this post was submitted on 12 Jun 2023
96 points (100.0% liked)
Technology
37706 readers
9 users here now
A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.
Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.
Subcommunities on Beehaw:
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
How is a FOSS project gonna enforce this? By providing only binaries on GPlay with the dev's API key, and then a free version for entering your own API?
It needs an API key to function so they’ll disable the old key and generate a new one which they’ll keep private.
But couldn't someone hack the binary to extract the key and enter it into the free version? Sounds kinda risky.
They will not give you the real API key. Everything you request will go through their own server, that way they can also cache stuff globally.
That sounds quite unbelievable.
This is a common approach if API access is paid. Not doing this is equivalent to lighting your money on fire because someone WILL extract your API key and start scraping.
You can do that on every single app, so no difference there.
Reddit won't allow the dev to create an app where users can enter their own keys. So it will still be FOSS but you'd have to build it yourself with your own keys, if you can somehow obtain them. Thus there's no point in putting the app on F-Droid.