I hope the companion app will be open source, or the watch will be compatible with Gadgetbridge

Here’s the COPR repo: https://copr.fedorainfracloud.org/coprs/secureblue/trivalent/

Use Ungoogled Chromium instead

Secureblue’s Trivalent browser looks promising. Currently the only way to install it outside of secureblue is COPR on Fedora, but I’m sure there will soon be packages in the AUR, Gentoo, Nix, etc.

Other good options are Cromite, Thorium and Ungoogled Chromium

No, it’s not a special “FOSS” version, it’s just the official binary distributed through the Guardian Project repo (as I have proven: https://lemmy.dbzer0.com/comment/16230276). If you want a FOSS variant, check out Signal-FOSS or Molly, they also offer a FOSS variant. You can either download it from their custom F-Droid repo, pull the APK from GitHub using Obtainium or get it from Accrescent.

Just make sure to set up UnifiedPush if you want to receive notifications while your Molly database is locked. I recommend the new Sunup UP distributor. I wanted to make a post about it in !unifiedpush@lemmy.dbzer0.com, but never got around to do it.

For Mollysocket, there are a few public instances. molly.adminforge.de is one of them. You can also set up your own on Fly.io, check out this repo: https://github.com/pcrockett/mollysocket-fly
Or you can obviously self-host it on any VPS or hardware that you own

Thanks, I mean I used to work as a Java developer before, and I’m quite interested in the Android platform, so I’m familiar with the SDK and build tools, and know how app signatures work

But it’s really not that hard to figure out. There are countless guides on the internet, and as I said, Signal even has a quick guide for how to verify the APK signature on the download page

Netdata is exactly what you’re looking for. It’s basically an all in one monitoring and and alerting suite that collects and analyzes data, and provides a gorgeous web dashboard for you to view.

You can also manually replicate this using Prometheus, Grafana and other tools, but that requires a much bigger effort to set up.

Edit: There’s a public demo instance where you can try everything out: https://frankfurt.netdata.rocks/

Unfortunately no

Please rename the thread to “Signal in the Guardian project F-Droid repo” or something like that to avoid confusion, because as you have noticed, it’s not available in the main F-Droid repo, just in the third-party repo maintained by the Guardian project

Oh sorry, I misread that

Takes like 2 minutes 😅

I know, it even says so in the post:

I just noticed today that Signal (not talking Molly) is now available on F-Droid via the “Guardian” repository.

I think they ship prebuilt binaries, i.e. the exact same ones you find on the Signal website

AFAIK this also applies to Tor Browser, Orbot and other third-party apps distributed by Guardian

Edit: I downloaded the files and manually verified the signatures. They are indeed the exact same files.

Because I didn’t really know how to grab an APK from the Guardian F-Droid repo, I used their S3 bucket and downloaded the Signal APK. It’s named Signal-Android-website-prod-universal-release-7.30.2.apk, which is the exact same file name as the one of the APK you can get from the Signal website.

I then used keytool to print the signature certificate fingerprint: (renamed the files to make it less confusing)

keytool -printcert -jarfile signal-website.apk

Signer #1:

Certificate #1:
Owner: CN=Whisper Systems, OU=Research and Development, O=Whisper Systems, L=Pittsburgh, ST=PA, C=US
Issuer: CN=Whisper Systems, OU=Research and Development, O=Whisper Systems, L=Pittsburgh, ST=PA, C=US
Serial number: 4bfbebba
Valid from: Tue May 25 17:24:42 CEST 2010 until: Tue May 16 17:24:42 CEST 2045
Certificate fingerprints:
	 SHA1: 45:98:9D:C9:AD:87:28:C2:AA:9A:82:FA:55:50:3E:34:A8:87:93:74
	 SHA256: 29:F3:4E:5F:27:F2:11:B4:24:BC:5B:F9:D6:71:62:C0:EA:FB:A2:DA:35:AF:35:C1:64:16:FC:44:62:76:BA:26
Signature algorithm name: SHA1withRSA (weak)
Subject Public Key Algorithm: 1024-bit RSA key (weak)
Version: 3

keytool -printcert -jarfile signal-guardian.apk

Signer #1:

Certificate #1:
Owner: CN=Whisper Systems, OU=Research and Development, O=Whisper Systems, L=Pittsburgh, ST=PA, C=US
Issuer: CN=Whisper Systems, OU=Research and Development, O=Whisper Systems, L=Pittsburgh, ST=PA, C=US
Serial number: 4bfbebba
Valid from: Tue May 25 17:24:42 CEST 2010 until: Tue May 16 17:24:42 CEST 2045
Certificate fingerprints:
	 SHA1: 45:98:9D:C9:AD:87:28:C2:AA:9A:82:FA:55:50:3E:34:A8:87:93:74
	 SHA256: 29:F3:4E:5F:27:F2:11:B4:24:BC:5B:F9:D6:71:62:C0:EA:FB:A2:DA:35:AF:35:C1:64:16:FC:44:62:76:BA:26
Signature algorithm name: SHA1withRSA (weak)
Subject Public Key Algorithm: 1024-bit RSA key (weak)
Version: 3

The fingerprints are identical.

Another edit: I just noticed that Signal even has official instructions for checking the signature on their APK download page. They use apksigner instead of keytool, but it’s basically the same process.

It’s probably not an official thing. F-Droid can’t distribute apps in the official repo via their own policy if the developer doesn’t agree. Third-party repos like Guardian can.

A lot of the macOS networking stack (at a lower level) comes from FreeBSD.

Yeah, but they added a bunch of high-level abstractions on top over the years. Nowadays it’s much closer to the way you do networking on mobile operating systems like iOS and Android.

I’m a Ruby developer but I tried to port a Linux application written in C to macOS before and it was mostly rearranging positional arguments to system API calls

But I imagine the Ruby standard library also takes away a lot of the complexity, right?

I don’t know why i2p would be flaky on macOS.

That was just my assumption, because the modern macOS network stack is not exactly similar to Linux, so some changes would be required, and since it’s not that widely used (at least in the I2P community) it wouldn’t get tested and developed that much. But again, that was just my assumption.

I run i2pd (hate Java)

As a former Java dev: Completely understandable. i2pd is the only I2P implementation I will ever touch, the Java client is just a buggy mess with bad performance.

I never even realized that Transmission doesn’t support it. I just have I2P set up on my seedbox (but it typically requires root access, so unfortunately not everyone can replicate this). I would imagine it’s pretty flaky on macOS though? I’m pretty sure the vast majority of I2P users run Linux, so the macOS client probably doesn’t get as much development and attention.

qBittorrent is probably the most commonly used client. Transmission is another popular option, especially among macOS users, since it has a familiar design and feels more native.

rTorrent is great if you want a CLI app, and ruTorrent offers a web frontend. Another option that you can run on a server is Deluge.

You can control qBittorrent from Android using qBitController or from iOS using qBitControl (you can get it from AltStore after adding the Michael-128 repo). Transdroid supports other clients as well, and it’s my personal favorite. If you want to torrent on the Android device itself, check out LibreTorrent. For iOS, use iTorrent (also available on AltStore).

If you already plan on self-hosting, or have root access on your seed box (or some other way of installing applications/deploying Docker containers), I also recommend setting up bitmagnet. It’s basically your own torrent indexer and search engine. It can also integrate with your *arr applications.

I do recommend and use Mastodon. I even have a link to my Mastodon profile in my Lemmy Bio. I recommend other parts of the Fediverse as well, Firefish, Sharkey, Misskey, Iceshrimp, Mbin, WriteFreely, PeerTube, Owncast, Pixelfed, Loops, Castopod and others are all great platforms.