You must log in or # to comment.
I am as mad as hell, and I’m not going to take it anymore!
On top of that, Samsung is ending its SMS and suggesting Google messenger as an alternative. I am not looking to train a chatGPT with my private text messages
Samsung tried its own implementation of RCS, but Google in their monopolistic shittery straight up blocked out any implementations that aren’t literally themselves, open protocol farce
If you can’t swap the package manager it was never open.
The fucked up thing with phones is the locked boot loaders. Locked boot loaders should not exist because this seriously restricts the driver and OS development.
Well they are good for security, but they don’t have to be bad. Pixels are “locked” until you unlock it and install GrapheneOS and then re-lock it to prevent unauthorized access, that’s preferable to both “no lock” and “lock you don’t control” imo.
(This only applies to carrier unlocked pixels you buy elsewhere of course, if you buy it from a telcom company they lock it down, which is bad).
Do Banking apps still work?
Apparently some do, mine does not.
What is keeping me on Android is those app that I need :/ (but shelter with a work mode keep the mess a bit more under control)
You can install google play services on an alternate user profile, then switch into it when you need one of those apps and back to your main when you’re done.
I just use the website.
In my experience, as long as your phone is completely paid for, you can get it unlocked from the carrier as well.
That’s SIM unlocking - totally different from bootloader unlock.
Then I guess I’ve never had my bootloader locked by my carrier because I’ve never had an issue installing Graphene on my devices purchased through T-Mobile as long as the device was completely paid for.
Really glad I decided to switch to GrapheneOS. My next phone will be a Motorola for sure.
motorola makes great phone. I remember my 1st Android phone, after years on iOS, was the Moto Z Play. That thing can last a week with light usage, or 3 days with medium usage on a single charge. Also remember those moto mods? Motorola had like speaker mod and even a mini projector that you can just snap on the phone.
They made better phones before Google bought them so they could strip all their patents before dumping the remaining husk on Lenovo for 15% of its previous value.
So what do we do when they start making it harder and harder to install graphene?
Getting a motorola cause they explicitly will be supporting GrapheneOS.
But all of that is just a stepping stone. As soon as I deem linux phones to be usable as a daily driver for me, I won’t look back.
We still don’t know anything about the phones’ specifications, prices.
Ironic that graphene is developed most for pixel phones
Not really. They develop for Pixel because those devices have the most secure hardware available for developing a modified Android OS.
If the rest-of-the-world can get its head out of its ass, a fork of AOSP with an open governance and a commitment to opensource and open platform, so that every one benefits from it. You wouldn’t need that much from each country to get more resources on that AOSP-bis than Google will ever be able to pour on its homebrew version.
You make a rule that public service can only buy devices using AOSP-bis based systems (or even better: states choose their own AOSP distros) and quickly, Google has no choice but to follow your version, not the other way around.
You make a rule that public service can only buy devices using AOSP-bis based systems (or even better: states choose their own AOSP distros)
don’t give Google the monopoly
better: “You make a rule that public service can only buy devices using libre systems”
If you fork, by definition, they no longer have the monopoly. The fork does not even have to follow Google’s updates.
I would be so happy if the phone they release with graphene is the Razr, honestly might start work on it myself.
I support spreading this message, and fuck Google, but…what’s actually happening is they are making harder to install apps, not removing the ability to do so.
After massive pushback. Their original plan was basically full control. It still is, but they’ll allow you to install something if you ask nicely first.
The other issue is the timing. They can claim this is for security all they want, but it was announced suspiciously close to the courts ruling that Google needed to open up their ecosystem to other app stores. This is a blatant attempt to keep control of the app ecosystem by forcing devs to go through Google regardless of where they intend to release.
Their original plan was basically full control
I’m not happy with the change, but let’s at least get the facts straight, so we can argue our position better. Their original plan included a way to install apps from unknown sources, but it did not describe how that would work.
I’m honestly neutral with the change, it makes setting up a new phone a little more annoying, it will just be another step in the process and doesn’t stop me from doing anything. However the small barrier will stop scammers pressuring people into installing things. It doesn’t make it impossible, but will get rid of a lot of the low hanging fruit.
When would a scammer make you download an app? They could just as (more) easily make you visit a website…
It’s wrong to think this will stop scammers or malware.
And where you drew the line? These things tend to move in one direction. so giving an inch may as well be giving a mile.
Of course it did.
For two reasons.
First - if anyone complains they can always say there exists a bypass, no matter how idiotically unworkable and annoying the process might be.
Another aspect is that devs will probably want to test their apps easily and quickly - App stores are notorious for updates taking a few days to be approved. Even for Google, full-on lockdown might seem overkill. They don’t want to bother with speeding up their update approval process so devs can push test builds through the Ecosystem. Giving some route towards sideloading is a much saner solution.
I still say fuck them and push back and that total control is there end goal.
However. I agree with what they’re putting in place at this time. It’s a one time 24 hour hold before you can install apks from unknown places.
Unfortunately, a lot of people are pieces of shit, and I know for pretty much a fact that making this move will prevent old people from getting scammed. Especially for more targeted attacks where you can use ai to fake one of their relatives voices. It pumps a brake on scammers getting people to grant access while under a panic.
So if you’re tech savvy, you’ll just have to wait an extra 24 hours before you can start side loading after a phone reset or new phone purchase. Not a big deal if it keeps my pops from having his bank account drained. The guy got in a panic when his Facebook billiards game lost his score data. The guy would have left his phone with someone for a week if they told him they could have gotten it back.
It’s an attempt to functionally black list every android developer that doesn’t want to give Google their personally identifiable information and fuck you for carrying water for this full on fucking fascist move. Your argument is bullshit.
…Do you not know what they’re implementing?
All it is, is a one time 24 hour hold when you want to install a non play store apk. You click “allow apks from unknown sources” and then a day later your phone behaves just as it does right now. The end.
Except google has no business telling me what the fuck I can and can’t do with my own fuckin property. Good for you that you like the taste of boot leather and the feeling of a heel on your neck but it’s none of googles fucking business what I do with my devices in the first place including what I install on them. And the fact you’re deliberately ignoring the clear chilling effect this will have on android open source developers by attempting to force them to register with Google proves you’re engaging in bad faith and a shill. Go throat your boot somewhere they tolerate quislings.
This is clearly not designed to keep people secure. If it was, Google would not force you to make your device less secure to install apps of your choice.
The only way it reduces security is by increasing the attack surface. There is no “now anybody can get root on your phone” vulnerability for enabling developer options, and if there were, Google would patch it. I always enable developer options as soon as I get a new device.
Because of this, the audit described in the “Other” link is deprecated.
I always enable developer options as soon as I get a new device.
That’s great for you, but you and I are not the targets that Google is supposedly trying to protect from supposed scams.
Lol at what you call “proof”. Also, no one said you had to leave it enabled. Also, also, dev options is a security risk BECAUSE it allows for side loading. Hahaha
Security should not control us, we should control security. In other words, this is not the right solution.
There’s a middle ground between complete disregard and complete lockdown. If you’ve got a better solution to scammers that isn’t going to drain your battery, invade your privacy, or hog up resources, I’m all ears. Grow up a little and maybe stop being so “me” centric.
Tone it down. Do you still want to be nurtured by the big corporations like them being your mommy? A solution is already out there, it is called secure boot. Google has unnecessarily convoluted the boot chain, and even the OS VM.
Do you think UEFI on a smartphone is a bad idea?
Also, the Android VM is not even necessary, it just makes development cumbersome, cross-platform compatibility worse, and I could go on.
It’s not for me. It’s for the tech illiterate. Secure boot doesn’t stop you from granting remote access apps from running.
Security at the userspace level should be taken care of by the company behind the apps.
They can claim this is for security all they want, but it was announced suspiciously close to the courts ruling that Google needed to open up their ecosystem to other app stores.
The courts ruled that users need to be able to install competing app stores without any warning, which is different from how it works today. Obviously allowing installation without any warning would be a boon to malware authors, so they added a way for third party app developers (including app store app developers) to verify themselves and distribute apps outside the Play Store without a warning on installation. Now Epic can verify with Google and distribute its app on its own website without needing to tell the user how to dismiss a scary warning, and the same is true for Safeway and Proton and other developers that might want to self distribute. On top of that, now GrapheneOS can implement its own verification system using the same OS-level APIs. Maybe app authors can distribute apps themselves for users of GrapheneOS by registering their repo with a verification system that runs an automated security audit on the repo and ensures reproducible builds.
Now that there is a way to distribute apps safely outside the system app store, that probably prompted them to look at what was causing malware problems with the current unverified app installation flow, and they came up with that system. Saying it’s some massive conspiracy won’t force them to change their minds, especially since there aren’t enough users who care to make a dent in their revenue. Proposing a less onerous way to stop malware and bringing that in front of a judge on behalf of the app developers who are harmed will.
Google is “only” locking you out of using your phone for 24 hours…
For extra security, let’s make it a week. Let’s make it a month. Let’s make it a year.
It’s a holding period so a phone scammer can’t be on the phone with you or over a live chat having you enable and install what they want right away. You’re kind of an idiot if you can’t see that it would work. Cry me a river if you have to wait a day before installing some of your shit.
Of course it wouldn’t work.
Do you think putting a 24 h lock on your grandma’s front door will prevent scammers from coming in?
No. No it won’t. Any good scammer will be organized enough to start the scam and release the lock, then return after the timeout to finosh the job.
Do you think people vulnerable to scams will magically notice the scam in 24 hours?
Also, do you think most scams use sideloaded apps? Amazon gift cards are an easier vector. There’s also premium SMS.
Modern scams have nothing to do with security. They prey on people who fall for them. No security measure, save for a trusted friend telling them it’s a scam will work.
What this is is a thinly-veiled attempt to lock users out of using their own devices and to strenghten a slowly-crumbling ecosystem.
Yes, I know it will help prevent it. I’ve seen it happen in real time. You have time to think if it sounds suspicious after you get off a phone. You have time to decide to call your bank and ask. A lot of times scammers will pretend it’s to help a family member in trouble and they need the money immediately, but now the person has time to call others in the family and discover it was all a lie.
You obviously don’t know how easy it is to pressure people in the moment, and how much harder it is to do after they aren’t under an instant time constraint. Hell, I used to work in sales and I’ve done it. People do illogical things when they’re caught up in the moment. I know 100% this will prevent some people from being scammed.
Well, I was thinking along the lines of, if you fall for a crypto scam, 24 h does nothing about it.
If someone calls as a Nigerian Prince and you want to buy in, a cooldown won’t help either.
If someone impersonates your close family, it just might. But I imagine scammers are smart enough to dissuade the victim from calling the known number with a reasonable excuse. Then the cooldown wouldn’t help in this situation either. Something something scammers being good and all that.
And even if we disregard all that, there’s always the option of having the switch have no cooldown if set during initial device setup. Afterwards - sure. Give a 24 or 48 hour cooldown.
If someone wants it immediately - they can do a factory reset.
But the problem is - this is not what’s being done. What is being done is the start of a 72 hour cooldown, then 1 week, then 3 months, then no option to switch off at all. This is what I’m against, and what most other Lemmings are.
And to top it off - acting like this to “protect users” is a slippery slope of ignorance in and of itself.
You see, putting users under a glass dome (what all these “security” measures are) takes away their knowledge. With enough hand-holding (“security” or otherwise), they end up dumb, ignorant and incompetent.
“With great power comes great responsibility”. Well, the opposite is also true: “With no power comes no responsibility”.
And such powerless users are the ones who will, ironically, fall for ALL the scams.
The ones who are so “protected” that they have no common sense idea of how and what their phone does.
Once “logic” turns to “magic”, you’re in for a wild ride.
Because, even if they do know (which most won’t), they won’t be able to prevent the scam.
Why?
Because they’re mostly locked out of and don’t have posession of their phone.
They may be the owners, but Google is the one who can do what it wants with the phone. Not the user.
Cry me a river if you have to wait a day before installing some of your shit
wtf
Ok? Its still my phone, my hardware, and now I have to wait 24 hours before I can install wahtever I want on the phone that I goddamn paid for with my own goddamn money.
Also, let’s not pretend as if they not eventually going to go back to their original plan once the initial backlash dies down and people get used to the new norm.
That’s what they’re doing *so far. * I very strongly doubt this is the last time the deal is altered.
Stop softening the message. They can just turn off any app for any of no reason. This is the same as removing ur ability to do so
Doesn’t the new process require the use of Google Play Services?
Removing it would thus render a device unable to install apps at all.
For everyone unaware, enabling developer options already makes your OS less secure, so Google is requiring you to make yourself more vulnerable just to have the right to install any software, not just those allowed by Google. This has been among others confirmed by GrapheneOS themselves:
Thank you, ''preciate the links
This is supposed to be a simplified message for tech illiterate people. While it may not be fully accurate, the alternative is something that <= 5% of the population will understand.
Additionally, as others have pointed out, this is how the change was originally planned. It was only adjusted due to massive backlash. Apparently the current backlash is not enough for Google to adjust it further.
A change I still wholly reject. Everyone should reject this change. No compromises.
And more correctly, harder to install apps the first time but easier than it is now to install apps in the future because that setting will now be copied to new phones instead of having to go through the flow again each time.
But I want to be angry!
This was their solution to the massive backlash after they announced removing it altogether. We’re still worse off, and we already know their intentions. They’ll revisit the attempt later on. You feel for their ratchet effect. Stop applauding
Who’s applauding? I’m not rooting for Google, but if you buy a stock Android device with the idea that Google is looking out for you, you’re an idiot. They have shown time and again that they are evil, but you buy a device and think, “Android is for digital outlaws, like me.” you’re delusional.
I use Android because the phones are dirt cheap. Most of these sort of phones are sold either at cost or at a loss, so it’s hard to complain.
Please consider donating to PostmarketOS to build up a pure mobile Linux alternative that is completely free of Google’s influence. It’s the best option we have.
Serious question: what’s to stop Google from just axing AOSP, and what would that mean for GraphenOS? As a company they seem to have become vindictive and I just feel like as soon as it becomes a big enough thorn in their side they will retaliate.
Amazon’s Fire OS is android but they’ve announced a new webOS ripoff, VegaOS, Linux running HTML5/react apps. Normally I’d think this kind of diversity is a good thing, but apparently it’s locked down even tighter and side loading into Vega OS just isn’t a thing at all.
Edit: the point I was trying to make is that some vendors are working to get away from Google’s Android foundations completely. I would think that graphene could go that route if the rug was pulled. But good luck with device support when the device specific source isn’t released.
They are basically heading down that path; I believe they started developing in private then they dump all their code twice a year for the public, which has made developing GrapheneOS (etc) way harder to manage.
I can only imagine they want to limit projects like Graphene, but they still want to release source because what made Android big was/is all of the “3rd party” phones like Samsung, etc… but now Google has their own hardware who knows what could happen.
It definitely feels like the end times where we are clinging onto our last freedoms (thanks to privacy friendly roms) before we privacy-seeking folk jump to linux phones (when they become useable/stable).
I think they (GOS) saw the writing on the wall, and this is why they’re now partnering with an OEM (Motorola) so that they are able to continue developing GOS without being kneecapped? I may be wrong, just my understanding
Yeah you are probably right, Google could at any point (for example) lock the bootloaders on Pixels, which would mean no one could install GrapheneOS in the first place.
They are still kneecapped in the sense that they are still developing on top of AOSP, so sadly the bi-yearly code drops will probably still affect them greatly.
No getting around that though and there’s always the possibility Google restrict access to AOSP source code to the point where GOS can no longer access it, in which case the sales of their new phones might allow them to go down the road of full development of their own hard fork of android from the last released version (that might be an impossible ask, I dont know).
Anyways I’m specticilatin’ 'ere
My latest phone is a Fairphone 6 with e/OS preinstalled, so it came degoogled and easily repairable out of the box. I intend to keep it for at least a decade. I cant imagine a feature I would be willing to upgrade for, so I’ll probably keep it longer than that.
the minute fair phone releases board schematics for the 6 I’ll buy one. they did it with the 5, id love for them to do it with the 6.
I wish i could trust the fairphone in the US but I think it only supports t mobile…I travel a lot and need solid connection in case I need lyft to work or something. And airline apps…
Hoping that Graphene Motorola partnership ends up making Graphene some really well supported target for bank/finance apps for those that make that a part of their required features for a phone. I can live with Firefox. Many seemingly can’t
Bring back RAZR days! I had so many razrs. Iove them
Vanadium on GrapheneOS will probably be what most people go with for website compatibility. Assuming they aren’t switching to GrapheneOS for the main aspects but just want to get away from google
it was never your phone to begin with.
OUR phone
Stallman was right. Software absolutely needs to be free.
And so do we.
Does this remove apps already installled on my device?
Only if play protect thinks it’s a virus
Fine, ill go back to dumb phone era. 3310 here i come old buddy.
GrapheneOS would be great, if it would just support 1000x the hardware it does now. With the extremely limited hardware it does support it’s practically as good as useless for the vast majority of Android users
I’d switch tomorrow, would if I could
“Unfortunately” they prioritize security and no phones but Pixels and their upcoming Moto have all the necessary hardware.
If you don’t care as much about security however and just want to get away from google there’s plenty options, like LineageOS or /e/OS.
Personally I wanted both, so one day when it was time to switch phones I bought an unlocked Pixel instead of some Samsung with a fancy camera. Android users could all do that tbf, it’s not like phones last forever these days, the question is if they prioritize security and privacy or features (that will probably be different on GrapheneOS anyway, that fancy camera is only so fancy because of the onboard processing done by the phone, your pics won’t look as good on Graphene.)
Most hardware doesn’t support the fundamental security requirements of GrapheneOS, so that will never happen.
Look into things like /e/OS or Nothing Phone on the Android side, and the various Linux options (Jellyfish OS is, I think, the most advanced).
