Revision history [back]

The news that 2018 will see an update to Android support in SFOS is very welcome. This cannot come soon enough: Android app usability on SFOS seems to be degrading further with every month that passes, and the native SFOS app ecosystem is nowhere near ready to fill the gap. Obviously we can't expect much detail at this early stage, but that needn't stop the community from making our opinions known about what we see as important. Here is my list to get us started: please feel free to add to it.

N.B. What I have in mind is a list of protocols and facilities that are needed, rather than requests to get particular Android apps to work. I suggest that app-specific discussion goes in comments and answers rather than in this top-level wiki. Thanks.

• Hopefully Android version 5 or greater will be targeted, but if we are going to be stuck at some version 4.x then Jolla need to be up front about this straight away. Keeping us waiting for months for a big announcement, only to be eventually told that apps that need Android version 5 still won't work, will feel like a slap in the face.

• If we are going to be stuck at 4.x, it is essential that support for TLS v1.2 is provided. Android 4.x gets TLS v1.2 support from Google Play Services. Apps that don't bundle TLS either don't work under Alien Dalvik if they need TLS v1.2, or they fall back to the insecure TLS v1.1 protocol. And TLS v1.3 is slowly coming over the horizon now

• Notifications from Android apps need to be handled properly, and ideally need to be configurable like on Android. Solutions like Android apps notifications and Android notifications are a welcome contribution, but relying on third-party apps to handle something as fundamental as notifications is not sustainable in the long run.

• Provide a way to enable signature spoofing so that microG can be installed. Even if signature spoofing isn't enabled out of the box, it would be great to have a way to turn it on. I'm not an expert, but the most recent patch that microG attempted to get into LineageOS makes me think that this shouldn't be too hard to do if dealt with at source. See also here for some very interesting discussion of the myths surrounding the security implications of signature spoofing. (TL;DR: signature spoofing isn't the security risk that some people assume that it is.)

The news that 2018 will see an update to Android support in SFOS is very welcome. This cannot come soon enough: Android app usability on SFOS seems to be degrading further with every month that passes, and the native SFOS app ecosystem is nowhere near ready to fill the gap. Obviously we can't expect much detail at this early stage, but that needn't stop the community from making our opinions known about what we see as important. Here is my list to get us started: please feel free to add to it.

N.B. What I have in mind is a list of protocols and facilities that are needed, rather than requests to get particular Android apps to work. I suggest that app-specific discussion goes in comments and answers rather than in this top-level wiki. Thanks.

• Hopefully Android version 5 or greater will be targeted, but if we are going to be stuck at some version 4.x then Jolla need to be up front about this straight away. Keeping us waiting for months for a big announcement, only to be eventually told that apps that need Android version 5 still won't work, will feel like a slap in the face.

• If we are going to be stuck at 4.x, it is essential that support for TLS v1.2 is provided. Android 4.x gets TLS v1.2 support from Google Play Services. Apps that don't bundle TLS either don't work under Alien Dalvik if they need TLS v1.2, or they fall back to the insecure TLS v1.1 protocol. And TLS v1.3 is slowly coming over the horizon nowhas now arrived

• Notifications from Android apps need to be handled properly, and ideally need to be configurable like on Android. Solutions like Android apps notifications and Android notifications are a welcome contribution, but relying on third-party apps to handle something as fundamental as notifications is not sustainable in the long run.

• Provide a way to enable signature spoofing so that microG can be installed. Even if signature spoofing isn't enabled out of the box, it would be great to have a way to turn it on. I'm not an expert, but the most recent patch that microG attempted to get into LineageOS makes me think that this shouldn't be too hard to do if dealt with at source. See also here for some very interesting discussion of the myths surrounding the security implications of signature spoofing. (TL;DR: signature spoofing isn't the security risk that some people assume that it is.)

The news that 2018 will see an update to Android support in SFOS is very welcome. This cannot come soon enough: Android app usability on SFOS seems to be degrading further with every month that passes, and the native SFOS app ecosystem is nowhere near ready to fill the gap. Obviously we can't expect much detail at this early stage, but that needn't stop the community from making our opinions known about what we see as important. Here is my list to get us started: please feel free to add to it.

N.B. What I have in mind is a list of protocols and facilities that are needed, rather than requests to get particular Android apps to work. I suggest that app-specific discussion goes in comments and answers rather than in this top-level wiki. Thanks.

• Hopefully Android version 5 or greater will be targeted, but if we are going to be stuck at some version 4.x then Jolla need to be up front about this straight away. Keeping us waiting for months for a big announcement, only to be eventually told that apps that need Android version 5 still won't work, will feel like a slap in the face.

• If we are going to be stuck at 4.x, it is essential that support for TLS v1.2 is provided. Android 4.x gets TLS v1.2 support from Google Play Services. Apps that don't bundle TLS either don't work under Alien Dalvik if they need TLS v1.2, or they fall back to the insecure TLS v1.1 protocol. And TLS v1.3 has now arrived

• Notifications from Android apps need to be handled properly, and ideally need to be configurable like on Android. Solutions like Android apps notifications and Android notifications are a welcome contribution, but relying on third-party apps to handle something as fundamental as notifications is not sustainable in the long run.

• Provide a way to enable signature spoofing so that microG can be installed. Even if signature spoofing isn't enabled out of the box, it would be great to have a way to turn it on. I'm not an expert, but the most recent patch that microG attempted to get into LineageOS makes me think that this shouldn't be too hard to do if dealt with at source. See also here for some very interesting discussion of the myths surrounding the security implications of signature spoofing. (TL;DR: signature spoofing isn't the security risk that some people assume that it is.)

  • There is some more discussion about this here: https://together.jolla.com/question/138213/make-installation-of-free-play-services-ug-easy-and-safe/