Now it’s an international matter of national security. Let’s go world, time to de-americanize your tech.
Yes, but, from the article: ”GrapheneOS also says governments and banks are increasingly adopting these verification systems for things like payments, digital ID apps, and age verification services.
“Instead of governments stopping Apple and Google from engaging in egregiously anti-competitive behavior, they’re directly participating in locking out competition via their own services,” Graphene said."
Exactly, it’s not only about fighting Google, it’s also about setting a better, more open standard for the rest of the market.
Recently my bank has rolled out a new mobile app now relying on Google wallet for NFC payment. I was able to use NFC payment on GrapheneOS on the old app, I can’t on the new one. The online banking stuff still works (for now) but no more mobile payment for me. I didn’t sign a fucking contract with Google, why would I hand over my payment data to them !
You need to call your bank and the media. Word has to get out.
I mean, a bank is a bank, they are all very similar. Unless you have an extremely good interest rate on it, I would just close the account and go elsewhere. Make sure to tell them on the way out that’s why.
Alternatively you can just transfer funds to another app and keep using their bank and use the other account as the NFC payment one but, that’s too complicated for my tastes.
How would I know which bank to go too ? It’s comes down to the details of how they implement their phone app. I don’t think you would find this information anywhere.
I mean, I know a lot of people don’t like doing it anymore but calling and asking has a fairly decent chance of working if online gives no details.
Personally I’m unsure how a bank could even force NFC to go through a specific provider, mine has always just issued virtual card numbers whenever I enrolled, And if the bank itself didn’t support the provider automatically, I always called the bank to manually approve getting the virtual number. it’s a little confusing to me that your bank even blocks the ability to in the first place. I would have thought you would have been able to use any mobile wallet that works on Graphene OS. Being said those are limited last I knew
edit: rereading it. I see what you mean. You mean through your bank’s app as a native solution. Yeah, you’re just gonna have to call the banks for that one. I would assume that customer service would definitely know whether or not it’s through Google Pay or through their own system.
My bank hands out these weird little plastic cards like it’s 2016 or something.
alot of countries have fully bought into the surveillance thing, UK is planning to give NHS full acces to its patient database to PALANTIR.
Yep, my own government (UK), have rolled out a digital ID app that only works with Play Services intact, so I had to jump through hoops to prove my ID so I could renew my driving licence. It’s bullshit.
Yup, unless we decouple the incentives behind these all our systems and products the end result will always be: Hey Everyone, meet the new boss! Same as the old boss!
I just made the switch to Graphene a few days ago and I found it fitting that my government’s digital id app couldn’t be installed on my phone anymore. Oh well.
Where do we find another furious person to start the equivalent of SKG, but this time against Apple Google duopoly, to get a hearing before the EU parliament?
The fact that national governments and banks require Apple / Google device attestation in the current geopolitical situation is a damn sabotage.
Here’s a list I had compiled of non Google/Apple alternatives.
- Murena (France) with /e/OS (France) on:
- Fairphone (Netherlands)
- Hiroh (USA)
- SHIFTphone (Germany)
- Teracube (USA)
- Punkt MC03 (Switzerland)
- Volla (Germany) with Volla OS or Ubuntu Touch (Germany)
- Jolla (Finland) with Sailfish OS (Finland)
- Furilabs (China) with FuriOS (pronounced “furious”) based on Debian with Phosh UI.
- Purism Librem (USA, manufactured in the USA)
- Pine64 (China) Pinephone with Manjaro (Germany), postmarketOS (?) or Mobian (USA)
- Murena (France) with /e/OS (France) on:
Please consider donating to PostmarketOS to build up a pure mobile Linux alternative that is completely free of Google’s influence. It’s the best long-term option we have.
How does this compare to Graphene? You can also be Google free using it
GrapheneOS is great, and it’s what I currently use, but it is ultimately a hardened Android fork. One downside of that is it is completely reliant on manufacturer updates to continue to support a phone. Once a manufacturer drops support, the Graphene team must also drop support, as they are reliant on the closed source GPU/hardware drivers that are tied to specific android kernel versions.
PostmarketOS is not based on Android whatsoever, it’s a Mobile focused Linux distro using the mainline Linux kernel. It uses open-source drivers for the GPU and hardware which can be maintained and supported for decades, and is completely independent of Google’s influence. However, it’s still currently rough enough around the edges that it isn’t ready as a daily driver, which is why it’d be so helpful for us to donate to it so they can hire more developers to polish it up, as they recently did to improve the audio support of Qualcomm devices.
Awesome. That’s what we need and I donate soon.
Graphene is Pixel only and aims for privacy and security.
PMOS aims to bring Linux to the maximum amount of devices (phones, Chromebooks, tablets, QEMU) to give them a life beyond the manufacturer’s support.
I would compare PMOS to LineageOS over Graphene.
Motorola will have a GrapheneOS compatible handset. I use a Pixel 9 Pro with GrapheneOS though, and it works reasonably well.
Reasonably? What issues have you encountered?
Considering putting it on my phone
It’s a PITA to use. You set up different profiles for different uses to separate out app tracking. Turn off Google services when you can. Manage each app. Switch profiles around constantly.
It’s work But… ain’t nobody watching you.
Security. Privacy. Convenience.
Pick two.
You don’t need to use multiple profiles. You can just have one profile and use the phone like any other Android.
It is just Android with extras. You don’t have to create a lot of profiles. I use one profile for F-Droid and one for Google services (sandboxed). You could use it with just one profile for everything as well. I have shortcuts on the home screen for switching profiles, which improves ux a little.
Sure, you could. But that defeats the purpose.
They always watchin’ spooks errywhere.
GrapheneOS won’t protect your cellular data and metadata. It can’t stop location tracking by cell tower. But it does a lot for those who are privacy concerned.
It’s still ultimately downstream of Google code, though
Technically you cannot since they basically develop Android.
Sailfish is also a great option too
Unfortunately, Sailfish OS uses a proprietary (closed source) android compatibility layer, as well as a closed source UI.
For the parts they have open-sourced, they implemented a CLA that contributors must sign. It’s the HA-CLA-I-ANY license, which specifically allows them a perpetual Copyright and Patent license, and permission to re-license your code contributions to a more restrictive license which enables them sell or package it into a closed-source proprietary app.
Personally I’m be more comfortable supporting the development of PostmarketOS instead, since it is completely open-source with no CLA, meaning no chance of any rug-pulling in the future.
That’s an American thing, not just Google. They only believe in a free market when it’s their products and services. Theft is fine as long as it’s only them.
When a Capitalist says “free market” what they mean is “free to monopolize.” It’s about keeping the pathway to feudalism free and open. The US is its temple, but Capitalism is a global cancer.
this is just capitalism thing.
In a true Capitalist society a competitor would be fighting for same sales. What we see is lobbying of government to favour one monopolistic company.
No not really, this is how capitalism is supposed to work.
No, In a true free market competition drives prices down as each company aims to grab you as a customer and it forces efficiency in the manufacturing or development to cut costs. Since lobbying has taken over, there is no free market, it is manipulated to favour the bigger donor or other backend deals to eliminate competition.
For example in Canada we have a giant grocery chain that also has a property company, the property company will only lease to themselves, and they have agreements that no other stores can open a certain distance from them. It means that we overpay on all food
final goal of capitalism is to generate profits and thats what leads to lobbying and monopolies, thats why I said this is real capitalism.
Except where lobbying is illegal like South Korea and they don’t suffer like we do with monoplies
Something something… Capitalism
More like neofeudalism at this point.
And actual full on fascism to boot.
Same thing if it’s benefitting them
When it isn’t different story
Maybe the EU can slap some fines on that? It’s anti competitive and against the DMA i assume
The EU can fine them for things like this but it won’t make much difference. To provoke long term change, we need a way to block them from our countries and that’s impossible.
Let’s start by fining them ^^
the cost of doing business
They can also enforce changes if they want access to the EU market
We can’t afford to start a real war with them because they control far too much of our technology. Yes, we could threaten to block their access to our markets but what if they don’t change their behaviour? Do we go through with it? Some of their services are critical to our daily lives and just one day without a few of them and entire systems would collapse.
EDIT: Big tech corporations like Google are more powerful than governments. While they are not invulnerable to sanctions, we may lose as much or more than they do if we take drastic action without viable alternatives.
I agree that it’s too early, but disagree that it would never be possible. If the EU can successfully move away from Microsoft like they’re trying to do now, then I think that will provide an excellent model for moving away from other tech monopolies.
Really its a much bigger problem then that. Where do you get your switches or computers. Sure there are European PC builders but who makes the parts. American companies control a lot of infrastructure and the fact nobody thought that was a problem is just ridiculous.
This is just looking at the material reality of the problem. I can’t effectively threaten someone who I’m heavily dependent on without present alt. Kinda how Trump got slapped when he tried economic coercion on China. If the EU has a domestic alternative to Big Tech’s cloud services that’s in wide use and easy to scale up, the they can legitimately threaten Big Tech. That said even then that would not be enough given the newly developed dependence on US - LNG. Threaten Big Tech and the US threatens cutting off the gas supply. A gas supply shortage topples governments.
The reality is that they are powerful but if they were to become actice participants in some hypothetical war the governments could freeze and withold funds with the swipe of a pen.
There are a lot of regs around the freedom of funds and stopping that if there is a legitimate national security risk. The US is doing it right now with funds provided from the EU to purchase weapons for Ukraine. The US is not fulfilling orders because they blew their load murdering innocent children in Iran.
Their power is fragile though. The EU has sanctioned big tech in the past and will do so again. Sure they could screw us over hard but that’d hurt their profits significantly more than complying and as slaves to their shareholders they will not do that.
We shall not bow to tech twinks.
You think Google is going to abandon the EU market over timely releases of their AOSP code and the ability to install apps from outside the playstore?
No, I don’t think so. I don’t think they would ever abandon the EU market. I was thinking more along the lines of a “malicious compliance” approach, where they would make it more difficult for us to access certain services.
Please note that I am not against fining and fighting Google and other big tech companies. Sorry if my comments make it seem like I am.
This is literally their latest attempt at malicious compliance so you’re not wrong. EU will play ball for sure.
sometimes you need to be stubborn and disallow all alternatives for better solutions to be developed. trying to use the big tech shit will inevitably always end in enshitification.
grow some balls, say no and create alternatives if they don’t budge. nothing else will work. and as soon as you have alternatives, everything will get easier
You’re so out-of-touch if you believe that the EU is against this.
It’s especially weird coming from an apparent German. You know all that rhetoric about how the internet is no “wild west”. That means locking everything down. Only the properly licensed professionals are allowed to do stuff with properly regulated tools. That’s how it goes in Germany.
This stuff is what Google is supposed to do.
This is a matter of anti-competitive behavior and market manipulation. And historically, the EU has always been against that (especially if it’s detrimental to them, of course).
They’re in favor of regulation, but definitely not of individual companies handling it.
No. That’s not what these words mean.
Anti-competitive practices are business or government practices that prevent or reduce competition in a market. Antitrust laws ensure businesses do not engage in competitive practices that harm other, usually smaller, businesses or consumers. These laws are formed to promote healthy competition within a free market by limiting the abuse of monopoly power.
It’s exactly what these words mean.
The current US government is strongly in favor of corporations screwing over individuals, so we aren’t likely to get any help there. The EU and China are the only organizations that might be able to intervene. Unfortunately, they both seem more interested in the surveillance opportunities than in the good of their citizens.
We seem to be heading toward a two-tiered internet. One that will be accessible to everyone, but will be limited in terms of commerce and possibly content. One that will only be accessible to people who are willing to give up their privacy. That might actually turn out to be a good thing. Buying from the corporations could easily end up limited to the later group, which would encourage more people to shift their buying to other sources.
I completely agree.
…and as soon as OpenNIC takes their SSL/TLS Cert generator out of experimental and into something stable - we can start.
Privacy concerned people can start to rebuild the internet based on the original principles of “sharing information and ideas”, rather than " maximizing engagement ".
edit: a word
I may start keeping a cheap device that lives in a Faraday cage that obeys the corporate rules and only comes out when I absolutely need it, and then a graphene device of sorts as my daily driver. Ive almost completely de-googled otherwise.
I’ve done this ever since banking/financial apps became the norm. Something about carrying a small easily lost/stolen device containing access to every penny I own as well as possible credit/loans worth several years salary didn’t seem like good finsec. If it can touch money, its on my sim-less stock old android that lives in a Faraday bag for 99% of the year.
Works, but if we think about it, it’s just a win for big tech, because we’re using their oppressive system and even buying an additional phone
was looking at phone options recently and, honestly, fairphone has become the only choice as a daily driver. I am now absolutely fine with the limited fairphone specs as a trade-off for a device I control as my own.
will keep older phones for any corp BS that I am forced to deal with. hopefully we can legislatively minimize the interactions.
This is actually something I’ve been thinking for a while that we would have the clear net would be very limited in terms of what you could see and do. And then you would have things like Tor and I2P where everybody else would go for the free flow of information. Anyone who’s too technically illiterate to use the dark web is going to have a very, very limited experience.
I hope every de-googled os goes completely open source supportive. And i hope people choose these os’s over google or any other closed source/centralized company
And world peace and the end of hunger too.
Sadly most people will get slowly boiled like a frog. People got comfortably numb and they want everything spoonfed. They won’t learn new things, they won’t wean off big services that make everything convenient.
The issue is that a lot of everyday services depends on Google.
If your bank decides it integrates with Google Play Services, well fuck you, your degoogled device won’t work anymore and you’ll have to switch banks or forego using your device for banking.
Every corpo is pushing hard to interwind themselves with your day to day so that they become the gatekeepers of your life and rent seek.
It’s easy for us to find an alternative because we are tech litterate, but not everyone has the knowledge to do so and it is increasingly hard to do so.
I don’t think it’s a matter of knowledge, more of mindset. If enough people even cared, banks would not enforce any changes that would require to use Google play safetynet.
Btw, banks shouldn’t even need apps. A webpage with local storage (PWA) should suffice for 99% of banking stuff.
Well, yeah, we’re well into the stage where it’s not quality that sells Google products and services.
This is the Pillaging Stage of Google’s business: as they screw both customers and users (Google’s customers aren’t their users) for short term “growth” they can only hold market share by taking advantage of market barriers to entry, networking effects and their current market share to force both customers and users to keep on using Google products and services.
The irony of having this in the middle of the article
The capitalists will sell us the noose with which we will hang them? or however it goes…
LMAO
I’m not sure if “rival” is the right term. Seems like Google would be very happy to be a monopoly.
Most people don’t care.
Hell I’m even the “weird one” only because I tend to use FOSS options when I can.
Who the hell would use YouTube over NewPipe??
Brothers in arms mate. I use FOSS whenever absolutely possible. I hear about a new type of service, and my first criteria before evaluating it is, can I run it as FOSS? If the answer to that question is no, then I immediately reject that new service until I can use it in a FOSS manner. Do not pass go. Do not collect one Monero.
I did not know about new pipe. Thank you
Pipepipe is working better for me
Ymusic is better in my opinion, it’s not taking eternity to update subscriptions…
Is there an advantage to using newpipe if I pay for premium?
You can stop giving Evil Inc your hard earned money
It’s like 5usd for a family plan in my country. I doubt that’s making a dfference. Also, I sincerely doubt you’re not using any Google services/products in your life. Not to mention that there are plenty of "evil inc"s out there.
Re: 5 USD. Google makes most of it’s money from advertising - which works by tracking everything you do and building detailed profiles of you.
Re: I sincerely doubt you’re not using any Google services/products in your life. Not to mention that there are plenty of "evil inc"s out there. This might not be intentional, but it sounds to me like whataboutism combined with “there is no perfect option, so we shouldn’t do anything”. 90% reduction in use of google services, is better than not doing anything. Heck, 10% reduction is better. Whatever gets you started on the journey. And as a lot of people have correctly identified, it’s not easy. It takes time.
Google makes most of it’s money from advertising - which works by tracking everything you do and building detailed profiles of you.
So the answer’s “no”? Gotcha. I do try to avoid using google products and I do use extensions to try to prevent tracking. So maybe they’re making less money off of me than others? Who knows.
This might not be intentional, but it sounds to me like whataboutism combined with “there is no perfect option, so we shouldn’t do anything”.
Not even close my friend. However, you can’t fight every single battle. I try to pollute as little as possible, selfhost everything I can, don’t buy things I don’t really need, etc. Regarding youtube though? I just wanted to watch videos without ads on my tv and it cost me next to nothing to be able to do that.
Pro tip :P you can use "> " to quote text. It’s easier to read.
“My small contribution to evil is meaningless “. Gotcha.
You’re so far off the mark that I’m not even going to keep spending my time to explain why.
More privacy
i had to install Newpipe in my gf’s phone, she’d show me something in YT and need to wade through endless shit before getting to the content. I forget occasionally how shitty an experience YT can be if you don’t make some effort until i use someone elses device.
Ironically, the “weirder” option is more convenient in most cases. NewPipe sometimes breaks when there are API changes or some bs, and vids with age restrictions don’t work at all so I would need to look for another vid with the same content (or use a browser sadly)
I think spreading awareness about privacy would be the first step to move people into decentralized platforms
Getting more open hardware though requires more efforts unfortunately
I feel the days of free YouTube front ends is coming to an end. I’m honestly surprised they’re still alive. Didn’t they try to kill yt-dlp recently? Together with their playstore developer verifications, YouTube VPN restrictions, making life harder for Android derivatives, YouTube ad blockers, and on and on, I don’t see a bright future for anything that piggybacks off of Google’s back.
I’m still waiting for a mobile phone manufacturer to support a free OS. Until then I’ll stick to degoogled android.
deleted by creator
And yet they force people to buy google phones to use their ROM.
At least soon there will be support for Motorola.
I’m sure if other phones met GrapheneOS’ security standards, they’d have already ported it to those phones.
Motorola may just be the dam finally breaking on that.
To be honest, I think for the average user most ROMs are more than secure enough. And from a privacy perspective a lot of the de googled ones are very good.
Grapheme has almost a cult following in a way that its all or nothing.
I’d rather give up a bit on security while preserving privacy, if it means my money does not support terrible companies.
Then get a fairphone and load /e/OS or something else like that? GrapheneOS on Pixels aren’t the only degoogled option. GrapheneOS makes it clear that their priority is security, so if you’re willing to compromise on that then GOS likely isn’t for you.
That is exactly what I have. I am not willing to compromise my ethical values and to give money to a truly evil company.
I just find it hypocritical that GOS requires Google made phones and at the same time says its a bad company.
The hardware is hardware, my guy. Most people running desktop linux are using hardware mainly comprised from the work of companies with shitty reputations.
GOS has a set of required specs to ensure the security it’s famous for, and the pixel happened to meet them due to their developer-focused design implementations. Luckily, Motorola can now see the economic opportunity of leaning into that as well.
Agreed, and until the Moto Graphene phone drops one can just buy a used Pixel from a trusted marketplace like Swappa, and no money goes to Google from that used device sale. Save money and keep a perfectly good used phone out of a landfill at the same time.
It’s a hardware issue. No other phones had the security features required. This is why they partnered with Motorola, to get away from Google hardware…
Graphene user, not part of this cult you speak of. I used to be solid tinfoil hat but now I try to balance between security / privacy and convenience because it was all too exhausting.
Years ago I switched from lineage to Graphene because the Graphene experience was much smoother. Installs, updates, options, it’s all just easier. Granted the last install was a pita as funny enough they required chrome for the install. Aside from that it’s been so smooth that when my partner kept asking for a new phone, I had them agree on letting me install Graphene. I would have went with fairphone but I can’t put something on their phone that I have yet to use. Graphene is solid, stable, and for the most part usable. There’s a few minor things out doesn’t do like customizations and slight compatibility issues but in relation to what it provides is an acceptable trade off for the time being.
All this to say Graphene has their place for non cult users.
I get that. And I did not want to generalise so much but I guess I did.
I do think its the minority of Grapheme users that are culty to be fair. And the main GOS dev from what I’ve seen online.
In terms of smoothness, my wife is very non techy and immediately gets frustrated when tech doesn’t work. She (and I) uses a Fairphone 6 with e/os and the experience is very smooth.
Are you using those in the US? When I needed to get a new phone they still weren’t available here, but I’m hoping that has changed or changes by the time I need a new one again
No, I’m in Europe
But “give up a bit on security” doesnt preserve privacy that’s the whole thing.
Also them being hypocritical for suggesting pixels isn’t really true, its the only unlockable device where you can relock the bootloader afterwards which is necessary for the asbolute maximum security of the OS. *and also has secure element, among other important requirements for security.
Motorola will change this.
I personally don’t cut corners when it comes to security and I don’t think anyone should honestly.
But “give up a bit on security” doesnt preserve privacy that’s the whole thing.
I gotta disagree with this. GrapheneOS has bought into the crappy smart phone threat model, but the most obvious way to preserve my privacy is to give me complete control over my device and let me tailor it as I see fit. This means root. GrapheneOS doesn’t allow root access and that’s horrible for privacy.
Sent from my GrapheneOS phone
Root access is tricky because it can be less secure overall but I guess this is dependent on your use case.
I think you can still do it but you have to edit the rom beforehand so yeah not out of the box.
I once again cannot disagree more strongly. This is the BS that has been pushed by the mobile phone world. It couldn’t be more wrong. Well designed root access to your own device would dramatically increase its security for those who chose to use it.
Here are a few things you simply cannot do on a phone and would be considered terrible in any other context:
- Control system, root level services running on your device. The idea that you can’t do this is a security nightmare. It is the single most basic security tenant I can think of that is grossly violated. You have no control over your device’s attack surface
- Control privileged non-root applications
- Control network traffic. You have no low level control over your device’s firewall without root. You want egress rules? Sorry.
- Linux namespaces. You literally are banned from accessing the single greatest Linux security feature since UIDs and GIDs. Network namespace isolation? You can’t do it. UID remapping? Nah. Mount namespaces? Nope.
- SELinux policy. Android relies heavily on SELinux and you have no control over it at all.
- Device handling. There was a great root exploit a long time ago with just a plugged in USB that would have never existed on devices that sanely disabled automounting.
There is so much more. I can’t even imagine calling a device I had no root access to “secure” in a personal threat model. Business? Sure. Personal? God no. Not even close.
This is in addition to the privacy benefits.
If your threat model is a state actor breaking through your phone’s TPM then sure, but for most people escaping the google ecosystem is by far the biggest need in terms of privacy/security
Note: IDK exactly what graphene needs hardware wise, don’t quote me. Point is, there’s such a thing as “good enough”
It’s not the only device you can relock the bootloader. I am typing from a Fairphone using e/os with a bootloader I locked after installing it.
I don’t cut corners on my morals, so will never give money to google. Even indirectly by buying second hand and making their phones more attractive to buy.
Ah I see that they have decided to support it now with the fairphone 4 which is awesome. Before that you had to use google test keys to do it.
It still lacks a secure element which is pretty important for security and privacy. It also lags behind on security updates.
https://news.ycombinator.com/item?id=44375865
That’s a good discussion about it.
I respect not giving money to google though but I can’t cut corners on security even if it means I have to go into the belly of the beast myself.
I’ll be very relieved when the Motorola GOS phone drops
Graphene was my introduction to degoogling and I chose it because I was already familiar with the Pixel. Also that I had no idea what I was doing and their articles are clear to read. I did find it silly that I needed Google hardware but I just bought it secondhand instead of new/full price for ‘do evil’ Google profit.
I can totally get that. Things can be very confusing the first time around.
Well, eventually when you need a new phone, might I suggest a Fairphone with e/os?
Yes you may suggest! I’ve been vaguely glancing at the Fairphone with e/os from time to time, to keep in mind for the future.
Cannot wait. Hope it has a decent camera.
Also I’d flash that shit myself when it arrives too.
if other phones met GrapheneOS’ security standards
This rhetoric is not OK.
Obviously security is important, but so is not financially aiding and abetting your enemy.
Graphene people are deeply unserious if they can’t understand the urgency of both points.
GrapheneOS needs to settle on the 2nd most secure system after Google, if Google is really the #1.
Cut Google’s hardware out NOW.
The only thing worse than no security is a false sense of security. It’s better for someone to know they’re using an untrustworthy device than to find out the hard way.
If other phones can’t provide an acceptable baseline level of security, the GrapheneOS devs are correct to not support them. Yes, it sucks that the only phones supported are Google Pixels. They have a partnership with Motorola to create a non-Google alternative.
If you still don’t like it, fork it.
Is security of hardware pass or fail? And only Pixel passes while all other phones fail?
What makes Pixel so drastically preferrable?
I am starting to doubt GrapheneOS judgement here.
You’re saying even the 2nd best phone is a fail. I don’t buy it. Can a security researcher please comment?
GrapheneOS needs to settle on the 2nd most secure system after Google, if Google is really the #1.
That’s called Lineage. GOS is purposely the most secure possible.
Force is a bit much. They are using an existing set of tools to build their OS.
Many ROMs do that and allow you to install in a large number of phones from different manufacturers. For now, if you want GOS, you are forced to get a google phone.
There is a reason for that. The single-rom-for-multiple-phones idea does t really make practical sense for a security-focused ROM. It has different design pressures. Right now they are rationing their resources are targeting specific hardware. They are already branching out with other vendors but that’s going to take time to do right.
Google and the Open Web
-
Embrace
-
Extend
-
Extinguish <-- we’re here
Ah yes, the 4X buisness strategy. Building an empire through four core pillars:
eXplore, eXpand, eXploit, eXterminate
-
European institutions and apps should be banned from employing reCAPTCHA, Google’s Play Integrity API and Apple’s App Test API, if this is how they are to function. At the same time, Apple and Google need to be sanctioned for this approach, as I am certain that it violates fair competition laws.
Im just waiting for somebody to make a plan for resistance. So far the best I have seen is going to the doorsteps of google to cry and beg them to stop.
thats not my cup of tea
But I think the real reason nobody is doing this is the paradigm of reasonability.
Nobody want to step their foot down, because that’s not reasonable. We are supposed to make it work like the wife exposed to domestic violence.
But we need to stop being reasonable and start being assertive.
But for real, I think GrapheneOS could take this stand if they’ve got the balls.
GrapheneOS uses Google hardware and depends on Google publishing the Device Tree Blob to create their software over.
By branching with Motorola, it gives them more viability for when Google decide they won’t publish the DTB anymore (it will happen).
But GrapheneOS is still dependant on Motorola not being dicks.
Graphene OS need to develop their own app store.
They do have their own App Store, it’s just only got like… 14 apps in it. Mostly just the stuff they’ve made them selves that they’re super confident in the security of, as well as a couple of other app stores like Accrescent
To start allowing submissions of any third party app to it would ether require them to do a ton of vetting to ensure it meets their standards, or for them to drop the standards for security and privacy for it. If you want more than that handful of defaults, Accrescent and the google play mirror are there ready to be installed
They need to start incentivizing developers to develop for their app store.
Why not just use F-Droid?
You need a lot of money for incentives. The bigger factor is large scale adoption among the corporate apps that others use (their privacy policies notwithstanding), which I realistically see never happening for Graphene, sadly. Sideloading is a decent alternative, I just don’t know how long it’ll be around for.
Sideloading only needs to be supported by the OS, and the developer. (am I wrong here?)
They already have one. Maybe they could partner with F-droid…
