Oh true, that’s like a complete takeover
I will never ever look for banking app in OpenRepos. And I have no evidence of problems, just being paranoic. In fact, I am affraid of anything but official store when talking about any mobile OS. Still, I am a Linux user for years, even a developer and do not have such fears on desktop. Desktop is easy, a zilion of people have tested every app before you and I fully understand and respect root/user permissions etc. On SFOS, well, only few users reports about the apps and usually and least one of them has problems. Always. On desktop, if I really do something very stupid, I think, I am able to restore the system without losing the user data. I have never read that somebody has bricked his desktop, but there are many reports about users that do this with their phone. Well, maybe I am just to old for mobile devices, they did not exist in my youth.
You are aware that Win10 updates brick desktops mostly?
Do you really believe Jolla does an in-depth analysis of every app they receive as binary package before accepting it to the store?
I’m almost certain should a potential bankng app eventually “go rogue” it won’t be found out by store compliance testing but with end users who will flood the comments section with warnings and also contact the store/openrepos admins to disable the account.
I also believe the threat to be quite low at this point. SFOS is a niche market and will be overproportionally used by geeks or at least people who made the delibarate decision to flash their phones to SFOS which also requires someone to be computer literate to some extent. That does not eliminate the threats by itself but makes SFOS users not the ideal targets for fraud of any kind I guess. Especially if you have millons of Android users around who largely don’t know what they are doing to chose from.
You name a few. Wikipedia is asking for donations every year.
We have had this discussion before .Then Jolla introduced Flattr, which was not a success.
To my opinion paid apps can improve the quality.
I have several very good Sailfish apps on my device. Have paid for them.sometimes .Others are eh, crappy. Let’s be honest, gererally spoken the best apps are in iOS and Google Play. Think also of beautiful games like The Room, or the games by Amanita Design .Also the contradiction between open.source and private is unnecessary. Open source is better, but doesn’t need to be free of charge. And free apps that are closed (Whatsapp e.g) can be rejectable also.
I have always hoped that Jolla/Sailfish could be a European based system. However, we need therefore a European paying system. I have read that the Central Bank is thinking of a European creditcard. That could give a boost to tech.
Aren’t there two types of ‘safe’? Apple and Google apply safety rules, yet their apps , especially the Android versions contain many trackers. ExodusPrivacy shows them.
But you are right, there should be a controlling unit for the Jolla app store. I and many of us don’t like to be tracked.
I don’t like being tracked any more than the next guy, but we need to be realistic about what Jolla can do as a company. Like I said the other day, we’re talking about a group that couldn’t even afford the FCC certification process, so there’s little chance that they can adequately police the Jolla Store to the same degree that Google and Apple can police theirs.
We all accept risks when using any mobile devices, they can all be tracked to some degree. I think this is a “lesser evil” argument where we need to get Jolla to realize that they have a viable revenue stream option right in front of them…
I absolutely agree, but that’s a dream.
That may be true for Apple and Google. Some are willing to pay, others make their money from the number of users. How about Jolla? A payment structure costs a lot of money and has to be maintained.
How many SFOS users are we talking about here? At a price of over $ 1,000 there would be no Jolla smartphone because it doesn’t have an apple on the back cover.
I think we can be happy not to be too much in focus. Success is interesting for bandits.
Nothing proves that. Enough dangerous malware finds its way into the stores. This is mostly an automated process. Nobody analyzes the code in detail.
@4carlos
Please can you show me some malware inside the Jolla store? I am waiting…
Have you reported this malware apps to Jolla??
As with the Harbour help I see this tasks in checking a new Harbour app:
- check the rpm package again the naming and path convention (automatic)
- verify that only used allowed libraries (automatic)
- confirm the compliance with the UI guidelines (manually)
- see what happened when using the app (manually)
- check power consumption (part of using app)
- and maybe all the things I have forgot.
What does the automatically tests mean for “malware”:
- the rpm should not install somewhere and overright system files
- the restriction of libraries protect you for apps making phone calls, sending expensive sms, sending mails, transmit your contacts to some spam provider and so on. This restriction is one reason for publishing on OpenRepos. In OpenRepos you will not see this restriction. So an app can do useful thinks (like running in background, starting itself) and “malware” shit (sending all your contacts to a bad girl)
Total security will never reached. But the Harbour testing are much better as nothing (like in OpenRepos). And of course: after publishing an app in OpenRepos and Harbour all the user will done a live testing by using. So an app published some time ago can have a higher trust level.
PS: “Harbour” is the name of the Jolla portal for app publisher. After an app is sending to Harbour and tested by the Jolla QA team you can find this app inside the store.
We go offtopic here, but ok, I add my thoughts:
From time to time I dump the traffic on my router and have a look at all the tracking and IPs / which app sends to whom…
By far worst is Win10, it sends GB of stuff, mostly to domains owned by Microsoft (like microsofd.com, tfosorcim, msfd, no more chance to block everything)
followed by my wifes googletrackerphone, android apps, firefox tracking…
I never found anything suspicious from SFOS though.
Oh, that’s a misunderstanding. I mean Apple and Play stores. The Jolla store isn’t interesting enough.
Yes, wise words all together. Nobody can compete with Big Tech, simply because there is so much money behind it.
Today I read that Biden hired Jessica Herz form Facebook, Cynthia Hogan from Apple and Eric Schmidt. Quite alarming. Don’t like it at all.
So, I stick to Sailfish as long as I can, being an ordinary ‘user’. It is just too elegant to let go.
As a hobby coder, I couldn’t “afford” to go commercial. First, the money would not be that big, and second, I have a full time job so I wouldn’t be able to invest enough time to the apps in order to justify the price. I wish I had more time, though… For me, currently donationware is the right choice. I have had a few coins that way, and it feels very fair to me.
But I would welcome a native navigator app of great quality with a price tag! And Suomi.fi application, Posti app and all the banking apps I use. For all those I have to have Android app support installed.
There aren’t enough people to support (financialy) an ecosystem of apps. I even doubt jolla would be able to cover the cost of running a commercial shop without getting a big percentage from the devs money.
In my eyes coding for SFOS -and FOSS in general- is more like “art”. Usually you don’t get payed to do it. You just do it because you feel like it. And sometimes money come your way.
@direc85 there is a posti app in the store. No idea if it covers your needs though.
Perhaps. But I can guarantee that it will never happen unless Jolla takes steps to make it happen. There’s a saying in the business world: If you’re not growing, you’re shrinking.
How would you buy it? There have been a couple of app developers here-and-there that have ventured out on their own, such as Meteora Softworks (from whom I purchased Quasar MX Pro). But those are few and far between. Jolla taking the time and resources to invest in a no-kidding App Store would pay off in spades. I’ll let Fry speak for all of us:
A bit off topic, but I got curious. Seems that implementing Suomi.fi app is not as straight forward as some others: https://palveluhallinta.suomi.fi/fi
Not a seasoned API expert, but what I could gather, they require the developer of the app and the user of their API to go sort of the extra mail, instead of just connecting to their service.
I’m no API expert either, but I assume in this case (Finnish government level official API) it aint easy.
And do you think that app-developers will make apps just for donation forever? If there is a way how to enable them to earn some money, they will double their effort. I have no problem to pay for good working app.
I totally agree with @unmaintained about Jolla Store vs. OpenRepos.
I don’t think the extra revenue from like 2 apps will be worth anything for Jolla. And people will start to complain about 30% is too high or whatever.
Sailfish Secrets explicitly shows how to store License codes.
Also if Jolla would use stripe, Lots of people would shout “Privacy!” for a good reason.
As an developer, you can get lots of support if you explicitly ask for it and I doubt that the SFOS userbase is big enough to get more revenue out of a smaller amount of people buying the App than some of many like your App and donate 20 € or something.
Edit: Grammar