29
votes
Is anyone working on an Android version of ICEBlock?
Is Anyone Working On An Adroid Version of ICEBlock?
I am curious. Is anyone porting that app to Android or making a clean room version?
Is Anyone Working On An Adroid Version of ICEBlock?
I am curious. Is anyone porting that app to Android or making a clean room version?
In case you hadn't already seen, this is the original developer's rationale for going iOS-only: https://www.iceblock.app/android
It strikes me as a little hasty to write off an entire OS rather than working with the community to see if a zero-knowledge workaround can be found, but that's their take.
They don't go into the technical details that allow Apple to (allegedly) send push notifications without somehow tracking device and/or account ids, but I'm skeptical that it's really that much more secure than what Google is doing.
Even if all the metadata stays in Apples servers instead of with the devs, that's still a giant weak point that can be directly attacked, either through technical or legal means.
I'm prepared to believe that Apple would fight harder for their users privacy than Google would (they have been pretty good about that in the past, though not perfect), but there are other options for notification that don't rely on either corporation; they're just less efficient (various forms of polling/long-polling, other channels like email or signal, local mesh networks like briar(?), etc).
It’s a good point, although in fairness to them they do say “we” don’t want to store any user info - presumably they’re taking it as a given that Apple (or Google) can identify users of the app even without considering push notifications, simply because they run the storefronts.
Which is another reason we should be able to load our own damn software onto our devices, but anyway…
I kind of agree with you that a web based version with polling or websockets would make more sense from a technical perspective, but there’s a reasonable argument to be made for balancing between total privacy, gate keeping to prevent users being actively scammed, and low enough friction to allow decent uptake.
It should be possible to use something like https://ntfy.sh/ to avoid the centralized google servers; the app is installable from F-Droid, and the server can be self-hosted.
Not really user-friendly, but it's something.
Edit: someone mentioned mesh networks, ICEBlock is a very good use-case to popularize this kind of tech.
It has to be user-friendly for it to be used and make a difference in the country.
I guess not.
I’d still hope someone is working on an Android version, and that the original dev would change their view if presented with a proof of concept, but that could easily be over-optimistic on my part.
It sounds like the original dev doesn't want the hassle of making a security workaround - I can appreciate that. Hopefully he shares his business logic with the Android developers who want to take it on.
I can understand their rationale. Their user base are vulnerable populations: activists and people who might be targeted by ICE.
The developer will almost certainly be targeted, and if possible the DoJ or ICE will then go after ICEBlock users. The dev doesn't believe they can sufficiently protect android users, so they say as much. Better to be cautious than potentially put users at risk, because then what's the point of ICEBlock?
Course, for android they could just post checksums and a torrent magnet link, and it becomes nigh impossible to track the users and dev.
As I understand it, that's not what they're concerned about. The app's central utility is its notification system, and the way Google has implemented notifications on Android requires that app developers themselves store a list of device ids to use for sending notifications. That means that the developer could be compelled to share that list of device ids with law enforcement.
Ah. The real answer if you want security is to not use notifications. You pull when you're ready to look.
But that does defeat the utility of this sort of app. The point is the push notification. Similarly for utility it needs to be the sort of thing people can install and use (or if a website bookmark and use) with minimal expertise/effort. You need the adult who throws their hands up at technology to at least be able to get it installed by their 9 year old.
And there are apps (Tuta Mail is one I use personally) who have the push notification problem solved without using Google's servers or the standard way of receiving them on Android, so there are other ways to do this, afaik.
Ironic, as I'd say it's more likely for asylum seekers and undocumented folks to have bargain basement Android phones (like the $50 to free Motorolas and Samsungs every prepaid carrier has right now), not iOS devices-- there's a good chunk of people for whom this information would be incredibly useful that are being written off entirely.
I also suspect, like someone upthread did, that Apple's push notification system is nowhere near as private as they'd like everyone to think, and almost certainly has to use some sort of unique ID for devices that Apple knows and could give up under court order.
Either way, I find this developers answer to be deeply unsatisfying. I don't expect everyone to have the knowledge, but why write off a platform entirely instead of finding those who do have it to help with Android development, for something that is a matter of material safety for a large chunk of one's target group? Makes no sense.
For what it's worth, I don't think the developer was suggesting that the Apple system is private from Apple themselves, just that using the standard Android system would require ICEBlock to keep a record of the information in addition to the record that Apple/Google already has. Apart from anything else, the app store records are going to be just as vulnerable to subpoena as the push notification records, so I don't think there can be an expectation of using an app from a proprietary storefront without the possibility of being identified.
It seems reasonable that ICEBlock as a small (single person?) organisation would expect to be targeted by the government and expect not to realistically have the resources to defend themselves, so they absolutely do not want that information in their hands at any time, even if it exists elsewhere.
It's not necessarily the way I would've gone about things: at the very least I think it should be open source, to allow for community oversight and improvement, and the Android issue should be a problem statement to be worked around rather than a flat "we're not doing it".
But in fairness to them the developer did undeniably get their shit together quickly and efficiently, get something out in the store, and get it publicised to a point that it's widely used and effective - which is more than a lot of open source projects I know of, and certainly more than I've done on this issue. Perhaps being decisive and making compromises was more important here than a "better" technical approach, I don't know.
I'm not sure if I was who you responded to just because I'm the last comment on the thread, but I was just saying an app like this needs push notifications and needs to be simple to install and use, not agreeing with the developer's "answer" nor did I previously give any particular opinion on it. Not a programmer here, nor app developer or whatever.
But I guess, IMO, It'd make more sense for those with the technical skills and perhaps the physical safety, to create something comparable that works on both major OSs than for everyone to be pissed at someone who seems to be putting themselves at some significant risk of retaliation from this administration. It's super easy to sit and complain about someone's contribution but he seems to be doing his genuine best to help - if others want more or see gaps in what this guy is capable of, helping him or creating something similar but more comprehensive would be useful.
It all feels a bit like watching a live stream of protests and critiquing how they're honking their horns to disrupt ICE agents sleep or judging them for handing out food with insufficient protein. If we do care and want to see more/better we should be doing it.
Found a new app that is available on both Android and iOS
I do not know enough about it yet to download it but I'm hoping some of the more knowledgeable folks here would be up for looking.
coqui
(Named for the tiny frog)
Bookmarked! Thank you.
ive come across https://www.stopice.net/. it seems pretty legit from what i can tell? web/sms based so like. theres the whole issue with sms being unencrypted and all that but given the info that's actually being sent i dont see that as a huge issue.