llm/8d7ff4a1-085d-4b84-a357-52acc95c6355/topic-0-2d97afc0-b15b-4635-a88b-6a06eb45651e-input.json
The following is content for you to summarize. Do not respond to the comments—summarize them. <topic> Open Source Necessity # Strong demand for open-sourcing due to security concerns around notification access, requests for F-Droid availability, mentions of trust issues with closed-source apps accessing sensitive data like OTPs and 2FA codes </topic> <comments_about_topic> 1. I would love to use this, but I don't want to allow a third party app with closed source to read all my notifications. This can read OTP passwords, full messages, etc. so it must be open source for me to consider it. I would donate/pay for this if it was open source on F-Droid. Kudos to you for building it. I put off building this exact same application so many times it's not even funny. Too bad I'm too lazy to maintain something like this. 2. This is correct, but it is still a slippery slope. At some point the dev ends up adding internet permission (might be for legit reasons too), and lo and behold you are sharing your data. For something as sensitive as notifications, I really can't trust anything but open-source app which is vetted by a few seasoned people and hosted on F-droid. 3. If the permission is added in retrospect wouldn’t you still need to opt in? fwiw i completely agree that oss is the way to go here 4. I’m interested in what you’re suggesting. Who are those auditors you trust? Does f-droid imply things have been audited? 5. It's hard to rule out intentional side channels without access to source. 6. Fair enough, you only have my word on it (that it doesn't send any data to the Internet). But you do have my word :) Another person requested that the app be open-sourced as well. I will look into that. 7. I'm going to join the list of voices requesting open source here. If you're not planning to charge money for this, there are several benefits starting with increased trust. Mobile apps are a cesspool of user-hostile behavior, and I have a strong preference for not giving closed source apps access to sensitive data. 8. I would greatly appreciate it, if this was open source :) Especially since this will be able to read 2FA codes sent by SMS. (I get that SMS 2FA codes are not perfectly safe to begin with, I personally don't love them either, but they are still used on a bunch of services) Just makes me sleep a little better. 9. It took me a moment to find, but Alertly claims to do something similar while being open-source. Last commit was made two years ago though. https://f-droid.org/packages/com.example.notificationalerter https://github.com/lightningcpu/Alertly 10. It's something i've also vaguely thought about building myself, because god damn uber, how many times do you need to send me an advert for uber one? just tell me when my car is here. so congrats to the author of this. I do agree that I'd prefer it open sourced too, it feels a bit risky it having access to all your notifications. 11. Looks interesting. Good work. Do you have plans to open source the code? 12. I guess I'm surprised that Android would allow one app to read/manage/block notifications from all other apps. I mean, I'm happy to have that kind of control over my phone, but it also seems like it could be viewed as a giant security hole? (Which would be a bit ironic given that Google is actively stamping out the ability for users to install apps that come from outside their walled garden.) 13. As others pointed out: This >needs< to be open source, no way i touch another abandonware/ adware android project. 14. A little dramatic? You can stop using it if it becomes something you don't like. 15. Having never had a google account or used the "play" store, but having only used android phones(so far) I would try this from fdroid, etc. I have a workarounds that dissables all notifications except for pm's, the trickiest ones bieng for the varios google (dis)services. The other main workaround is to use webpage sign ins rather than apps through an oddball browser that breaks anything........hmmmm, too agressive, which luckily comes in another flavor that I have set up for banking, and certain other sign ins. But what I would realy realy like a cache cleaner that would wipe EVERYTHING , or better yet a detailed list of all running services and cached data AND bieng able to see the network. could be called WTFIGO, or FIGO for short 16. when will it be available through fdroid? </comments_about_topic> Write a concise, engaging paragraph (3-5 sentences) summarizing the key points and perspectives in these comments about the topic. Focus on the most interesting viewpoints. Do not use bullet points—write flowing prose.
Open Source Necessity # Strong demand for open-sourcing due to security concerns around notification access, requests for F-Droid availability, mentions of trust issues with closed-source apps accessing sensitive data like OTPs and 2FA codes
16