this post was submitted on 12 Jun 2023
96 points (100.0% liked)

Technology

37706 readers
9 users here now

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago
MODERATORS
 

Archive.org Link

Infinity, a lesser known open-source third-party Reddit app for Android, has announced that it will be switching to a subscription-only model. This would mean that the F-Droid version of the app will be delisted and the API key currently in the source code of the app will be removed. As of this post, the developer is currently not interested in converting Infinity into a Lemmy client, but encourages others to look into doing it themselves because of the app's open source nature.

you are viewing a single comment's thread
view the rest of the comments
[–] WhoRoger@lemmy.world 8 points 1 year ago (2 children)

How is a FOSS project gonna enforce this? By providing only binaries on GPlay with the dev's API key, and then a free version for entering your own API?

[–] nogooduser@lemmy.world 9 points 1 year ago (1 children)

It needs an API key to function so they’ll disable the old key and generate a new one which they’ll keep private.

[–] WhoRoger@lemmy.world 3 points 1 year ago (2 children)

But couldn't someone hack the binary to extract the key and enter it into the free version? Sounds kinda risky.

[–] privateger@lemmy.plasmatrap.com 3 points 1 year ago (1 children)

They will not give you the real API key. Everything you request will go through their own server, that way they can also cache stuff globally.

[–] WhoRoger@lemmy.world 1 points 1 year ago (1 children)

That sounds quite unbelievable.

This is a common approach if API access is paid. Not doing this is equivalent to lighting your money on fire because someone WILL extract your API key and start scraping.

[–] jmcs@discuss.tchncs.de 3 points 1 year ago

You can do that on every single app, so no difference there.

[–] samick1@sh.itjust.works 4 points 1 year ago

Reddit won't allow the dev to create an app where users can enter their own keys. So it will still be FOSS but you'd have to build it yourself with your own keys, if you can somehow obtain them. Thus there's no point in putting the app on F-Droid.