The mailing list for users of the eduroam Configuration Assistant Tool (CAT)

[Stefan Winter <stefan.winter AT restena.lu>]

Hi,

> Here's the short version ;-) though I doubt you did not year these
> arguments before.

[...snip...]

And that was the *short* version? Wow :-)

FWIW, I totally agree with you. I had a Blackphone for testing at some
point, and liked how it retained more control over the device than the
average Play-infested smartphone does.

Back in the day our app was still unpublished and so I got it onto the
phone by installing the apk directly.

I agree that offering it *only* on Play Store is not the best of approaches.

That said, we don't have the staff required to maintain "n" places for
the app. We could choose one, maybe two, additional stores, and offer a
direct download of the apk.

Question is, which stores to use? Amazon seems to have a fairly well
penetration. I have never heard of "F-Droid"? Is there some ranking of
popularity of alternative app stores?

This random magazine article suggests Amazon, SlideME, GetJar and said
F-Droid.

If we could select two of those...?

>>> I kind of assume the App is open-source (otherwise, I'd have to
>>> seriously re-consider using it), so compiling it from source would be a
>>
>> again...why? 
> 
> I believe going open-source would make the application better. I can't
> even count the number of times I fixed a small bug in one of the
> open-source applications I used, just because it annoyed me enough to be
> worth spending a few hours on it. The usual open-source workflow with a
> bugtracker etc. also makes it generally easier to even communicate
> issues to the developers.
> 
> Furthermore, I've seen enough closed-source applications deliberately
> operating against the users interest that my default trust level in
> closed-source software is fairly low. This is even more true for "free"
> (as in free beer) closed-source software, where I wonder what it is the
> developers are trying to protect (or hide?).
> 
> I take it from your reply that eduroamCAT is proprietary software?

No.

The app is Apache2 licensed.

It was developed in a European project which had a non-public SVN
repository; and we haven't relocated the code yet to the public
repository where the rest of CAT lives. In the light of this discussion,
we should expedite the move.

So, effectively, right now you can't get the source, but this does not
mean we are closed source!

> After all, you are also offering the application for download for Linux,
> instead of just putting it into Microsoft's and Apple's App Stores.

For the record: it is getting more and more difficult to run .exe files
on Windows without it popping up all kinds of alert messages. We are
good for now (by using a EV Code Signing Certificate on a hardware USB
token inside a now non-migratable VM, which is very unstraightforward!),
but when Microsoft's scare tactic expands some more, using the Microsoft
Store *is* a serious alternative to consider. Not because of freedom
considerations, but for simple pragmatism.

> So far, all the Apps I tried worked, including some that I manually
> extracted from Play Store. That's a fairly annoying process though. From
> what I can tell, I see no reason that a WiFi configuration App should
> not work.
> 
> *If* the App really happens to depend on a Google Play Services API -
> well then I'd have a nice little project, extending the open-source
> reimplementation of the Play Services with that API :)

The version of the app that is currently on beta uses the Play Services
API for location services - it suggests IdPs near you as a convenience.
Of course on phones without PS available, this feature will be somewhat
broken. I don't know if our developer has safegaurds against this in the
code, but now it would be a good time to check. (As always, I'm happy to
be corrected by Gareth :-) )

Getting things like location is a bit difficult - we need "coarse"
location only, and do not want to trigger GPS avtication etc. because
it's just not important enough. IIRC, Play Services has some sort of
"casual" mode and that's what we use. If you feel like doing that nice
little project of replacing this - feel free to contribute code once we
are on the public SVN.

Greetings,

Stefan Winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette

Tel: +352 424409 1
Fax: +352 422473

PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me

http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66

Attachment: 0x8A39DC66.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature