binaries used in the building process: gradle binaries , Android SDK binaries , guardianproject.info/fdroid binary transparency log

Download All the Things!

Our whole repository of APKs, source tarballs, icons, etc. is available for download and use. For example, it is often used as the “clean set” of APKs for malware research. There are a number of ways to get the full collection from a repo. f-droid.org is now mirrored on many standard Free Software mirror servers, three of those currently provide rsync , which is the preferred way to download a lot (the repo section is about 70 GB, and the whole archive is nearing 400 GB).

rsync -axv mirrors.tuna.tsinghua.edu.cn::fdroid/repo
rsync -axv ftp.fau.de::fdroid/repo
rsync -axv plug-mirror.rcac.purdue.edu::fdroid/repo

Please use mirrors, don’t download from f-droid.org , since it can overwhelm the main server. Also, there is no more need for custom crawlers for those who want to mirror other F-Droid repos. We have our own: fdroid mirror . And lastly, if you are going to keep a copy of the f-droid.org repo, you can give back by opening it up as a public mirror. We are looking for public mirrors outside of the EU, especially Africa, Australia, and South America.

Contribute

The F-Droid robot does not run itself, it takes time and money to keep going. So we ask all those who rely on F-Droid in their research to give something back to keep F-Droid going. Here are some suggestions:

• Donate money!
• Get involved in working on issues
• Hire an F-Droid contributor to help with your project
• Host some infrastructure for F-Droid
• Review some apps in fdroiddata or rfp

Lastly, if you are a researcher or academic working with F-Droid data, please come by and say hi! We are always interested to hear about how people are using our work.