For the past 15 years, F-Droid has provided a safe and secure haven for Android users around the world to find and install free and open source apps. When contrasted with the commercial app stores — of which the Google Play store is the most prominent — the differences are stark: they are hotbeds of spyware and scams, blatantly promoting apps that prey on their users through attempts to monetize their attention and mine their intimate information through any means necessary, including trickery and dark patterns.[^spyware1]
https://f-droid.org/2025/09/04/twif.html [^spyware1]: “Spyware maker caught distributing malicious Android apps for years”: https://techcrunch.com/2025/02/13/spyware-maker-caught-distributing-malicious-android-apps-for-years
F-Droid is different. It distributes apps that have been validated to work for the user’s interests, rather than for the interests of the app’s distributors. The way F-Droid works is simple: when a developer creates an app and hosts the source code publicly somewhere, the F-Droid team reviews it, inspecting it to ensure that it is completely open source and contains no undocumented anti-features such as advertisements or trackers. Once it passes inspection, the F-Droid build service compiles and packages the app to make it ready for distribution. The package is then signed either with F-Droid’s cryptographic key, or, if the build is reproducible[^reproducible], enables distribution using the original developer’s private key. In this way, users can trust that any app distributed through F-Droid is the one that was built from the specified source code and has not been tampered with.
https://f-droid.org/docs/Anti-Features/ [^reproducible]: F-Droid Reproducible Builds Introduction: https://f-droid.org/docs/Reproducible_Builds/
Do you want a weather app that doesn’t transmit your every movement to a shadowy data broker? Or a scheduling assistant that doesn’t siphon your intimate details into an advertisement network[^surveillance-ads]? F-Droid has your back. Just as sunlight is the best disinfectant against corruption, open source is the best defense against software acting against the interests of the user.
https://www.howtogeek.com/884233/your-weather-app-is-spying-on-you-heres-what-to-do/#why-are-weather-apps-such-a-privacy-nightmare [^surveillance-ads]: “Online Behavioral Ads Fuel the Surveillance Industry—Here’s How”: https://www.eff.org/deeplinks/2025/01/online-behavioral-ads-fuel-surveillance-industry-heres-how
Google’s move to break free app distribution
The future of this elegant and proven system was put in jeopardy last month, when Google unilaterally decreed that Android developers everywhere in the world are going to be required to register centrally with Google. In addition to demanding payment of a registration fee and agreement to their (non-negotiable and ever-changing) terms and conditions, Google will also require the uploading of personally identifying documents[^regid], including government ID, by the authors of the software, as well as enumerating all the unique “application identifiers” for every app that is to be distributed by the registered developer.[^regappid]
require all apps to be registered by verified developers in order to be installed by users on certified Android devices.” https://android-developers.googleblog.com/2025/08/elevating-android-security.html [^regid]: Android developer verification: “You will need to provide and verify your personal details, like your legal name, address, email address, and phone number. You may also need to upload official government ID.”: https://developer.android.com/developer-verification#verify-your-identity [^regappid]: Android developer verification: “You’ll need to prove you own your apps by providing your app package name and app signing keys.”: https://developer.android.com/developer-verification#register-your-apps
The F-Droid project cannot require that developers register their apps through Google, but at the same time, we cannot “take over” the application identifiers for the open-source apps we distribute, as that would effectively seize exclusive distribution rights to those applications.
... continue reading