Hans-Christoph Steiner d4d5fb1908 Merge branch 'check-repo-index-timestamps' into 'master'
Check repo index timestamps

The Update Framework documents provide a [nice discussion of possible attacks](https://github.com/theupdateframework/tuf/blob/develop/SECURITY.md) against update systems.  One example is a "rollback attack", where the attacker just serves the old signed `index.jar` to keep all clients from updating their apps.  That allows the attacker to exploit known vulnerabilities in those un-updated apps.

While this is a reasonably hard attack, this fix is an important step towards removing the requirement for trusting the web server operator.  Ultimately, it should be able trusting the index signing key only.  Then it doesn't matter were the files come from, it just matters that they are verifiably signed by the index signing key.

This does not address "freeze attacks" since it allows an index update with the same timestamp.  I did that deliberately to slowly ramp up the security checks in order to avoid problems along the way. Code-wise, blocking freeze-attacks is mostly a matter of changing the timestamp check from `<` to `<=`.

See merge request !302
2016-05-21 19:56:49 +00:00
2016-05-12 13:34:20 +01:00
2016-04-23 01:16:14 +01:00
2015-09-25 22:00:24 -07:00
2016-04-05 12:44:01 +02:00
2016-03-29 17:45:11 +01:00
2016-02-15 16:30:40 +00:00
2016-02-15 16:30:40 +00:00
2015-08-24 10:35:55 -07:00

F-Droid Client

build status Translation status

Client for F-Droid, the Free Software repository system for Android.

Building with Gradle

./gradlew assembleRelease

Direct download

You can download the application directly from our site or browse it in the repo.

Contributing

See our Contributing doc for information on how to report issues, translate the app into your language or help with development.

IRC

We are on #fdroid and #fdroid-dev on Freenode. We hold weekly dev meetings on #fdroid-dev on Tuesdays at 20h UTC, which usually last half an hour.

FAQ

  • Why does F-Droid require "Unknown Sources" to install apps by default?

Because a regular Android app cannot act as a package manager on its own. To do so, it would require system privileges (see below), similar to what Google Play does.

  • Can I avoid enabling "Unknown Sources" by installing F-Droid as a privileged system app?

This used to be the case, but no longer is. Now the Privileged Extension is the one that should be placed in the system. It can be bundled with a ROM or installed via a zip, or alternatively F-Droid can install it as a system app using root.

License

This program is Free Software: You can use, study share and improve it at your will. Specifically you can redistribute and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

Some icons are made by Picol, Icomoon or Dave Gandy from Flaticon or by Google and are licensed by Creative Commons BY 3.0.

Other icons are from the Material Design Icon set released under an Attribution 4.0 International license.

Description
No description provided
Readme GPL-3.0 46 MiB
Languages
Java 98.5%
Shell 0.6%
Python 0.6%
AIDL 0.2%
HTML 0.1%