_______ __ _______
| | |.---.-..----.| |--..-----..----. | | |.-----..--.--.--..-----.
| || _ || __|| < | -__|| _| | || -__|| | | ||__ --|
|___|___||___._||____||__|__||_____||__| |__|____||_____||________||_____|
on Gopher (inofficial)
HTML Visit Hacker News on the Web
COMMENT PAGE FOR:
HTML Keep Android Open
david3289 wrote 10 hours 27 min ago:
It's just google making money again...
david3289 wrote 10 hours 28 min ago:
Android is open source if you can customize it and even now you can't
install apk files anyway
It might work I actually don't know
david3289 wrote 10 hours 54 min ago:
Android is code-only "open source" but not actually open since if you
make an app and put it in apk it automatically makes the file look
dangerous making developers pay for Google Play store
pino83 wrote 1 day ago:
I'm always baffled why there are obviously enough people (not only here
in particular; but also here; and sure, it's not a majority, but it's
enough people to actually have some influence) who can formulate all
these claims, but the actual movement is quite disappointing.
As long as everybody knows that you are just talking, but in the end
you are basically fine with everything and declare "pragmatism" and all
those lame excuses from the last ~20 years, there will never be any
actual movement for the better. So why taking care and constantly
having those lengthy debates?
Is it just your way to deal with frustration? Or what are these
discussions actually for?
I'm really just asking, because I'm actually asking that myself since
quite some time now. I just don't get it. The same for some other yet
similar topics, e.g. having these dependencies to corporate social
media, ..., ...
Additional thought: I also constantly find people somewhere, fighting
some decades old fight, e.g. against Windows and Microsoft, and how bad
it is in terms of privacy, sovereignty, freedom, ..., and Recall, etc.;
but if you ask them "Do you use WhatsApp?", they don't even have a clue
why you ask...
IMHO, if the community isn't able to recognize that entire mindset as
problematic AND find some actual solutions for it, there is no value in
all these discussions.
ece wrote 1 day ago:
The value is in awareness, it's easier to switch for some than
others, but that comes after awareness.
ece wrote 1 day ago:
If signing apps is required, then self-signing with your own key should
be an option, in addition to a virus scan. Signing authorities have
gotten things wrong, which is forgivable as long as they are learning
from mistakes, but not letting people run and auto update the apps they
want on the device they bought because of device restrictions, scare
screens, or other roadblocks is the main complaint here.
linuxhansl wrote 1 day ago:
+1000
I donated a few $100's to the petition.
With 23,623 (as of today) signatures I doubt anybody really cares, and
we'd all rather be cheeple doing the tech companies' bidding as long as
we can flop on our couches and consume.
Clearly Google wants to make money off their monopoly (created in part
from initial openness) and they are disguising it as some
security/safety enhancement bullsh*t. Shameful!
My main question: I chose Android over Apple because of the extra
freedoms it affords me. When that goes away, what reason do I have
continuing with Android?
erelong wrote 1 day ago:
we really need to build up a third party linux mobile ecosystem as an
alternative to the ios / android duopoly
ollybrinkman wrote 1 day ago:
Openness at the OS level matters less if the platform layer above it is
closed. Even on Android you're dependent on Google Play Services for
payments, push notifications, and maps â all closed. The real battle
is at the API and payments layer. The web had a brief moment of
openness there, but we ended up with Stripe, Twilio, etc. as de facto
monopolies. The next round will be interesting with AI agents that can
programmatically switch providers based on price.
dhayabaran wrote 1 day ago:
Exactly. The fact that we've all internalized "store" as the default
distribution model is itself a win for the platform gatekeepers. On
desktop, nobody calls a .deb repo or a download link a "store" â it's
just software distribution. Android sideloading should be the same:
download an APK, verify the signature, install. The entire debate
around "alternative stores" already concedes that distribution requires
someone's permission.
tschumacher wrote 14 hours 27 min ago:
Google has been clear that installing apps through sideloading and
from other app stores will continue to work as long as the developer
went through the verification process to get their app signed.
Source:
HTML [1]: https://android-developers.googleblog.com/2025/08/elevating-...
curt15 wrote 9 hours 2 min ago:
What recourse does one have if Google simply revokes the permission
it granted?
miggol wrote 13 hours 44 min ago:
Yes, the entire point is that requiring Google's permission to
sideload anything is very bad.
The linked post by F-droid additionally points out that even that
very bad case is not certain. We shouldn't trust that Google will
even allow sideloading at all based on their words on their own
blog.
Media has a responsibility to report that there is no evidence that
Google will even allow anyone to sideload at this point.
ThrowawayTestr wrote 20 hours 41 min ago:
It's called a store because you can pay people for their labor. The
fact that free apps exist is just a bonus.
TexanFeller wrote 23 hours 20 min ago:
App stores may reduce many of my freedoms, but they also provide me
with some other freedoms by limiting the power of big tech companies
over me, and the tradeoffs are different for my phone compared to a
PC. For example Apple uses their big stick to ensure that apps can't
simply refuse to work if you enable privacy setting that limit them.
If Facebook refuses to work until you give it full access to your
photos and exact location even when the app isn't running the
realistic outcome will be that everyone will just give them what they
want rather than not using the service. I remember years ago on
Android that Google Maps would refuse to work if I didn't allow it to
access my location when it wasn't running, and I never want to go
back to that world.
realusername wrote 14 hours 10 min ago:
You probably picked the worst example as Apple gave Facebook a pass
a few times as Facebook is too big to fail.
idle_zealot wrote 21 hours 23 min ago:
> For example Apple uses their big stick to ensure that apps can't
simply refuse to work if you enable privacy setting that limit
them. If Facebook refuses to work until you give it full access to
your photos and exact location even when the app isn't running the
realistic outcome will be that everyone will just give them what
they want rather than not using the service
Apple also stops you from installing third-party apps for the
service that circumvent those and other limitations. In an open
system you can intercept the app's requests and feed it fake
responses, spoof your photo album, GPS, whatever. They can try to
detect spoofing, but at the cost of making their services flaky for
normal users. This is a cat-and-mouse game that the mice (that's
you) win. Except you can't play it on an iPhone, because it breaks
the service's (probably illegal) Terms of Service, and Apple will
use their Big Stick to ensure nobody can commit acts that risk
their partners' business models.
ece wrote 22 hours 5 min ago:
So let's give Google more power.
1vuio0pswjnm7 wrote 1 day ago:
"Android sideloading should be the same: download an APK, verify the
signature, install."
Download source code from mirror, verify signature, compile, install
If the target OS is under the control of a giant surveillance and
online advertising services company, then what is the probability of
the company allowing mobile hardware buyers to control their hardware
using software of their own choosing. Is it non-zero
The entire debate around "Android" already concedes that mobile
hardware requires an OS controlled by a giant surveillance and online
advertising services company
1vuio0pswjnm7 wrote 23 hours 34 min ago:
There is additional irony in that the people who started the giant
surveillance and online advertising services company in the 1990s
relied on OS projects^1 that allowed users to download source code,
compile it, install it and run it, all for free, without
restriction aside from "copyleft" provisions. The company's
"search engine" ran on open, permissively-licensed software
In other words, they did not need permission from a corporation
that controlled the software
The other company whose name behins with "A" that provides a
corporate-controlled mobile OS also relied on source code that they
could download, compile, install, run and distribute for free,
without restriction (aside from attribution provisions)^2 in order
to create a mobile OS in the 2000s
1. Linux
2. FreeBSD, NetBSD
Also, the surveillance and ad services company used NetBSD libc
when creating Android
limagnolia wrote 1 day ago:
Rather ironically, the advertising giant is the one who makes
phones that are the essayist to install software of your own
choosing.
linuxhansl wrote 1 day ago:
> Android sideloading should be the same
In fact we should not even call it "sideloading", as if we are
sneaking anything in "from the side". It is simply installing
something I like on a device that I own.
My device can warn me about security consequences and let me be the
one who decides what to do (with my device).
Hrun0 wrote 1 day ago:
I have literally never thought about it like this, but I think you
are right. In my mind mobile phones were always separate from other
devices, kinda like consoles.
fsflover wrote 1 day ago:
This is actually the main idea of Purism, company producing phones
and computers:
HTML [1]: https://puri.sm/posts/foreshadowing-why-the-purism-logo-is...
trekz wrote 1 day ago:
Right. Consoles shouldn't be doing it either, but here we are...
Synaesthesia wrote 1 day ago:
The government has to step in and regulate. In China the regulation
specify that Google cannot preload a whole bunch of apps on the device.
It's perfectly reasonable. The government is picking the side of huge
corporations ahead of people. So the people need to make some kid if a
mass movement to rebel.
pessimizer wrote 1 day ago:
> The government has to step in and regulate.
The government supports this, and might have demanded it through
backchannels.
The government loves the concentration of media, because it usually
limits the people who can own information flows to a very few people
who are already deeply connected to government, or at the very least
it limits the number of people you have to threaten or bribe to get
what you want.
> So the people need to make some kid if a mass movement to rebel.
The point of controlling media is that people are isolated and can't
do anything like this. They have no idea what is going on other than
what they are told by massive corporations, and have all
interpersonal communication mediated and regulated. They're even
convinced to demand this, or evil people from other countries might
take over their minds and molest their children. If they advertise
these beliefs as often as possible, they will see this reflected in
better, easier jobs with far higher salaries.
People who ever publicly contradict these beliefs will be put on
many, many lists and their friends, family, random strangers, current
or potential employers, providers of credit or banking services, and
people who rent housing will be encouraged to also mock, threaten and
isolate the people on the lists, or be mocked, threatened and
isolated themselves.
When you're isolated, it doesn't matter if you're right and if what
has been done to you is obviously unfair. Nobody will notice.
mhher wrote 1 day ago:
I need to check if Aurora Store still exists/works.
edg5000 wrote 1 day ago:
I want Google as an app, not OS. Hear me out. Imagine an open device
where you can run Google as just another sandboxed app. Inside, they
can exert all the control they want. My bank and government can force
me to use Google.
Then, at least I control my hardware and my OS.
It's just nasty to have your device and OS controlled by an
antagonistic entity.
I see this in people why have used antagonistic software for decades
and have become zombified and shellshocked; the idea that software
could be on your side is to alien to them. They hate software and
technology and just want to get some work done. They tolerate the abuse
because they can't fight Google alone; it's pointless to resist.
ignoramous wrote 1 day ago:
> Google as an app, not OS [1] [2]
HTML [1]: https://furilabs.com/
HTML [2]: https://jolla.com/
HTML [3]: https://pine64.org/devices/pinephone/
stavros wrote 1 day ago:
Yeah but what you just said is "I don't want to run Android", which,
sure, you can do.
allddd wrote 1 day ago:
GrapheneOS is as close as you can get to something like this.
fsflover wrote 1 day ago:
No, PureOS is closer.
intrasight wrote 1 day ago:
You have that. Run Chrome browser on Linux. We should be thankful we
have Linux.
elAhmo wrote 1 day ago:
But Google doesn't want you running their app and not their OS, this
is the whole idea behind Android and their hardware in general :)
Synaesthesia wrote 1 day ago:
Well yeah that's the problem. The Google monopoly. Google and Apple
are the only one out there, in the West at least. It's a huge
problem. We have given all the power to two giant corporations.
Really the only institution which can compel a change is the state.
xvilka wrote 1 day ago:
A good opportunity to donate[1] to the GrapheneOS[2]. [1]
HTML [1]: https://grapheneos.org/donate
HTML [2]: https://grapheneos.org/
shrx wrote 1 day ago:
As long as it will be pixel-exclusive, it will remain useless to the
vast majority of android-capable phone users.
briandear wrote 1 day ago:
Why doesnât the market respond? If people donât like Android, it
seems like a market opportunity to make another OS. People love to
complain about Apple and Googleâs âmonopoly,â but doesnât that
present an opportunity for someone to build their own thing and if
enough people want it, they will be able to sell it?
skue wrote 1 day ago:
How do Google and Apple plan to deal with the immense influx of
personal apps that AI will help non developers build?
Recently, I was thinking that AI might force Apple to open their
devices, because if Appleâs competitor allows sideloading, then the
creatives and builders most likely to build their own apps will migrate
to the platform providing less friction to getting custom apps onto
their device. But apparently THIS is the time that Google has chosen to
start locking down their devices as well?!
IshKebab wrote 1 day ago:
AI is not yet at the point where non-developers could use it to build
useful apps. I've tried. It gave me a good start that saved me a ton
of time setting things up but the result was buggy and had a lot of
bad code, so I still had to read and understand it all and fix the
issues.
aussieguy1234 wrote 1 day ago:
We need viable Linux on phones now more than ever. I'll keep using
GrapheneOS in the meantime.
mindaslab wrote 1 day ago:
Never has evil yielded when you appeal to it.
jackyard86 wrote 1 day ago:
I visited change.org to sign the petition for them, only to get spammed
by far-right extremist propagandas supporting nazism like this: [1] I
regret giving my real name and e-mail address to that website now.
HTML [1]: https://imgur.com/a/E6LMUcB
amarant wrote 1 day ago:
So how is Ubuntu touch doing these days? I keep meaning to try it, but
never get around to it!
fsflover wrote 1 day ago:
Mobian and postmarketOS are more advanced and work more like
GNU/Linux.
budududuroiu wrote 1 day ago:
Maybe stupid question, we keep seeing "LLM figures out math problem
humans couldn't, LLM finds security vulnerability by looking at
hexdumps for 6 months straight. How hard or expensive would it be to
let some LLMs loose on reverse engineering all the proprietary driver
binary blobs?
People mentioning forking Android is hard, how easy do LLMs make this?
largbae wrote 1 day ago:
Does the AI boom help with this? Can we donate enough token-budget for
GrapheneOS to maintain a fully functional fork?
okanat wrote 1 day ago:
You are overinflating how useful AI is. Moreover most FOSS people
actually don't want any AI written code unless the human driving it
has done equivalent amount of work understanding and designing it
from scratch.
cube00 wrote 1 day ago:
Good luck, no bank will touch a non-Google blessed platform with a 10
ft pole.
G_o_D wrote 1 day ago:
Whats Andy Rubins take on this ? The original developer/contributor to
android os itself
Catagris wrote 1 day ago:
If they go through with this I am switching to iPhone because there at
least I am told up front and am tried less like the a product to be
sold to advertisers.
ameen wrote 1 day ago:
Does this block something like Obtainium? [1] This is sad as thereâs
been a real resurgence of gaming devices (Ayn Thor/Odin, Retroid pocket
devices, Ayaneo, etc) moving to Android from Linux variants (Batocera,
Arc, Garlic/OnionOS).
Itâs sad but more of an incentive for folks to finally take Linux as
a viable alternative, and build on efforts made by Valve with SteamOS.
HTML [1]: https://f-droid.org/packages/dev.imranr.obtainium.fdroid/
CodeBit26 wrote 1 day ago:
The shift towards locked-down ecosystems is concerning for developers.
Openness isn't just about freedom; it's about the longevity of the
hardware we own. If we can't side-load or audit, we're just renting the
device
keeda wrote 1 day ago:
Periodic reminder (note, originaly posted in 2013): [1] At the risk of
posting memes to HN:
HTML [1]: https://arstechnica.com/gadgets/2018/07/googles-iron-grip-on-a...
HTML [2]: https://imgflip.com/i/akp488
ddxv wrote 1 day ago:
I've finally started de-googling and removing google from my life as
much as I can. It's difficult with how much of everything is soaked in
Google. I'm sure other's here have gotten much further, but everything
you do to reduce their monopoly control helps.
anon_anon12 wrote 1 day ago:
APKs were the only reason why I was using android in the first place
0xbadcafebee wrote 1 day ago:
I want Google to lock down their platform. Hardcore locked down. So
locked down you can't do anything with it at all. Because people need
motivation to do something hard.
Android has been a bloated walled garden for years. It should have been
like a PC w/Windows or Linux: anyone should be able to make an app (any
way they want), publish it, let anyone who wants to download it & run
it. But that was never the plan. The plan was to provide a moat to
allow mobile telephone operators (& Google) to dictate what users were
allowed to do with their phones. Imagine your ISP having total control
over your desktop computer. Or killing a website, or program, because
the ISP doesn't like it.
It is insane that we, the people giving them the money and agency to do
this, that we've allowed this to be the status quo. We need to do
something about it. We need to kill Android. And from the ashes, make a
new platform that works for us, and not for a corporation's profits and
anti-competition.
edg5000 wrote 1 day ago:
It's really a cultural disease to accept this. From my other comment:
> I see this in people why have used antagonistic software for
decades and have become zombified and shellshocked; the idea that
software could be on your side is to alien to them. They['ve come to]
hate software and technology and just want to get some work done.
They tolerate the abuse because they can't fight Google alone; it's
pointless to resist.
*minor edit in brackets
FrojoS wrote 1 day ago:
Reminds me of this scene from Andor:
-----
Luthen: Turning back will be impossible. You knew where this was
going. You've always knew. Has anyone ever made a weapon that wasn't
used? The network has been built. It's up. It grows or it dies. We've
waited long enough.
Mon: Do you realise what you've set in motion?
Luthen: It was time for that as well.
Mon: Palpatine won't hestiate now.
Luthen: Exactly. We need it. We need the fear. We need them to
over-react.
Mon: You can't be serious!
Luthen: The empire has been choking us so slowly we're starting not
to notice. The time has come to force their hand.
Mon: People will suffer!
Luthen: That's the plan. You're not angry with me. I'm just saying
out loud what you already know. There will be no rules going forward.
If you're not willing to risk your conscious then surrender and be
done with.
--- [1] edited: formatting
HTML [1]: https://www.youtube.com/watch?v=ao9ARb6dEfc
bigyabai wrote 1 day ago:
> Imagine your ISP having total control over your desktop computer.
Or killing a website, or program, because the ISP doesn't like it.
It's not very hard to imagine? Most people don't expect that level of
control anymore; their desktop just updates with whatever corporate
slopware is pushed out seasonally. Websites come-and-go. It's not a
hugely motivating rally-cry for average person.
> We need to kill Android. And from the ashes, make a new platform
that works for us, and not for a corporation's profits and
anti-competition.
Android is the best-working part of that equation. Microsoft
supported Android apps on Windows Phone. Jolla supports Android apps
on Sailfish OS. Linux supports Android apps in Waydroid. You don't
have to "kill" Android as a runtime or smartphone OS; just force
Google to compete with 3rd party ROMs.
0xbadcafebee wrote 1 day ago:
> just force Google to
How exactly are you going to force Google to do something?
vhanda wrote 1 day ago:
They way we usually do, by restricting their access to EU markets
unless they comply and/or fine them, and/or threats about
nationalizing the "EU Google".
What is the US going to do, apply more tariffs?
0xbadcafebee wrote 1 day ago:
You can't regulate your way to a better Google. If the
corporation's sole purpose is to slowly suck you dry, adding
terms about the size of the straw is irrelevant. Android was
created to control you and make money off you for Google. As
long as it exists, they'll continue to find ways to do so,
because it's the whole business model.
306bobby wrote 2 days ago:
Looks like I'm staying in my custom ROM lol
rrix2 wrote 2 days ago:
it's becoming ever more clear to me that i'll have at least two
devices: one running software i trust, one running software corporates
trust, with a very narrow pipeline connecting the two, if it all. my
demon-haunted device can stay offline in my bag and get hotspot'd in to
my trustworthy device as necessary.
not happy about it, but i don't see a path forward that lets one
participate in the wider ecosystem and maintain their own sovereignty
and sanity.
flaburgan wrote 2 days ago:
Could anyone provide me some clarifications?
If I understood correctly, to "protect" users, Google wants to control
what is installed on Android phones. I guess it means the Play store
will be the only way to install an app, which in turn means:
- That users won't be able to install what they want and that they
would need a google account to install apps
- That app developers have to go through google to distribute their
apps, with identity verification etc.
Obviously this is awful and would mean the end of F-droid and Aurora
store etc.
However, I'm also reading here and there that it is a threat to
alternative ROMs. To me it sounds at the contrary as an amazing
opportunity, as they can strip this verification and be the only truly
open Android, or am I missing something? Why do people link this app
verification thing with a possible closing of AOSP?
Also, Mozilla was already saying it 10years ago with Firefox OS but...
The web is the platform. 90% of the apps out there could be websites.
We have all technologies needed for this including offline with service
workers. And it works on every damn platform, even the most obscure OS
has a web browser. Don't want to be locked to an ecosystem? Just target
the web!
blueg3 wrote 2 days ago:
There's a lot of misinformation here.
> I guess it means the Play store will be the only way to install an
app
No, non-Play stores will still work, but developers will need to
register a developer account with Google that is tied to some real
identity. They already need to do this to distribute through the Play
store, but now it'll apply regardless.
This is to make it harder for scam apps to churn app signatures. Kind
of like requiring code-signing, but with only one CA.
> That users won't be able to install what they want
No, sideloading will still work, but it won't work if the APK isn't
signed by someone in the Google developer registry.
> and that they would need a google account to install apps
Nope.
> That app developers have to go through google to distribute their
apps, with identity verification etc.
They don't need to distribute through Google, but they will need to
be involved with Google and do identity verification.
> However, I'm also reading here and there that it is a threat to
alternative ROMs. To me it sounds at the contrary as an amazing
opportunity, as they can strip this verification and be the only
truly open Android, or am I missing something?
You're being misinformed. They won't even need to strip the
verification. The verification is only for certified Android -- OEMs
that partner with Google. Custom ROMs and the OEMs that aren't
certified (Amazon, some Chinese manufacturers) won't have
verification.
The target audience for verification and who would ever use a custom
ROM has basically zero overlap.
kevincox wrote 1 day ago:
I mostly agree with your points.
> > That users won't be able to install what they want
> No, sideloading will still work, but it won't work if the APK
isn't signed by someone in the Google developer registry.
So the user can't install what they want. They can only install
stuff signed by developers Google has "approved".
Yes, in the happy situation this is everything except for
developers that Google has revoked. But technically it is only
approved developers.
blueg3 wrote 1 day ago:
That's pedantically fair. I broke up a longer statement:
> That users won't be able to install what they want and that
they would need a google account to install apps
It was split up because "need a Google account to install apps"
is strictly untrue, but "won't be able to install what they want"
is more nuanced.
I did clearly say, "it won't work if the APK isn't signed by
someone in the Google developer registry".
So, it depends on what the user wants.
If they're running certified Android; otherwise it doesn't
matter.
It is only for registered developers, so of course that very much
depends on the registration system.
kevincox wrote 1 day ago:
Yeah, I get you. I think the main misunderstanding from the
original comment is that the *user* won't need a Google
account, only the *developer* (signer to be technical) will.
slumberlust wrote 2 days ago:
90% of apps are just websites with a wrapper UI.
snowhale wrote 2 days ago:
the frustrating part is that the "advanced flow" alternative Google
mentioned still doesn't exist in practice. the media ran with the
reassurance headline and most people think the issue was resolved.
quentindanjou wrote 2 days ago:
I remember not long ago arguing that having Chromium become a monopoly
was a bad thing, as it would mean Google could totally twist the web
standard in something much more closed. I think this is a prime
example.
qiine wrote 2 days ago:
The number one problem is locked hardware
martin-t wrote 2 days ago:
Crazy idea: when companies change their product, they have to change
the name.
Do you ever feel like the same food item doesn't taste the same it did
10 years ago? Maybe it's your memory being faulty or maybe the company
got new management which decided to cut costs while keeping prices,
extract the differential value from customer inertia and move on when
the product stops being profitable.
Android is the same. Certain freedoms were a part of the offering - a
part of the brand name. They no longer are. Not only should lose their
trademark[0], they should be legally forced to change the name.
[0]: The purpose of which is to identify genuine product from
counterfeits - in this case, the counterfeit just happens to be by the
same company which released the original product.
emsign wrote 2 days ago:
Since smartphone apps are often times required to do banking or
identifying yourself now and there's tons of special apps in order to
use appliances, and by that I mean really the only way to use modern
appliances is by a smartphone app, emulating an Android environment on
a laptop or PC with a bluetooth dongle is essential if you want to
leave that smartphone era behind you for good, but still be able to
function in this society.
DesaiAshu wrote 2 days ago:
The biggest surprise I had in attempting to distribute my first Android
app is how difficult it is to get beta-testers through the "standard"
channels. It requires a 1 week review and 25 beta-users invited by
email addresses
In contrast, Apple has a ~48 hour turnaround for reviews before you can
upload to TestFlight and distribute a beta with a link
Not sure if I am in some "trusted developer" cohort on iOS but not
Android - but the difference was enough for me to stop trying on
Android
davidw wrote 2 days ago:
The relative openness is the reason I gravitated towards Android and
Google. I've never really taken advantage of it, but it's nice knowing
it's there and that my phone (a Google Pixel) is something I have more
control over than with other vendors.
aagha wrote 2 days ago:
This is where I wish someone like MKBHD and others with big Android
followings would speak up and say they will both blast this practice
and not review any new Android phones/(Google) apps unless there's a
full walk-back of this position.
hungryhobbit wrote 2 days ago:
I question whether an OS that has always been controlled by Google has
ever been open.
Sure parts of it were, but Google has always remained in control of
Android. Anyone who expected that to change (in favor of more
openness) hasn't been paying attention to the actions of tech companies
for the past several decades.
cadamsdotcom wrote 2 days ago:
What would it take for Linux phones to gain the ability to run Android
apps?
Seattle3503 wrote 2 days ago:
Should device manufacturers be worried about this direction? Could they
eventually be locked out too?
jajuuka wrote 2 days ago:
>But Google said⦠Said what? That thereâs a magical âadvanced
flowâ? Did you see it? Did anyone experience it? When is it scheduled
to be released? Was it part of Android 16 QPR2 in December? Of 16 QPR3
Beta 2.1 last week? Of Android 17 Beta 1? No? Thatâs the issue
A bit ironic to not believe Google is doing this. The same questions
have same answers when asked about when Google is locking down side
loading. A bit self-serving to pick and choose which things you want to
believe are happening.
Macha wrote 2 days ago:
Google made the first move with their initial plan to lock it down,
so the onus is on Google to calm the fears they caused if they don't
want people to distrust them.
jajuuka wrote 1 day ago:
But they did. That was the announcement that they would still allow
sideloading. If you are still afraid then that's kind of on you.
Seems silly to expect Google to put out info about enabling
sideloading for a system they haven't even released yet. It could
very well be in there day 1. Nobody knows.
okanat wrote 1 day ago:
Google needs to put hard evidence that they are doing it. Sorry
but just saying something isn't enough proof. Talk is cheap show
us the code.
RosaIsela wrote 2 days ago:
HTML [1]: https://archive.is/https://f-droid.org/2026/02/20/twif.html
RosaIsela wrote 2 days ago:
[1] .html [1] twif.html
HTML [1]: https://archive.is/https://f-droid.org/2026/02/20/
HTML [2]: https://archive.is/https://f-droid.org/2026/02/20/twif.html
CodeBit26 wrote 2 days ago:
Good thing
iugtmkbdfil834 wrote 2 days ago:
Amusingly, if Microsfot didn't have a such an awful reputation ( both
recent and old ), their newly announced phones could have actually been
a viable competitor.
gethly wrote 2 days ago:
Just like Microsoft screwed up Windows, Google will screw up Android
and people will move to Linux on PCs and some open version of Android,
or Harmony, or whatever new mobile system comes up, on their phones.
Nothing lasts for ever. The sooner you make the switch, the better off
you will be.
keeda wrote 1 day ago:
I wouldn't hold my breath: [1]
HTML [1]: https://arstechnica.com/gadgets/2026/01/windows-11-has-hit-1...
HTML [2]: https://gs.statcounter.com/os-market-share/
gethly wrote 1 day ago:
On desktop, unknown OS cannot be anything else but Linux, so that's
20% altogether(16%+4%). But that does not matter. The shift has
started last year when W10 support ended and due to how bad W11 is
and it is just getting stronger and stronger. Watch increase in YT
videos about moving from Windows to Linux, or social networks in
general. You cannot miss it. I've been on windows since 95, before
that DOS. So that is three decades of being a loyal customer, so to
speak. Even though I tried Linux in the past, Windows just works so
I had no reason to switch.
With W11, that is not the case. Therefore, it becomes inevitable.
Worth mentioning is that companies, governments and whole countries
are ditching Microsoft altogether - for various reasons(some are
geopolitical, due to sanctions and tariffs, others are technical).
Lenovo, Dell and HP are slowly ditching W11 as well in favour of
linux. If you look up definitions of malware and spyware, windows
11 falls into both of them. It's that bad. So again, I'm not a
linux fanboy by any stretch of imagination, but the writing is not
just on the wall, we've passed the point of no return. Or rather,
Microsoft has.
Now that linux supports 95% of games, there is little holding
people back as gaming was always the biggest hurdle when it came to
linux. And Adobe, too, is no longer what keeps people stuck on
Windows - either because they ditched it due to their horrible
pricing practices, or because there are now solid alternatives.
Of course many people will switch to mac as well. But windows in
general, i think, is done. It had a good run for few decades, but
they dropped the ball so hard that there is no going back or fixing
it with w12.
keeda wrote 1 day ago:
All these points are brought up all the time but the upshot is,
based on reporting from Microsoft and StatCounter, Windows
marketshare actually grew.
Point is, we techies might chafe at and complain about all these
anti-consumer shenanigans (Meta and privacy, anyone?) but it does
not affect their business momentum, probably because the rest of
the world just doesn't care.
foobiekr wrote 2 days ago:
What is the advantage of moving sooner vs. moving later when rough
spots have been smoothed over?
gethly wrote 1 day ago:
You keep hoping things won't get too bad, but they will. You just
keep delaying the inevitable. So it's better to switch now to get
the initial hurdles of such a big change over with as soon as
possible. It's not easy, getting used to completely strange
behaviours and new things in general. Abandoning what worked for
you for years for something completely foreign. You have to force
yourself to withstand the first few days or week(s), but then it
becomes the new normal and you'll be fine.
Personally, I am still on W10 and and delaying the move, so i'm not
holier than thou. It's tough. But I also am a programmer/power user
and am on my PC 24/7, sort of, so this disruption must be timed
properly for me to make the move, which is not necessarily the case
for most people/average users.
Phone on the other hand, as long as it works and does not limit me,
I have no need to use different ROM, it's more of a want. But i do
not see me doing anything until the system stops being supported or
it breaks or something else. So it depends on how you use it.
mistercheph wrote 2 days ago:
[1] It's time to say goodbye.
HTML [1]: https://postmarketos.org/
meatjuice wrote 23 hours 7 min ago:
I wish I could. There are many proprietary apps for banks and
governments, which are definitely not available for Linux based
phones. Maybe I can run them through waydroid though, I don't want to
risk my fully working Pixel to try it out.
mrsssnake wrote 1 day ago:
I wish.
beeflet wrote 2 days ago:
I love postmarketos, but there is not even one "Main" phone with all
of the hardware feature supported. [1] Fairphone 4 looks close,
hopefully fairphone 4 support will continue to improve at this rate.
Pinephone is another close one, but underpowered hardware and camera
support kills it.
I am not even that intensive of a phone user. but there is no way I
could daily drive pmOS.
HTML [1]: https://wiki.postmarketos.org/wiki/Devices
dvh wrote 2 days ago:
EU should fork Android
fredgrott wrote 2 days ago:
What people forget is that the real monopoly is in how the AOSP
hardware OEM contract is written....
Remember how hard Amazon had it to attempt an Android fork?
I was due to OEM SOC access being locked out due to those contracts....
Any open source mobile OS attempting to complete with AOSP needs access
to mobile OEM soc providers not touched by AOSP contracts and
currently that is somewhat hard.
WarmWash wrote 2 days ago:
The judge told Google that Apple is not anti-competitive because Apple
has no competitors on it's platform (this all stemming from the Epic
lawsuits).
Google listened.
Blame the judge for one of the worst legal calls in recent history.
Google is a monopoly and Apple is not. Simple fix for Google...
antback wrote 1 day ago:
Apple has not competitors and it is not a monopoly? This is exactly
the definition of monopoly.
madeofpalk wrote 1 day ago:
Google lost because they have all the emails colluding to prevent
competition.
If Google had not done that, they wouldn't have lost.
hmry wrote 1 day ago:
The lesson? Only discuss illegal activity in auto-delete Slack
channels
throwaway94275 wrote 1 day ago:
Or via phone calls.
paxys wrote 2 days ago:
The fundamental problem is that we are relying on the good graces of
Google to keep Android open, despite the fact that it often runs run
contrary to their goals as a $4T for-profit behemoth. This may have
worked in the past, but the "don't be evil" days are very far behind
us.
I don't see a real future for Andrioid as an open platform unless the
community comes together and does a hard fork. Google can continue to
develop their version and go the Apple way (which, funny enough, no one
has a problem with). Development of AOSP can be controlled by a
software foundation, like tons of other successful projects.
apitman wrote 2 days ago:
Google's moat with Android is the same as it's moat with Chrome:
complexity. There are very few entities that could fork Android.
palata wrote 2 days ago:
What about the Android SDK? I don't think that this is open source,
is it? As a developer, when you download an Android SDK you have
accept a licence that is not open source, right?
maxloh wrote 1 day ago:
Yeah. It is [1]. Surprisingly, Android Studio is open source too
[2].
[1]
HTML [1]: https://android.googlesource.com/platform/sdk/+/refs/heads...
HTML [2]: https://android.googlesource.com/platform/tools/base/+/stu...
palata wrote 1 day ago:
Oh is it Apache 2? That's what I see looking at a random file [1]
but there is no global LICENSE file.
And I didn't expect Android-Studio to be open source!
[1]
HTML [1]: https://android.googlesource.com/platform/sdk/+/refs/hea...
maxloh wrote 1 day ago:
Yeah, they're Apache 2.0. That's how Android and some of its
forks handle licensing.
For example, most repos in LineageOS's GitHub org lack a global
LICENSE file. Instead, licensing is specified on a file-by-file
basis within the comment headers.
This does lead to some ambiguity though. You can't put a
license header into binary files like PNGs. In those cases, you
can only trust that Google won't sue you for using them.
chistev wrote 2 days ago:
What is stopping a hard fork?
g947o wrote 2 days ago:
The same reason nobody is doing a hard fork of Chromium.
microtonal wrote 2 days ago:
The gigantic task of maintaining and developing a mobile OS that
needs to retain compatibility with AOSP/GPS anyway to tap into the
huge amount of applications that are available?
It will cost a lot of money and as long as Google is still doing
regular AOSP code drops, what's the point?
handity wrote 2 days ago:
A hard fork doesn't matter when the vast majority of phones have a
locked bootloader.
DaSHacka wrote 1 day ago:
Yep, exactly why I've always supported the adoption of GPLv3. What
point is there to FOSS if you cant use it?
emsign wrote 2 days ago:
People will keep using the OS their phone comes with and that would
be Google's Android. It's worse than with Windows PCs and Windows
to be honest because phones have a locked bootloader.
g947o wrote 2 days ago:
Or the fact that you need device drivers for every piece of
hardware in a phone.
gary_0 wrote 2 days ago:
Even if locked bootloaders weren't a thing, not being able to just
buy a phone with an open Android pre-installed means it would get
relegated to the Linux Zone, with a whole lot of "security alert"
and "device not supported". Also, low popularity leads to fewer
development resources, so it would probably suffer from lack of
polish.
jszymborski wrote 2 days ago:
People give a lot of flack to the EU, but this is the sort of thing
they would regulate.
budududuroiu wrote 1 day ago:
The Italian digital ID wallet is already in fact banning
GrapheneOS and other ROMs [1], the EU doesn't mandate that member
states have to allow non-Android/iOS apps [2] [1]
HTML [1]: https://github.com/eu-digital-identity-wallet/eudi-app-a...
HTML [2]: https://github.com/eu-digital-identity-wallet/eudi-doc-a...
cogman10 wrote 2 days ago:
Yeah, that's the biggest issue. And it all originally stemed from
phone carriers wanting to lock customers into their services.
We need some pro-consumer regulations on hardware which mandate
open platforms. Fat chance of that happening, though, as the likes
of both the EU and US want these locked down systems so they put in
mandatory backdoors.
notorandit wrote 2 days ago:
The other big issue is the closed source binary only drivers for
almost everything.
paxys wrote 2 days ago:
Google's own phones do not have a locked booloader. You can buy a
Pixel and put GrapheneOS on it in like 10 minutes. But basically no
one does this, because no matter what people say in online forums
they actually value ease of use and shiny features over privacy and
software freedom.
themafia wrote 1 day ago:
> no matter what people say in online forums
The people who speak in forums are a minority.
> they actually value ease of use and shiny features over
privacy and software freedom.
There's no actual competition so we don't know this on any level.
Affric wrote 1 day ago:
It's the nature of free software.
The reason GNU and Linux won was because they produced software
that was sufficient for the market: servers.
The software is also sufficiently good for a PC for software
development.
There's almost sufficient software for PC gaming (up against an
absolutely insane monopoly that is Microsoft).
Phones are slightly different and for something more than a dumb
phone you need great hardware; great software; and great
integration.
Employee computers for companies and general home users or
tablets? Still a ways to go.
I don't think wanting features and good UX is unreasonable from
consumers.
catlikesshrimp wrote 2 days ago:
A google tax which google's grace bestows upon us for as long as
its whim want.
gonzalohm wrote 2 days ago:
That's probably their next target once android is fully locked
down
realusername wrote 2 days ago:
The answer has to come from anti trust legislation. Android is too
big for Google to control.
surajrmal wrote 2 days ago:
Under what law is that a legal or ethical thing to do? Why not
suggest ios be taken away from Apple as well and windows from
Microsoft?
realusername wrote 1 day ago:
I also suggest that indeed, if you can't avoid those companies
it means it's time for antitrust
treyd wrote 1 day ago:
Those things should also happen. Users shouldn't be forced to
choose between 2 dictators to drop their pants for.
Terr_ wrote 2 days ago:
Can you be more specific on exactly what "that" you are thinking
of which would be illegal or unethical?
Parent-poster just referenced past/future legislation in general.
rezonant wrote 2 days ago:
I'd be fine with that too
Tharre wrote 2 days ago:
Who else is going to maintain and develop it? It's the same issue
as with Chrome, even if you force Google to give it to some other
company, they're all just as bad. And it's too big and too costly
to maintain for anyone else but tech giants.
The only other options would be convincing users to pay 5 bucks a
month for their software, or have some Government fork over the
tens of millions required to pay open source developers. And good
luck with that.
Balinares wrote 2 days ago:
I'm thinking with ever increasing seriousness: let's split any
company that grows past a certain size. Each side gets a copy of
the codebase and half the assets, no one who's been on the board
on one side can be on the other side's board, and neither side
can buy off the other. They can use the existing branding for a
limited time and with a qualifier (say Google Turnip vs Google
Potato) but after that it's on the strength of the new brand
which they're each building and for which they're competing
against each other and the rest of the market.
This is not happening in my lifetime, of course it isn't. But by
god does it need to happen.
troyvit wrote 2 days ago:
Right? We need a "You won capitalism!" award where everybody in
the org gets a huge bonus and then the company is split into
small pieces and then they start over. On top of it we do what
you describe and enforce the split so they can't collude.
iririririr wrote 2 days ago:
I welcome feature stagnation on mobile!
Every single release is a step backwards.
Android 15 cannot hold a candle to what cynogenmod did on top of
android 2.3. And that's objective.
Tharre wrote 2 days ago:
> And that's objective.
I don't think you understand what that word means.
Regardless, your opinion (and mine) is irrelevant. People want
at least some of the features of modern android, and any
alternative lacking those is not going to be adopted by most
people. Just look at how many people try GrapheneOS and find
the minor things to be dealbreakers for them.
And as long as that's the case you can't expect people to vote
for a scenario where they'll end up with a, in their eyes,
worse product.
jajuuka wrote 2 days ago:
Historical meaning is pretty worthless though. It's like saying
CPU's are going backwards because the 386 was a bigger jump.
Technology matures eventually and that's not a bad thing.
realusername wrote 2 days ago:
Android doesn't really work on hardware changes as AOSP
doesn't run on a single phone on earth anyways, not even the
emulators, this is the goal of the manufacturers.
For the features you can read here for example what Android
16 changed:
HTML [1]: https://www.android.com/articles/android-16-features...
microtonal wrote 2 days ago:
A hard fork is not needed. Non-Google Android do not have to enforce
this requirement. It's more important to get as many people on
alternatives like GrapheneOS as possible. And fund them by donating
to them. If every ~0.5 million GrapheneOS users donated 10 Euro per
month, they would be very well-funded.
anonzzzies wrote 2 days ago:
Get a large phone vendor to get a flagship phone with Graphene or
so on the market. Otherwise nothing will happen. Even starting with
the smaller ones like Blackview would do something. But almost no
one will do that because users are said to want android; like my
parents care... But they will care of course when their banking app
stops working... That is the real issue imho.
paxys wrote 2 days ago:
There is no such thing as non-Google Android. At most you have
people applying tiny patches on top of AOSP, but 100% of the code
in the underlying project is still Google-approved, and none of the
alternatives have control over that.
It's the same as the situation with Chrome/Chromium. There are a
million "de-Googled"/"privacy focused" alternatives to Chrome all
using the same engine, and when Google pushed manifest v3 changes
to block ad-blockers every single one of them was affected.
Tharre wrote 2 days ago:
> and when Google pushed manifest v3 changes to block ad-blockers
every single one of them was affected.
That's just objectively wrong, both Brave and Opera still support
manifest v2 and are committed to continue doing so for the
foreseeable future. Even Edge apparently still has it, funnily
enough.
paxys wrote 2 days ago:
Nope, actually "both Brave and Opera still support manifest v2"
is objectively wrong.
Brave does NOT support manifest v2. They have instead hand
picked exactly 4 manifest v2 extensions (AdGuard, NoScript,
uBlock Origin, and uMatrix) and have hard-coded special support
for them. They quite literally say in [1] that all other v2
extensions will go away from Brave once Google fully removes
support for them (which may have happened already, since it was
posted a while ago).
As for Opera ( [2] ):
> MV3 extensions are the new standard and will offer a more
stable and secure experience. Opera itself will shift to an
MV3-only extension store.
HTML [1]: https://brave.com/blog/brave-shields-manifest-v3/
HTML [2]: https://blogs.opera.com/news/2025/09/mv2-extensions-op...
iririririr wrote 2 days ago:
which begs the question, why ublock origin is not native on
all browser yet?
addons for firefox were at first a way to test features. we
only have devtookls because one person wrote an addon copying
ie6 dev tool. next Firefox release it was part of the core
browser.
Tharre wrote 2 days ago:
> They have instead hand picked exactly 4 manifest v2
extensions (AdGuard, NoScript, uBlock Origin, and uMatrix)
and have hard-coded special support for them. They quite
literally say in [1] You're misreading that page, they have
special cased the hosting of those 4 extensions, because they
do not have their own addon web store and are relying on
Chrome's instead. You can still install any manifest v2 addon
manually, not that there are going to be many outside of
those 4 that care about v2.
As for Opera:
"Today, we reiterate what we said back in October 2024: MV2
extensions are still available to use on Opera, and we are
actively working to keep it that way for as long as itâs
technically reasonable."
HTML [1]: https://brave.com/blog/brave-shields-manifest-v3/
paxys wrote 2 days ago:
> for as long as itâs technically reasonable
Read: for as long as Chromium allows this via a flag.
microtonal wrote 2 days ago:
At most you have people applying tiny patches on top of AOSP, but
100% of the code in the underlying project is still
Google-approved, and none of the alternatives have control over
that.
You are making an orthogonal point. Yes, Google maintains AOSP.
No, that does not mean that AOSP OSes that are not in Google's
Android program (calling it that to avoid semantics games) have
to adopt this change. If you want to hear it from the experts:
HTML [1]: https://grapheneos.social/@GrapheneOS/116103732687045013
paxys wrote 2 days ago:
Unless these different Android flavors all have the resources
to indefinitely rewrite AOSP and remove all Google code they
don't agree with - no, they pretty much have to adopt the
changes (see the earlier Chromium example). And if they do
somehow manage this after a point all the patching basically
becomes a fork, which is exactly what I started the
conversation with.
kelvinjps10 wrote 1 day ago:
I think is good to extract the value of billionaire
companies, why not use it?
fsflover wrote 1 day ago:
Because they're not stupid and will use you instead. See:
Google and XMPP story.
microtonal wrote 2 days ago:
I see your point, but it all hinges on when you consider the
changes to be a patch set and when a fork. I don't think
there is a very clear definition, except I don't think most
of these projects would call themselves AOSP forks.
At any rate, this particular Google anti-feature does not
require a large patch (or maybe none at all).
01HNNWZ0MV43FF wrote 2 days ago:
> We see a battle of PR campaigns and whomever has the last post out
remains in the media memory as the truth
You must find truth. Lies will find you.
fermigier wrote 2 days ago:
It is a disgrace how Google has managed this situation.
To recap the storyline, as far as I understand it: last August, Google
announced plans to heavily restrict sideloading. Following community
pushback, they promised an "advanced flow" for power users. The media
widely reported this as a walk-back, leading users to assume the open
ecosystem was safe.
But this promised feature hasn't appeared in any Android 16 or 17
betas. Google is quietly proceeding with the original lockdown.
The impact is a direct threat to independent AOSP distributions like
Murena's e/OS/ (which I'm personally using). If installing a basic APK
eventually requires a Google-verified developer ID, maintaining a truly
de-Googled mobile OS becomes nearly impossible.
freakynit wrote 1 day ago:
Why does there seem to be a growing push to tie real-world identity
to nearly everything we do online? The justification is almost always
"safety". I know this trend has been developing for years, but over
the past couple of years it feels like it's accelerated globally.
raincole wrote 1 day ago:
Before we had mainly one excuse: to protect the kids
Later we got a new one: to reveal Russian shills/propaganda bots
Now we also have: to filter out AI slop
Any problem the internet experiences will eventually become an
excuse to eliminate online anonymity.
kace91 wrote 1 day ago:
I think people in power have realized the impact of misinformation
campaigns. And to be fair, western countries have proved to have
the resilience of a wet paper bag against foreign influence and
private interests.
I honestly canât imagine a good solution here. A move back to the
early 2000s internet would be the ideal middle ground, which
requires separating social stuff from informational stuff, and both
from engagement algorithms. I have no idea how weâre supposed to
put that genie back in the bottle.
And to be clear Iâm not saying this as vouching for the current
push, I hate it as well.
sfjailbird wrote 1 day ago:
"Misinformation" usually meaning information the people in power
would rather you don't get to see and make up your own mind
about.
AngryData wrote 1 day ago:
Yeah, propaganda works, and the US wants to stop foreign
propaganda, but the problem is they still want to push their own
brand of US biased propaganda so they can't put in any sort of
useful journalistic standards requirements upon media
conglomerates or it will tie their own efforts up in court and
lawsuits.
NewJazz wrote 1 day ago:
I think one major issue is the shortening of people's attention
spans. People consume snippets of information that show a tiny
fraction of the full story. They don't spend 10 minutes reading
an article or watching a video, with a few exceptions. More
people probably watch clips of Jon Stewart than actually watch
his show. I think we ought to start addressing that issue, and
see how it affects the efficacy of misinformation campaigns.
JoshTriplett wrote 1 day ago:
> I honestly canât imagine a good solution here.
"just stop" is a good solution. Stop asking for ID, stop pushing
for apps, just stop the general trend towards [1] .
Yes, misinformation is a problem. Deanonymization is a bigger
problem. If you can't say anything anonymously, it becomes much
more difficult to fight entities bigger and more powerful than
you.
HTML [1]: https://en.wikipedia.org/wiki/Enshittification
kace91 wrote 1 day ago:
I agree, but that isnât a good argument to offer to the
entities bigger and more powerful than me.
Governments and companies feel a pressing threat of a
trump-like populist overtake in each country. They need the
bots, fake socials and slop stopped yesterday. An abstract
degradation of freedom of speech isnât going to cause pause.
There is a national security argument that I think is more
likely to help, at least for non Americans. Do you want a
foreign power to have control over your citizens phones being
functional?
heavyset_go wrote 1 day ago:
The irony in this line of thought is that by stifling
anonymous speech and enabling censorship, countries will
usher in their own reactionary movements as dark money is
globally spent on platforms to push paid advertising
advancing reactionary rhetoric. It's already happening in the
UK, Germany, France and Spain.
Right-wing populism isn't what's being banned here, it's
dissent. Platforms are happy to take domestic and foreign
fascists' money and push their agendas no matter where they
are globally because it benefits them, too. Those paid
placements aren't being banned, your ability to disagree with
them and not be identified is.
kace91 wrote 1 day ago:
Thatâs a very good point, itâs another hole in the
sieve.
This âfixâ just routes people through official channels
but those channels arenât exactly proving to be worth the
term walled garden. My YouTube adverts lately border the
quality of early 2000s piracy sites, itâs honestly
baffling how little they value their own product in their
willingness to take anyoneâs money.
snerbles wrote 1 day ago:
Online anonymity makes it harder for TPTB to punish dissidents.
jacooper wrote 1 day ago:
There's strong political backing for it now.
spystath wrote 2 days ago:
There is an implicit shame in disgrace but faceless entities have no
shame. They'll just put out another press release written in
corporate newspeak by an LLM and move on withe the plans anyway. This
is standard Google behaviour. They do it with Chrome, they do it with
Android, they'll keep doing it with all their captive markets. I fear
that in practice even having an "advanced flow" will make little
difference as some applications will refuse to work if you have it
enabled anyway (in the same vein if debugging is enabled, for
example).
Nothing about Android is open except the absolutely minimum amount of
linux kernel that's required to boot the thing. Then it's blobs and
restrictions all the way to the screen.
pino83 wrote 2 days ago:
Good news: You (as a community) can now finally wake up from your
dreams and get some things right!
It's really a shame that you always wait until you really get forced.
Particularly in situations when every individual's inability has
consequences for the others as well. I really gave up all ideas of a
better world. With this community, the best you can hope is that the
decay will be slow.
So everyone who would describe himself/herself as a FOSS enthusiast,
or at least a friend of a somewhat open system where the user has
some actual rights beyond sole consumption, put some pressure towards
having actually de-Googled systems. A system that mostly comes from
Google, would not fit my definition of that term at all! Even if they
removed some parts of it. It's an euphemism. And it's dangerous
because you constantly get trapped by these euphemisms. Ever. Single.
F'ing. Time.
flaburgan wrote 2 days ago:
>The impact is a direct threat to independent AOSP distributions like
Murena's e/OS/ (which I'm personally using). If installing a basic
APK eventually requires a Google-verified developer ID, maintaining a
truly de-Googled mobile OS becomes nearly impossible.
I have trouble understanding why this is a threat to AOSP
distribution. I would have said quite the opposite actually, I don't
see why they would not remove the verification and that's an
incentive for people to use their project instead of Google Android.
earth2mars wrote 2 days ago:
The only reason I was sticking to Android for years is this. And I
think there is no moat for Android. I would rather switch to iOS if
both platforms are same restrictive.
aryonoco wrote 1 day ago:
I did this last year. Reluctantly. And using iOS still hurts. But
itâs better than that Google crap.
I developed my own Android ROMs from 2009-2011, complete with my
own tuned kernel. I ran the local Android developers MeetUp group
and evangelised Android development. When Honeycomb launched I
helped OEMs test their beta firmware. For free.
But as Google has become certified Evil, the direction of Android
has been very clear. In practice I honestly canât say itâs now
any more open than iOS. Except it has a lot more avenues for Google
to mine your data to sell ads. And the quality of third party apps
on it is decidedly worse.
I thought long and hard about getting a Linux phone. But I need a
good camera on my phone to take random snaps of kids/pets/etc. And
the Linux phones just arenât there.
I hate the shitty duopoly we have ended up with. But I now realise
that the openness of x86 and pc as platform really was an accident
of history.
singpolyma3 wrote 1 day ago:
You'll miss having a keyboard that works
cromka wrote 1 day ago:
It'll be sorted in about 9 days.
shevy-java wrote 2 days ago:
I like it, because more and more people see Google as what it is: a
ruthless, selfish and extremely greedy mega-mega-corporation. The
less we depend on it the better.
retired wrote 2 days ago:
Good thing restricting side-loading isn't legal in the European
Union! Not a problem here. Apple had to enable side-loading on their
EU-based phones and so will Google if they restrict it.
Pxtl wrote 2 days ago:
If a lawsuit tackles this problem in the EU, will we finally also
see somebody go after MS for their obnoxious code signing
certificates?
While MS code signing certs are more circumventable for power-users
than Android's new approved developer program, their pricing is far
more prohibitive for independent OSS developers and hobbyists,
costing hundreds of USD per year.
lern_too_spel wrote 2 days ago:
The kind of "side-loading" of notarized apps outside the
manufacturer's app store that Apple allows in the EU is exactly
what Google proposed to do for all its Android builds. We don't
want that.
sepositus wrote 2 days ago:
How specific is the law? What if side loading requires a "trusted"
signed certificate where trusted means from Google Play?
Not even playing devil's advocate, just wondering how many
loopholes actually exist.
post-it wrote 2 days ago:
Yes it is, and no they didn't. Apple has to allow (heavily
restricted) alternative app stores, and I'm not clear on whether
any actually exist right now.
yxhuvud wrote 1 day ago:
What Apple restricts and is legal are not the same. Apple is
doing malicious compliance and the legal system ain't buying it.
But it takes some time and iterations to shake out.
blell wrote 1 day ago:
The legal system has said absolutely nothing about what Apple
is doing yet.
singpolyma3 wrote 1 day ago:
HTML [1]: https://altstore.io/
shafyy wrote 2 days ago:
My understanding is that how Apple is restricting the alternative
app stores is also illegal in EU, so I don't thinkt this is the
end of this story.
jajuuka wrote 2 days ago:
It's almost two years and they are still doing it. So they are
moving mighty slow if that is the case.
shafyy wrote 2 days ago:
Yes, these things move slowly, but they do move =)
jajuuka wrote 1 day ago:
They have moved much faster on much more complex plans
though. If this is a case of Apple breaking the law then
surely they wouldn't need over two years to tell them to
stop it? The EU regulations seem largely to be, you need to
do X and you need to figure out how to comply by Y date.
They aren't gently guiding these corporations to
compliance.
So I'm leaning more towards Apple is in compliance and the
common perception is incorrect. Which is fairly common when
it comes to laws and regulations of any country.
shafyy wrote 1 day ago:
Can you give an example of where a legal matter on this
level has been resolved "much faster"?
good8675309 wrote 2 days ago:
Personally I'm excited about the death of Android, now resources can
be put toward mainstreaming and maturing the Linux Phone ecosystem
Hopefully 2026 or 2027 will be the year of the Linux Phone
hombre_fatal wrote 2 days ago:
This is one of the most naive things I see people repeat.
The reality is that we're lucky to have mostly-good things at all
that align with most of our interests.
Yet people get so comfortable that they start to think mostly-good
things are some sort of guarantee or natural order of the world.
Such that if only they could just kill off the thing that's
mostly-good, they'll finally get something that's even better (or
rather, more aligned with their interests rather than anyone
else's).
In reality, mostly-good things that align with most of our
interests is mostly a fluke of history, not something that was
guaranteed to unfold.
Other common examples: capitalism, the internet, html/css, their
favorite part of society (but they have ideas of how it could be a
little better), some open-source project they actually use daily,
etc.
If only there weren't Android, surely your set of ideals would win
and nobody else's.
tadfisher wrote 2 days ago:
Agreed that there is a ton of baby in this bathwater.
Also, the open nature of AOSP gave Google its advantage during
the early days. Since then, Google has morphed into a company
that would likely not make the same decision to create an
open-source OS free for others to use and contribute to.
So in the end, what we as consumers actually get, in 2026:
- Google encourages application developers to use hardware
attestation to prevent themselves from running on non-blessed,
third-party AOSP distributions.
- Google builds basic functionality people care about (including
passkeys!) into Play Services, a closed mega-application that
happens to require a Google account for most features, and is a
moving target for open distributions to mimic.
- Google has closed AOSP contributions to themselves and OEM
partners only. AOSP releases are now quarterly source dumps.
- OEMs which traditionally allowed bootloader unlocking (and thus
actual ownership of the hardware) have removed it as a matter of
policy.
So what exactly is open about Android anymore? Does
"source-available OS you can see and not touch" align with your
interests? Because it's increasingly not aligned with mine.
echelon wrote 2 days ago:
> death of Android
death of personal computing freedom, sovereign compute, and
probably soon our ability to meaningfully contribute to the field
as ICs?
A lot of really bad things are happening to our field, and Google
is one of the agents responsible for much of it.
acheron wrote 2 days ago:
> A lot of really bad things are happening to our field, and
Google is one of the agents responsible for much of it.
I mean, breaking news from 2010, but of course never assume
things are so bad that they canât get worse.
anonzzzies wrote 2 days ago:
I understand why mobile/tablet OSs are so crappy compared to
desktop; in the past these devices had no resources cpu and ram
wise and had to heavily watch battery consumption (the latter is
still true mostly, but that should be up to the user), but my phone
is more powerful than my laptop and yet runs crap with no real
usable filesystem and all kinds of other weirdness that's no longer
needed.
However, I have 2 Linux phones and Linux on phones is just not
there. Massive vendors (Samsung, Huawei, etc) would need to get
behind it to make it go anywhere. Also so banking etc apps remain
available also on those phones. We can already run android apps on
Linux, Windows apps, so it would be a bright future but really it
needs injections and support for large phone makers.
I hope the EU/US mess will give it somewhat of a push but I doubt
it.
necovek wrote 2 days ago:
FWIW, Nokia did develop a pretty good Linux phone back in the day
(Maemo/Meego) with Nokia N9 (it even received rave reviews from
consumer tech sites like engadget), but it did get killed off as
they got absorbed into Microsoft (we all know that didn't age
well).
Similarly, Palm Pre, and especially HP Pre 3 was a wonderful
WebOS incarnation.
Ubuntu Touch did seem like it had a future, but it was a massive
sink for Canonical so it was defunded as well.
The user experience was there on all of these: the apps, not so
much.
flaburgan wrote 2 days ago:
Ubuntu Touch is not dead though, I use it happily on my primary
device for 8 years. It's working like a charm. And waydroid
allows you to run APKs, even if some bank apps may not work.
codethief wrote 2 days ago:
Strong disagree. Linux, its permission system and its (barely
existent) application isolation are lightyears away from the
security guarantees that Android brings.
rudhdb773b wrote 1 day ago:
The security of Android doesn't mean much to me as long as the
front door is left open by design for Google, and therefore the
government, to directly spy on you.
codethief wrote 1 day ago:
What front door are you referring to?
Synaesthesia wrote 1 day ago:
PRISM. The agreements which Google and other major tech
companies have with the government.
codethief wrote 1 day ago:
So don't use Google services?
LtWorf wrote 1 day ago:
Android brings malware apps and security fixes that come after
months rather than next day compared to GNU/Linux.
The isolation is nice but not so important once you stop running
malware constantly.
array_key_first wrote 2 days ago:
You can build those things on top of Linux, like Android did.
Linux has containerization and all.
idle_zealot wrote 2 days ago:
This might be a strange take in these times, but I feel like the
browser largely solved the "I need to run potentially adversarial
application code in a sandbox". For native applications, stick to
stuff that's vetted and in well-maintained repositories, or
well-known open source projects that you trust. All of this
technical work just to be able to run hostile native code ignores
that you don't have to, and probably shouldn't want to, run
sketchy code on your device. Installing random untrusted software
is bad, even with the most advanced security model in the world.
At the very least it will probably abuse whatever permissions it
has to spy on you to any degree it can (which is a lot, even for
web pages) and to send you advertising notifications.
apitman wrote 2 days ago:
Not lightyears. About 20 years, which is how long it took Google
to pile on the mountain of complexity and inefficiency to
accomplish this.
codethief wrote 1 day ago:
Well, we've had containers on Linux for more than a decade now
and we're still nowhere near where Android was on day 1.
cosmic_cheese wrote 2 days ago:
Desktop OSes and their derivatives are woefully behind in this
regard, and unfortunately the will to bring them up to par is
incredibly weak. Of those in mass use (Qubes OS is neat but its
user base isnât even a rounding error), macOS probably does the
most, but itâs still lagging behind iOS and whatâs been
implemented has come with much consternation from the technically
inclined peanut gallery.
I understand some amount of reticence with commercial OSes, but
thereâs no justification for being against it on open Linux
based desktops and mobile OSes. We really need to get past the
90s-minded paradigm of everything having access to everything
else all the time with the only (scantly) meaningful safeguards
coming in the form of *nix user permissions.
singpolyma3 wrote 1 day ago:
Letting everything I install have access to everything is the
core feature I want out of a platform. If I can't have that
might as well just use android
necovek wrote 2 days ago:
Flatpak and Snaps are built to solve this. They do conflict
with some expectations from users to be able to play around
with things, though, so they do not have the penetration one
might want.
NewJazz wrote 2 days ago:
Flatpak provides very weak sandboxing compared to android. It
was more about packaging and distribution than security.
necovek wrote 1 day ago:
[1] says otherwise.
Most apps not using tight hardening are for different
reasons though (files/folders org).
HTML [1]: https://docs.flatpak.org/en/latest/sandbox-permiss...
cosmic_cheese wrote 2 days ago:
They only cover the user-facing app part of the story. The
rest of the system needs isolation and safeguards, too,
including things like the desktop environment and whatever
random daemon.
A solution that's integral to the system and not just loosely
taped on is required.
necovek wrote 1 day ago:
For many services that was solved even earlier: that's why
things like Docker, podman and VMs are so popular.
The hard bit is the desktop experience which is not fully
there yet, but the technology is.
cosmic_cheese wrote 1 day ago:
Docker style containerization technically works, but for
desktop use I think is a rather heavy kludge and not
really a solution.
It would be much more nice if e.g. daemons could have
their privileges pared down to only exactly what they
need to function and nothing more with a config file
somewhere. This can somewhat be achieved with the user
system, but that really doesnât scale well and
doesnât suit the purpose all that well in some ways.
heavyset_go wrote 19 hours 57 min ago:
You're describing what already exists in systemd
gspr wrote 2 days ago:
Aren't all the necessary pieces for something better
essentially in place now that unprivileged namespaces are
well-established?
They've for sure had more than their fair share of security
issues, but those are bugs, not fundamental design problems as
far as I understand?
fooker wrote 2 days ago:
Fun fact - on most Linux distros any user program can see
almost any event, yes including key presses, by reading from
the right /dev/... file.
This is not surprising. The desktop Linux community reacted
with hostility to the well funded security efforts (selinux,
apparmor, grsecurity, etc)
necovek wrote 2 days ago:
Do you have any source for that claim? That would be a pretty
serious security issue even unrelated to any security
hardening (eg. on a multi-user system, one user could read
out the password from another user â even with desktop
usage, second user could be SSHed in).
As a datapoint, everything in /dev/input/* is owned by
root:input on my Debian Bookworm install, and my main user
is not a member of the "input" group either.
Biggest problem with most security hardening for Linux
desktop is that it breaks the natural usage pattern: I store
my files by their content, not by their format (eg. I might
have a folder for my project containing image files,
spreadsheets, FreeCAD files, maybe even some code or TeX/ODF
files). If programs are restricted to access the entirety of
my $HOME though, there is not much benefit to that protection
since that's where my most valuable data is. If they are
restricted to per-program folder, I need to start organizing
my data differently and unnaturally.
Android mostly does not use the "files" metaphor and
basically does exactly that (per-app data): coming up with a
security model and file management UX that does both is where
the challenge is.
horsawlarway wrote 2 days ago:
Security is a tradeoff (fucking always...)
It's the same reason I choose to keep my front door unlocked
basically all the time - I know my neighborhood, the risk is
really low and the convenience is high.
Further... practically everyone agrees that they don't need
bank vaults as front doors. It makes zero practical sense:
The cost is incredibly high, and the convenience is very low.
There are ALL sorts of wonderfully cool things you can do on
a system where applications are allowed to trust each other,
and the system is permissive by default.
You can customize behavior more easily, you can extend
software more easily, you can add incredibly detailed &
functional accessibility support, you can create incredibly
powerful macros and commands.
This is so important that fundamental OS design from the
early 90s actually prioritized and catered to exactly this
style of open, trusted, platform (ex - all of COM in
windows...). This is what made personal computing a
reality...
All of those fall flat when you try to impose "well funded"
security efforts.
Those efforts have a place, in the same way that bank vaults
have a place. Whether that place is a personal computer is a
different question.
Implying those folks are hostile for no reason is... at best
a woeful misunderstanding of the situation, and at worst a
malicious mischaracterization.
palata wrote 2 days ago:
> We really need to get past the 90s-minded paradigm of
everything having access to everything else all the time
I do agree with that, and I strongly believe that the iOS and
Android security model is way ahead of Desktop Linux. But what
I observe is that nobody seems to care about the security
model. A recurrent complaint I see against anything AOSP-based
(including Android) is that people "want to be root".
magicalhippo wrote 1 day ago:
> A recurrent complaint I see against anything AOSP-based
(including Android) is that people "want to be root".
I want to be able to do what I want with my PC or phone. I
don't want every app on my PC or phone to be able to do
whatever they want, without me agreeing first.
palata wrote 1 day ago:
I want to be able to install what I want on the hardware I
own. And I should be able to leverage the hardware to its
full capacity. Preventing me from adding custom keys and
relocking the bootloader should be forbidden, because I own
that hardware.
But that does not mean that I should be able to do whatever
I want with any OS I install. If I am not happy with
Android, I can install LineageOS and modify it the way I
want.
I am obviously not a big fan of Google, but I do believe
that AOSP is actually a good deal (a lot better than iOS
which is proprietary). Google is doing a lot of work on
AOSP. That I cannot unlock/relock the bootloader on some
devices is not Google's fault.
fc417fc802 wrote 1 day ago:
It's important to keep separate the parts of the security
model mobile did well from the parts it got wrong. Declaring
that app developers can decline end user access to app files
is unacceptable. I get final say on my device. I get to run
as root. Hell, I get to run as ring 0 if that's what I want
to do.
palata wrote 1 day ago:
IMO, the developers choose what software they want to
write. If Microsoft Word decided to remove the "export to
PDF" feature, that would be their right. And it would be
your right to stop using Microsoft Word. If you want to be
root on your system, you are free to install a system that
gives you root access.
And that's the part that I believe should be a right: if
you buy a smartphone, you own that piece of hardware, and
you should be able to install the system you want. But if
you are not the one developing that system, you don't get
to decide what this system does. Just like you don't get to
decide whether Microsoft Word can export to PDF or not.
fc417fc802 wrote 1 day ago:
You're saying that the Android security model shouldn't
be illegal. I agree.
I'm saying that despite all they get right, the Android
and Apple security models, when foisted on the mass
market, are socially and ethically flawed. I'm saying
that the end user has a fundamental right to tamper with
the software on his own system. Those designing an OS
that intentionally thwarts the user's will are in the
wrong.
Just because something is legal that doesn't mean doing
it is a good thing.
palata wrote 1 day ago:
I may be biased, but I have never seen anyone who would
want to tamper with the software on their own system
and would not be capable of installing an alternative
OS, given that their device allows it (e.g. allowing
unlocking the bootloader, etc).
For "normies", it feels like the existing security
model is actually not that bad. I can't imagine what
would happen if everybody was running something without
any sandboxing.
fc417fc802 wrote 1 day ago:
You have to install a different OS in advance though.
Even when the bootloader can be unlocked doing so
wipes all the data (as it should). It's no help if
you start with a stock phone and then later discover
that a particular app you've been using doesn't
support data export (for example).
> I can't imagine what would happen if everybody was
running something without any sandboxing.
I don't think anyone implied that? Having root or
signature spoofing or even the ability to install
kernel modules doesn't imply anything about the rest
of the security model.
palata wrote 13 hours 48 min ago:
I guess my point is that it is a bit of a gradient.
You say you want Stock Android to allow you to get
root access, others will say that Stock Android
should not allow a normie to be tricked into
getting root access and shooting themselves in the
foot. Truth is, none of those is a "right": there
is a product (Android) that tries to do well for
the vast majority of its users. It seems totally
reasonable to me that Google doesn't want to invest
a lot of resources into making an extremely small
minority happy. I am pretty sure that the number of
people who want root on their smartphone is a
rounding error.
Second thing is: if you have root and change
something on the system, you break the secure boot.
So you fundamentally cannot have full access, can
you?
That's why my opinion is that it's not Google's
role to make everyone happy. They should just not
be allowed to prevent alternatives. So that the
rounding error minority can install the system they
want and be happy with it.
necovek wrote 2 days ago:
It comes from a history of using mostly trusted application
sources like Debian/Ubuntu package archives with manual
review being the norm. And few supply chain attacks.
But both Flatpak and Snap offer this new model from the two
biggest desktop players in the Linux world: Red Hat and
Canonical.
As the sibling comment said though, being an administrator
for your own computer (including a phone) does not mean that
you will be running untrusted applications as one: on the
contrary, if you assume an administrator role and run an
untrusted application, naturally, all bets are off. But even
as a power user, I'd love to be able to safely run programs I
do not necessarily trust, feeding it only data it needs and
no more.
Again, Snap/Flatpak provide this model, but we need to see
more application authors take them up to ship their software.
microtonal wrote 1 day ago:
It comes from a history of using mostly trusted application
sources like Debian/Ubuntu package archives with manual
review being the norm. And few supply chain attacks.
What most of these people do not seem to get is that proper
sandboxing does not only protect against attacks from the
inside (rogue developer, supply chain attack), but also
from the outside. Most desktop apps probably have a good
number of security vulnerabilities that can be exploited
when they parse untrusted data. On the Linux desktop, most
apps still use decades-old C libraries for parsing XML,
images, JSON, etc.
Sandboxing also protects against external attacks.
Again, Snap/Flatpak provide this model, but we need to see
more application authors take them up to ship their
software.
Agreed, though for a lot of technical and social reasons,
most apps still need privileges that allow trivial sandbox
escapes on Flatpak (I don't know or care about Snap).
Strengthening app sandboxing should be a top-priority for
the Linux desktop, but only a few people seem to care. The
same for fully verified boot, etc. Even things like UKIs
only go so far, yet almost no distribution has adopted
them.
The general security mindset of the Linux desktop community
seems to be stuck in the 90ies, levitating between hahah,
they cannot get root (as if that matters on desktop Linux)
and secure boot and sandboxing is here to take my rights
(on open source desktop Linux, seriously?).
necovek wrote 1 day ago:
I think you are mistaken. Just like neither Windows nor
MacOS have really solved the desktop app sandboxing
story, so neither has Linux.
Because, as I said in a sibling comment and cosmic_cheese
notes further below, this requires rethinking the usage
model altogether: files and folders, and even file types,
don't work anymore.
If an app needs to access any related files, it basically
needs access to my entire $HOME, and once that is
granted, well, any sandboxing is out the window.
I think Linux community is well aware of that, and
basically what we get from sandboxing of desktop apps is
all the nuisance with no benefit.
Android model is also broken from a usage perspective:
having files "owned" by an app is just as wrong, and
precludes there being multiple apps operating on the same
file. Example of VLC with subtitles is a common one, but
if you've never used multiple apps on the same file, this
is the challenge that is unsolved by any sandboxing
approach today, because it is more of a UX problem, than
a sandboxing technical problem.
iggldiggl wrote 1 day ago:
> What most of these people do not seem to get is that
proper sandboxing does not only protect against attacks
from the inside (rogue developer, supply chain attack),
but also from the outside.
The problem is that strict file system sandboxing in
particular also breaks a substantial number of workflows
that can't be modelled as 'only ever open the exact file
the user explicitly' picked. (Any multi-file file formats
are particularly affected, as well as any UI workflows
that don't integrate well with strictly having to use the
OS file picker.)
So you need some escape hatch for optionally allowing
access to larger swathes of the file system, or even
really everything as before, but that in turn then risks
being abused again by malicious actors. And then�
Plus things like Android's implementation initially using
an API completely incompatible with classical file APIs,
as well as causing some noticeable performance overhead
even today if you need more than simply accessing the
occasional single file here and there.
cosmic_cheese wrote 1 day ago:
I think had the problem is that the toolbox we can
deploy to solve these problems is so empty.
For example, itâs useful for a music player with
metadata editing features to have read/write access to
the whole filesystem, but that constitutes a
significant risk since all we can do is wholesale allow
or prevent access to the whole filesystem. What if the
system could allow it to access only music files,
though? Thatâd scope the risk back down to almost
nothing while also allowing the music player to do its
job.
This is the kind of thing Iâve been getting at in the
other replies. Nobody has really sat down and given
system level security controls a deep rethink.
iggldiggl wrote 1 day ago:
I think Apple's implementation in macOS is the only
one that offers some slightly more advanced features,
but even those don't get you that far
(Some sort of way to store permission references with
relatives paths in a file, but which most probably
wouldn't work with files being exchanged
cross-platform, and other than that mainly being able
to get automatic access to 'related' files, i.e. same
file name, but a differing extension â that solves
some sidecar files, like video subtitles, or certain
kinds of georeferenced images, but large capability
gaps still remain â even the video subtitle example
stops working if the file name is no longer 100 % the
same, like if you have multiple subtitle files for
differing languages, where VLC for example supports
prefix-matching the video file name with the subtitle
files.)
And while your idea does have its merits, I fear that
pretty soon you still hit a point where you can't
sensibly and succinctly display those more complex
types of permissions in the UI.
cosmic_cheese wrote 1 day ago:
> And while your idea does have its merits, I fear
that pretty soon you still hit a point where you
can't sensibly and succinctly display those more
complex types of permissions in the UI.
I could very well be wrong, but my inclination is
that it's possible, but it's going to take the sort
of fundamentals R&D that desktop operating systems
haven't seen in decades. It can't just be tacked
on, everything to be designed with this new system
in mind.
palata wrote 1 day ago:
Agreed. I want to "own my device" as in "being able to
install the system I want on it". Not as in "I want it to
behave exactly like Desktop Linux", or whatever it is
that people complain about AOSP.
On my Desktop I love Linux. But on my smartphone, I want
AOSP.
microtonal wrote 1 day ago:
Largely agreed, though I think on the desktop Iâd
also want AOSP in desktop mode with a traditional Linux
distribution in a VM pretty much like Android 16âs
Linux VM.
But then on desktop/laptop-class hardware, since the
thermal constraints are different and itâs nice to
have extensible storage and RAM. Of course, all this on
the phone is also nice for when you only have your
phone with you.
Then one could use fully sandboxed apps for banks,
instant messaging, etc. and the VM for development.
AOSP is getting pretty close to this ideal.
palata wrote 1 day ago:
> AOSP is getting pretty close to this ideal.
Yes I can totally imagine that in a few years, most
people will only need a smartphone and a dock
station. At home, they will plug their phone (iOS,
Android, whatever) to their dock station and it will
behave as a Desktop. And it will be good enough for
everything they do.
Crespyl wrote 2 days ago:
Allowing the owner of the device root access doesn't
necessarily break the security model. It just means that the
user can grant additional privileges to specific apps the
owner has decided to trust. Every other app still has to
abide by the restrictions.
The fact that Android complains and tells any app that asks
whether the owner actually, you know, owns the device they
paid for is an implementation detail.
A Linux distribution that adopts an Android style security
model could easily still provide the owner root access while
locking down less trusted apps in such a way that the apps
can't know or care whether the device is rooted.
palata wrote 1 day ago:
IMHO, I should be able install the OS I want on the
hardware I paid for. What should be illegal is to
technically prevent me from installing a different OS,
because I paid for that hardware and I should own it.
But that does not mean that all OSes should be open source.
I think it's fine for iOS to be proprietary, but there
should be enough information for someone to write an entire
alternative OS that runs on iPhone. I think it should be
illegal to prevent that (is it called tivoisation?).
All that to say, I don't believe that having root on my
Android system is a right. But being able to install a
system that gives me root should be one. If that system
exists, that is.
shevy-java wrote 2 days ago:
This assumes that the mentioned systems are the only security
considerations on a Linux system. Clearly this is not the case so
I am unsure why you omit other security-related aspects of Linux
here.
siddled wrote 2 days ago:
Android, being based upon the Linux kernel, has all those and
its own app permission system built on top. Linux on its own
comes nowhere close to this.
iugtmkbdfil834 wrote 2 days ago:
I.. don't think it will happen. For several reasons too. It is not
that I don't think Android will change substantially, but the
following constraints suggest a different trajectory:
- AI boom or bust will affect hardware availability
- there is a push on its way to revamp phones into 'what comes
next' -- see various versions of the same product that listens to
you ( earing, ring, necklace )
- small LLMs allow for minimal hardware requirements for some tasks
- anti-institutional sentiment seems to be driving some of the
adoption
Joe_Cool wrote 2 days ago:
I think adoption will hinge on whether existing Android apps will
just run on it with something like waydroid/anbox or not.
Gaming on Linux took off with Proton. Linux on phones might go
the same path.
arcanemachiner wrote 2 days ago:
If this finally pushes adoption of truly open Linux phones, then this
will end up being a good thing, and the greatest favor that Google
could do for the open source community.
Tragically, Linux phones have languished and are in an absolute state
these days, but a lot of the building blocks are in place if user
adoption occurs en masse. (Shout out to the lunatics who have kept
this dream alive during these dark years.)
fwipsy wrote 1 day ago:
It may push a minority of users who really care about open source
to Linux phones. I expect the majority of users will grumble but
cave and re-adopt mainstream Android or Apple.
riedel wrote 1 day ago:
Adoption would mean that orgs like the European Payment Initiative
behind Wero would adopt Linux phones even other AOSP ROMs. Not
seeing that. Banks and streaming platforms that require DRM are
keeping most (non-activist type) users locked in.
kelvinjps10 wrote 1 day ago:
But there is a lot of resources put into the android ecosystem
already. Even open source apps like anki, syncthing etc
matheusmoreira wrote 1 day ago:
There's no point. Remote attestation means your device needs to be
corporate owned to be trusted. Even if you had your own linux
phone, it wouldn't be able to interface with institutions such as
banks and governments. They trust Google's keys, not yours. This
doesn't quite end free computing, it just kills it for normal
people and ostracizes us hackers who insist on owning our systems.
microtonal wrote 1 day ago:
GrapheneOS supports remote attestation: [1] Some banks have added
their verified boot keys. I think it helps that GrapheneOS is
well-known by now for great security practices (most likely more
secure than all vendor phones out there).
HTML [1]: https://grapheneos.org/articles/attestation-compatibilit...
matheusmoreira wrote 1 day ago:
> Some banks have added their verified boot keys.
Seriously?? That was very unexpected... Here's to hoping this
becomes standard practice!!
jadbox wrote 1 day ago:
Not sure what gov require, but most credit unions do not use such
lockdowns
matheusmoreira wrote 1 day ago:
They will.
JoshTriplett wrote 1 day ago:
Credit unions, at least in theory, are known for caring more
about their customers. It'd be worth explicitly giving them
the feedback that you use them via their website or via an
app that works on an Open Source phone, and telling them that
that's one reason you're a customer.
matheusmoreira wrote 1 day ago:
Fraud prevention. If they lock things down, they lose less
money to fraud. I think they should just have to suck it up
and eat the cost but obviously they don't think that way.
Only a small minority even understands and cares about
these issues. The money they save by trampling over our
freedom is no doubt much higher than the value brought in
by us. They will no doubt sacrifice us for increased
profits if we force the issue. We have no leverage.
There is no reason whatsoever for a major corporation to
not use remote attestation technology. Banks will use it
because fraud. Streaming services will use it because
piracy. Messaging services will use it because spam, bots.
If you're the corporation, the user is your enemy and you
want to protect yourself from him.
Governments want this too. Encryption. Anonymity. They need
to control it all. Free computers are too subversive for
them. They cannot tolerate it.
Zak wrote 1 day ago:
> If they lock things down, they lose less money to
fraud.
[Citation Needed]
I see this kind of claim made often, but never backed up
with evidence that remote attestation of consumer devices
has any real-world impact on fraud. It sounds like it
could be true because it would detect compromised
devices, but it could just as easily be false because
people with devices that don't pass are usually
technically sophisticated.
richardboegli wrote 2 days ago:
Have a look at this post [1] from Emre @emrekosmaz
It is a smartphone that runs Android, launches Debian, and
dual-boots Windows 11
Actual link
HTML [1]: https://news.ycombinator.com/item?id=46723594
HTML [2]: https://nexphone.com/blog/the-tale-of-nexphone-one-phone-e...
cwillu wrote 2 days ago:
It won't though, because there's a ecosystem of
banking/insurance/whatever apps that have bought into the
android/iphone lockdown mindsete that people will simply be locked
out of. Open alternatives can grow when there is a viable means of
slow growth, and cutting off the oxygen to such things is the
implicit intent.
crvdgc wrote 1 day ago:
In theory, it's possible to have a third party (other than Google
or Apple) to provide attestation on third party hardware.
You can have a separate core and kernel to run such code. They
don't have to be powerful, but they'll need to be small enough to
be verified by the said provider. For most of the code that
doesn't need attestation, they can be executed on normal
hardware.
The provider also has to convince the regulator or banks to trust
them. However, if that's solved, the user should feel no
difference between pure Android and alternative platform plus
attestation.
microtonal wrote 1 day ago:
GrapheneOS supports remote attestation, but banks have to add
the fingerprint of the official GrapheneOS verified boot keys:
[1] Some banks even do.
HTML [1]: https://grapheneos.org/articles/attestation-compatibil...
econ wrote 1 day ago:
The Wero payment system will cover the entire EU but apparently
doesn't have a web portal the way ideal has.
Soon we Europians will only be able to pay using either an iphone
or an Android device.
Hilarious
severino wrote 1 day ago:
They will say: hey, now you're free from Visa and Mastercard
for your payments! (only to be forced into the Google/Apple
duopoly, which is far worse).
deejaaymac wrote 1 day ago:
So what you're saying is we go after the banking system next.
Decentralized banking is the future!
INB4 someone mentions some edge case like 'grandma got scammed'
or refunds.
fny wrote 1 day ago:
Don't banks/insurers/whatever have websites that are often mobile
friendly?
nextos wrote 1 day ago:
In EU/UK, some are sadly app only. I avoid those. Many others
are pushing apps as a 2FA, even if you use their website. You
need to insist to get another authentication system, like TAN.
Some governments are also pushing mobile IDs.
The best Linux for phones, SailfishOS, has a fairly good
Android compatibility layer that runs many bank apps well. But
despite that, it's an uphill battle. The network effect of the
duopoly is gigantic.
godelski wrote 1 day ago:
Microsoft's shit show seems to be pushing Linux adoption
aryonoco wrote 1 day ago:
Iâm old enough to remember the days that banking apps required
Internet Explorer and didnât work on Firefox. Eventually, they
were dragged kicking and screaming to support all modern
browsers.
danny_codes wrote 1 day ago:
Iâve found the mobile websites for a lot of these cases to be
fine. Not a great UX but not a blocker
shakna wrote 1 day ago:
And if your bank only does 2FA via app?
severino wrote 1 day ago:
Complain. Mine wanted that, but after complaining they
offered me SMS. If not, I'd have closed my account there. At
least here in Spain there are plenty of banks that don't
force you to use apps. I also leave bad ratings for banking
apps from time to time, and bad comments on X.
shakna wrote 1 day ago:
Since before 2023, MFA has been mandated by the government
in Australia [0], for all critical services, including
banks.
One without, does not exist, or is in violation of their
national obligations and likely to be cut off by the RBA.
The only "effective" complaint here, would be the gigantic
effort to lobby for a change in laws entirely.
[0]
HTML [1]: https://www.apra.gov.au/use-of-multi-factor-authen...
severino wrote 1 day ago:
In my country there are regulations in effect too that
mandate the use of MFA; however, using an application is
not the only way to implement MFA, as I said, in Spain
banks can use SMS, coordinate cards, etc., and they are
all valid MFA methods.
I think what these laws are missing is the obligation for
the service (the bank in this case) to provide a MFA
device if the user doesn't have one.
hsbauauvhabzb wrote 1 day ago:
Wait till you see how hostile Reddit is when you try and access
via a browser on a phone
Synaesthesia wrote 1 day ago:
I only use old.reddit.com
Reddit is the epitome of enshittification.
danny_codes wrote 1 day ago:
Thatâs how I browse Reddit actually. It is a bit janky, but
I donât like ads. Brave is reasonably good at giving you ad
free Reddit on mobile
mhitza wrote 1 day ago:
In that case a two phone approach makes sense. I was willing to
try that out, to give Ubuntu Touch a trial on my main phone. This
might incentivise it even further for an off-ramp of the
Google/Apple duopoly.
mistercheph wrote 1 day ago:
LMFAO what are you doing on your banking app all the time
cwillu wrote 1 day ago:
It only has to be something I need to be able to do but can't
once a month to be a dealbreaker.
Denatonium wrote 2 days ago:
The best solution for this is to buy a $30 burner phone at
Walmart and use it unactivated, tethered to your main de-Googled
device. You can use the burner for only tasks requiring Play
Integrity.
Make sure to leave one star reviews on all such apps that you run
into.
cwillu wrote 1 day ago:
Anything movement that requires people to routinely acquire a
second phone is doomed to failure (in the âthis will never
become a mass movementâ sense)
akdev1l wrote 1 day ago:
And if it is not âsuccessfulâ then itâs literally
making your own life more difficult for no real effect in the
world
RankingMember wrote 1 day ago:
Yeah, it's one thing for a bunch of HN nerds to do it- the
masses will not, and the masses are what move the needle.
candeira wrote 1 day ago:
Yes. However, I already carry a tethered hand-me-down
quarantine phone where I install my work apps and undesirable
apps like Whatsapp (for those loved friends and family that
can't or won't install Signal). Carrying a third phone for
"Play Integrity" starts being a bit much.
ipdashc wrote 2 days ago:
> banking/insurance/whatever apps
I know banking apps are the typical example, but I've always
wondered why. I use my bank's app maybe once or twice a year when
I need to Zelle someone, which I only need to do when they don't
have Venmo. (Unless we consider Venmo a banking app.)
I only have one bank's app installed, the rest of my banks I only
interact with over their website, on desktop.
As for insurance, I've never had an insurance company's app
installed.
Am I just an outlier here? Honestly, if I switched to a non
standard OS, I'd be more annoyed about losing, say, Google Maps,
Uber/Lyft, or various chat apps. Banking and insurance just don't
come to mind at all as something I need my phone for.
myth2018 wrote 1 day ago:
> I know banking apps are the typical example, but I've always
wondered why
My bank uses the app for 2FA, and that became a sort of a
standard in Brazil, AFAIK. Mine at least gave me the option of
using an RSA SecurID or sth alike when I asked, but I don't
know how much it would cost me.
My stock broker on the other hand does 2FA exclusively on
mobile (and only Android and iOS). The same for the health
insurer.
My car insurer didn't force me to so far, which I find strange,
given their interest in tracking my location and speed.
These were some of the major factors leading me to give up on
using a feature phone when I tried, a few years ago. It was a
good experience, especially at those times of pandemics and
political instability, but the inconveniences were many.
duskdozer wrote 1 day ago:
Have you not had a company block you from doing something on
the web and force you to use an app for it?
noughtnaut wrote 1 day ago:
Fair point - but then take national eID apps instead.
Take Denmark, for example: most banking apps use eID for login,
so that problem translates 1:1. But other apps who do the same
include the national school communications platform (which is
pretty much mandatory for a huge chunk of the adult population,
who need to look at it almost daily). Also: social security
card (including health portal/doctor booking/comms), driver's
license, bus pass, parking app, used-stuff-marketplace, ... eID
is _everywhere_ because it's a good idea.
Sure, all of this can be done on a computer. If you're near
one. Or you can have separate and physical cards, like we used
to have. That still works, mostly: more and more services (eg.
bus pass) are going digital-only.
Really, what we need is a top-down embrace of open-source-based
platforms as being _as_ (or more) secure than the established
tech giants. From governments down, organisations _should_ move
away from locked-down (foreign) commercial interests.
I'm not holding my breath though.
jesterson wrote 1 day ago:
Country dependent of course, but recently i observe steady push
from banks to adopt mobile app. Some have webui neglected and
glitchy, some openly announce sunsetting, some already killed
web access only allowing app.
And this tendency will prevail as bank can collect way more
data this way. Just a month ago one of banks that is often
praised here sent me a letter saying âyour IP activity
doesnât match your residenceâ (and i am not even installed
their app, they pulled data from web ui usage. Imagine what
happens when they get access to data mobile app can supply
marcosdumay wrote 1 day ago:
> I know banking apps are the typical example, but I've always
wondered why.
It's because Google created this thing during backroom
conversations with bank associations from a handful of
countries.
WhyNotHugo wrote 1 day ago:
Sounds like youâre using Venmo to fill the same role as a
banking app (sending and receiving bank transfers).
Many other countries simply rely on banking apps for these
things, and donât have a separate service for this kind of
transaction.
Here in NL many banks (not all) require their iOS or Google app
to log into their home banking on a PC/browser.
wilkystyle wrote 1 day ago:
You're definitely not alone. I just checked the list of
installed apps on my phone and found three different banking
apps that I completely forgot about because I never use them. I
installed them because I thought it would be convenient for
checking things on the go, but I actually just end up using the
computer whenever I need to do real banking business. The only
finance-related app I use with any regularity is Venmo for e.g.
paying back a friend for covering dinner.
Another commenter mentioned needing to get alerts for fraud,
but none of the financial institutions i'm currently doing
business with have any trouble sending me text messages. In
fact I have the opposite problem, I can't get them to stop
using text for 2FA codes...
jaza wrote 1 day ago:
My main bank is Commonwealth aka CBA (one of the "big 4" banks
here in Australia). For a long time, I held out against
installing their mobile app (on Android), and managed fine with
their web UI (and with 2FA codes via SMS). Then, 2 or 3 years
ago, I needed to start using PayID (sort-of Australia's version
of Venmo, ie free instant transfers, except it's supported
directly by all the major banks here). And I discovered that
CBA had (deliberately?) only added PayID support to their
mobile app, you absolutely can't use it in their web UI (last I
checked). So I had to finally relent and install the mobile
app. I started out only opening it on the rare occasions when I
needed to send money to someone via PayID.
Then, a while later, CBA pretty much phased out SMS-based 2FA
(or they said that if you had the mobile app installed then you
can no longer use it?). Only other supported option is in-app
2FA (no support for third-party TOTP apps). So I had to start
opening the mobile app every time I needed a 2FA code. Then,
within the last year or so, they made a new rule, that in order
to log in to the web UI at all (just initial login, I'm not
talking about sending money or any other high-risk action), you
had to receive a push notification via the mobile app and tap
"allow". So now I literally can't log in to the web UI without
also logging in to the mobile app!
So, unfortunately, "just keep using the bank's website on
desktop" is increasingly and deliberately becoming not an
option. I assume there are many similar stories with other
banks around the world.
severino wrote 1 day ago:
So, leaving aside the discussion about whether someone wants
to use their bank's application or not, what's the bank
response if their application just doesn't work in your
phone? That you must purchase a new phone or be locked out of
using your account?
I hope, now that the debate about our excessive reliance on
American tech is on the table, that we also put limits on
those essential services, like banks, imposing the usage of
products from only two companies (Google or Apple) in order
to operate. I think that goes at least against the spirit of
the European Union.
hunterpayne wrote 1 day ago:
> I hope, now that the debate about our excessive reliance
on American tech is on the table
LOL, you couldn't even place a phone call in Australia
without some US technology connecting the call. I should
know, we setup the app that calculates your bill. That's
from the US too.
habinero wrote 11 hours 4 min ago:
As a fellow American, can you not?
elitistphoenix wrote 1 day ago:
I paid someone via payid via the web ui. Was via an email
address. It was a while ago though and haven't used it since.
Also I've never used the app since the blocked rooted
devices, magisk stopped working (cause of safetnet) and moved
back to sms "security". I just logged in then without having
to enter a code.
I do note you need to allow browser fingerprinting to allow
the login to work. Otherwise it's some generic error.
I've made a lot of noise about it so maybe they've
"unblocked" me to shut me up. Email the CEO so it registers a
complaint. Make some noise.
Definitely have another bank though as you can't just depend
on one.
nicoburns wrote 1 day ago:
Some banks' only interface is the mobile app. And in Europe
people typically use their banking app for P2P payments (no
need for an app like Venmo)
dheera wrote 2 days ago:
I haven't had issues with the mobile apps of 3 of the most
major US brokerages. They run fine on rooted phone. They do
everything I'd want a bank to do anyway.
Ditch your bank if they have issues. If their retention
department asks why you're leaving, tell them their app doesn't
work.
ipdashc wrote 1 day ago:
> Ditch your bank if they have issues.
This is what I was thinking as well, TBH. I'm not
particularly tied to any of my banks, I already did mostly
switch off of BoA because their website was so bad.
Good to hear everyone's responses in the thread though, some
stuff I definitely didn't consider.
1vuio0pswjnm7 wrote 2 days ago:
"I'm am just an outlier here?"
No. The "banking app doesn't work" argument against
non-corporate mobile OS, raised incessantly is HN comments, is
bogus
I want a "phone", i.e., small form factor computer, that can
run something like NetBSD, or Linux. But I have no intention
of using it for commercial transactions. Mobile banking is not
why I want to run a non-corporate OS
I want to use it for recreation, research and experimentation
NB. I have more than one "phone". The choice is not corporate
mobile OS versus non-corporate mobile OS, i.e., "either-or". I
can use both, each for specific purposes
EvanAnderson wrote 2 days ago:
> I want a "phone", i.e., small form factor computer, that
can run something like NetBSD, or Linux. But I have no
intention of using it for commercial transactions. Mobile
banking is not why I want to run a non-corporate OS
> I want to use it for recreation, research and
experimentation
I am a firm believer that phones are personal computers and
should have all the end user freedom we have come to expect
from personal computers. I am totally behind what your
saying. (The amount of irrational anger that wells up in me
when I hear someone make the argument that phones are somehow
not general purpose personal computers and shouldn't provider
their owners software freedom would astound you.)
Personally, I opt out of services that require the use of
phone "apps" and any potential attestation they provide.
Unfortunately, I just offload those needs onto my wife and
her iPhone.
Want to go to a concert in a TicketMaster venue? You have to
have a phone. Pay to park in some places requires a phone.
Mobile ordering for some restaurants requires a phone.
I don't think it should be this way, but it is. I think we
need consumer regulation to insure software freedom on phones
and curtail awful user hostile "features" like remote
attestation.
Until that happens (if it ever does) there is a realpolitik
with needing corporate phones for some activities that can't
be denied.
kelvinjps10 wrote 1 day ago:
Those things that you mentioned you can do it on the
website meaning also a open computer too
JoshTriplett wrote 1 day ago:
> Those things that you mentioned you can do it on the
website
No, unfortunately some things can't be. There are venues
that provide tickets exclusively via mobile applications,
for instance.
1vuio0pswjnm7 wrote 1 day ago:
"There are venues that provide tickets exclusively via
mobile applications, for instance."
Turns out Ticketmaster still has ticket printing
machines at such venues
Was at a game at one of them, claimed I had a problem
with the app and after some negotiation at the ticket
window a millennial printed me a ticket
Why do they still have the printers
The "I'm having a problem with the app" strategy can
work in other contexts too. The phone can be
configured so that a young person trying to help gives
up
"Modern" software is highly fallible and everyone knows
it
1vuio0pswjnm7 wrote 1 day ago:
When people have problems using apps, alternatives
are often available
Perhaps this is why, e.g., venues that "require" apps
still have ticket printing machines and still print
tickets when there are problems with using the apps
The situation is not so "cut and dried" that no one
ever attends an event at these venues using printed
tickets instead of displaying the ticket on the
phones they bring to the event
There are alternatives to apps that are sometimes
used, e.g., when customers have problems, even when
businesses try to "require" apps
As such, businesses do not always succeed in
collecting the same amount of data from every
customer
This is not to say customers who try to avoid
unnecessary data collection always succeed, either
Generally, trying is a prequisite to succeeding
If most customers do not try it does not mean no
customer succeeds. There are some who do, at least
some of the time
EvanAnderson wrote 1 day ago:
Ticketmaster is it's own particular problem that
needs to be dealt with, even if it is emblematic of a
bigger issue with companies demanding users to run
proprietary software.
I have recent (October and November, 2025-- venues in
Indianapolis, IN and Cincinnati, OH) personal
experience with this. With one venue I was able to
play the "confused old man" card (via phone) and get
the box office to print my tickets and hold them at
will call.
At another venue I called prior to my show and tried
the same tactic. They told me flat out "no phone, no
admittance, tough luck for you" and cited the
warnings and terms on the Ticketmaster website that
I'd already agreed-to. I didn't want to chance losing
out on $300 of tickets I bought so I knuckled under
and loaded the Ticketmaster app on my wife's iPhone.
I don't think it's as cut-and-dried as you say it is,
and I don't have the stomach to risk being denied
access to events I bought tickets for-- particularly
at the pricing levels of today's shows.
colordrops wrote 1 day ago:
Well fuck those venues. It's a small percentage. I've
never run into one and I live in LA, a city with
hundreds if not thousands of venues.
So you only get 98% of the world instead of 100%. That
98% is far more than the the 100% of 10 years ago.
Everyone wants perfection when they've already got
abundance.
EvanAnderson wrote 1 day ago:
It has been reported that Ticketmaster has exclusive
agreements with 70-80% of US venues. It's great that
you have all the choices you do. For me, in western
Ohio, every major venue for hundreds of miles in
every direction is an exclusive Ticketmaster venue.
You can't gain admittance to any show in those venues
without a phone that can run their proprietary app.
Ticketmaster is bullshit, for sure, but they're just
one example of the problem of being forced to use
proprietary user-hostile software.
colordrops wrote 1 day ago:
See this is the bullshit I'm taking about. You can
print ticketmaster tickets.
So much self victimization to avoid using open
alternatives.
JoshTriplett wrote 1 day ago:
> See this is the bullshit I'm taking about. You
can print ticketmaster tickets.
So much confidence for an incorrect answer. As
cited elsewhere in the thread, some venues are
"no app, no entry", and do not have paper
tickets.
colordrops wrote 1 day ago:
Once again, never heard of this. It must be a
rare exception because ticketmaster allows you
to print them. Back to my 98% argument.
Can you cite a venue that won't take printed
tickets?
Edit: it looks like NFL doesn't take them, BUT
you can go to the box office with an order
number and still get in, so same thing.
raw_anon_1111 wrote 1 day ago:
So the world should cared to your needs when literally
almost every adult has a phone even in third world
countries?
Before you say âwhat about the poor peopleâ in the US
at least, even poor people can get a subsidized free phone
through the UCF (?) government fund
Also see: no Iâm not going to waste development time di
you can get to a website I develop with JS disabled or so
you can use lynx
EvanAnderson wrote 1 day ago:
> So the world should cared to your needs when literally
almost every adult has a phone even in third world
countries?
The assumption that everyone has a "smart phone" running
locked-down Android or iOS is unreasonable. Just as race,
sex, religion, national origin, etc, are protected
classes, the "phoneless" should be a protected class.
Denying people who choose not to use a locked down phone
basic interaction with your business should be legally
equivalent to posting a "No blacks allowed" sign on your
door, and the consequences should be the same.
> Also see: no Iâm not going to waste development time
di you can get to a website I develop with JS disabled or
so you can use lynx
I don't see what this non-sequitur has to do with the
exchange. I didn't bring anything up about Javascript.
raw_anon_1111 wrote 1 day ago:
Oh please, really? As a Black guy whose still living
parents grew up in the segregated South. Comparing
not being able to use a Linux phone to segregation
is really taking it too far. You have not a single
clue what it was like growing up in the Jim Crow South.
This conversation is officially done.
kelvinjps10 wrote 1 day ago:
Because phones keep tracking us and stealing our
attention.
And everybody should have the option of open computer
systems
raw_anon_1111 wrote 1 day ago:
So exactly how do you think an âopen phoneâ will
keep you from being tracked when you are tracked and
can be triangulated via cell phone towers?
deejaaymac wrote 1 day ago:
The faraday bag I keep with me in my backpack!
olyjohn wrote 1 day ago:
He's referring to his activity ON THE DEVICE. We know
you can't stop the location tracking from the
carrier. But that doesn't mean give up on everything
else.
raw_anon_1111 wrote 1 day ago:
Worrying about random app tracking you - which is a
boogeyman in and of itself on iOS - and nog
worrying about the government tracking you is like
being concerned about a mosquito bite when you have
a bullet hole.
Aerroon wrote 2 days ago:
2FA is a requirement in Europe. I can't log into my bank
account without my phone being able to run the app.
hunterpayne wrote 1 day ago:
The "app" is probably a web page written in JS. Rarely its a
native app in either Kotlin or Swift but then you have to
maintain 2 different apps in 2 different languages with 2
different OSes for the devs. So unless the app really
specifically requires something special, its just a web page.
Even (and especially) your banking app.
master-lincoln wrote 1 day ago:
2fa does not mean smartphone. There are other variants too
Markoff wrote 2 days ago:
I would stop using bank requiring phone app to do banking,
simple as that, both my main EU accounts use sms verification
codes and extra password, which is fine with me. If they will
require an app, they will lose customer.
debazel wrote 1 day ago:
So what are you going to do when all of them requires it?
dheera wrote 2 days ago:
2FA and Google SafetyNet are two completely different things.
Your banking app can implement 2FA without SafetyNet.
heavyset_go wrote 1 day ago:
It's Play Protect and Play Integrity now, not SafetyNet, in
case anyone wants to look it up
xprnio wrote 2 days ago:
But 2FA is moot if itâs the same device as your bank app,
is it not?
naniwaduni wrote 1 day ago:
Nearly all the security value of 1fa is that it keeps your
users from picking the own passwords.
clhodapp wrote 1 day ago:
It is in the specific case that you don't have biometric or
PIN login set up on the device and you use a password
manager that doesn't require authentication. In that case,
the only factor is "something you have". Otherwise, it is
still a multi-factor authentication because the device
itself still represents "something you have", and your
device unlock represents "something you know" or "something
you are".
rightbyte wrote 2 days ago:
Yes. Please tell my bank that.
cuu508 wrote 1 day ago:
Switch bank.
LtWorf wrote 1 day ago:
They know. The EU directive is quite clear that hw tokens
are to be preferred over phones. Banks are cheap though
and violate it.
edent wrote 2 days ago:
My bank sends me an alert when my card is used to make a
transaction - handy for spotting fraud.
I get an alert when a payment comes it - handy for knowing if a
client has paid.
I can quickly check my balance - handy for knowing if I can
afford another round of drinks.
I can repay a friend in two taps - handy if they've paid for
dinner.
Is anything essential? No. Is it something people use multiple
times per day? Yes!
Markoff wrote 2 days ago:
I can get alerts in email or messages, no need dedicated app
for that, I can track there also my balance, so only useful
thing app provides are easy wire transfers from phone, which
I never do, if I wanna transfer money is much more convenient
work big display, proper keyboard and mouse than from phone.
toyg wrote 1 day ago:
The overwhelming majority of the population of the
developed world now considers the mobile phone as their
primary (and often only) computing device. It's always with
them, it's more accessible and intuitive than a laptop, and
it's how they communicate with everyone. It doesn't matter
if you prefer to do this or that on a "real" computer -
most people would just do everything through the phone if
they could.
It's surprising how we still see posts like these in 2026
on what should be a "future-friendly" forum.
raw_anon_1111 wrote 1 day ago:
You actually check your email regularly? How much effort
does it really take to transfer a balance on a phone?
For Bank Of America itâs:
1. Click on âpay & transferâ
2. Click on âtransferâ
3. Click on âFromâ and choose account
4. click on âtoâ and choose account
Then type in the amount and and click on the date?
Is it really that much easier on a computer?
cantalopes wrote 1 day ago:
"if I wanna transfer money is much more convenient work big
display, proper keyboard and mouse than from phone"
You realize how ridiculous this sounds, right?
BreakingProd wrote 1 day ago:
It reads like he made typos/autocorrect mistakes on his
mobile phone!
Which is a pretty funny illustration of the gist of what
he was saying⦠itâs easier to make mistakes on
phones.
b00ty4breakfast wrote 1 day ago:
We've cultivated a tech culture that can't stand the
slightest inconvenience. People will give up nearly
everything if it means avoiding the least bit of effort.
We are so boned
raw_anon_1111 wrote 1 day ago:
So yes if it werenât for people wanting convenience the
âYear of Linux on the Desktopâ would have happened 25
years ago.
What do you suggest? Everyone carry around their desktop
computers and our CRT monitors like we did when we wanted
to play Quake with friends?
b00ty4breakfast wrote 1 day ago:
yes, getting emails or text messages instead of having
app alerts is luddism.
Get real, dawg
raw_anon_1111 wrote 1 day ago:
Uhh yes - when 90% of adults worldwide have moved to
smart phones - yes you are the Luddite.
Email is for old people has been a meme for two
decades
HTML [1]: https://www.techdirt.com/2007/11/15/email-is...
b00ty4breakfast wrote 1 day ago:
You can get email on your smartphone.
No, it's cool tho, worry about being "hip" and
enjoy the authoritarian surveillance state that you
are enabling because you've been indoctrinated to
want "new thing" and to reject "old thing".
raw_anon_1111 wrote 1 day ago:
Yes because email is a secure way to send
informationâ¦
bigstrat2003 wrote 1 day ago:
Anyone who says "email is for old people" is a
fool, at least on that subject.
raw_anon_1111 wrote 1 day ago:
Yes, because âbigstrat2003â said so. I work
for a 1000+ consulting company and no one uses
email for internal communications. Even for
company wide messages leadership uses Slack.
Heck even when we first start a project we either
federate (or whatever you call it) the clientâs
Slack workgroup with ours or we ask to be on
their Teams channel.
Before working where I worked now, I worked for
the 2nd largest employer in the US, even there
most communication happened over Chime or Slack.
On a personal level you actually email personal
contacts - in 2026?
mimasama wrote 1 day ago:
I email my dad documents and photos I need
printed (and he uses his work office's laser
printer). I forward the billing statement I
receive monthly from my family's ISP to my mom
via email. And I'm "Gen Z"
raw_anon_1111 wrote 1 day ago:
And Iâm 51 and far from a Luddite. Iâve
moved with every technology transition since
learning how to program in AppleSoft BASIC
and 65C02 assembly. My 83 year old mother is
less of Luddite some people commenting here.
She is a retired high school math teacher -
been retired for 30 years - and she has used
every popular word processor/suite from the
original AppleWorks for the Apple //e and she
was tutoring friends kids and helping them
use GSuite and PowerPoint until 5 years ago.
She uses her phone for everything and she has
up to date computers a couple of printers on
her network and two ISPs just in case one
goes out. She kept the legacy DSL account
thatâs not available to new subscribers and
she has cable internet.
GaryBluto wrote 1 day ago:
> What do you suggest? Everyone carry around their
desktop computers and our CRT monitors like we did when
we wanted to play Quake with friends?
The exercise would do people good. Jokes aside though,
there is a nuance between completely inconvenient and
designed for the marching morons.
raw_anon_1111 wrote 1 day ago:
You mean 80% of adults worldwide are âmoronsâ?
Have you ever thought that they may know something
you donât know?
GaryBluto wrote 1 day ago:
If 80% of adults worldwide somehow became unable to
tolerate the slightest inconvenience, then yes, I'd
say they would be morons, but I doubt they are. I'm
unsure where you're getting the 80% statistic from.
raw_anon_1111 wrote 1 day ago:
I used that little convenience of my smart phone
and used the internet. [1] I am sure you are
thinking Iâm a âmoronâ because I didnât
drive to the library and use microfiche to find
the informationâ¦
Or maybe you would have been okay if I used
Veronica and searched Gopher sites like I did pre
Web in the 90s?
HTML [1]: https://www.demandsage.com/smartphone-us...
j_maffe wrote 2 days ago:
That's great for you but unfortunately the overwhelming
majority of people do indeed regularly use these features.
firtoz wrote 2 days ago:
Could all of these be handled through openbanking?
xprnio wrote 2 days ago:
Yes
avtolik wrote 2 days ago:
Banks often use their app for a second factor auth. here.
BenjiWiebe wrote 2 days ago:
I can't deposit checks over the website, and I use a bank with
no physical locations near me.
nradov wrote 2 days ago:
That's true, but the notion that we're still using paper
checks in 2026 is so crazy. And yet they remain the cheapest
way to handle many transactions in the US financial system.
Like a lot of small healthcare providers still prefer to
receive paper checks from insurance companies because the
electronic payment processors take a 3% fee.
hermanzegerman wrote 1 day ago:
Why won't they just use Bank Transfers?
Using Checks or Credit Cards for Payments between companies
sounds completely insane and stupid
nradov wrote 1 day ago:
Yes, it is completely insane and stupid. Direct
bank-to-bank transfers require significant administrative
work to set up, and may still incur bank fees. For
individual consumer accounts most people can use Zelle
but it's not universally available.
Synaesthesia wrote 1 day ago:
Funny how South Africa has a way more sophisticated
banking network than the USA.
hermanzegerman wrote 1 day ago:
I think nearly every other country has instant and
free/low-cost bank transfers, without relying on some
Apps.
I haven't seen a cheque my entire life, and I'm born
in the last century
observationist wrote 2 days ago:
Even if you have linux, there are still third parties that have
control over your hardware. Even if you're using graphenos, you
can't block the sim or the cellular radio stack, and likely other
modules on the SoC, from at-will access to every sensor on the
device. You can at least protect your files, unless there's a mitm
or other vector that graphenos can't cope with. And at worst, they
can simply clone all your encrypted bits and wait on Moore's law or
sufficient cubits to go back and crack the copy, on the off chance
there's anything they want with your data in the first place.
microtonal wrote 1 day ago:
FYI: GrapheneOS only support devices with isolated radios. These
radios cannot access other sensors. More background:
HTML [1]: https://news.ycombinator.com/item?id=46841033
mistercheph wrote 1 day ago:
What a lame and useless doomer POV. Do you refuse to go outside
because a lightning strike could kill you at any instant? Why let
things that aren't in your control (yet) stop you from taking
control of the things you can now?
fsflover wrote 2 days ago:
My phone has hardware kill switches for modem, WiFi/Bluetooth and
mic/camera. All three together also kill all sensors.
observationist wrote 2 days ago:
If it's got a sim card, it's still phoning home and providing
location data. You can't escape the panopticon. A faraday bag
gets you mostly there, though, but the point isn't that you can
maneuver against it, it's that the device and its operation is
fundamentally compromised by design.
There's a whole lot of shady crap underlying the infrastructure
and the hardware that consumers cannot touch, pinephone /
librephone or otherwise. It's not designed for consent. At best
you can gain ephemeral relief, but even that is illusory,
because by simple process of elimination, differential analysis
allows fine grained ID and tracking of people even if they
don't have accounts, phones, interact with websites, etc.
It's not a shady cabal of lizard people, it's just the grubby
natural alignment of interests by a wide ranging set of
companies and regulators and groups who allow it to happen
without imposing any accountability, and ensuring that the
system remains structured such that no effective accountability
can be imposed.
Extorting constant streams of data for adtech is too valuable
and the entire thing is too complex for silly things like
ethics to interfere.
fsflover wrote 2 days ago:
> If it's got a sim card, it's still phoning home and
providing location data
Only when the kill switch is on. I control it.
Also, it's possible to get AweSIM service
hiding your data from the mobile operators.
observationist wrote 2 days ago:
For sure - and you can use WiFi only, set yourself up with
a HaLow rig and give yourself a ~10mbps connection anywhere
up to 10 miles from your home, suitable for voip and low
rate streaming, throw in VPN, and remain completely off-net
as far as cellular networks go. I'm actually planning on
using a wireless touchscreen and mobile halow/raspberry pi
network/storage stack to completely replace my phone, but
the bigger issue is automated tracking of everything - if
you're the only blank spot in a sea of known individuals,
it's just a matter of seconds to id you, since everything
everywhere about everyone is tracked online.
We should be enforcing informed consent regulation of
network infrastructure, treating privacy and anonymity as
synonymous with liberty and freedom. Allowing the system to
operate as it does is a choice; those with lots of money
get to make it grow by exploiting a constant invasion of
privacy with no concurrent return to the society being
exploited.
Phones aren't built to be privacy respecting, and kill
switches are a mitigation of a symptom, they don't do
anything to address the disease.
beeflet wrote 2 days ago:
The limitation of linux phones is hardware. I have been watching
the progress of postmarketOS on the fairphone 4, and looks
promising.
gf000 wrote 1 day ago:
No, gnu/Linux is nowhere near usable as a daily driver mobile
device for 99% of the population.
Besides having terrible battery life and security, it's just a
hobby thing. Android has had millions of dev hours poured into it
to be what it is.
magpi3 wrote 1 day ago:
In the 90s, you would have said the exact same thing about
linux on the PC.
Free software ultimately has time on its side. As long as a
project has enough mindshare to keep its momentum, it really is
unstoppable in the long run.
gf000 wrote 1 day ago:
Linux desktop on the PC also sucks.
Where Linux shines is the absolute for-profit cloud/server
world.
Open source has places where it works really nice, bazaar is
better at "wider" stuff (having an active community, etc),
while cathedral is more deeper/better at vertical
integration, etc.
fsflover wrote 2 days ago:
[1] Sent from my Librem 5.
HTML [1]: https://puri.sm/posts/the-danger-of-focusing-on-specs/
beeflet wrote 2 days ago:
I don't care about specs, I care about functionality and price.
The camera on the pinephone doesn't practically work because it
is too slow and the quality sucks. You basicially cannot record
videos whatsoever. I can't use the device for GPS navigation. I
can run whatsapp within waydroid, but it isn't practical due to
the battery life and startup limitations that imposes. The GPU
on the pinephone sucks, is underpowered, doesn't support OpenGL
ES 3 or vulkan, and the user interface is always slow as hell
to navigate.
So practically I cannot use it as a daily driver.
Librem 5 does have enough GPU horsepower, a functioning camera,
and good pmOS support. But $800 is a lot to ask to test out
switching to linux with no guarantee that my workflow will work
or I will have enough battery life. It looks like the librem 5
can't record videos or do GPS navigation yet.
I am looking at the librem 5 specs again. The EG25-G is
probably a better starting point for the modem now that it has
been better documented and reverse engineered as a result of
the pinephone project. It is interesting that the L5 has a
generic smartcard reader though.
fsflover wrote 1 day ago:
> But $800 is a lot to ask to test out switching to linux
with no guarantee
Commercial phones' costs also include the data value they
continuously steal.
> It looks like the librem 5 can't record videos
It can: [1] > or do GPS navigation yet
Yes, it can: [2] > or I will have enough battery life
Fortunately, you can replace the battery on the go. But yes,
if you make no compromises, you will never win a tiny bit of
freedom.
HTML [1]: https://social.librem.one/@dos/115893142828953827
HTML [2]: https://forums.puri.sm/t/is-gps-supposed-to-work/211...
good8675309 wrote 2 days ago:
Until Android is crippled it will continue to take resources away
from Linux Phone development and companies that will launch phones
for it
andrewmcwatters wrote 1 day ago:
I got downvoted heavily about a year ago saying we need to
abandon Android and the industry needs to pivot back to just
putting GNU/Linux on a phone already.
Of course, now Google is doing what Google was always going to
do.
IshKebab wrote 2 days ago:
> If this finally pushes adoption of truly open Linux phones...
It won't.
shimman wrote 2 days ago:
Expecting Google to give up control of one of the only alternative
operating systems is right up there with believing in the tooth
fairy.
What you're saying should happen, but it will only happen when the
government legislates it happens; which frankly they should be
doing (along with nationalizing a few other software projects to be
fair).
A trillion dollar transnational corporation with massive
monopolistic tendencies will never ever do the right thing. Expect
to force feed it down their throats.
yason wrote 2 days ago:
In general, governments seem to be much more invested in making
it illegal to have anything that is too open and too free. Even
EU is lusting for draconian control features like chat control
where you don't own and operate the software you installed on
your device even if, at the same timem, they're trying to gnaw on
the influence of Big Tech.
hunterpayne wrote 1 day ago:
> Even EU is lusting for draconian control features
Even the EU??? Huh? Did you misspell 'especially' there?
Because when your governments want to spy on your own citizens
more than the big tech companies want to collect data for
advertising, you probably have a problem.
spacebuffer wrote 2 days ago:
For me as a desktop linux poweruser, I find this potential
transition pretty intimidating, I've never flashed a phone with a
custom rom let alone switch to a completely different OS, and I am
not sure if the phone can even be reset to its original OS, if
things go south.
mistercheph wrote 1 day ago:
Don't worry if you're not ready, just as on the desktop, there
are pioneers ahead of you that will clear the way <3
fenykep wrote 1 day ago:
/e/OS at least has a browser based installer[0] for quite some
supported phones.
I definitely recommend trying it out, installing a custom os on
my phone gave me the same feeling when I first ran debian on a
laptop struggling under windows (even though the performance
gains aren't that apparent in my opinion).
[0]
HTML [1]: https://e.foundation/installer/
microtonal wrote 1 day ago:
The /e/OS installer is terrible though and often fails, even on
their officially supported phones (like Fairphone). The
standard recommendation in their forums is nah, just install
/e/OS through the command-line.
Also, /e/OS has pretty bad security practices (shipping very
old kernels, very old vendor firmware, and missing most AOSP
security patches).
Also, be careful to follow the instructions really carefully.
For some devices it's really easy to get the phone in a boot
loop, where the only resort is to get your vendor to repair it.
E.g. Fairphone 6 has downgrade protection and will become a
brick if you relocked the phone when the old system's Android
SPL is newer than the new system's.
chrneu wrote 2 days ago:
It's relatively easy. It's basically a command for each step you
want to do and it tends to fail gracefully nowadays.
If you can install a linux distro you can flash a custom rom on a
well-supported phone.
If it were more mainstream I could see GUI apps to manage all
this for people, if they don't already exist. Idk I just use adb.
eldaisfish wrote 2 days ago:
That describes relatively easy for you, but not for the average
person who canât even be bothered to change the default
ringtone.
yellowapple wrote 1 day ago:
I can't be bothered to change my phone's default ringtone and
yet I've had very little issue installing LineageOS and
GrapheneOS on the various phones I've owned over the years.
keyringlight wrote 2 days ago:
The challenge I've found when looking for instructions for
flashing one of my old phones is the assumption of knowledge
some rom builders have, or perhaps an assumption about their
audience. This seems like it has the potential to bit someone
in the ass because if they're relying on other sources like
the lineageOS wiki or forum posts elsewhere for example
there's no guarantee it'll stay available, complete, or
relevant to their variant over time. It's an added burden for
what is a gracious volunteer role, but it's a handicap if
they want more people using the fruits of their labor.
paulryanrogers wrote 2 days ago:
It's also high risk. I've bricked two phones doing it.
Markoff wrote 2 days ago:
it's pretty much impossible to hard brick phone, you can
almost always recover it
I'm running custom ROMs for the last 15 years
a456463 wrote 2 days ago:
I flash phones almost every other week. And tablets. I have
been flashing since Androids came out. But never bricked. But
maybe that is why I don't have any problems.
crtasm wrote 2 days ago:
Potential for a brick varies massively depending on phone
model, doesn't it?
Onawa wrote 2 days ago:
I've been flashing phones for over 2 decades and have never
bricked a phone. How did you manage that?
microtonal wrote 1 day ago:
Lots of people brick their phones by relocking the
bootloader when the Android SPL before flashing was newer
than the newly flashed OS when the phone has downgrade
protection (e.g. Fairphone 6). The Fairphone/e Foundation
forums are pretty full of people making this mistake. Then
the only solution is paying Fairphone to fix it.
brnt wrote 2 days ago:
Same here. Just follow the LineageOS steps.
user3939382 wrote 2 days ago:
Are you seriously implying that flashing phones doesnât
risk bricking them or youâre not aware of that risk are
you serious?
kllrnohj wrote 1 day ago:
"flashing" a phone is largely the same as any OTA update.
There's of course always a risk of it going wrong, disk
failures are always possible, but it's exceptionally hard
to do so accidentally. Especially with custom ROMs where
they basically never include a new bootloader, so
"flashing" is no different than installing an OS on a
desktop system - it's just writing to the boot partition.
Which you can always do again since the bootloader is
still available.
microtonal wrote 1 day ago:
It is not 'largely the same as OTA' on phones with
downgrade protection. Once you lock the device again,
it's game over because the bootloader refuses to boot
an older version of the OS, and you cannot unlock the
phone anymore. Happens all the time in the /e/OS and
Fairphone forums.
It really depends on the device. E.g. Pixel is quite
hard to brick. Though they do sometimes increment the
anti-rollback version: [1] In that case you have to be
careful to not flash an older version to both slots and
lock the bootloader, which is possible, because many
non-Google/GrapheneOS images are often behind on
security updates.
HTML [1]: https://developers.google.com/android/images
kllrnohj wrote 1 day ago:
It is still largely the same, those downgrade
protections apply to OTAs as well. Those
anti-rollback don't brick the device, either. It
might not boot to a working OS, but you can still get
back to the bootloader to flash something newer.
Unless you blindly lock the bootloader without
testing if it boots first and the bootloader can't be
unlocked again I guess, but that's quite a sequence
of bad choices all around
microtonal wrote 1 day ago:
It is still largely the same, those downgrade
protections apply to OTAs as well.
But the Android SPL versions of OTA updates from
Android vendors monotonically increase.
It might not boot to a working OS, but you can
still get back to the bootloader to flash something
newer. Unless you blindly lock the bootloader
without testing if it boots first and the
bootloader can't be unlocked again I guess,
This is false. As long as the boot loader is
unlocked, many phones will boot the downgraded
image fine. It stops booting it when you lock the
boot loader and on many phones, you cannot unlock
it again. You need to boot the OS to enable OEM
unlocking again, but you cannot boot the OS because
the bootloader refuses to.
The Fairphone community is full of people who
though 'oh it boots, so I can lock', locked it and
they were in a boot loop and had to send their
phone to Fairphone to get it repaired for 60-70
Euro (I don't remember the exact price, but that is
the ballpark).
There is an adb command that can fairly reliably
detect whether the boot loader can be locked. But
I'm not going to post it here, because people have
to read the full flashing manual, plus in the past
there was a bug where the anti-rollback would
trigger even with a newer SPL.
At any rate, flashing is not for most people and it
was much easier when there was no rollback
protection. Of course, rollback protection does
make phones much more secure.
---
I wonder if your experience is based on Pixel or
older/other Android devices that do not have
rollback protection.
luz666 wrote 2 days ago:
I am seriously unaware of the risks and also flashing
brand new phones :)
wolrah wrote 2 days ago:
> Are you seriously implying that flashing phones
doesnât risk bricking them or youâre not aware of
that risk are you serious?
Yes, that is generally the case. As a general rule with
an Android phone reflashing the OS itself or the
bootloader carries no risk of bricking the device
(meaning making it impossible to recover without
specialized hardware and/or opening up parts that were
not intended to be opened).
There are plenty of ways to "soft-brick" a device such
that you might need to plug it in to a computer, and
adb/fastboot can definitely be a pain in the ass to use
(especially on Windows), but if you have a device with an
unlocked bootloader it's very rare to be able to actually
brick the device while doing normal things.
Now, if you're doing abnormal things like reflashing the
radio firmware you can absolutely brick some devices
there, but you don't have to do that just to boot an
alternative OS and generally shouldn't be doing it
without very good reason and specific knowledge of
exactly what you're doing.
I'm not going to say there are no devices where the
standard process to flash an alternative OS is dangerous,
but none of the relatively common ones I've ever owned or
used have been built that way because OEMs don't want
their own official firmware updates to be dangerous
either.
tl;dr: It is sometimes possible to brick a device by
flashing the wrong thing incorrectly, but the risk of
doing that if you are just installing an alternative OS
through a standard process is basically zero.
hbn wrote 2 days ago:
Who could Android be possibly recommended to at this point?
I know iPhones aren't affordable for the layman in many countries.
But for anyone with an option, why would you buy an Android? All the
"customization" things I cared about when I was on Android are either
doable on an iPhone now with better implementation, or something I
don't care about.
I was a die-hard until I went through enough cycles of Google
deprecating and reinventing their apps and services every year,
breaking my workflow/habits, that I got sick of them and moved to
Apple everything. And all the changes I've seen since then are only
making me happier I got out of the ecosystem when I did. Unlimited
Google Photos backups with Pixels are gone, Google Play Music is
gone, the free development/distribution environment is gone, etc.
If people can't even develop for the thing without going through the
Google process, they're really just a shitty iOS knockoff.
singpolyma3 wrote 1 day ago:
As someone who hates both android and iOS but currently has to use
iOS, I definitely hate it more. It lacks so many things one can
take for granted on android. Even a usable keyboard is missing from
iOS.
pjmlp wrote 2 days ago:
I love the Java/Kotlin userspace, even if it is Android Java
flavour, and the our way or the highway attitude to C and C++ code,
instead of yet another UNIX clone with some kind of X Windows into
the phone.
In the past I was also on Windows Phone, again great .NET based
userspace, with some limited C++, moving into the future, not
legacy OS design.
I can afford iPhones, but won't buy them for private use, as I am
not sponsoring Apple tax when I think about how many people on this
world hardly can afford a feature phone in first place.
However I also support their Swift/Objective-C userspace, without
being yet another UNIX clone.
If the Linux phones are to be yet another OpenMoko with Gtk+, or
Qt, I don't see it moving the needle in mainstream adoption.
iririririr wrote 2 days ago:
you're a really vanilla user then.
wake me up when there's an adblocker on an iphone.
ClikeX wrote 2 days ago:
There are several that plug into Safari, and Pihole just works.
Does Android have ad blockers that do more? It's been a few years
since I switched.
telegtron wrote 1 day ago:
Blokada, Rethink, and Adguard just to name a few. Also, the DNS
can be set to NextDNS, both via the system settings _and_ the
aforementioned apps.
bpye wrote 2 days ago:
I can run proper uBlock Origin in Firefox on Android. Sure
something like Pihole works, but I am often on mobile data or
other WiFi networks.
zie wrote 2 days ago:
Thankfully you don't really need an adblocker for apps on an
iPhone. Your browser could use one, but thankfully those do exist
:)
That said, I want off the iOS ecosystem, but Google has basically
said guess what? We are going the way of Apple, so we don't care
about you either.
So right now there isn't really anywhere else to go. I'm going to
keep trucking in iOS for now, but I hope I find something better
soon.
gspr wrote 2 days ago:
> Thankfully you don't really need an adblocker for apps on an
iPhone.
That's for me to decide, thank you very much.
Marsymars wrote 2 days ago:
> Thankfully you don't really need an adblocker for apps on an
iPhone. Your browser could use one, but thankfully those do
exist :)
uBlock Origin on Firefox Mobile is significantly better than
any Safari adblocker I've been able to find. (1Blocker's the
best I've found for Safari.)
singpolyma3 wrote 1 day ago:
I use ublock origin lite in safari
Marsymars wrote 1 day ago:
They only share a brand and a subset of filter lists - the
implementation and functionality of uBlock Origin Lite and
uBlock Origin are entirely different.
When UBOL was released for Safari I switched to it from
1Blocker in hopes of getting a closer experience to the
full uBlock Origin, but actually switched back after a few
weeks - the filter lists in UBOL were letting through more
ads than 1Blocker - and both of them are notably deficient
compared to uBlock Origin in Firefox.
iririririr wrote 2 days ago:
who is talking about app adblockers. power android users get
their apps from fdroid. You relly are out of touch.
And you know very well, There are only meme adblockers for the
browser on IOS.
cyberax wrote 2 days ago:
> But for anyone with an option, why would you buy an Android?
How the heck this is true?!? iOS is just bad.
Its usability is bad, its interface is bad, its apps are just a ton
of crap, and it _will_ keep getting worse.
I'm not even talking about its "walled concentration camp" app
model.
pfix wrote 2 days ago:
But this thread is about the option to install apps on your device
regardless of OS vendor approval, and that's not possible either
with iOS nor is iOS open source. And that's what this is all about.
If you don't care about open-source and user freedom, then this
change wouldn't matter to you anyway.
wolpoli wrote 2 days ago:
At this point, I wouldn't recommend Android other than enjoying the
much steeper discount with the headset. For me, the only thing that
is keeping me on Android is easier access to commas on the
keyboard.
bpye wrote 2 days ago:
I switched back to Android in large part for KDE Connect. You can
get continuity esque features that work with any desktop operating
system. I also get to use real Firefox instead of a Safari wrapper.
I still use as few Google services as possible, pretty much just
Maps.
_factor wrote 2 days ago:
KDE Connect works just fine on iOS.
bpye wrote 2 days ago:
It "works" but it is significantly less useful. Notification
mirroring doesn't work, you can't read/respond to text
messages, it can't reliably run in the background.
These are all due to limitations imposed by Apple.
misir wrote 1 day ago:
Regarding notifications, both iOS and android doesn't support
reading and responding to text messages. The feature works on
android because of a workaround: apps create a global
notification listener and they can also interact with
notification - read UI contents and respond.
I know it's still better than not having a workaround at all
like in iOS. But just pointing out that Google probably never
meant to let others access notification mirroring.
notpushkin wrote 1 day ago:
This is incorrect â KDE Connect requests the SMS
permission on Android. It does get access to the past
messages.
misir wrote 23 hours 26 min ago:
Actually true. Thanks for correcting!
microtonal wrote 2 days ago:
The impact is a direct threat to independent AOSP distributions like
Murena's e/OS/ (which I'm personally using).
I don't think this is true, right? An AOSP build can just decide to
still allow installing arbitrary APKs. Also see this post from the
GrapheneOS team:
HTML [1]: https://mastodon.social/@GrapheneOS@grapheneos.social/116103...
cyberrock wrote 1 day ago:
The enforcement mechanism is in Google Play Services, not AOSP. To
laypeople the difference doesn't matter but to folks looking for
alternatives it does, so the discussion is often muddied and
imprecise. This is like when YouTube removed public dislike counts
and it turned into "they're removing the dislike button!"
akdev1l wrote 2 days ago:
You canât really do that long-term as Google will change code
that will not match however you are not enforcing this policy
So at the very least youâd have to keep patches up to date.
Long term divergence could be enough thatâs itâs just a hard
fork and/or Google changes so much that the maintainer canât keep
the patches working at the same pace
I couldnât read your link as it asks to join mastodon.social
izacus wrote 1 day ago:
But that just sounds the big community demanding this has to put
together a proper KDE-like team to maintain Android in the way
they want instead of waiting on Google's code?
rezonant wrote 2 days ago:
Doesn't require me to sign in or create account...
akdev1l wrote 1 day ago:
I had the mastodon app installed and it was doing that. After I
uninstalled it opened in the browser just fine.
gizmo686 wrote 2 days ago:
All distributions involve maintaining patch sets. The question is
what the marginal burden of this particular patch is.
buckle8017 wrote 2 days ago:
The patch set for graphene is substantial, this is a relatively
minor change.
boberoni wrote 2 days ago:
The link is to the f-droid blog. The official "Keep Android Open" site
is at [1] , and contains good information on how you can contribute by
contacting regulators.
HTML [1]: https://keepandroidopen.org/
redbell wrote 1 day ago:
Discussed here four months ago:
HTML [1]: https://news.ycombinator.com/item?id=45742488
Atlas667 wrote 2 days ago:
Capitalism is the privatization of human needs. As long as these tech
platforms are owned privately they will be used to police and make
money.
This view NEEDS to be central to the tech freedom rhetoric, else the
whole movement is literally just begging politicians and hoping
corporations do the right thing... useless.
nazgulsenpai wrote 2 days ago:
Aren't the politicians or their appointed bureaucrats who'd be making
all the decisions if these needs were government owned? Why would
state control lead to less policing? What incentive structure would
lead to innovation without a profit motive, when even the modern
communist world relies on capital markets?
(these are honest questions and not "gotcha")
Atlas667 wrote 2 days ago:
> Aren't the politicians or their appointed bureaucrats who'd be
making all the decisions if these needs were government owned?
Well that would be true under a capitalist government.
> Why would state control lead to less policing?
Its not just "the state runs it", its "we actively become the
state".
Collective ownership through peoples councils, peoples courts with
a world view that keeps it all open: socialism.
The world view of not allowing individual ownership over collective
goods, the world view of socialism, is the life line of the
movement. The actual practice of daily democracy, of running
production and of deciding social functions is everyones
responsibility and it should not be left to what has become a
professional class of liars.
Public office members, which should only exist where absolutely
necessary, should be locals and serve as messengers with 0 decision
making power. All power should be in the local councils. We can
mathematically implement this today (0 knowledge proofs).
Every single book on socialism is on theory and practices of
acheiving this. Thats what the "dictatorship of the proletariat
is", the dictatorship of working people, collectively.
> What incentive structure would lead to innovation without a
profit motive, when even the modern communist world relies on
capital markets?
We've been innovating for hundreds of thousands of years before
capitalism. You dont need to generate money to innovate, the
innovation itself is the driver, AKA a better life. No need to lock
and limit production behind the attaining of profits of those who
lead it.
nazgulsenpai wrote 2 days ago:
Thanks for responding.
Atlas667 wrote 2 days ago:
Yeah, dude thanks for the good faith.
A lot of people are allergic to this rhetoric and will just
assume I have a deep irrational bias, but I was actually a
staunch free market supporter before.
Once I decided to be more intellectually honest with myself and
read more about what both sides meant historically and
currently, it really just made sense.
nazgulsenpai wrote 2 days ago:
I'm so exhausted of the partisan "my team vs your team"
politics in the US that shuts down conversation, overlooks
the blatant hypocrisies on either side, simplifies every
issue to a single label to plaster on your opponent, etc etc.
I take honest conversation where I can get it, even when I
don't agree. And to be clear I don't agree with most of your
points and think it's idealistic and couldn't work in the
real world. But I appreciate the spirit of what you're
arguing for (in my interpretation) power with the people vs
power with corporations and government and I think that's a
very fundamental principle that is very important common
ground.
edit: clarity
mistercheph wrote 2 days ago:
Copyleft fixes this.
Atlas667 wrote 2 days ago:
They have the incentive to never chose this.
If we force it upon them by begging politicians, corporations still
have the incentive to find a way to remove it or circumvent it.
Youre playing the cat and mouse game because you've been taught
that solving it is too extreme (thats not a coincidence).
We dont need to endlessly fight a whole class of people,
capitalists, for them not to use the things we require against us.
Only socialism can solve that.
oybng wrote 2 days ago:
>F-Droid Basic
Great, now they can spread themselves even thinner. Just revert the
entire trash rewrite from years ago. Problem solved
b00ty4breakfast wrote 2 days ago:
The Control Society is way lamer than I could have imagined. Deleuze!
I demand a refund!
nimbius wrote 2 days ago:
This isnt going to be a popular post because the HN crowd is very much
a "China bad" crowd but I hypothesize China will likely step in and
offer a fork that's compatible with open ecosystems not under the
direct control of the us state department. This might be in the form
of commits and investment in fdroid and pinephone, or a tiktok like
alternative to the wests walled garden.
Edit: this will likely exist "uncensored" in other markets but conform
to the PRCs standards and practices domestically, similarly to how
tiktok operated prior to selling a version specifically taylored to US
censorship and propaganda.
themafia wrote 1 day ago:
> a "China bad" crowd
Government bad. Big government worse.
2OEH8eoCRo0 wrote 2 days ago:
Competition needs to come from somewhere due to lack of antitrust
enforcement in the US. If not China then hopefully elsewhere.
The US system is dying from lack of competition.
joecool1029 wrote 2 days ago:
> China will likely step in and offer a fork that's compatible with
open ecosystems not under the direct control of the us state
department.
Where you been? They already had Huawei get kickbanned by Google and
made their own OS (it's not more open):
HTML [1]: https://en.wikipedia.org/wiki/HarmonyOS
rzerowan wrote 2 days ago:
Maybe a shift to Huaweis HarmonyOS with its android compatibility
layer or SailfishOS if they play their cards right.
As far as HarmonyOS i dont see many uptakes outside strict US free
requirements as the other OEMs are lazy and also dont want to be
locked into a competitor.
SailfishOS looks like its your time to faceplant once more , by not
having a proper stratergy on monetizing on the many missteps from the
current monopoly.I thonk at this point they need a leadership/biz
stratergy overhaul - the tech is nice and polished, user demand is
off the charts for an alternative . And they are just .. missing.
Not even in th e conversation.
aembleton wrote 2 days ago:
As of version 5, HarmonyOS doesn't have the Android compatibility
layer. There are emulators that allow APKs to run, but they're a
bit clunky.
rzerowan wrote 2 days ago:
Ah if they can get the emulators to the level that Rosetta worked
on OSX would be acceptable for hardto port apps.
dangus wrote 2 days ago:
I donât think China will do that at all. Theyâll move to
HarmonyOS.
realusername wrote 2 days ago:
As far as I know, China forbids open bootloaders on its territory so
it's not where you'll see any open ecosystem.
Not Google controlled for sure but also not open.
aeve890 wrote 2 days ago:
That'd be great but I'm not feeling like the Chinese market is too
worried about open development. I got a Huawei Watch 5 as a gift and
I liked it enough to try to develop my own apps (their app store is a
wasteland) but to my surprise Harmony OS is not Android compatible
(just Android based somehow). The watch's developer mode is useless.
Trying to register a developer account is almost impossible and it
seems they only allow chinese nationals and there's no plan to open
registration. I couldn't even download their custom IDE (something
like Android Studio) without an account.
Maybe it's just my experience.
ge96 wrote 2 days ago:
Pinephone is tragic, bought a bunch of Pine64's devices (PP, PPP, PB,
PBuds, arm tablet, eInk tablet) but old tech, missing drivers, can't
blame em no money no drivers... Still the community on Discord is
great/helpful people.
jerf wrote 2 days ago:
Not a chance. A fork that is under China's control, maybe, but not an
"open" fork. They don't even pretend to have that as a value.
You may theoretically find it advantageous to use such a system
anyhow. To a first-order approximation, the danger a government poses
to you is proportional to its proximity to you. (In the interests of
fairness, I will point out, so are the benefits a government may
offer to you. In this case it just happens to be the dangers we are
discussing.) Using the stack of a government based many thousands of
miles/kilometers away from you may solve a problem for you, if you
judge they are much less likely to use it against you than your local
government.
But China certainly won't put out an "open" anything.
holoduke wrote 2 days ago:
The irony is that software coming from China is a lot more open
than western software. Biggest examples are huggingface models
mostly coming from Chinese institutions. Its also strategicaly wise
for China to go this path.
mistercheph wrote 2 days ago:
HTML [1]: https://arena.ai/leaderboard/text?license=open-source
oompydoompy74 wrote 2 days ago:
Not sure if you have been following the LLM space or even the
emulator handhelds space, but Chinese companies have been doing
great with putting out open source software lately.
odo1242 wrote 2 days ago:
Or the TikTok space - TikTok got worse privacy/data collection
wise after the US government intervention/acquisition.
encom wrote 2 days ago:
I would rather put my phone in the microwave than run Chinese
Communist Party OS.
rudhdb773b wrote 1 day ago:
Why? If I had to choose, I'd much rather use a phone controlled by
a jurisdiction in which I don't live or have any business.
Atlas667 wrote 2 days ago:
Meanwhile the NSA and Mossad can see you fapping on your phone and
scan your face in real time and you're implicitly fine with it
This is what lack of options does to a MF
pixelready wrote 2 days ago:
Yeah, Iâm amazed at how far the western surveillance apparatus
has been able to coast on plausible deniability. Folks, please
donât stick your head in the sand domestically just because
thereâs an even more obvious or egregious example abroad.
Say it with me: âLiving in a police state is bad no matter
whoâs running itâ.
hparadiz wrote 2 days ago:
This made me laugh cause of how true it is.
ryandrake wrote 2 days ago:
I'm just imagining the poor intern at the NSA having to sit in
a dimly lit room with an array of 64 x 64 monitors mounted on a
wall, watching the O-faces of thousands and thousands of fat,
balding, middle age men for hours straight.
aeve890 wrote 2 days ago:
Nah, that can't be true. Just imagine the traffic peak the
first day after NNN if they're streaming from your phone in
real time.
lm28469 wrote 2 days ago:
Half, or more, of the world thinks exactly the same in regards to
the US
Ir0nMan wrote 2 days ago:
If 50% of the world started running the CCP backed fork and 50%
of the world ran the US backed fork, which one would you choose
for your phone?
holoduke wrote 2 days ago:
Chinese of course. Never used it. Can't wait to test out
something different.
otabdeveloper4 wrote 2 days ago:
The Chinese one, obviously.
bodge5000 wrote 2 days ago:
If there were truly no other choice, CCP without a doubt. At
least they claim to have good intentions, whether that's true
or not
Miner49er wrote 2 days ago:
Whatever one that lets me install what I want
notorandit wrote 2 days ago:
We ("you") have no power to keep android open. Unfortunately it is in
the hands of a company that is building it for profit, in a way or the
other.
It's been our choice to drink this glass of wishful thinking while
giving that company a solid dominant position in the market.
We ("you") can only make choices that will overturn that trend.
Fully opensource hardware with fully opensource software? Maybe, but
also this is wishful thinking.
fsflover wrote 1 day ago:
> Fully opensource hardware with fully opensource software? Maybe,
but also this is wishful thinking.
My smartphone runs an FSF-endorsed OS, PureOS. This is reality. It's
not open hardware, but it's a long way from Android in the right
direction. You can also get a Precursor, which is open hardware.
direwolf20 wrote 1 day ago:
A Precursor costs about 1000$ and only does cryptography, not
Flappy Bird. Most of these supposedly open alternatives make no
economic sense.
notorandit wrote 1 day ago:
It does instead, imho.
Commercial phone cost also includes the data value it steals
continuously.
phoronixrly wrote 2 days ago:
We (people who live in a country/confederacy with working antitrust
laws) have power to keep large companies from anticompetitive
practices such as this one.
pessimizer wrote 1 day ago:
What country does this "we" that you speak of live in? In the US
there hasn't been any antitrust enforcement for 30 years (really
more like 50 years, but I'm being generous), Obama appointed a crop
of judges that don't even believe in antitrust as a concept, and
Congress doesn't do anything that hasn't been paid for by a donor
any more.
I haven't heard about any other countries doing any better, either.
Their systems were even cheaper to subvert.
sigmoid10 wrote 2 days ago:
It's also heavily influenced by businesses. Most employers will
happily hand you an Apple or Android phone for work, but I don't
think there is a single company out there that would dare to hand
normal people an Ubuntu Touch based phone.
colordrops wrote 2 days ago:
If they close things up with no alternative, the free open source
software will likely start to catch up. it will take a few years
though. This could be a blessing in disguise.
RussianCow wrote 2 days ago:
There is just no reasonable way that the open source community can
compete with a $3.8T company. And before you say something along
the lines of, "But they don't need to compete, they just need to be
good enough", that still requires business to put their apps on
some open source app store and make them compatible with the open
source OS, and there is close to zero incentive for them to do so.
mistercheph wrote 2 days ago:
[1] MSFT Market cap: 2.951T
AAPL Market cap: 3.883T
HTML [1]: https://en.wikipedia.org/wiki/Linux
RussianCow wrote 2 days ago:
You've made my point. How many people use Linux as their
primary desktop or mobile OS? And that's arguably the world's
largest open source project.
yellowapple wrote 1 day ago:
> How many people use Linux as their primary desktop or
mobile OS?
Literally everyone who uses Android or Chrome OS, for one.
guerrilla wrote 1 day ago:
> their primary desktop
You're moving the goal post. Linix competed with the biggest
software companies in the world in the server world and won.
We can do it again in another market.
RussianCow wrote 1 day ago:
I'm not moving the goal post. We're talking about a
consumer OS (Android). Servers are a completely different
ball game with an entirely separate set of tradeoffs. On
average, it's much easier for a company to adopt new,
unknown tech than it is for laypeople who are not tech
savvy.
mistercheph wrote 1 day ago:
You said, "There is just no reasonable way that the open
source community can compete with a $3.8T company." But,
Linux has completely decimated Microsoft's presence in
the server and embedded markets. Look at what Microsoft
was doing in the mid-2000's, they had a healthy server OS
business, and they were spending billions trying to get
Windows in embedded stuff ( [1] )and it was a total
failure because they could not compete with open source
software, in the end, it wasn't even close.
These are markets far bigger than the consumer desktop
licensing market where Microsoft can't even make a dent
into Linux's dominance, this represents >$100B in annual
lost revenue for microsoft. So yes, Linux already won,
and it won big time, despite going up against the MSFT
behemoth as you say.
Global Linux desktop usage is at about ~5% and growing
while Windows is bleeding out and dying. And Microsoft
doesn't care, go read their earnings reports to see why,
their consumer desktop business does not matter except
for it's ability to generate leads and demand for their
actual core products. And geopolitical levers are also in
Linux's favor, e.g. EU's desires for tech independence:
the moves European governments were already making away
from global tech products while funding domestic (often
open source) alternatives are going to continue to
accelerate:
- [2] - [3] - [4] - [5] And to answer your original
question again, yes, open source software can compete,
and it often can compete with a comical fraction of the
resources of its closed source competitor. It's not a
surprise: The open source model works extremely well and
is the most efficient way to build software and
technology that we know of; human beings have been
sharing technology in this way for the duration of
recorded history.
HTML [1]: https://en.wikipedia.org/wiki/Windows_Embedded_A...
HTML [2]: https://cordis.europa.eu/project/id/101135795
HTML [3]: https://nlnet.nl/project/index.html
HTML [4]: https://www.linuxjournal.com/content/denmarks-st...
HTML [5]: https://www.theregister.com/2025/10/15/schleswig...
colordrops wrote 2 days ago:
Enough. Linux has finally caught on. I literally never use
windows or mac and life has been fine.
encom wrote 2 days ago:
Somehow, Stallman returned.
ruuda wrote 2 days ago:
I contacted the EU DMA team about my concerns and got a real reply
within 24 hours. Not just an automated message, it looked like a real
human read my message and wrote a reply. I'd urge other EU citizens to
do the same.
pimterry wrote 1 day ago:
Done! I wrote up both my concerns about this and how it affects
app/app-store market competition, and how limitations like Play
Integrity encourage apps to block usage on non-Google approved
devices as well, since that's anti-competitive within the mobile
device & OS market (blocking GrapheneOS, Waydroid, etc).
Supporting free competition with and within the Android market is in
theory what these teams are all about so hopefully with enough voices
they'll push harder on it. I'd love to see a shift here that makes
non-Google/Apple-controlled mobile a possible option (even if it's a
Linux-on-desktop-style niche for the foreseeable future)
microtonal wrote 2 days ago:
Great idea, I just did the same. I encourage other EU citizens to do
the same. Keeping at least one of the two major mobile ecosystems
open is important.
(And install GrapheneOS, the more successful open Android becomes,
the better.)
stratom wrote 2 days ago:
GrapheneOS is great. But that currently means you have to buy a
phone from Google to work around Google looking down Android.
troyvit wrote 2 days ago:
When I do this for family I buy a used pixel. Then no dollar goes
directly back to Google.
dotancohen wrote 1 day ago:
By ensuring that Pixels have significant resale value, you are
encouraging consumers to buy Pixel phones.
microtonal wrote 1 day ago:
Still, you are stopping the extraction of analytics, which
probably bring Google the much more revenue over the longer
term, and it is not possible to disable on regular Android
phones.
Remember that on every certified Google Android phone, Google
Play Services runs with system-level privileges. On
GrapheneOS, it is sandboxed like pretty much any other app
(if you choose to install Play Services) and you can make it
'blind' by revoking most privileges.
Same for Pixel Camera, etc., I just block network access.
palata wrote 2 days ago:
They say they will announce a partnership with a major OEM
manufacturer in March 2026!
microtonal wrote 2 days ago:
True. I'm really happy that they are working with an OEM to bring
an alternative in 2027. Until then:
- A refurbished Pixel works (except some weird Verizon locking
that I heard about the other day).
- Pixels get really heavily discounted near the end of the cycle
(e.g. 9a currently). Google probably doesn't make much on it if
you are opting out of your ecosystem.
mzajc wrote 2 days ago:
For posterity, what was their sentiment?
tadfisher wrote 2 days ago:
Just to put out what Google actually said in their blog post [0]:
> We appreciate the community's engagement and have heard the early
feedback â specifically from students and hobbyists who need an
accessible path to learn, and from power users who are more comfortable
with security risks. We are making changes to address the needs of both
groups.
> We heard from developers who were concerned about the barrier to
entry when building apps intended only for a small group, like family
or friends. We are using your input to shape a dedicated account type
for students and hobbyists. This will allow you to distribute your
creations to a limited number of devices without going through the full
verification requirements.
> Based on this feedback and our ongoing conversations with the
community, we are building a new advanced flow that allows experienced
users to accept the risks of installing software that isn't verified.
We are designing this flow specifically to resist coercion, ensuring
that users aren't tricked into bypassing these safety checks while
under pressure from a scammer. It will also include clear warnings to
ensure users fully understand the risks involved, but ultimately, it
puts the choice in their hands. We are gathering early feedback on the
design of this feature now and will share more details in the coming
months.
It is also true that they have not updated their developer
documentation site and still assert that developer verification will be
"required" in September 2026 [1]. Which might be true by some
nonsensical definition of "required" if installing unverified apps
requires an "advanced flow", but let's not give too much benefit of the
doubt here.
0: [1] 1:
HTML [1]: https://android-developers.googleblog.com/2025/11/android-deve...
HTML [2]: https://developer.android.com/developer-verification
green7ea wrote 11 hours 35 min ago:
> This will allow you to distribute your creations to a limited
number of devices without going through the full verification
requirements.
How can they count the number of devices you install the app on
without being the ones to give a permission to install it?
They took nothing back, they are still putting in place the
requirement that Google gives permission to install apps on your
phone. They are misleading us about it too which is also terrible.
ForHackernews wrote 1 day ago:
Addressed in the OP
> We see a battle of PR campaigns and whomever has the last post out
remains in the media memory as the truth, and having journalists just
copy/paste Google posts serves no one.
> But Google said⦠Said what? That thereâs a magical âadvanced
flowâ? Did you see it? Did anyone experience it? When is it
scheduled to be released? Was it part of Android 16 QPR2 in December?
Of 16 QPR3 Beta 2.1 last week? Of Android 17 Beta 1? No? Thatâs the
issue⦠As time marches on people were left with the impression that
everything was done, fixed, Google âwasnât evilâ after all,
this time, yay!
redbell wrote 1 day ago:
For reference, [0] was discussed here:
HTML [1]: https://news.ycombinator.com/item?id=45908938
sneak wrote 1 day ago:
> We are designing this flow specifically to resist coercion,
ensuring that users aren't tricked into bypassing these safety checks
while under pressure from a scammer. It will also include clear
warnings to ensure users fully understand the risks involved, but
ultimately, it puts the choice in their hands.
Perhaps this, when shipped, will pave the way for sane regulation of
Appleâs practices along these lines, too.
cmxch wrote 2 days ago:
So basically the Apple model but worse.
thewebguyd wrote 2 days ago:
> shape a dedicated account type for students and hobbyists.
Even that is a step too far in the wrong direction. Doesn't matter if
it's free, or whatever, simply requiring an account at all to create
and run software on your own device (or make it available to others)
is wrong.
There exists no freedom when you are required to verify your
identity, or even just provide any personal information whatsoever,
to a company to run software on your device that you own.
surajrmal wrote 1 day ago:
The problem with this mentality is that you're not proposing a
solution that solves the problem Google and Apple are trying to
solve (or are at least stating they are). Rather than just vent
about ideals, showing up to the table and listening to the
requirements of all stakeholders (even if they differ from yours)
will lead to a more productive result. I would not listen to your
concerns if you didn't listen to mine.
fdsjgfklsfd wrote 1 day ago:
They aren't actually trying to solve any real problem.
surajrmal wrote 1 day ago:
Feel free to cite some sources. I have plenty of anecdotes to
suggest the problem exists, although I've not looked for data
to prove it either way. However if you would like suggest it's
not real you should prove it.
yjftsjthsd-h wrote 2 days ago:
> We heard from developers who were concerned about the barrier to
entry when building apps intended only for a small group, like family
or friends. We are using your input to shape a dedicated account type
for students and hobbyists. This will allow you to distribute your
creations to a limited number of devices without going through the
full verification requirements.
In classic Google fashion, they hear the complaint, pretend that it's
about something else, and give a half baked solution to that
different problem that was not the actual issue. Any solution that
disadvantages F-Droid compared to the less trustworthy Google Play is
a problem.
greatgib wrote 2 days ago:
Even restricting the mitigation to "students and hobbyists" is bad.
I should have the right to have parents, friends or anyone use a
"free" store that is not under control of Google if the user and
app developer wish so. But also, somehow there should be something
done to avoid the monopoly forcing to use the Google services. Like
major institutions like bank, gov and co being forced to provide
alternatives like a webapp when they provide app tied to the Google
play store.
klabb3 wrote 1 day ago:
> I should have the right to [â¦] use a "free" store that is not
under control of Google
Yes, but we also need to stop thinking like weâre trying to
please the ghost of Steve Jobs. There is no âstoreâ. There
are installers. You distribute them how you see fit, probably
through the web.
These âalternative storesâ angle is a controlled dissent
corporate plan B, much like how recycling was propped up by the
fossil fuel industry.
sulam wrote 1 day ago:
I'm far from a Google apologist, but at the end of the day don't
they have the right to write software however they want it? You
have the right to build things the way you want to, fork Android,
etc etc. If you're trying to say you have the right to tell
Google what the code their employees write can do, well, I don't
really agree with that. Sounds coercive, honestly. I wouldn't
want them to do that to you and I don't want you to do that to
them.
wiseowise wrote 1 day ago:
> I'm far from a Google apologist, but at the end of the day
don't they have the right to write software however they want
it?
Not after creating de facto duopoly.
direwolf20 wrote 1 day ago:
No they don't. They couldn't legally write software to hack
into the Pentagon and launch nukes at North Korea. They
couldn't legally write software that live streams your camera
to them without your actual consent.
devsda wrote 1 day ago:
Does a business have right to produce whatever it wishes even
if it affects the environment ?
Does a business have right to pay literal pennies per hour if
it manages to find people willing to work at that pay ?
Does a business have right to lace food products with addictive
substances for repeat customers and profit ?
All these cases are already happening today at some level
depending on who you ask. But they donât tilt to extremes
because we have laws in place to maintain balance between
business needs and collective good.
This move by Google will tilt that balance forever towards
absolute duopoly in mobile computing space. It is time for
legislation to avoid that.
krzyk wrote 1 day ago:
Yes they do, unless it limits my right tondo whatever I want we
software I bought.
And also monopoly.
This is exactly the thing for which Apple gets bashing. Closed
garden.
aiauthoritydev wrote 1 day ago:
It is little surprising a lot of smart people somehow miss this
simple logic.
Android is massive and extremely popular and I know several
people who have been scammed already. It is important that
Google makes this harder for scammers.
Google is not doing this to harm developers but to protect
their users.
microtonal wrote 1 day ago:
You already get a pretty scary warning when you try to
install an app that was downloaded outside the Play Store. If
people still install malware, that's the responsibility that
comes with freedom. Your line of reasoning can be applied
everywhere in life - people should not be able to do their
own bank transfers or use a credit card, I know several
people that who have been scammed already.
Moreover, there are better ways to protect against malware:
1. educate people; 2. rather than using whitelisting, use
blacklisting (similar to XProtect on macOS).
Finally, the argument is not very strong on Google's side,
since the Play Store itself has had its history of scams.
Which, again is easier to protect against by educating
people. No, don't put your banking information in a random
app you downloaded from the Play Store (use the app that your
bank tells you to). Do not install random keyboards from the
Play Store. Etc.
randomNumber7 wrote 1 day ago:
> that's the responsibility that comes with freedom
We live in a dark age where the majority of people would
gladly give their freedom so the don't have to be
responsible.
yjftsjthsd-h wrote 1 day ago:
> It is little surprising a lot of smart people somehow miss
this simple logic.
Is it that people "somehow miss this simple logic", or is it
that they weigh security and freedom differently than you?
foo12bar wrote 1 day ago:
This is "think of the children/grandma" logic. There is a
different between maintaining a company store where
everything is verified, and forcing everyone to use it.
Google shouldn't be able to hold a vertical monopoly, on what
apps can run, what os's are allowed and what hardware can be
used on devices that run Android, rest solely on this weak
excuse that someone might harm grandma.
Oh, and of course, if grandma gets scammed by a app in the
Google store, Google isn't in any way held responsible. Such
garbage, two-faced bs.
fragmede wrote 1 day ago:
But unfortunately, it turns out that some people you interact
with aren't actually your friend. That guy that seems totally
legit and just wants your sister to install his fun little
game/app that he wrote is actually trying to get her to install
an app that's going to track your location and read all your
messages and copy all your photos. To keep her safe from the
"actually" bad people, of course.
realusername wrote 1 day ago:
As opposed to the Play Store where you search for "ChatGPT" and
end up on a scam app which read all your messages and copy all
your photos?
And that example isn't random, I just tried and the first
result for me is a counterfeit app with the logo of chatgpt
copied .
wiseowise wrote 1 day ago:
> That guy that seems totally legit and just wants your sister
to install his fun little game/app that he wrote is actually
trying to get her to install an app that's going to track your
location and read all your messages and copy all your photos.
Is "that guy" in the room with us right now?
fragmede wrote 1 day ago:
No. Thankfully the FBI caught them and they're in prison now.
direwolf20 wrote 1 day ago:
Let's ban passwords because you could give me your password
wepple wrote 1 day ago:
Hilarious example to use, because that literally is an effort
thatâs underway.
Thousands of people get scammed and have their lives ruined
every year, so deprecating passwords is absolutely the right
move
nananana9 wrote 1 day ago:
Yeah, no. The actual solution is
1. Stop requiring computers/phones for everything. Your 91
year old grandma isn't going to make her way through your
super cool very intuitive 2FA magic link email confirmation
system, and I don't WANT to make my way through your super
cool very intuitive 2FA magic link email confirmation
system.
2. teach the people who need to use computers, how to use
them.
wepple wrote 1 day ago:
I never said anything about 2FA magic links? We can do
much, much better via things like FaceID integrated
passkeys, and probably further steps from there.
> Stop requiring computers/phones for everything.
Ah yes, that sounds straight forward. Let us know when
youâve deployed that to prod.
master-lincoln wrote 1 day ago:
That's why passkeys were introduced. Can not fish them
TeMPOraL wrote 12 hours 1 min ago:
Which is a problem because someone you need to.
The industry still doesn't understand the concept of
delegation of authority and the fundamental role it plays
in everyday life.
It also doesn't understand the idea of people making
mistakes and the need to have robust recovery paths either.
duskdozer wrote 1 day ago:
Forced "Log in with a magic link!" wants to say hello
mavamaarten wrote 1 day ago:
So, what you're saying is that Google should work on better
privacy controls. Right? Right???
microtonal wrote 1 day ago:
By default their app cannot though because Android uses proper
sandboxing and gated API access. So you actually have to give
the app location access, access to your messages and access to
your photos.
Well, unless you use one of the many crappy Android devices
that never get security updates, are running old kernels, old
vendor security patch levels, miss all Android security
patches, except applying the backported security bulletins
every three months (1-2 months late). Yet, Google is happy to
certify them as Android devices.
It was never about security, it is about control. If it was
about security, they would have revoked the GMS licenses of
pretty much every vendor outside Google themselves and maaaaybe
Samsung, until vendors actually started caring about security.
If it was about security, there would not be as many scam apps
in the Play Store itself.
Back to your sister, the proper solution is to educate her (and
everyone else) not to give apps unfettered access when they ask
you to, plus let Google implement more security measures that
systems like GrapheneOS already have (contact scopes, sensor
permissions, network access permissions, etc.).
dotancohen wrote 21 hours 50 min ago:
> Well, unless you use one of the many crappy Android devices
that never get security updates
You mean those crappy devices that let me record my phone
calls and let the voice recorder continue recording the
lecture even when the screen is locked?
int0x29 wrote 1 day ago:
The tricky bit with that is it would get a monopoly lawsuit
from manufacturers with a lot more money to throw around
quickly. The biggest problem in improving android security
posture is getting manufacturers to have robust security and
release updates without getting monopoly lawsuits.
It also doesn't help that mobile carriers can delay updates
for months. Thanks T-Mobile.
TeMPOraL wrote 12 hours 5 min ago:
It also doesn't help that "robust security" often is the
problem in the first place.
People forget to ask the most important question: security
for whom, and from what.
whatshisface wrote 1 day ago:
>going to track your location and read all your messages and
copy all your photos. To keep her safe from the "actually" bad
people, of course.
The guy's name? Google. ;-)
NewsaHackO wrote 1 day ago:
Actually, what Google does is totally legit because they
pester you constantly about "sharing your
location/photos/installing Gemini" until you accidentally
press yes, and they can say they have your consent. So they
are actually the good guys.
luxpir wrote 1 day ago:
I concur, and find it abhorrent. And wish more people would
kick up a stink about this. We need a publication or
channel that talks about rights like this. I don't know of
any that do a decent job. I donate to my local best option.
echelon wrote 1 day ago:
We deserve web installs without deep settings menu
configurations, scare walls, or onerous processes.
The EU and every other nation with digital sovereignty concerns
need to make this happen to both Apple and Google.
These are our devices. The giants are camping.
idiotsecant wrote 2 days ago:
I think you've omitted the next section, which seems more relevant.
It seems like they will still allow installs, just hide it behind
some scare text. Seems reasonable?
BadBadJellyBean wrote 2 days ago:
Why is it reasonable that installing software is behind an
"advanced flow" what ever that means? I find it not very
reasonable at all that the only way to install software on my
phone is by jumping through hoops. I don't think it reasonable
that the Play Store is the only portal. I don't even find it
reasonable to call installing software "sideloading". Downloading
and installing software from a vendor's page has been the norm
for decades before smart phones came along but all of a sudden
when it is on a small screen the user can not be trusted? That's
ridiculous and not at all reasonable.
llbbdd wrote 2 days ago:
It's not the screen size, it's the demographic shift. By 2000,
only half of U.S. households had a shared living room PC,
mostly for work and/or games. Everybody having a phone in their
pocket later was a change that we did very much have to account
for. Non-technical people can be scammed very easily into
life-ruining mistakes with a little social engineering and a
little bit of access to powerful tools already on their
devices.
I remember when big sites started having to put big banners in
your browser console warning you that if you weren't a dev and
someone told you to paste something there, you had been
scammed, and not to do it. They had to do that because the
average Facebook user could be tricked very easily by promises
of free FarmVille items or the opportunity to hack someone
else's account, and those are fairly low stakes bait. Now
people bank with real money on their phones.
drnick1 wrote 1 day ago:
> Now people bank with real money on their phones.
Maybe the real solution here is not to. Pay cash when you can
(better privacy), else use a credit card. Other types of
"banking" such as sending wires is best done on a big screen
anyway. The idea that everything can and should be done on a
phone is terribly misguided.
heavyset_go wrote 1 day ago:
And yet the Play Store and App Store are the largest vectors
of scams and malware out there, to the tune of billions of
dollars a year.
We should be prioritizing securing our systems so that they
run only what we want them to run, instead of putting all of
that trust in gatekeepers who make money when they let you
get scammed.
llbbdd wrote 1 day ago:
They are the largest vector of scams and malware because
they've centralized it and it's hard to deliver malware and
scams otherwise. That malevolence will always happen and
centralizing it ensures a single avenue that can be
controlled and measured and importantly sued when they fuck
up. I can't sue f-droid when they allow malware on my
device, that's one of many reasons why I don't use it,
that's why nobody uses it in real life. Every day on HN I
see people who seem to unironically think
"enshittification" is a real term normal people use, a
generally understood term by people who don't follow links
to Corey Feldman's blog.
HN tends to forget that linux is not a target for general
malware because nobody gives a single fuck about linux as a
real malware target because they're smart, and therefore
not the target of most scams. HN has the cute attitude that
technology is king and that as long as you inspect it and
open source it and care enough and have full control, then
that's enough. Often the same people ignoring that AI has
made it way easier to fuck stupid people over with no
effort at all.
I don't not want unlimited control over the hardware that I
buy from vendors like Google but I don't know yet of any
better way to keep stupid people from kneecapping
themselves other than introducing harder and harder
quizzes. If you think it's an advantage that third party
vendors like f-droid are absolved of responsibility then
you deserve and own the fault when you get hacked and
fucked over. Most people don't want that. They have real
life to deal with. In real life you can kill people or sue
them and it's harder to kill people over the internet.
ece wrote 10 hours 21 min ago:
And yet, these same people will install modchips on
consoles, pay for VPNs, use ReVanced, and generally find
ways to do what they want rather than what corporations
want, and safely too.
People can learn about links to payment websites,
self-signed apps and unlocked bootloaders, because
anything less is restricting computers for idiotic
reasons.
yjftsjthsd-h wrote 1 day ago:
> I can't sue f-droid when they allow malware on my
device
How many people have successfully sued Google because of
malware on the Play Store? Ever?
AAAAaccountAAAA wrote 1 day ago:
Why would F-Droid be any or more less "absolved of
responsibility" than Play Store?
yellowapple wrote 1 day ago:
More relevantly: how much malware has F-Droid ever
distributed?
bityard wrote 2 days ago:
The whole point of TFA, if you read it, is that they SAID they
would do that, but there has since been ZERO evidence that they
actually will. This feature is not present in anything they have
released since that statement.
lern_too_spel wrote 2 days ago:
On the other hand, blocking installation of non-notarized apps
is not present in anything they released since that statement
either, as far as I know.
tadfisher wrote 1 day ago:
It's already implemented in 36.1: [1] ()
HTML [1]: https://developer.android.com/sdk/api_diff/36.1/chan...
lern_too_spel wrote 1 day ago:
The API is implemented in 36.1, but the previously proposed
notarization requirement is not enforced in any production
build, so this error is never thrown. Even if they
implement the scare text, this API will still be needed.
If they implement what they said they would implement after
the uproar, users will be better off. Previously, if a
company wanted to distribute their app on their website,
any user who installed it would have to dismiss scare text.
Now, they have a way to distribute apps on their website
without the scare text, and people who want to distribute
apps without any tracking can still do that with the scare
text.
m4rtink wrote 2 days ago:
It would be foolish to depend on that & far harder to get
ridd of it if they put it in place. There needs to be clear
statement and verification method to make sure they really
are backtracking.
Anything else won't do.
Zak wrote 2 days ago:
> It seems like they will still allow installs, just hide it
behind some scare text.
That describes the current (and long-established) behavior. App
installation is only from Google's store by default and the user
has to manually enable each additional source on a screen with
scare text.
joecool1029 wrote 2 days ago:
> It seems like they will still allow installs, just hide it
behind some scare text.
This was already the case for enabling sideloading at system
level: it warned you. Nobody really says having this toggle is a
bad thing, basically the user shouldn't get an ad network
installing apk's just browsing around the web without their
informed consent (and android has been found to be vulnerable to
popunder style confirmations in the past).
They also already had the PlayProtect scanning thing that scans
sideloaded APK's for known malware and removes it. People already
found this problematic since what's to stop them pulling off apps
they just don't like, and no idea what if any telemetry it sends
back about what you have installed. There have been a handful of
cases where it proved beneficial pulling off botnet stuff.
Finally, they also have an additional permission per-application
that needs to be enabled to install APK's. This stops a sketchy
app from installing an APK again without user consent to install
APK's.
The question is: How many other hurdles are going to be put in
place? Are you going to have to do a KYC with Google and ping
them for every single thing you want to install? Do you see how
this gets to be a problem?
Macha wrote 2 days ago:
It's deliberately written to be vague and not say anything, and
given the original intention, it's hard to believe that means it
should be interpreted generously.
yjftsjthsd-h wrote 2 days ago:
> We are designing this flow specifically to resist coercion,
ensuring that users aren't tricked into bypassing these safety
checks while under pressure from a scammer. It will also include
clear warnings to ensure users fully understand the risks
involved, but ultimately, it puts the choice in their hands.
I've lived through them locking down a11y settings "to resist
coercion, ensuring that users aren't tricked into bypassing these
safety checks while under pressure from a scammer", and it's a
nightmare. It's not just some scare text, it's a convoluted
process that explicitly prevents you from just opening the
settings and allowing access. I'm not giving them the benefit of
the doubt; after they actually show what their supposed solution
is we can discuss it, but precedent is against them.
> Seems reasonable?
No. As I said before, any solution that disadvantages F-Droid
compared to the less trustworthy Google Play is a problem.
Xelbair wrote 2 days ago:
No, because it isn't something that should be up to google's
control.
tux1968 wrote 2 days ago:
Why not? It's their operating system, and they're trying to
balance quite a few competing priorities. Scammers are not a
threat to dismiss out of hand (i've had family who were
victims).
For it to be truly considered open source, you should be able
to fork it and create your own edits to change the defaults
however you wish. Whether that is still a possibility or not,
is a completely separate issue from how they proceed with their
own fork.
krzyk wrote 1 day ago:
It's their only if they use it.
yjftsjthsd-h wrote 2 days ago:
> Why not? It's their operating system
It's my phone.
briandear wrote 1 day ago:
Is anything stopping you from coding your own OS?
shakna wrote 1 day ago:
Reverse engineering the drivers, to permit you creating
your own OS, for your own hardware, is already an area
where people are accused of crimes. DMCA Section 1201
isn't something to so easily be worked around, to allow
you to place your software in a working state onto
undocumented hardware.
So, yes, there is a lot of things stopping you from
coding your own OS.
tux1968 wrote 2 days ago:
Of course it's your phone, but the whole point of using
Android is that it makes a lot of choices for you. It
forces a billion things on you, and this is really no
different than any of the others. Everything from UI
colors, to the way every feature actually works. For
instance, should you be able to text message one million
people at a time? You might want to, but Android doesn't
offer that feature. Do you want to install spyware on
your girlfriends phone? Maybe that's your idea of
complete freedom, but the fact that Google makes it harder,
is a good thing, not a bad thing.
If you don't like their choices, you should be able to
install other software you do like. There should be
completely free options that people can choose if they
desire. But the majority of people just want a working
phone, that someone like Google is taking great pains to
make work safely and reliably.
yellowapple wrote 1 day ago:
> If you don't like their choices, you should be able to
install other software you do like.
The problem is that this is decreasingly possible. If
this was possible then people wouldn't be complaining
much about Android being more opinionated than an
ordinary operating system has any right to be.
direwolf20 wrote 1 day ago:
Google makes it mandatory for your girlfriend's phone to
have spyware on it. The spyware is made by Google. It
doesn't protect you from spyware.
While we're talking about that, have you heard of Bright
Data SDK? A lot of apps on the Play Store include it to
monetize. What does it do? It uses your phone as a botnet
node while the app is open, and pays the app developer.
How is Google protecting you from spyware, again?
m4rtink wrote 2 days ago:
The whole point of using Android for most users is that
they have no other choice if they need a mobile phone.
Google killed every other competition via dumping and
shady business practices. Sure, you can go to iOS, but
that is even more closed and restrictive, not to mention
the devices are overpriced.
yjftsjthsd-h wrote 2 days ago:
> Of course it's your phone, but the whole point of using
Android is that it makes a lot of choices for you. It
forces a billion things on you, and this is really no
different than any of the others. Everything from UI
colors, to the way every feature actually works.
There is a difference between making a choice because
there has to be something there (setting a default
wallpaper, installing a default phone/sms app so your
phone works as a phone) and actively choosing to act
against the user (restricting what I can install on my
own device, including via dark patterns, or telling me
that I'm not allowed to grant apps additional
permissions).
> For instance, should you be able to text message one
million people at a time? You might want to, but Android
doesn't offer that feature.
There's a difference between not implementing something,
and actively blocking it. While we're at it, making it
harder to programmatically send SMS is another regression
that I dislike.
> Do you want to install spyware on your girlfriends
phone? Maybe that's your idea of complete freedom, but
the fact that Google makes it harder, is a good thing,
not a bad thing.
Obviously someone else installing things on your phone is
bad; you can't object to the owner controlling a device
by talking about other people controlling it.
> If you don't like their choices, you should be able to
install other software you do like. There should be
completely free options that people can choose if they
desire. But the majority of people just want a working
phone, that someone like Google is taking great pains to
make work safely and reliably.
Okay, then we agree, right? I should be able to install
other software I like - eg. F-Droid - without Google
getting in my way? No artificial hurdles, no dark
patterns, no difficulty that they wouldn't impose on
Google Play? After all, F-Droid has less malware, so in
the name of safety the thing they should be putting
warning labels on is the Google Play.
microtonal wrote 2 days ago:
The problem is that step by step ownership of your device
is taken away. First most phones stopped supporting
unlocking/relocking (thank Google for keeping the Pixel
open), now the backtracked version of this, next the full
version, etc.
tux1968 wrote 2 days ago:
Yes, that is a real problem. But it doesn't justify
arguing uncritically or unrealistically in other areas.
I think people should be free to do anything they want
with their own devices. They should be able to install
any software they want. That's very different than
demanding someone make their software exactly how you
desire. ie. You should be able to install your own
operating system, you don't get to tell them how theirs
should operate.
There are legitimate concerns being addressed by these
feature restrictions.
1718627440 wrote 2 days ago:
> You should be able to install your own operating
system
So you draw the line between the bootloader and the
OS. Other people draw the line between the OS and
applications. Most (nearly all) people can't write
either, so for them it is just part of the device.
> you don't get to tell them how theirs should
operate.
I paid for it, and I allow it to be legal in the
jurisdiction I (partly) control. So it is not only
theirs anymore.
tux1968 wrote 1 day ago:
Yes, and it should be 100% legal for you to hack
it. Get the soldering iron out, and the debugger,
and alter it to your hearts content. You bought
it, you own it. But the supplier should be under
no obligation to make any of that easy for you.
Just like they shouldn't be required to offer it in
pink if that's your favorite color. It's up to you
to paint it yourself. And if you want to load
random apk's, you'll have to do whatever it takes
to figure that out too, up to creating your own
hardware and software.
1718627440 wrote 1 day ago:
I think you misunderstood me, the software is
part of the device I paid for and own.
If I tell someone to install a light switch in my
living room and then it occasionally switches
states when someone presses another switch at my
outside wall and occasionally refuses working, I
don't feel like they fulfilled their contractual
obligation. Same with smartphones and software.
I would agree with you if I would want additional
features, like if I want a filesystem, but there
is no filesystem manager yet, or if I want to
install a package, but there is no package
manager, or the package manager uses another
format. But here there is a package manager and
the package has the right format, so I tell the
device to install it and it just doesn't solely
because I am called John Brown and not Alphabet
Inc. . That is not right.
tux1968 wrote 1 day ago:
You bought the device as delivered. They built
it in the best way they know how. If you don't
like it you're free to try to change it. But
they're under no obligation to make it easy for
you.
If the light switch you bought, has a little
daylight sensor on it, and turns off when the
sun is out, and that's what it does.. you may
not like that light switch. You might want one
that "does what you want, because you paid for
it!" but then you should have purchased a
different one, or made a light switch you
actually liked. Of course you are free to get
the soldering iron out, and try to change the
light switch. But the manufacturer is under no
obligation to make it easy for you to change
the way it works.
That is fair, and right.
froggit wrote 1 day ago:
> If the light switch you bought, has a
little daylight sensor on it, and turns off
when the sun is out, and that's what it
does.. you may not like that light switch.
You might want one that "does what you want,
because you paid for it!" but then you should
have purchased a different one, or made a
light switch you actually liked.
Not sure this analogy works as it gives
prospective light switch buyers a choice of
different light switch types. What google is
doing seems more like forcing EVERY light
switch to have daylight sensors, thus forcing
you to save power (even if you're pro-global
warming and just trying to do your part for
the cause), then telling people with vision
problems relating to suboptimal indoor
illumination or suffer from sunlight
frequency melting disorder or think they've
got some other random "daylight makes life
suck" bullshit to create a student/hobbyist
account.
tux1968 wrote 1 day ago:
That's really a different issue. There may
be only one light switch vendor, and then
you're stuck with what they offer, too.
There is room in the market for more
manufacturers. I'd definitely buy from one
who offered a truly open source and
customizable option. But I wouldn't get it
for my grandmother, she's much better
served by what Google offers already.
yjftsjthsd-h wrote 2 days ago:
> They should be able to install any software they
want. That's very different than demanding someone
make their software exactly how you desire. ie. You
should be able to install your own operating system,
you don't get to tell them how theirs should operate.
I don't think the distinction exists the way you're
trying to describe. If I should be allowed to install
any software I want, surely that includes any .apk I
want? Conversely, someone could make the exact claim
one step down the chain and argue that you don't get
to tell them how their firmware should work and if
you want to install your own OS you should just go
buy a fab, make your own chips, write your own
firmware, and make your own phone. And that's absurd,
because users should be allowed to run their own
software without being forced to ditch the rest of
the stack for no reason.
tux1968 wrote 2 days ago:
No, I don't think you have the inerhent right to
install any apk you desire, if their OS is designed
to prohibit it. You should be free to try to alter
their OS any way you want, but they should not have
to make it easy.
And the argument is the same lower down the stack.
You shouldn't be able to tell someone how to design
their firmware.
The only problem is where the law prohibits us from
trying to undo these restrictions, or make
modifications ourselves. It's government that
restricts us, and we should focus our efforts
there.
yjftsjthsd-h wrote 2 days ago:
> No, I don't think you have the inerhent right
to install any apk you desire, if their OS is
designed to prohibit it. You should be free to
try to alter their OS any way you want, but they
should not have to make it easy.
> And the argument is the same lower down the
stack. You shouldn't be able to tell someone how
to design their firmware.
Earlier, you claimed,
> They should be able to install any software
they want.
but it sounds like actually you only mean that
users should be allowed to futilely attempt it,
not that there should actually be allowed to run
software at will. If the firmware only allows
running a signed OS, and that OS only allows
running approved apps, then the user is not able
to install any software they want.
tux1968 wrote 1 day ago:
I want maximum freedom, for everyone. That
includes developers. We should be free to
produce the software as we see fit. If that
means we think that our users are best served
by having devices that are locked down against
scammers etc, then we should be free to produce
locked down devices like that.
And as users we should be free to buy only
devices that respect maximum capabilities and
customization.
There is a tension between these goals, and
it's difficult to resolve, so that everyone
gets most of what they want. Google seems to
be doing the right thing mostly though.
Providing both the locked down device, and
making provisions for people who want the
non-standard option too.
Anyone who thinks they can do better, should
enter the market and give us something better.
I'd like more options for completely open and
hackable phones.
direwolf20 wrote 1 day ago:
There's a very easy way to achieve maximum
freedom: punish people who take away other
people's freedom. To achieve maximum freedom,
the one freedom people must never be allowed
to have is the freedom to take away other
people's freedom. Google must be punished for
every software module they wrote whose sole
purpose is to make you less free.
tux1968 wrote 1 day ago:
They didn't make you less free. They
protected your phone from scammers. On top
of which, nobody twisted your arm and made
you buy from them, you're free to change
the phone any way you want, get the
debugger out and change it. You have
everything you need, it's your phone,
change it any way you want; and they have
the freedom to not help you.
Ajedi32 wrote 2 days ago:
> demanding someone make their software exactly how
you desire
IMO the way this should work is that Google can make
their software however they want provided they don't
do anything to stop me from changing it to work the
way I want.
Unfortunately, they've already done a lot of things
to stop me from changing it to work the way I want.
SafetyNet, locked bootloaders, closed-source system
apps, and now they're (maybe) trying to layer "you
can't install apps we don't approve of" on top of
that.
tux1968 wrote 2 days ago:
> IMO the way this should work is that Google can
make their software however they want provided they
don't do anything to stop me from changing it to
work the way I want.
That's exactly how it is. You're free to get your
soldering iron out, or your debugger and reverse
engineer anything you want. I don't mean to argue
unfairly, but all we're talking about here is the
relative ease with which you can do what you want
to do. How easy do they have to make it?
As for their software, as delivered, there are
literally an infinite number of ways that it stops
you from changing it. Maybe you want everything in
Pig Latin, or a language you made up yourself. Do
they have to design around this desire? Do they
have to make this easy to do?
firegodjr wrote 2 days ago:
100%. If I buy something, it's mine. I should be able to
resell it, modify it, or generally work on it however I see
fit. Licensed digital media bound to platforms is different
(barring some kind of NFT solution?) but an OS that my
phone cannot function without (and that cannot be replaced
in many cases) absolutely must be under my jurisdiction.
mturilin wrote 2 days ago:
What makes it âyoursâ?
You paid for it but Google still has the control. I
understand that you prefers things to be different (as do
I) but the reality is that we donât have control over
devices we paid for.
1718627440 wrote 2 days ago:
> What makes it âyoursâ?
The law. The contract. The money I paid.
> the reality is that we donât have control over
devices we paid for
So, the reality is that a company is exerting ownership
rights on things they don't own. If that is exclusive,
then that is called theft.
eptcyka wrote 2 days ago:
Microsoft got penalized for way less.
pastage wrote 2 days ago:
You might choose to not have control. The reason people
protest is because we should have more control over the
things we own. Sure this might create a better market for
alternatives but it is worse for most people. F-droid is
spectacular.
ImPostingOnHN wrote 2 days ago:
> What makes it âyoursâ?
You answered the question here:
> You paid for it
If you paid for hardware, legally that makes it yours.
> Google still has the control
Therein lies the problem. Google should not exercise such
control over devices which are yours, not theirs.
hunter2_ wrote 1 day ago:
I think it's reasonable for Google to control what
happens in their version of Android (which can be
installed by default) but it's not reasonable for
Google to lock the bootloader (preventing installation
of a non-Google OS).
Perhaps this is why Google hardware doesn't have locked
bootloaders; Samsung et al can get away with locked
bootloaders since it's not Google forcing the consumer
in that case.
Whether the bootloader is or isn't locked should be
very conspicuous before purchase, for consumer
protection.
zb3 wrote 2 days ago:
Android was never open. User apps are limited, only system apps can do
X which means third party apps can't compete with Google and this is
not a coincidence.
Let's focus on making it possible to use really open Linux systems on
smartphones.
gf000 wrote 2 days ago:
There are some functionality limited to google play services, but it
really is not too much in my opinion.
zb3 wrote 2 days ago:
I'm not sure what you're referring to, but I was talking about the
whole permissions system where the user is a third class citizen.
Device manufacturers are second class citizens (restricted by
Google via CDD/CTS) and the only true winner on that system is
Google.
Regarding some concrete examples - Google can deeply integrate
Gemini, but a competitor can't do this and users get no final say
here either. Competitors are restricted by the permission system,
Google is not restricted at all.
While rooting can alleviate this to some extent, Play Integrity is
there to make sure the user regrets that decision to break free..
vsviridov wrote 2 days ago:
The amount of open stuff that was migrated into the Play Services
closed source blob over the years just keeps growing.
tadfisher wrote 2 days ago:
I still can't comprehend why they implemented FIDO/WebAuthn
support in Play Services. Passkeys are extremely difficult to
support in apps that don't depend on Play Services client
libraries.
RealStickman_ wrote 15 hours 15 min ago:
Because they don't want you using Google-free Android
hparadiz wrote 2 days ago:
I would caution the decision makers on this. The line between a secure
device and a useless toy is perforated and hard to see.
themafia wrote 1 day ago:
The line between a phone and a computer is what has been perforated.
What I need is a modem. I don't need the modem baked into a computer
that has a permanently affixed screen and battery. That then
pretends to be some kind of secure enclave for my deepest secrets.
"Security."
As if I'm in the government or something. Why can't the people who
need military level security get their own platform? Shouldn't they
just have that already?
0x1ch wrote 2 days ago:
If I can't use banking or my NFC wallets on my phone, it has become
90% useless. The other 10% of usefulness is texting and calls, which
every other phone can do.
Unfortunately, this mostly means using the closed android ecosystem.
encom wrote 2 days ago:
>this mostly means using the closed android ecosystem
Maybe, but there's no technical reason for this. As I've mentioned
before, I can do banking just fine on my Gentoo machine where the
entire corpus of software on it, is FOSS and compiled by myself.
drnick1 wrote 2 days ago:
I run Graphene on my Pixel and banking apps just work. There is no
Google Pay, obviously, since Google dependencies have been stripped
out from the system. I just carry a credit card.
microtonal wrote 2 days ago:
Same, some banks even proactively fix things to work on
GrapheneOS when customers ask.
rainmaking wrote 2 days ago:
Curve pay works!
tadfisher wrote 2 days ago:
Even with the sandboxed Play Store, Google Pay disables NFC
payments as it requires hardware attestation against Google's
root keys.
hparadiz wrote 2 days ago:
No inherent reason all that stuff can't work on an open
platform. It works just fine on my Linux box with yubikeys,
fido2, and smart cards. Gcloud even let's you authenticate with
them only to put a medium lived token in plaintext into a
sqlite file on disk.
tadfisher wrote 2 days ago:
No inherent reason, just Visa/Mastercard requirements around
host card emulation for payment cards.
hparadiz wrote 2 days ago:
Sounds like a duopoly that needs to be broken up.
malfist wrote 2 days ago:
90% of your usage on your phone is banking apps or NFC payments?
That seems hard to believe.
pluralmonad wrote 2 days ago:
I don't know if it is generational or regional or what, but there
is a solid segment of people that live in very close contact with
their bank.
malfist wrote 2 days ago:
On average, people spend 4 hours and 37 minutes on their phone,
per day [1].
I find it hard to believe someone would spend 4 hours and 9
minutes _per day_ looking at their banking app or using NFC
payments.
HTML [1]: https://explodingtopics.com/blog/smartphone-usage-stat...
pseudalopex wrote 2 days ago:
Your assumption they used their phone an average time was
false probably.
embedding-shape wrote 2 days ago:
That's pretty much my usage pattern too, including some group
texting, the occasional call and sometimes taking photos/videos.
Otherwise my phone pretty much stays in my pocket or on my table
the entire day. What are you using your phone for that makes that
so unbelievable?
iso1631 wrote 2 days ago:
I used my bank app yesterday, but since then I've used:
whatsapp, phone, push authenticator, safari (having followed a
link from a message), spotify, slack, mail, calandar, disney
plus and camera
Do you not do any of that on a mobile device?
embedding-shape wrote 1 day ago:
I do use whatsapp, camera and the phone functionality, web
browsing very seldom, mostly for "emergencies". Spotify, work
chat, mail, calendar and watching entertainment is all stuff
I either do at my desktop or on the TV, never use the phone
for those things.
kelnos wrote 2 days ago:
Web browsing (like right now), photos, e-books, lots of
messaging, music, sometimes video.
I use NFC payments often, but I wouldn't say that amounts to
more than a few percent of my total usage.
Everyone uses their phones differently, of course. I don't
think your use is unbelievable or odd, but I do think your use
patterns are not the common case.
jrm4 wrote 2 days ago:
To you.
Laptops exist.
0x1ch wrote 2 days ago:
Have you talked or met anyone born after the 90s? Everyone banks
on their phone, it's the norm not the exception.
Edit: Someone also made a good point, one of my CC's I can barely
even manage without the app since the website barely works.
pmontra wrote 2 days ago:
This is a common answer but it does not apply to at least most of
Europe. Because of regulations most banks require to install
their app either on iOS or Android to act as a 2FA device. One of
my banks gave me a hardware device 20 years ago. When its battery
dies I'll have to use their app and my fingerprint.
drnick1 wrote 2 days ago:
If you really don't have an alternative in Europe, buy the
cheapest Googled Android device (less than $100 or euros), and
use that as a glorified 2FA device. It's not ideal because you
have to pay for it, but on the other hand Android devices with
unlockable bootloaders (mostly Google Pixels now) tend to be
cheaper than iThings. A Pixel 9a or 10a running Graphene for
everyday use plus a cheap Android phone that stays are home are
still considerably cheaper than Apple and Samsung devices, and
give the users far more privacy and freedom.
flaburgan wrote 2 days ago:
How do you install the bank app if google does not allow you
to install APKs manually / with a 3rd party store? You have
to go with Google Play. Which requires a Google account. So I
can't do it. That's the whole point of this thread: it would
not be possible to use Android without a Google account.
pmontra wrote 2 days ago:
Yes, that's the endgame, an Android device in a drawer at
home. But what do I have to carry on my pocket to use the
minimum amount of apps? Firefox, WhatsApp with video and
audio calls, Telegram no video no audio, a mail client, a
YouTube client (possibly not from YouTube), a maps and
navigation app (for cars), phone calls, SMS.
LikesPwsh wrote 2 days ago:
YouTube on Firefox is a much better experience than the
official YouTube app, so you can drop one from the list.
pmontra wrote 2 days ago:
I'm using NewPipe and PipePipe. Both are better than the
browser app.
microtonal wrote 2 days ago:
Most European banking apps work fine though on a relocked
GrapheneOS phone. [1] I'm using my GrapheneOS phone to log on
to their web app without issues (though I typically only do
banking on my phone, much more secure).
HTML [1]: https://privsec.dev/posts/android/banking-applicatio...
hparadiz wrote 2 days ago:
When I was still rooting it was possible to bypass this on a
rooted device with enough effort. It wasn't unsecure either.
Padentic corporate security doesn't really make us more
secure. Just more lazy.
hparadiz wrote 2 days ago:
No idea why you are even bringing this up. It works just fine right
now.
0x1ch wrote 2 days ago:
It verifiably does not on open source and free android roms like
Graphene. Unsure where you're getting your info.
microtonal wrote 2 days ago:
I use GrapheneOS with the Dutch ASN banking app and the ICS
credit card app. Pretty much all other major Dutch banks work
as well. [1] Google Pay does not work, but some other NFC
payment apps do (e.g. Curve).
HTML [1]: https://privsec.dev/posts/android/banking-applications...
Pfhortune wrote 2 days ago:
[citation needed]
I run GrapheneOS and use several US-based banking apps. I'll
not name them since I don't really want my HN account
associated with my financials in any way, but I've got a mix of
well-known national bank apps and smaller local credit union
apps working.
I'll admit there is a single institution's app I've found that
doesn't work, but that is just one of several that I use.
kelnos wrote 2 days ago:
For me, the showstopper would be NFC payments. From what I
understand, Google Pay doesn't work on Graphene. I have all
my credit cards in GPay, as well as a transit card. I use it
for boarding passes when I fly, and any other tickets/passes
that support it, since it tends to be much more reliable than
the airline or ticketer's app. I've come to heavily rely on
it, unfortunately.
microtonal wrote 2 days ago:
I haven't tried this, because I try to minimize Google
exposure, but I think Google Wallet (minus NFC payments)
works on GrapheneOS. So, tickets, boarding passes, etc.
should work fine.
hparadiz wrote 2 days ago:
No one even brought that up. We're discussing being able to
install unsigned/self signed APKs. Please stay on topic and
take your strawman elsewhere.
0x1ch wrote 2 days ago:
The ability to install signed and unsigned APKs directly
correlates to the financial institution policy regarding
mobile devices and banking apps. Unsure how you've separated
these two.
stackghost wrote 2 days ago:
From a marketing standpoint it seems like a baffling decision on
Google's part.
I own a Pixel and while the hardware seems decent, I've had a buggy and
annoying experience with Android, and it's been getting worse lately.
Are Google so high on their own supply that they think people use their
phones out of preference for the OS? Because frankly it's not very
good. That's like Microsoft thinking people use Teams because of its
merits.
People buy Android phones because they can be had cheaper than an
equivalent iPhone and because in spite of the buggy and inconsistent
mess of an OS, you aren't beholden to Apple's regimented UX. Locking
down Android will not give it a "premium experience"... It'll always
just be "Temu iOS" at best.
drnick1 wrote 2 days ago:
Have you considered Graphene since you own a Pixel? It's a huge
upgrade over the stock OS in terms of security, privacy and general
reduction of bloat.
stackghost wrote 2 days ago:
Yep it's definitely on my list but my Pixel is on its last legs and
I'm considering going back to iOS.
microtonal wrote 2 days ago:
Having just gone from an iPhone as my main phone to a Pixel with
GrapheneOS, GrapheneOS is such a breath of fresh air. No constant
push of AI, iCloud services, etc. plus I actually feel owner of
my phone and not living on some feudal landlord's plot.
GrapheneOS is great!
drnick1 wrote 2 days ago:
I urge you not too. iOS is fully locked down -- Apple won't allow
you to exert control over the hardware that you bought and own,
it's shocking.
stackghost wrote 1 day ago:
I've owned iPhones before, they're fine.
drnick1 wrote 1 day ago:
If by fine you mean "they work," then sure. But since it is a
closed platform controlled by Apple, you are always one law
away from client-side scanning of your conversations, emails
and any other content on your Phone. Of course, this will be
done to "catch terrorists and protect the children," and
Apple will obviously comply.
gf000 wrote 2 days ago:
> "Temu iOS"
Come on, that's absolutely laughable.
There are several topics where Android is significantly ahead to the
point that iOS is just a toy, and there are areas where the reverse
is true.
And I say that as a recent convert, so it's not like I have a decade
out of date view of any of the OSs. In my experience I had more
visual bugs in case of iOS than android (volume slider not displaying
correctly in certain cases when the content was rotated as a very
annoying example).
stackghost wrote 2 days ago:
>Come on, that's absolutely laughable.
It's not, though. Google phones are not going to suddenly become
luxury devices.
It's going to remain at the same level of polish (i.e. mediocre),
except now without the major selling point of being able to run
your own apps and have alternative app stores, etc. Back around
Ice Cream Sandwich or thereabouts they got rid of "phone calls only
mode" and forced us to rely on their half-baked "priority mode"
that's an opaque shitshow.
When my wife is on call she gets random whatsapp notifications
dinging all night, whereas when I had an iphone I could set Focus
mode and achieve proper "phone calls only".
Android is not good. I use it despite its flaws, because of the
trade-offs, not because it's better.
Zak wrote 2 days ago:
You can definitely make a "phone calls only" mode: create a mode,
allow certain apps to interrupt, and add only phone calls to the
list.
I do think they should offer more pre-configured notification
modes by default, if only to show people what they can do with
the feature. Perhaps "phone calls only" should be one of those.
franga2000 wrote 2 days ago:
People buy high-end Android phones like crazy, I don't know what
bubble you live in. Samsung Folds and Flips are the luxury
phones, not the iPhone Pro Max S eXtreme Edition 32 GB that looks
exactly like the base model but has a slightly better camera.
People show off their S Pen and perfectly stabilised 100x zoom
lens, not their liquid ass. Multi-window and DeX are features for
professionals who need to Get Shit Done^TM, iPhones are the toys
kids use to send memojis to each other.
And yes, I can also click one button and go into phone calls only
mode. I can even set it on a schedule or based on my calendar. I
don't know where you're getting your half-baked Android, mine
Just Works.
You might not agree with every one of those points, but you can't
seriously think everyone thinks like you. Go outside your bubble
some time.
GuinansEyebrows wrote 2 days ago:
babe wake up new hn copypasta just dropped
stackghost wrote 2 days ago:
Putting "Samsung" and "luxury" in the same sentence is lunacy.
Their proprietary Android is even worse than Google's.
Where do you live? I've literally never seen anyone using a
Fold or Flip device, ever. My kids are at the age where some
of their peers are starting to get phones. All those kids have
iPhones.
franga2000 wrote 2 days ago:
If your plan is to keep saying unsubstantiated bullshit, take
that to Reddit. Go to a store and try modern OneUI - it's
just AOSP with a slightly different layout and more features.
The apps are worse than Google's, but the OS is better. Both
are miles above iOS in features, especially for power users.
Split screen, windows, chat bubbles, DeX, notification
categories and history, vendor-neutral PC integration and TV
casting, ...
And I don't quite see your point about your kids' friends
using iPhones. I sure as hell wouldn't give a kid a "luxury"
phone. I'd take the cheapest thing that does the job and
lasts a long time. An iPhone has a very long software support
window so the cheaper models actually end up cost-competitive
with budget Androids.
As for folds and flips, I've mostly seen people in suits
using them, along with a few techy power users and some kids
with rich parents. That's a luxury phone in my book.
drnick1 wrote 2 days ago:
> Android is not good. I use it despite its flaws, because of the
trade-offs, not because it's better.
Android is good, but Googled Android is not. You should check out
GrapheneOS to see what Android done properly looks like.
malfist wrote 2 days ago:
> Google phones are not going to suddenly become luxury devices
Pixel Fold disagrees.
> When my wife is on call she gets random whatsapp notifications
dinging all night, whereas when I had an iphone I could set Focus
mode and achieve proper "phone calls only".
You can do that with do not disturb.
> Android is not good. I use it despite its flaws, because of the
trade-offs, not because it's better.
That is your opinion. My opinion is different.
gf000 wrote 2 days ago:
I'm talking about the OS though.
stackghost wrote 2 days ago:
Me too. The OS sucks.
StopDisinfo910 wrote 2 days ago:
> Are Google so high on their own supply that they think people use
their phones out of preference for the OS? Because frankly it's not
very good
Honestly having gone back and forth between iOS and Android every
three years or so, both OS are the same. It's not like the grass is
really greener on the Apple side. The UX is virtually identical for
anything that matters. Personally I put material Android above liquid
glass iOS. The alleged polish of the Apple UX was lost on me when I
had my last iphone.
The reason Google's moves are surprising has more to do with them
embracing being a service player more and more with the arrival of
Gemini and them having regulators breathing down their necks
everywhere.
I guess they did it after the truly baffling US decision in the Epic
trial but it's very likely to go against them in the EU.
tadfisher wrote 2 days ago:
The rumors that I have heard (and one government document I read
that was poorly translated from Thai) is that there are some
countries who are pressuring Google on this to combat info-stealing
malware. Apparently, account-takeover/theft is very prevalent in SE
Asia where most banking is done via Android phones.
StopDisinfo910 wrote 2 days ago:
Maybe but lobbying is extremely strong in SE Asia. It's hard to
distinguish from governments putting pressure for something and
companies suggesting it would be a good idea.
DIR <- back to front page