Pot, meet kettle.
To add to this, at least Android being open source allows for alternative versions that can be used on some hardware that truly don't track and can be consistently supported long term. With Apple's devices, that's not a practical option.
Edit:
From the news today:
Google’s relationship with Apple is particularly significant given its unilateral access to iPhone customers. Internal Google notes of a meeting between Sundar Pichai and Apple CEO Tim Cook released Monday by the DOJ give an interesting insight into that relationship. The meeting, which began as a discussion of the regulatory environment in D.C. eventually turned toward the question of Google’s place as the default search engine on Apple products.
Cook, according to the notes, told Pichai he believes the two companies were “deep partners; deeply connected where our services end and yours begin.” In another note from the meeting, Pichai reportedly said, “Our vision is that we work as if we are one company.” Pichai tried to distance himself from that line during this testimony on Monday.
Oh boy, oh boy, oh boy!
Hello from GrapheneOS 👋
The same GrapheneOS kicked out of AOSP Alliance for being toxic and shady?
I dunno about that but the toxic guy was also kicked out of Graphene
SOME hardware. I hope you're not picky with your devices.
I mean, it's a higher count than Apple with exactly…0
Does anyone else remember that old project from many moons ago that was working on getting Android working on iOS devices
Yep! I remember running Android on an original iPhone (just for fun, really, and like two or three years after the iPhone had debuted).
I member!
If you're planning to do this, you will find yourself in a sea of options.
I've seriously looked into it and I disagree.
We need open source drivers for devices. Without those, your smartphones with any other open source OS would be next to useless.
what the fuck
https://wiki.lineageos.org/devices/
These are only the official ones which are up to par with the quality assurance of LOS, there are countless of unofficial builds for almost any phone.
For example, Pocophone F1, my first Xiaomi phone still gets security and feature updates:
https://download.lineageos.org/devices/beryllium/builds
https://wiki.lineageos.org/devices/beryllium/
It's now 5 years old, that's Apple kind of support for an €350 Android device.
Vote with your wallet and only buy phones on the device list of LOS.
No kettle here, just a couple of pots. The kettle is shiny and reflective. The pot is seeing its own reflection in the kettle. Hence there's no kettle in this scenario.
🤯 Thank you for your service.
Android being open source
Hahahahaha. Good one.
Yes. LineageOS and GrapheneOS among other forks are some obvious counterexamples to the narrative that Android isn't open source. Then there are the countless vendors that use it in China without Google software. I know it's cool to hate on Google and I do partake but that's simply a fact.
Those are missing major parts of a full Android system. Play Services is a huge one.
No, they're not. You can use sandboxed google services, if you want to. Or you can use FOSS apps.
Or your own proprietary implementation if you're making an Android device yourself and you were lazy.
Keep digging, bud
Go buy any Android phone from a major brand (Google, Samsung, etc) try to rebuild the OS as it’s installed from the factory from source. You can’t.
Even theAOSP based Android distros like LineageOS ship with closed source binary blobs for crucial parts of the OS.
Calling Android OSS is a marketing gimmick to trick nerds into choosing Android.
I don't know how to rebuild shit but certainly plenty of people can and have.
There are dozens of forks of Android so I don't know how you can NOT call it OSS.
You can build a version of Android, but not the version that is installed on the device you buy in the store.
There are dozens of forks of Android so I don’t know how you can NOT call it OSS.
Because even those forks ship closed source binary blobs. You simply cannot build an Android phone with 100% open source. The phones you can actually buy in the store? A huge part of those is closed source.
Android is opensource. It has closed source components, but they aren't necessary to run Android.
And they're completely replaceable as there are clean interfaces between the closed source components and the open source base.
If those are you idea of clean interfaces… wow.
Feel free to post comparison images of core apps on different mobile OS'es to strengthen your incredulity.
Exactly. It's like saying Linux isn't open source because some distros come with proprietary NVidia drivers.
Mayor parts that are very much necessary for a fully functional Android system are closed source. Play Services is a big one.
Yes. I would like to see a DIY selfhosted replacement for play services that is a direct swap in, in the sense that as an end user I couldn't tell the difference (notifications primarily)
Edit: wow! Didn't realize selfhosting replacements for Google services is so controversial!
Apple literally scans your photo galleries for illegal photos.
Edit, looking into things, it seems like they might have backtracked on this one due to backlash when it was announced.
No they don't
Source?
I assume they're referring to the now cancelled CSAM https://www.wired.com/story/apple-photo-scanning-csam-communication-safety-messages/
deleted by creator
It's since been backtracked as cited from another article. I was unaware as I don't use Apple products and only heard about the plans when they were originally announced. I will update my original comment to reflect the feature being backtracked
Australia's Basic Online Safety Expectations made it required by law:
"If the service uses encryption, the provider of the service will take reasonable steps to develop and implement processes to detect and address material or activity on the service that is or may be unlawful or harmful"
Source: https://www.legislation.gov.au/Details/F2022L00062/Html/Text#_Toc93478766 section 8
“Service” sounds more like something such as iCloud than my personal, on-device photo library to me.
But only local, look into the source code yourself, heh.
You forget to add /s
If you need an /S here, you deserve the troll.
Righ, just like how three letter agencies definitely don't have zero-day exploits into your devices (until they remeber about that one they definitely did put in)
-
My comment was sarcasm
-
You really think they need that feature to get to your data
-
I can totally tell tone of voice an intention through text /s
-
One of many methods.
-
Don't be an asshole.
-
-
Lmao pot call the kettle
deleted by creator
task failed successfully
HTTP Response 418 I’m a teapot
P sure the only difference is that Apple hoards the data while Google
gives it all awaysells it.Google also doesn't give it away
Sorry sorry, semantics. Google sells user data.
No they don’t. They sell the ability to display ads to users in a targeted fashion. The user data is how they do that and is their moat. Their entire market advantage is they don’t sell the data, instead you have to continually let them decide who sees your ads to leverage that data.
Google goes to great lengths to make sure only they have this data.
EFF kind of disagrees with your sentiment, which IMO is providing Google with the benefit of the doubt:
Google monetizes what it observes about people in two major ways:
- It uses data to build individual profiles with demographics and interests, then lets advertisers target groups of people based on those traits.
- It shares data with advertisers directly and asks them to bid on individual ads.
The second method of monetization involves most of the behaviors that regular people might think of as “selling data.” Google is involved at nearly every level of the complex, automated process of third-party ad placement known as “real-time bidding,” or RTB.
No kettle here. The kettle is shiny and the pot sees its own reflection in the kettle. That's the meaning of the phrase. Just two pots, one of them pointing out the other is a pot.
Well yeah, as much as I dislike apple, the majority of Google's income comes from advertising - and to be the best at it, they need to have more personal data than everyone else, which = lots of tracking.
How do we open source hardware and make it competitive? If we figure that out, maybe we can break free of yet another 2 party system we're creating lol
You give them the freest phone with the most open operating system you can find and people will install the spyware themselves.
Give a person a privacy phone and they'll install spyware on it.
Give a person a want for privacy and they'll get a privacy phone and never install closed source apps on it.
You can lead a troglodyte to knowledge but you can't make them think.
As opposed to Apple where advertising is a growing revenue stream that they're definitely not gonna maximize because they have other revenue streams.
Agree on the hardware point. That said you can buy a Fairphone or a Pixel today and install usable Google-free software on it, today.
There are plenty of phones one can install notgoogled OS'es on, but it requires the buyer to look up the list of phones that are supported.
Not necessarily. There's always the option to port something like LineageOS yourself, which is in fact where most of the ROMs for a much larger selection of devices comes from than what is officially supported by LineageOS. This is of course not for the average user, but it is possible. Except for some devices like the newest Samsung flagships that are based on Snapdragon. With the Exynos variants, porting AOSP and operating systems based on it is possible.
I don't understand. There's a large list of officially supported devices and users can create support for even more devices. Doesn't that mean that there is a wide range of phones that support custom ROMs, even if not all phones are supported?
I'm a little iffy on just how Google-free any Pixel after 5 is even if you run Lineage or something.
I hope eventually risc-v become the norm. It's the closests to the open source hardware idea.
Unfortunately, no matter how open the hardware and software may be, for the vast number of people it will never be possible to verify that one specific peice of hardware is running a specific peice of software.
And even if the tools existed to enable normal persons to do this, they would need to trust that the hardware/software in the tool has not been tampered with and that the tool is running it.
I don't think trusting the security software would be any harder to trust than the OS or anti-viruses, both systems designed to keep the users safe.
More of an issue would be how to find out who is trustable, and that will take both time and trust from the getgo.
I don't think that that's going to be a problem. We have a long history of dealing with such verification. What is important is that people trust science and scientific institutions, and sooner rather than later, in-depth analysis of devices conducted by experts will be able to provide security and credibility for the layman to rely on without the need to run tests themselves. This is basically how the privacy and cryptography branches of hardware and software engineering have operated for decades now.
Yeah I’m laughing at the top comment which equates Apple and Google on this. Please give me a break. Apple sells ads within its App Store and some people would have you believe this makes them an ad company. Meanwhile Google collects data from your browsing, email, phone, and tried damn hard to hook us on its social media products, and they run ads on all of those as well as third party sites and apps. I mean FFS come on.
Pot. Kettle. Black.
No kettle here. The pot sees its reflection in the kettle, kettle being shiny, so the kettle is actually different from the pot. Just one pot calling another pot black in this instance.
Unless you use GrapheneOS this is true. But iPhones aren't any better. GrapheneOS is the only solution.
Multiple OS choices, hardware kill switches for connectivity/camera/microphone, expansion pins, etc. Modest specs but for enough functionality to be a daily driver, zero ads or spyware, and infinite customizability, $400 is a steal.
Mine was unusable IMO but maybe I didn't try hard enough.
Linux phones are not at a point where you can actually daily drive them. They even lack support for basic apps like Signal. The camera and battery on the PinePhone aren't great either. These are concept phones, but nothing that anyone can actually use. Also, Linux distributions are much less secure than GrapheneOS or even AOSP. And good luck getting normies to use a Linux phone, it's already hard with desktops, but impossible with phones.
Yeah I'm aware they're still in a really early/rough state, I definitely used the term pretty loosely. From what I understand they're capable of reliably texting, calling, light web browsing and maybe playing some audio. If you aren't someone who frequently/extensively uses your phone, and has decent knowledge of Linux, this may be enough for you. Def not the average user though.
I’d like to do this but it looks a bit complicated. Maybe there’s a video guide I can follow so that I don’t fuck it up.
Oh man, this looks so much easier than when I installed Lineage on the Poco F1! Might go for it now that I've got a pixel 7
I can only recommend it. I used a Samsung phone a few years ago and putting a custom ROM on it took me a whole weekend, I had to spend many hours researching and I often encountered issues. With GrapheneOS, it was super easy. 15 minutes after taking the phone out of the box I had Graphene running on it. That was my first time installing GrapheneOS btw.
Does it work with most common applications?
Yes, the GrapheneOS team put a lot of time and effort into creating Sandboxed Google Play services. It allows you to use Google services which are required for many apps without giving up your privacy. You get to choose which permissions you grant to Google Play services, just like with any other app. Basically any app that works on Android also works on GrapheneOS, except for a few things like Google Pay or Android Auto, because Google actually prevents them from working on Graphene.
You mean apps? Then yes. You can just install Aurora.
You mean apps?
What do you think apps is a contraction of?
Apparently, apple applications apply appropriate approvals for the apprehension of appliance appendices.
You don't need aurora on graphene, thats the point of sandboxing.
deleted by creator
iPhones aren’t any better
Anyone got a source for this claim? I see it repeated often in this thread with no supporting evidence.
I’m not disputing it, I’d just like to know more.
Google has a direct financial motivation to track you through their business model. Just based on that I’d assume Google is performing more data harvesting.
https://www.apple.com/legal/privacy/data/en/apple-advertising/
Straight from Apple.
https://www.tomsguide.com/news/android-ios-data-collection
The full research paper: https://www.scss.tcd.ie/doug.leith/apple_google.pdf
If you prefer a video: https://piped.video/watch?v=nQ9LR8homt4
And if you don't buy Google's Pixel you're just fucked?
I believe LineageOS has a wider selection of devices
But far worse security, privacy and app compatibility.
LMFAO, i'm interested in that explanation.
LineageOS without GApps is literally as secure as GrapheneOS
No, it definitely isn't. Stop spreading false information and potentially giving people a false sense of security. LineageOS isn't even as secure as stock Android, it's definitely not as secure as GrapheneOS as GOS has many security improvements compared to the AOSP. Some examples are the hardened C Library, hardened memory allocator, improved SELinux policies, secure app spawning, hardened browser (Vanadium) which is also used for WebView, etc. LineageOS doesn't even allow you to relock the bootloader, meaning anyone can modify the system because Android Verified Boot only works with a locked bootloader. It doesn't have any of the security features that GrapheneOS adds on top of AOSP, it also lacks basic security features from AOSP. It's ok for tinkering, but I would never use Lineage on a production device. You can read the section about LineageOS of this blog post: https://madaidans-insecurities.github.io/android.html#lineageos
Quote:
A common ROM that has many of these issues is LineageOS:
- LineageOS uses userdebug builds by default. This adds many debugging features as additional attack surface. It also weakens various SELinux polices and exposes root access via ADB, which, as previously discussed, is not a good idea.
- LineageOS requires an unlocked bootloader, therefore disabling verified boot, which is essential to verify the integrity of the operating system.
- It does not implement rollback protection. This allows an attacker to downgrade the system to an older version and then exploit already patched vulnerabilities. The default updater even allows you to downgrade versions yourself.
- Most LineageOS builds also do not include firmware updates, which prevents users from getting new patches to fix vulnerabilities. Instead, it gives a pop-up advising users to flash updates manually that most people will simply ignore.
This is a non-exhaustive list. There are more issues than just those listed above. LineageOS (and most other custom ROMs) are focused on customising the device and not privacy or security. Of course, you could build LineageOS yourself to fix many of these issues, but most users will not be capable of doing so.
What a load of crap. What's ur source for this information?
From a privacy standpoint, Lineage OS uses hard-coded Google IPs for some core functionalities (DNS, NTP, Webview). MentalOutlaw did a video on this and how it can be removed by rooting your phone.
it can be removed by rooting your phone
Which makes it even less secure
Why is my comment crap?
Which of my points are not true?
LineageOS has far worse security than both AOSP and GrapheneOS as outlined in the LineageOS section of this blog post: https://madaidans-insecurities.github.io/android.html#lineageos
It also has worse privacy because it uses Google services for things like DNS and NTP by default, which can not be changed by the user. GrapheneOS replaces all Google services like DNS, NTP, connectivity check, and the Attestation key provisioning service through either their own service or their own proxy for the Google service. Most of these can also be entirely disabled by the user on GrapheneOS. It also offers proxies for SUPL and PSDS location services and allows the user to disable these.
App compatibility is worse, as LineageOS uses microG whereas GrapheneOS uses Sandboxed Google Play services. microG is an insecure and poorly implemented version of Google Play services that sometimes has issues with basic Google SafetyNet checks. GrapheneOS just uses the standard Google Mobile Services bundle, but it's not installed as a system app and has the same privileges as any other app. It can be installed and uninstalled by the user and all permissions can be revoked (including network and sensor access).
No, Google does the same shit. You just decide which big company you give your data to. Or use a Nokia on 2G
If you install GrapheneOS, then Google doesn't get any data from you, but they still get the money you spent on the phone. GrapheneOS only supports Google Pixels, for multiple reasons they explain in their FAQ.
Jokes on you, we disable 2G for the sake of 5G frequencies.
But on Google Pixels you can install GrapheneOS, unlike any other Android device
No? There are many other ways to ensure privacy on Android.
-
Best option: Use a Custom ROM (which Graphene OS is an example of). However, going via this route is almost always a headache, as all devices don't have specific, stable builds, etc. Also, going this route poses a very real risk of bricking your device.
-
Easy and safe option (I would recommend this): Buy a device with stock android instead of the crappy MIUI and other variants. Disable all google services and apps and install all your applications from Fdroid. Install a firewall like TC from Fdroid for additional protection.
all devices don’t have specific, stable builds, etc
GrapheneOS is actually very stable and has specific builds for all the devices they support. It only supports Google Pixels, because these are the reference devices that AOSP is built for. They also have great hardware security features like the Titan M series of secure elements.
Also, going this route poses a very real risk of bricking your device.
Not with GrapheneOS. Their easy-to-use web installer makes is basically impossible to break your device during the installation process. It's really easy and maybe takes 15 minutes.
-
Just have to pay google 800$ to leave the google ecosystem. Seems legit.
My Pixel 6a was 300 bucks
Pot calling the kettle black.
Pot calling another pot black. The kettle is shiny and the pot is seeing it's own reflection, at least in the original meaning of the phrase.
tbf Androids are about the same size as iPhones
Googled Androids yes, not degoogled ones. There's a big difference.
Not wrong but ironic coming from apple. As if they don't track and have spyware.
From their own privacy policy they outline what they do:
For research and development purposes, we may use datasets such as those that contain images, voices or other data that could be associated with an identifiable person.
To provide location-based services on Apple products, Apple and our partners and licensees, such as maps data providers, may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device.
Apple’s websites, online services, interactive applications, email messages, and advertisements may use "cookies" and other technologies such as pixel tags and web beacons.
We also use personal information to help us create, develop, operate, deliver, and improve our products, services, content and advertising
At times Apple may provide third parties with certain personal information to provide or improve our products and services, including to deliver products at your request, or to help Apple market to consumers.
Apple may collect location, IP Address, network information, Bluetooth information, connected devices, accessories, personal demographics, browsing history, browser fingerprint, device fingerprint, search history, app data, usage data, performance, diagnostics, product interaction, transaction information, payment information, purchasing records, contacts, social graph, watch history, listening interests, reading list, call metadata, device information, messaging metadata, email addresses, salary, income, assets, health data, ad interaction, in-app purchases, in-app subscriptions, app downloads, music downloads, movie downloads, TV show downloads, Apple ID, IDFA, Random Unique ID, UUID, IMEI, Hardware serial number, SIM serial number, phone number, telemetry, cookies, Nearby WiFi MAC, Siri request history, Web sign-in, songs played, play and pause times, playlists, engagement and library.
Literally all of this is what Google does. The only thing Apple does differently is hinder 3rd party apps to a greater degree. But to be fair, Google has been improving the Privacy features of Android with each version.
They're absolutely right, but the last person who should be pointing that out is Apple, of all people.
Surely Apple won't steal any of your data when they just say "trust me bro" 😊
"Ignore those AirTags"
Well, the pot's not wrong, is it?
In this case they are both pots. The kettle is shiny and the pot sees it's own reflection, being the original meaning of the phrase.
That's ironic
