TL;DR

  • Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
  • The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
  • Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
  • flop_leash_973@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    5 months ago

    The world of mobile phones is a real world example of what we avoided on the PC back in the day when the IBM BIOS got reverse engineered allowing for someone to put out an IBM compatible PC without having to pay the tithe to big blue first.

    It has been pretty depressing to me that the tech literate have been so easily lulled into accepting such things in the name of “cool toys” and “security” virtually everywhere in modern life besides the PC/laptop/server spaces.

    This sort of control and gatekeeping from the likes of Google, Apple, and Qualcomm was not something that was hard to see coming a mile away, yet we all collectively let it happen anyway.

    • dejected_warp_core@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      It has been pretty depressing to me that the tech literate have been so easily lulled into accepting such things in the name of “cool toys” and “security” virtually everywhere in modern life besides the PC/laptop/server spaces.

      From my exposure to supporting said folks with PC related problems, its easy to see the reality here. Phones provide a streamlined experience with zero frills. They don’t want super flexible computing devices, they want appliances. More to the point, the level of care and maintenance needed to have a top-shelf PC experience is time and effort most people would rather not expend. Doing this right was inconvenient to begin with, and left the field wide open for anything that would be easier.

      • flop_leash_973@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        My complaint is not that the “appliance” solutions exist for those that want them. But that there is next to no room in the market now for options that are not those “appliance” solutions for those that do want them but also want to take part in the modern tech world with things like NFC payments without having to trick the services with Magisk modules.

        • dejected_warp_core@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          Oh, we’re on the same page there. I’m complaining about that too. Things are shifting from “make the environment easier for some people” to “painstakingly chisel out an expert mode like you’re escaping from Shawshank.” and I do not like it.

  • yamanii@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    We’ve started the process of talking to regulators and they’re interested.

    Oh that’s great, they aren’t actually suing since that would be a pretty big money pit, they are going straight to regulators, something can happen.

  • jetsetdorito@lemm.ee
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    the only reason I’ve wanted to be rooted in recent years is when I didn’t have hotspot on my plan and the most complete way around that was with root.

    I think I would like a degoogled Lineage/Graphene OS though

  • Blackmist@feddit.uk
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Even without the custom ROMs, the whole Android ecosystem is a colossal fucking mess.

    I’ve got old apps that won’t work any more. It’s not even compatible with itself.

    People give Windows a load of shit, and deservedly so for some of it, but it’s a million times more usable than Android when you want shit to “just work”.

    • Emerald@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      I’ve got old apps that won’t work any more.

      That’s true for every operating system. Old apps aren’t updated to use new system APIs and such and they eventually stop working.

      • Blackmist@feddit.uk
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Yet I can compile applications that work on Windows XP, and they still work under Windows 11.

        It’s not as if Android is some svelte slimline OS where every byte matters. There’s plenty of room there for keeping compatibility with older apps.

        • TrickDacy@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          Dude there’s millions of lines of code and thousands of hours per year that keep old windows shit running. It’s a nightmare to support that. Microsoft has made that a priority and you can easily argue it shouldn’t be, but you seem convinced that’s the only valid path. It’s not.

      • yamanii@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        On desktops we can use virtual environments, translation layers, plenty of solutions to make old programs and games work on a modern OS. Phones are somehow incapable of this.

    • Tja@programming.dev
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Same with iOS, I don’t know why you are singling out Android here. My favorite game back when I used an iPad stopped working after certain update. It was a puzzle with rails and colored trains, can’t remember the name now.

      Windows and Linux are quite a lot better in this regard.

      • NoisyFlake@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        I suppose you’re talking about a 32-bit app that wasn’t updated for the newer 64-bit architecture. If yes, then there’s actually a technical reason behind it, not just Apple being dicks. Because other than 32-bit apps, every app that received a 64-bit update should still work on the latest iOS.

      • Blackmist@feddit.uk
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        I’m not singling them out, it just happens to be a thread about Android.

        There’s no reason for mobile OS’s to be flaky like this. There’s nothing magic about either that means old stuff can’t be supported. It’s just that trillion dollar corporations apparently can’t afford the resources.

        • Jakeroxs@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          There kind of is, software changes and things need to be updated by comparison, your windows example is a double edged sword, there’s a lot of bloat and Microsoft can’t make changes that might be beneficial on windows because of all the backwards compatability layers and services they generally leave in. It’s good and bad in it’s own way.

    • TunaCowboy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      I’ve got old apps that won’t work any more.

      People give Windows a load of shit… but it’s a million times more usable than Android

      Where do you run your old Windows Phone apps nowadays? What about new Windows Phone apps?

    • FutileRecipe@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      I’ve got old apps that won’t work any more.

      I’m actually for this. The bar to entry for the Play Store is too low with too many low quality and unmaintained apps. I’m all for booting insecure and super old apps. They cheapen the ecosystem.

      • Blackmist@feddit.uk
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Well that’s all very well, but I’ve got a bathroom speaker I can no longer access.

        So how about instead of Daddy Google deciding what’s best for everyone, they let things run and give you a warning?

        Hell, I’ve even got games I’ve paid for that are now gone. Honestly, fuck them for even thinking that’s acceptable.

        • yamanii@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          Same, it’s why I never buy a game or app nowadays, they will just stop working when the new OS version comes around, devs already got their money so they don’t have any incentive to care, and contrary to PC I can’t do shit about it myself on my phone, there’s no “androidbox” to run old apps inside my phone.

          • Blackmist@feddit.uk
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            It doesn’t allow direct connection. You have to dick about with a stupid app to put it in “speaker mode” first.

            • LinusSexTips@lemmy.world
              link
              fedilink
              English
              arrow-up
              0
              ·
              5 months ago

              Gives me Sonos vibes.

              I won a Sonos speaker years ago, thing needed (from memory) an app to switch to AUX mode. The speaker sounded great but I didn’t want to install an app just to use the thing.

              In a grand spectacle my ex’s cat kicked a potplant off a windowsill into our fish tank. That shorted a power board, we didn’t have breakers (ceramic / wire fuses) which ended up killing the speaker.

              Honestly as nice of a speaker it was, good riddance.

            • Gingernate@programming.dev
              link
              fedilink
              English
              arrow-up
              0
              ·
              5 months ago

              Damn that sucks!!! I wish there was a way to sandbox older apps. I’ve ran into the same issue with old apps before.

        • corsicanguppy@lemmy.ca
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          5 months ago

          You’re really arguing for a covenant around tech that companies want to orphan. The rule needs to be the code is opened and a slacker code owner is appointed for handover.

          This is gonna embarrass Google a Lot but it’s gonna embarrass azn and m$ a whole lot more.

          The forced alternative is a refund if you can bring something recognizable with a serial number to your post office or something as ubiquitous, present and staffed - have them validate in the loosest fashion and require like 10 bizdays for the cash refund.

          Whether or not the post office is there for that or charges the OEM for the notary-light service is a matter for the courts, the USPS, and these days probably the fn SCotUS.

          • Blackmist@feddit.uk
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            So it’s my choice to run them?

            If I can download an APK, I should be able to run it in a “compatibility mode” and have the OS do it’s best to run it.

            • conciselyverbose@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              0
              ·
              5 months ago

              It can’t.

              A compatibility mode would involve meaningful cost, massively compromise security, and not have a chance in hell of working.

              • gh0stcassette@lemmy.blahaj.zone
                link
                fedilink
                English
                arrow-up
                0
                ·
                5 months ago

                They could just spin up a container of some sort. It’s still fundamentally Linux, so it should be possible to run Android inside an lxc container the same way you can run a desktop Linux distro in docker (which is based on the lxc functionality in the Linux kernel)

                • conciselyverbose@sh.itjust.works
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  5 months ago

                  The point is that you have to emulate a fuckton of low level access to even have a chance of anything working. Either you replace the actual hardware access with junk data, making none of the apps work, or you break the whole permissions structure, and your security is completely gone.

                  All of those APIs were deprecated because it’s impossible to provide them in any way that resembles security.

        • TrickDacy@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          So how about instead of Daddy Google deciding what’s best for everyone, they let things run and give you a warning?

          That is not what’s happening. It takes tons of work to maintain backward compatibility but you’re framing it as though it doesn’t and they’re just being a holes on purpose.

    • Squizzy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      How we all wish there was a third option, I would genuinely take less functionality in favour of privacy and performance. I don’t need AI and fancy image processing. I want to use my phone to pay the old way, like when samsung copied the magnetic strip info, not like now where google gets a copy of my receipts.

      Sucks iOS is the alternative, nearly gave in last week but the price was just too much for what I was getting.

    • TrickDacy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Software that is 10 years old and unmaintained is likely unsafe to use and therefore shouldn’t work. Windows has a lot of issues specifically because it’s backward compatible with ancient software, actually. Security and a path forward should matter more than clinging to old software that must stop working someday regardless of how hard you try to delay it. Emulation/VMs are and should be a way to work around that on desktop and it would actually be nice if mobile OSes had that too. That way at least the ancient software can be sandboxed and not a security weakpoint. The right approach though is not to do this horrible patchwork of APIs like windows which creates a security nightmare

  • jabjoe@feddit.uk
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Why does this call the problem by it’s name, monopoly.

    Android is another area Google are abusing their monopoly. Sure the phone market is a duopoly, but that doesn’t help. Apple is even more locked down and user abusing.

    Lots of app companies, like bank apps, think locking their apps to only work on official Android is best for security, but that compounds the monopoly. It’s also arguably less secure!

    • MHS@lemmy.wtf
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      5 months ago

      I don’t even understand. Am I getting this wrong?? Does the payment processing happen inside the banking app?! Because if so, that’s the bigger problem isn’t it? All the checks for correctness should happen on the servers that the banking app connects to, not the banking app itself. If that’s already the case, then what are they worried about? I’m probably missing something here, but honestly I just don’t understand why they would do that.

      • jabjoe@feddit.uk
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        The app will almost certainly mostly be just wrapping a web interface. But this dedicated browser can provide the site with all the access of an app. The idea will be only this browser can be trusted to access this site and can check the run environment before connects. I’m they’d do the same on the desktop, if they thought it would be swallowed.

  • xia@lemmy.sdf.org
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    What get’s me is the “this phone cant be trusted” message on boot. Implying oem roms are trustworthy, but nothing i choose.

  • Wildly_Utilize@infosec.pub
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    5 months ago

    Recently moved to graphene couldn’t be happier

    I don’t care about these apps but it will only get worse over time if not addressed. I could see things as simple as Spotify, Netflix, etc. Refusing to run

    I don’t use those services either but that’s not a future I want

  • Eiri@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    I really hope they fix this. When support for my old OnePlus 6 stopped, I was going to install a custom ROM until I realized bank apps, and most security-centered apps, wouldn’t work. So I ran with an out-if-date, possibly vulnerable OS for a year until (probably) corrosion from liquid exposure finally did the phone in.

    Really bad thing to incentivize.

  • androidisking@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Here’s a harsh truth and a reality some tech users need to wake up to.

    Google has never cared about open-source. They have never cared about user-choice/user freedom. They could easily tomorrow make Android closed-source and that would be the end of Android. It has always been about control. Apple got that authoritarian idea correct long ago by locking down the entire OS.

    Google is allowing open-source modding only because there’s a large community out there that cares and wants it to thrive. And since it runs on Linux, it would make Google look VERY bad if they removed bootloader unlocking, open source, removed features that causes issues for custom roms.

    Google doesn’t care you YOU. If they really cared, they wouldn’t be slowly removing features or adding anti-user features that in the long run, don’t benefit anyone but them.

    I’m glad the government declared them a convicted monopoly. I’m still ashamed it took them this long to finally go through with it.

    What an insane world we live in.

    • auzy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      5 months ago

      There is another side to this coin though,

      Android roms took googles work. The community could have assisted with other mobile os systems like Firefox OS or Ubuntu mobile but didn’t.

      Instead ROM developers wanted a cookie cutter solution.

      In practice, Android is actually fairly open. Republicans have a weird obsession with Google (remember that weird hearing where they clearly didn’t understand technology). You can even disable the inbuilt apps

      This could lead to a situation like windows where 50 popups are added. It’s could backfire and it benefits Apple a lot. That’s what I’m concerned about. I’m worried that I’ll end up paying for Gmail or more for Android. And Google will get blamed for it

      • Squizzy@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Can you handily disable notifications being monitored or the keyboard informing google on your typing? Disabling apps is surface level, the software is free to te end user for a reason, google harvests us.

    • Avid Amoeba@lemmy.ca
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      5 months ago

      Spin off the Android team into a nonprofit. I’m pretty sure OEMs would be all over that.

        • Avid Amoeba@lemmy.ca
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          5 months ago

          Actually this isn’t the pwn you think it is because funding results in favors and control. Remember the OpenAI non-profit and Microsoft? You want it to be funded by more than Alphabet. Ideally you want Alphabet’s funding share to not be the largest at all. You want government funding too.

  • Emerald@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.

    I call those “apps not worth using”

    • Allero@lemmy.today
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      5 months ago

      You’re right on that, but we can’t expect everyone to act the same and ditch such apps all at once. So, it’s very important to point the issue out and take action to stop it.

  • MentalEdge@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    Hell yes.

    It’s fucking open source, this is no different from games with intrusive anti-cheat refusing to run on Linux, except it this case it’s not even a different OS.

    It’s monopolistic and anti-user.

    • lemmyvore@feddit.nl
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      Ironically, if Graphene would succeed, it would lead to a system that’s every bit as locked down as a manufacturer’s Android. GrapheneOS would also not allow you to have root etc.

      IMO Graphene wants a place at the big player table. They’re not in it for user freedoms.

  • umbrella@lemmy.ml
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    yeah. like my manufacturers’ 3-year-old, full-o-spyware ROM is more secure than latest lineage.

    they just want control, not security.

      • umbrella@lemmy.ml
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        thats what i do atm, but its a shitty solution when i have a perfectly good phone.

        the irony is, my second vanking phone is probably less secure, because its stuck in an ancient version of android.

        • Wildly_Utilize@infosec.pub
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          5 months ago

          Not disagreeing I was genuinely asking.

          For me it wouldnt be too inconvenient but I barely use banks so my perspective is atypical

          • Manalith@midwest.social
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            I do basically that, but with aSamsung tablet, then my phone can be for phone things, calls, messages, emails. Then if I’m out and about and need to check my bank, mobile hotspot to my phone and go from there.

            • Wildly_Utilize@infosec.pub
              link
              fedilink
              English
              arrow-up
              0
              ·
              edit-2
              5 months ago

              Dont know what you mean sorry

              I did pull $600 out my sock at the best buy to buy my pixel recently tho lol

    • Cyyy@lemmy.world
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      same bs with apps not running jidt because root or apps not being visible in playstore because of it. Netflix isn’t even showing up as existing in playstore just because i have root. it’s nuts. and there are tons of apps like this.

      • x00z@lemmy.world
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Netflix and their DRM is so extremely stupid it’s incomprehensible. It only hurts normal users while the rippers have no issues getting the content.

    • newproph@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      0
      ·
      5 months ago

      graphene sandboxes Google services so they don’t run as root on your device. I haven’t encountered an app I can’t get running on graphene yet and having Google play installed as non root is a far sight better than stock.

      my biggest problem with lineage was compatibility with banking apps so I reluctantly switched but graphene is a solid choice in operating system for privacy and security.

        • newproph@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          0
          ·
          5 months ago

          not really. after enabling oem unlocking in developer options you just boot it while holding one of the volume buttons and you’re able to unlock the bootloader.

          root is not typically available and you don’t need it for most uses besides development, but even then, I would recommend not using a phone you daily for that.

          • umbrella@lemmy.ml
            link
            fedilink
            English
            arrow-up
            0
            ·
            edit-2
            5 months ago

            sure, but unrooted custom roms also trip the protections.

            root can sometimes be used to mask that.

            • newproph@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              0
              ·
              5 months ago

              you’re already over my head but you can talk to the devs. they have a matrix chat they link on their site

      • kspatlas@lemm.ee
        link
        fedilink
        English
        arrow-up
        0
        ·
        5 months ago

        Graphene is great, but I’m currently on a Xiaomi phone so I can’t run most ROMs, I’ll likely run derpfest when I get the bootloader unlocked

          • kspatlas@lemm.ee
            link
            fedilink
            English
            arrow-up
            0
            ·
            5 months ago

            I haven’t tried it yet, but it seems to have a lot of pixel features ported, I realized crDroid supports my phone so I might try that

  • mrvictory1@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    5 months ago

    I just want to buy a Linux laptop with VoLTE and be done with the product line “smart phone”. Unfortunately there is no such device (to my knowledge) and the only device that comes close is PinePhone Pro with docking station.

    • bitwolf@lemmy.one
      link
      fedilink
      English
      arrow-up
      0
      ·
      edit-2
      5 months ago

      Agreed. I always loved the idea of the HTC Mini +.

      Put the sim in your laptop, that’s the connectivity hub. The mini phone piggybacks the LTE connection so you don’t have to pull out your laptop for simple calls, texts, navigation or music actions.