Even though Android is a free operating system, the one that came installed on your phone is not entirely free. Many phones ship with proprietary components, drivers and add-ons that are closed source. Some phones also have a locked boot loader which prevents you from booting and installing other operating systems, or removing components from the operating system. The Google Android Market (now Google Play), which is the main source of applications for most users, consist of mostly closed source and proprietary software. It doesn’t even tell you whether an app is free software or not, let alone its license. Besides that, it requires you to sign up for a Google account in order to use the app market.
F-Droid is a repository of free and open source applications for the Android platform that frees yourself of all restrictions. There is an Android client application that makes it easy to browse applications on F-Droid, install them onto your device, and keep track of updates. You can also browse the repository with a web browser, and download the applications directly from there if you can’t or don’t want to run the F-Droid client on your device. Although you can’t initiate a remote install like in Google Android Market you can at least download any .apk for transfer to your device.
The F-Droid repository contains details of multiple versions of each application. Multiple versions are useful, for example, for installing an older version or for installing a newer beta or nightly version. The best part is that you also have the option to download the source code and modify the apps to your liking. You can also easily create and add own repositories.
Another benefit of using F-Droid is that updates are automatic. The client can be configured to re-scan the repository at pre defined intervals to pick up updates and ensure that your version of the software is the most recent at all times. You can also receive status bar notifications when there are updates available for any of your installed applications.
The biggest benefit of using F-Droid is that it doesn’t track you, or your device or what you install. You don’t need an account to use the client, and it sends no additional identifying data when talking to their web server. In fact, F-Droid prevents you from installing applications from the repository that track you, unless you first enable ‘Tracking’ in the AntiFeatures section of preferences.
If that is not enough, applications on the repository are compiled from source, and that source code is checked for potential security or privacy issues.
The F-Droid client is easy to use. Open the application, press the menu key, and choose update. The lists should then be populated with the FOSS apps already in the repository. Stuff you already have will be automatically detected, and put in the ‘Installed’ tab, and the rest will go in the ‘Available’ tab.
Selecting any item from the list takes you to the details of that application. From there, hitting the menu key will give you the option to install, uninstall or update. You can also view (in the browser) the application’s web site, issue tracker and source code, and you can also choose to view the application in the Android Market.
Yeah, yeah… but how safe is it?! If Android Market – I'll keep calling it as such – can't keep you safe entirely then what about the F-Droid site?! Better be paranoiac than sorry!
IMO, F-Droid should be safer than Android Market. According to F-Droid's terms all apps on their site are compiled from the source and the source checked for malware. I understand that it might not be possible to screen the source code of all apps, but the fact that they compiled by F-droid and not by the developers makes me feel safer already.