Submitted 7 months ago by rustyredox@lemmy.world to technology@lemmy.world
https://youtube.com/watch?v=QBEKlIV_70E
The openness of Android is the thing that kept me on the platform. Now that the openness is being removed, iOS is now more appealing.
Sadly, I think most of the customers that use Android never sideload a single app at all. I don’t expect this to create a mass exodus, but a smaller one with power users.
Remember everyone…Google never cared about you or your phone or your privacy. They are a marketing company and make money selling your data. Your data is all they care about. They don’t offer a wide range of products, like search and Gmail and all of their office products for free, just for the fun of it.
Is Linux viable as a mobile os yet?
Linux isn’t an OS.
Linux isn’t an OS.
Pedantically true, but practically irrelevant statement.
30+ years later and people just can’t let that go….
What do you mean ? There is ubuntu touch working in some phone.
I saw that there is some improvements, for the fair phone 5 it seems that it is working but no dual Sim possible and LTE phone calls. You can check it out for your model on this site : devices.ubuntu-touch.io
Christ. Some cheap phone for calls, SMS and banking. Some other device for literally everything else, perhaps I can get it with a headphone jack again.
I just hope that the Graphene devs continue to support the last supported versions of Android that allow installing apks.
I couldn’t be happier with my P7 that has been running Graphene since day one. Zero Google. Zero problems
This will only be effective so long because gradually apps will require greater and greater API levels. Staying stuck in the past is, at best, a temporary solution.
It’s wonderful isn’t it?
What even is the reason for this? All this is going to accomplish is less Android market share.
Control. Where else are we going to go?
Because of people installing malware.
Its only recently that most Android phone owners even used the internet features, now you need apps just to park your car.
There’s nothing stopping someone from having you install malware from a pirate QR code someone puts over the proper sticker.
My guess is that it’s because people are using apps to get around Google’s revenue generating schemes, like apps to get YouTube without ads.
This is an android 16 feature, scheduled for sept 2026 “prerelease” and 2027 rollout. I expect/hope some phones will have a setting to disable “the security”. If not, there is great opportunty for high end hardware linux first phones, with good android emulation software.
I’ll go to iphone if it’s not able to be disabled. And I hate iphone.
Doesn’t iPhone already have pretty much the exact restrictions that are coming to Android?
This was the main reason I have a spare android phone to install whatever I want on it and just factory reset if there’s an issue. Android / Google is really shooting itself in the foot cause there isn’t a point in owning an android after this imo
Similar story here. I’ve got apps that I need to use from developers that are not around anymore. My old phone only needs wifi and I’ve disabled/uninstalled everything else. The phones battery last like 7 days now.
Yeah I’m going graphene and if it’s too problematic may as well go apple. Freedom was the whole reason for choosing Android over Apple
This is the risk of “trusted computing” architectures. Who is governing the “trusted” part of that.
These cryptographic signatures are not as much of a death knell for Android as some would have you believe. The trick is to get a common code signing cert into your device, that is then used to sign any third party APK you want to run. You can avoid the Google tax this way. I assume that’s how most sideloading sites and apps are going to handle this.
The question is, how do you add that certificate? Is it easy and straight forward (with plenty of scary warnings), as a user? Or is it going to be a developer options deal? Or will I need root to add the cert?
I’m not sure what that answer is right now.
I just want to finish this post with a few words about trusted computing models. Plainly: Apple has been doing this for years … That’s why you download basically everything from an app store with Apple. Whether on your Mac OS device, your iPhone, iPad or whatever iDevice… Whether the devs need to sign it, or the app gets signed when it lands on the store, there’s a signature to ensure that the app hasn’t been tampered with and that Apple has given the app it’s security blessings, that it is safe to run. Microsoft and Google have both been climbing towards the same forever. Apple embedded their root of trust in their own proprietary TPM which has been included with every Mac, and iDevice for a long ass time. Google also has a TPM, the Titan security module, I believe that was introduced around pixel 3? Or 4?.. Microsoft made huge waves requiring it for Windows 11, and we all know what that discussion looks like. Apple requires a TPM (which they supply, so nobody noticed), Google has been adding a TPM and TPM functionality to their phones for years, and now Windows is the same. None of this is a bad thing. Trusted computing can eliminate much of the need for antivirus software, among other things. I digress. We’ve been going this way for a long time. Google is just more or less, doing what Apple has already done, and what Microsoft will very likely do very soon, making it a requirement. Battlefield 6 I think, was one of the first to require trusted computing on Windows and it will, for damned sure, not be the last that does. The only real hurdle here is managing what is trusted. So far, each vendor has kept the keys to their own kingdoms, but this is contrary to computing concepts. Like the Internet, it should be able to be done without needing trust from a specific provider. That’s how SSL works, that’s how the Internet works, that’s how trusted computing should work. The only thing that should be secret is the private signing keys. What Google, Apple, and Microsoft should be doing, is issuing intermediary keys that can sign code signing certs. So trusted institutions that create apps, like… Idk, valve as an example, can create a signature key for steam and sign Steam with it, so the trust goes from MS root to intermediary key for valve, to steam code signing key, and suddenly you have an app that’s trusted. Valve can then use their key to sign software on their store that may not have a coffee signing key of it’s own. This is just one example based on Windows. And above all of this, the user should be able to import a trusted code signing cert, or an intermediary cert signing cert, to their service as trusted.
Anyways, thanks for coming to my Ted talk.
Thanks for sharing all of that. I got to think a little bit about stuff that normally I would take for granted.
So yeah we’ll do a decentralized Linux phone of sorts, if Google is going full 3rd Reich with Android we’ll move to a Linux based OS phone.
Simple as that.
Dude. On what hardware? My 1 years old AND 4 years old Samsung phones now lock their bootloader.
Random, fly by night China phones won’t have enough documentation or enough consistency in hardware to be a viable rally point for firmware devs, will they?
Don’t get me wrong. I will buy exactly that Linux Phone for my next device if it gives me three browsers and enough untracked fundamental functionality like calculators and contact lists.
But I’m genuinely worried there won’t be a hardware vendor in the game in my market (the land of Y’allQaeda) to sell me a compatible device that plays nice with the three mobile providers that still exist here.
Who is we? what group of people has the dev funding and time to produce FOSS hardware and software to compete with the average android phone?
We the people that want a finished product with distribution and a good eco system from day zero. It must be next gen hardware and be priced more than competitively.
When it comes to the current final frontier, Linux phones, what brands/models would be the best option? Or are you all really recommending iPhones?
You can’t sideload in Linux.
I’m looking at Fairphone 6. EU based, has an option called /e/os which is basically degoogled Android, and it also has full support for Ubuntu Touch (Linux phone).
Linux handheld with a 4g usb modem, doing calls over the internet. Just an idea, im not doing this, nor do i know how practical it actually is.
Recommending iPhone because of freedom restrictions feels quite ironic
It really should be a 3 level setting, disallow/allow & check/allow. Where the latter option is available but users are strongly advised to apply common sense. Because I would not be surprised if a lot of sideloaded content comes from warez sites and is infested with malware so allowing & checking is still protecting people to some extent.
Can you at least put a custom ROM on to disable this?
The issue is that Android used to be open source but they’re moving to closed source under the guise of security as well which will make it difficult/impossible to update the rom
Afaik, yes
If they only cared about thwarting malware they could have just relied on code signing via public certificate authorities, like with binaries on Windows.
The point is so that most people can’t or won’t figure it out or get discouraged. So that in time, google’s “unwanted” software will be starved of attention and funds to continue being developped and these “weeds” in their garden slowly wither and die
Code signing offers slight protection from malware but not as you might think. If a company signs an installer, or executable then it tells you it came from them but not what it does. It could still be malicious, or it could be inadvertently bundled with malware in DLLs or scripts and you wouldn’t know. You’re just hoping the company has done its due diligence and you trust them to run.
Microsoft does have an antivirus system on top and fingerprints downloads too and applies some kind of trust score that is better if an exe is signed. There is probably no single mitigation that stops malware infection but apply lots of smaller mitigations in in depth and most people will be safe.
The irony is Microsoft still lets people run files ending with .scr way too easily. Much of the malware on torrent websites is a file ending with .scr knowing the OS will hide the extension, e.g. movie.mp4.scr appears as movie.mp4 in File Explorer and people click through and get infected.
These arguments would apply the same to Google’s approach. My argument is that Google appears to have another agenda.
Just get root, and it wouldn’t be too difficult to bypass.
I already bypass many of Google’s stupid and arbitrary restrictions like their minimal SDK version requirement for side-loading apps and such with Magisk and Xposed modules.
They also stopped support that allowed for easier development of custom ROMs a couple weeks back. So it’s not good news for custom ROMs. Either someone needs to form Android for good, or Linux phones are our next best bet.
Back in 2019 when the leadership changed, they moved to be 100% about advertising, which is why Google started going browser fingerprint tracking. Invasive is the name of the game. Within 6 months of that, they’re also locking down their entire ecosystem like Apples does, specifically to squeeze more data out for advertising. This isn’t an action taken in a vacuum.
Are you sure it won’t apply? As far as I understand, it’ll apply to all devices with Google services installed. Which includes most ROMs, as well as non-Google ROMs after you manually install gapps. Is my understanding off?
On GrapheneOS Play Services is sanboxed, so it cant affect other installation sources. It’s just one source of many.
Affected devices
The requirements apply to all “Google-certified Android devices” which includes:
Devices with Google Play Store Devices with Google Mobile Services (GMS) Devices with Play Protect All mainstream Android devices from manufacturers including Samsung, Xiaomi, Motorola, OnePlus, and Google Pixel
Custom ROMs without Google services & uncertified devices are not affected by these restrictions.
From the link
This is about Revanced, isn’t it? They failed to kill it via the YouTube backend so now it’s down to lock down the os and browsers as much as possible to keep feeding people the juicy ads.
This is bigger than “just” Revanced though. It is about using any open source software that could replace a Google app and losen Google’s grip on your data.
It’s time to start self hosting your own services people!
This is about preparing for DMA and the likes in other countries.
I don’t see how the DMA would cause this other than Google preemptively setting themselves up for malicious compliance. The whole point of the DMA seems to be to give users choice not take it away.
I bought a Pixel recently and for 2 days I tried to make it work. 2 whole days of fumbling pain! And I felt fucking horrible. Almost nothing is customizable and everything coated in a thick layer of AI. Every google app has dark patterns. Don’t like it? Well too bad, apps like goog photos keep on asking if you want to upload your life with a recurring popup that tries to trick you. Don’t want Google Search Bar? Well… you don’t get to say no bitch, don’t make me hurt you. It is not a healthy relationship.
So. I just took the plunge and flashed GrapheneOS. Graphene will take a bit of work getting replacements for some of my needed apps like mail and map. But there are lots of neat options and I’m having fun with it. Problem fixed.
I used the graphene web install. I booted up my Pi 4B+ and used gnome-disks to flash a MicroSD with Ubuntu 24.10 then installed the two packages in the web install instructions then I got Brave (I went to the Brave homepage and they have some curl option to download. I needed to install curl, did that then got Brave installed. Once brave is installed you have to disable browser fingerprinting memory reduction and disable the “brave shield” (the little shield near the address bar) for the web installer GrapheneOS page. (It’s a fresh install, on a Pi, and I know the site, no real risk)
After this you can just press the big buttons on the page and follow the instructions on the page.
There are many ways to do this. They have lists of compatible browsers and operating systems. I picked (eww) Ubuntu and (eww) Brave because they seemed easiest on the list and I did not virtualize or use containers in any way cause it messes up the webUSB magic the website uses. I like to play it safe as possible when firmware is involved so I didnt speed up the instructions. And also when you buy a Pixel, big thing! Turn on dev tools and toggle your oem bootloader setting off and on again. If it can’t do that you need to return the phone because it’s locked down by carrier.
Well… I hope my long sleep deprived ramblings help someone else break their chains. Read a bunch about it before starting! Good Luck!
I mean, good on you to go for Graphene, but honestly a lot of stuff you describe is solved with a custom launcher. Search bar and customizability for example. I use KISS launcher on my private phone (Pixel 7) and on my work phone (Pixel 9), no issues with either of these topics.
Thr one thing I wholeheartedly agree with though is the cancer that is Google Photos and the peddling of backing up stuff.
GrapheneOS comes enirely Google free out of the box, including telemetry. It is also a reasonably secure mobile OS. You don’t get all that by just changing the launcher.
Good on you for using grapheneos! But you should always install the software you want anyway. You don’t need google photos. You can install a different launcher etc. Don’t become complacent and go with the setting out of the box. That’s the reason tech turned into shit. Consumers don’t care for it anymore.
I must admit however, that the launcher market has turned to shit though. There used to be so many more cool options to choose from.
Yup, Thanks, I plan too. I installed Nova and then cut its network permissions. It’s something for now.
I find it very strange how many people in the comments here think the solution is to buy an iPhone. Maybe you are all just rich and can afford to spend $1000+ based on vibes, but considering the Android market still has a massive value advantage I’m not really sure what the point of switching is. This all feels very similar to how some Westerners decided Chinese tech and even the Chinese government were suddenly problem-free just because Americans elected Trump for a second time.
The upgrade cycle on iphones is longer than that on android. $1200 flagship samsung phone turns to shit after 2 years. $1100 iphone keeps chugging for 4-5. The android rot is real. Apple is far from perfect but the phones last way longer on average and end up having a lower cost overtime. That is if youre not buying bottom of the barrel budget phones to compare against.
All of my old phones work fine as the last time they were updated. My 10 year old Sony xperia z3c would be fine except for security updates and it’s only 3g, and the storage on it is quite measly. I still use it everyday for playing music, though.
Most of the speed issues are google bloat. Play services are absolute hogs, and anything that needs them will not work on this phone, but everything that doesn’t is perfectly fine. So I’m basically stuck with f-droid apps. Which is fine, because it’s a glorified iPod at this point
Can you even (easily) install custom apps on iOS? The last thing I remember is it being a huge pain in the butt…
If you’re in the EU there is now at least one alternative app store. iOS hasn’t opened up anywhere else in the world AFAIK, so it’s still a pain for everyone else. You used to be able to use the AltStore without jailbreaking iOS (maybe you still can), but the process was annoying and didn’t feel particularly secure as you had to provide your Apple account details.
I trust China more than this current administration…What are they gonna do? Drone strike me? Oh, wait, that’s the US.
You trust China more? The State-Capitalist Authoritarian regime? They country that developed the spyware known as Wechat, which is currently monitoring most of the overseas Chinese Diaspora? LMFAO. Spoken like a westerner who never stepped foot on mainland China.
Why are people always being campist lol. Just because you think “your side” is is bad, doesn’t mean you should just blindly support the “other side”.
If you are American, you should buy Chinese tech because the Chinese government is more interested in spying on and controlling its own people than you.
If you are Chinese, you should buy American tech because the American government is more interested in spying on and controlling its own people than you.
…Used or refurbished iPhones are relatively cheap and better for the planet.
Relative to what? Better for the planet than what? I’m not really sure what your point is here, you seem to be implying that a secondhand market for Android phones doesn’t exist (note: it does, and Android phones are still much better value secondhand because they lose value so quickly relative to iPhones).
be me buy new phone, chose android cause I can install anything on it get free iphone from work sell iphone on ebay cause I can install anything I want on my android google doesnt want me to install anything I want
Fuck me.
Apple now allows sideloading of apps and Google is trying to get rid of sideloading.
What… the Fuck?
Does this mean the end for YouTube Revanced on Android?
I’ll just buy and use decade old phones with unlocked bootloader till I can. There’s barely any innovation in phones these days and I’m sure someone will come to fill the gap Android left (hopefully Linux). I’m still using my 5 year old phone degoogled with custom a16 and still going strong. I also have a backup pixel 6 in case the current one breaks. I can easily wait 10-15 years.
Can someone explain how this affects graphene os users?
Joke’s on them, my phone only cost $300
This is redicolous
i heard they were softlocking the OP soon in the newer models, but hopefully they dont compeltely lock it down.
How does this affect “second-party” apps (i.e. apps you have created yourself)? Are you still allowed to go to Android studio, make an APK, transfer it to your own phone, and install that app? If no, this spells the death of experimental indie developers on Android.
so is this why my phone updated and then took seven hours to connect to the network the other day?
does this control happen with a specific android version release? what number? Can I get a new phone with that version and sideload an alternative OS/ROM?
mahmut@meclis.home.buyulumahmut.com 7 months ago
I didn’t get it. EU pushes Apple for sideloading option. Android will come with embedded Linux terminal support and you can even run native Linux apps on your Android phone with Android 15.
I guess some C-Level assholes forcing this change in Google but this does not make any sense…
hume_lemmy@lemmy.ca 7 months ago
Line must go up.