we need linux phones ASAP
They exist. People just don’t buy them. But there is a Ubuntu phone port you can install on your phone as an alternative to android.
But yeah it can get complicated like any Linux community project and isn’t at all mainstream.
I think Linux phones will gain some real traction within five years. Last I heard, KDE is putting great effort into making apps for Plasma Mobile
I’ll believe it when I see it.
We had a few good Linux phones back in the day but Nokia / Microsoft killed them trying to compete with iPhone OS and Android: Maemo / Meego were great but did not get a proper chance.
Jolla continued the legacy and Sailfish OS is still something worth checking out if you can find suitable hardware, or idk how complex it is to port it.
Seems to be new Jolla phone coming up at some point too: https://forum.sailfishos.org/t/next-gen-jolla-phone/23882
The Jolla was probably my favorite phone, but it broke so easily. I really hope they make something more sturdy this time around.
deleted by creator
thank god for brazil
technically you will still be able to install apps from outside the play store, but the developer will need to verify their identity with google.
Of course, most developers will refuse to do so (myself included), and so most apps will not be able to be installed. From a technical perspective, installing apps from other sources will still be allowed. So i can see judges ruling that this is not a feature removal.
You and I both know this is google killing non play store apps, but I don’t think the tech illiterate judges will see it that way.
Technically you can still install apps unsigned through ADB.
Considering it’s easier than ever to start up something like Shizuku, it could be used to grant f-droid access to install apps bypassing the requirement.
Obviously not a good solution by any means.
deleted by creator
Starting next year, Android will require all apps to be registered by verified developers in order to be installed by users on certified Android devices.
Are they actually proposing to make any previously sold devices “certified” through a software update, though? Your points are right on if this edict applied to all devices.
A “certified Android device” is a device running Google Play Services, Play Protect, Google’s WideVine DRM scheme and a few other requirements. If you purchase a device from a known manufacturer, like Samsung, you’re falling into this category.
They’re not removing a feature though, so that whole argument falls over instantly.
deleted by creator
That’s not removing a feature though, it’s just changing it. Side loading is the feature.
deleted by creator
I very much doubt that’s how the law works lol
deleted by creator
Because you’re wrong.
What pisses me off it that they say they do this for security. It changes absolutely anything.
They really think that malware developers will say “oh no! I need to submit a picture of an id card to sign my malware! It’s literally impossible to submit a jpg of a stolen id card, I’m ruined and out of a job!”
What does it change? Waste 20 minutes of some malware developer while they register under a stolen id? They already have a system that scans for known malware and automatically remove it.
It’s always security when someone wants to take our freedom away. Always security…
Of course they know that. It’s about power and money. After all, they already have a security program that filters out malware. If we believe their stated reasoning (which we don’t), they’re tacitly admitting that their current security program is a complete failure, and also that they will not try to fix it.
I don’t think it’s going to be as simple to verify as uploading a pic of an id
If it’s like the play store verification, it’s quite simple. The main problem is that once “verified”, Google publicly doxxes individual devs by publishing their residential address + private phone number + private Gmail on their dev page, and this is unacceptable for anyone except who used stolen identities
Both things can be true. It definitely is better for security. It’s pretty much indisputably better for security.
But you know what would be even better for security? Not allowing any third-party code at all (i.e., no apps).
Obviously that’s too shitty and everyone would move off of that platform. There’s a balance that must be struck between user freedom and the general security of a worldwide network of sensitive devices.
Users should be allowed to do insecure things with their devices as long as they are (1) informed of the risks, (2) prevented from doing those things by accident if they are not informed, and (3) as long as their actions do not threaten the rest of the network.
Side-loading is perfectly reasonable under those conditions.
It’s pretty much indisputably better for security.
I dispute this. While adding extra layers of security looks good on paper, flawed security can be worse than no security at all.
Android packages already have to be signed to be valid and those keys already are very effective in practice. In effect these new measures are reinventing the wheel as to what a layperson would think this new system does.
Adding this extra layer in fact has no actual security benefit beyond posturing/“deterrence”. Catching a perpetrator is not the same thing as preventing a crime. Worse - catching a thief in meatspace has the potential to recover stolen goods, but not so in digital spaces - either the crime is damage or destruction of data for which no punishment undoes the damage or the crime is sharing private data which in practice would almost certainly have been immediately fenced to multiple data brokers.
And were only getting started with this security theater:
- Nothing prevents an organization from hiring a developer for long enough to register before being flushed (or the same effect with a burner account on fiver)
- Nothing in this program does anything to get code libraries vetted - many of these developers may accidentally be publishing code from poisoned wells that they have no practical knowledge of.
- None of these measures make scams less profitable.
- None of this addresses greyware - software that could technically qualify as legal (because the user agreed to terms of service for a service of dubious value)
- All of this costs time and resources that will likely inevitably be shouldered on low paid engineers that could have put that effort to better uses.
- Metrics and statistics may likely be P-hacked to reflect that the new system as a success (because there’s internal pressure to make it look good) this turning-security-into-press-releases would have collateral of making accountability overall worse.
But you know what would be even better for security?
While we’re at it we could add the tropes of removing network connectivity, or switch to using clay tablets kept in a wooden box guarded by a vengeful god. Both of those would be more secure, too.
Users should be allowed to do insecure things with their devices
100% agree with you here - it’s fundamentally the principle of “Your liberty to swing your fist ends just where my nose begins”. Users should be given the tools and freedom to do as they want with their property - up until it affects another person or their property in an unwanted way.
I think we mostly agree. And I do agree that “flawed security can be worse than no security at all.” I think, though, that this doesn’t make security worse, just that it doesn’t make it that much better.
But even simple filters can make a significant difference: maybe you remember the early-ish Lemmy debacle of turning off captchas for signups by default, ostensibly because captchas are now completely defeated… which led to thousands and thousands of bot accounts being created pretty much immediately across a bunch of instances, and the feature being turned back on by default.
I’ll agree to that.
And I also think that there’s no way I trust Alphabet (holding company of Google) to be the sole arbiters of who gets to run code - neither in a philosophical sense nor as a gatekeeper to one top five compute platforms used by a substantial chunk of the world population.
It absolutely does not justify creating a policy that would wholesale obliterate F-Droid, arguably one of their larger competitors.
100% agree
I will literally go without a smartphone if Google does this, this is insane I would have bought an iphone if I wanted a junk device I don’t actually own.
Owning a phone doesn’t give you control over what the operating system can do. You can so what the OS they give you allows you to do, or you can find a way to put a different os on it - but they don’t need to provide a way for you to do that easily.
Not really sure why this is a hard concept for some people to grasp?
Open source community keeps trusting Google and they keep using the Embrace, Extend, Extinguish https://en.m.wikipedia.org/wiki/Embrace,_extend,_and_extinguish
What should anyone have done different? Not built for one of the largest platforms with the most users?
Android is so big because the community let them embrace it. Since the beginning the community should have worked in a true open solution. Now it’s really late to try to make a Linux phone
It doesn’t need to be Linux though - AOSP is still open source. Companies like graphebe using it just needed to not depend on Google to provide them the hardware and software to keep their OS viable. It’s entirely on them.
Linux would suck on a phone. Sorry it is barely usable on a laptop. We get worse battery life hardware less supported. Sure we put up with it but most people just want stuff to work.
Linux mobile
Yea… I’m really disappointed with the timing of FuriLabs new phone which is mostly a downgrade over the previous one. I’ve been window shopping phones for a couple of months and am at a loss for what to do. Even spent some time considering a dumb flip phone that can work as a wifi-hotspot and use a small linux tablet or something for the more involved stuff, but couldn’t find a good tablet option that wasn’t huge (would still want it to fit in my pocket) or come with the same problems.
Shift phone 8 from murena?
As far as I can tell, it’s just de-googled android… It is going to have the same eventual problems as any LineageOS, e/OS/, or GrapheneOS phone will have.
Unfortunately we need to come to terms with the fact that 1) Android is not Linux after all of the bastardizations Google has done to it and the control they maintain. 2) We need hardware mfrs on board for fully Open Source drivers for mobile hardware.
Basically all of the Linux phone options I’ve looked at have been disappointing. You’ve got people making open source OS like Sailfish or PostmarketOS or UbuntuTouch, but they only work for pretty narrow (and old) hardware and they don’t get 100% functionality on basically any of the hardware. FuriLabs was the first one I’d seen claiming you could use all of the features of the hardware, but even then it is using a bunch of (basically) compatibility layers to trick android apps into running, so I don’t even know if that will work after Google gets done with their plans.
deleted by creator
I am perfectly ok with android apps being required to be signed by not just a certificate (they always were just it could be self signed and just needed to match to upgrade without removing data) but a list of trusted entities.
As long as:
- I can install my own key on my phone (I’d I am trusted)
- major distributors like fdroid and have a key installed without friction (like web CAs)
- Google let’s me mark their key as untrusted (I probably won’t but I should be able to refuse things they trust (at install time, not disabling preloaded apps like settings)
Without this it feels too much extending the monopoly despite being forced to allow 3rd party stores.
The justification is simple, I don’t see the confusion, they want absolute power and for all alternatives to wither and die ? What is there not to understand ?
“Year of the Linux Phone” has a nice ring to it.
Not for me, no. I love the sandboxing and permissions of android (GrapheneOS). Honestly, desktop OSs should learn from it. Also, android is a lot easier to use, especially on small form factor devices.
Idk about GrapheneOS in particular but I find the sandboxing solutions for GNU/Linux like bubblewrap to be much more granular than standard Android.
“give us access to manage phone calls or we won’t you me answer internet calls (which have nothing to do with actual SIM calls)”, “give us access to all your files or we wont let you share that file via the share function (which doesn’t need fs access to work)”.
On GNU/Linux I can only give a program exactly the resources it needs, I can disallow dbus, I can block it from accessing potentially troublesome things like /dev/dri, can overlay filesystems and pretend that’s my real home dir. Or can just mount the whole / to some other system.
I am not saying android is perfect, but too granular is also bad. I have better things to do then tweaking SELinux policies.
Graphene users REPRESENT
Google’s developer verification will only run on mainstream Android with play services. It’s not supposed won’t be running in standard AOSP so the easiest solution would be to switch to a custom ROM like GrapheneOS.
They are also working to similarly kill custom ROMs. Just recently the GrapheneOS team mentioned that Google is no longer making their hardware drivers Open Source, and so compatibility with new phones means reverse engineering their own drivers - which is a big reason that custom ROMs support such narrow hardware options already and very often come with limitations and/or features that just don’t work. At best, they figure out how to make it work, but it takes time and updates can lag significantly behind.
We have a lot of options on the software side for avoiding google (or android), but very limited options on hardware. We need open source mobile hardware support ASAP.
They’re not so much working to kill custom roms as they are just not giving away their code anymore, going closed source for their own hardware.
Why do you think they’re making this arbitrary change?
Because Google have been wanting to be closed source for years, which is why nearly all their new features since they released the Pixel have been PixelOS exclusive and not in AOSP.
They don’t care about killing custom roms, that’s just a side effect of them going closed source for their Phone.
What do you think the benefit of closing sourcing their software is if not to stifle competition?
It means they can do way more features without giving away precious IP, and it also just reduces their workload. They don’t need to keep giving out their code for free. It makes their job harder.
AOSP projects are not and never have been a threat to Google. They aren’t trying to stifle them - that’s just a byproduct of not giving away their code anymore. Giving it away gives literally zero benefits to them. It might only save them 0.01%, but that’s a lot money.
As someone whose job runs several FOSS projects, I think you’re making up the fact that it adds meaningful workload.
I think that, for all intents and purposes, protecting IP is equivalent to stifling competition.
I think giving away code benefits the entire Android ecosystem, which might be the largest data mining operating Google has. I fully believe that’s of nonzero benefit.
But remember, unlocking bootloader is harder and harder for many devices. And Google’s Play Integrity and API changes makes removing trace of unlocked bootloader harder. Many apps not just banking, ChatGPT, games, some of social media is completely unusable in that scenario.
I don’t have that choice in Denmark due to NemID.
Like other people have suggested, maybe get a second phone (one of those really cheap ones with play Services) and use that for that stuff, and keep your main personal phone google-free.
This is the way for me too
Hopefully they go to court to get an injunction. Hopefully, they also go to the powers that be in the EU, those same powers have been so focused on the Apple App Store they failed to take into account Google can do something like this with the Play Store. It would be a shame for the F-Droid project to end but it is completely avoidable.
What we can do is complain. Loudly.
Degoogle where possible. Fuck these assholes.
And i guess prepare.
We can also do that.
Complain without doing something is worse than doing something like the other person suggested, though.
Complaining tells yhe company this isn’t popular. Complaining while talking about alternatives is helping others towards doing something, and giving the idea that it will be a net negativeove for their hegemony,even if you don’t do shit.
To be fair, up until recently, there was no clear indication that Google would do this. Google made it so that installing non-play store apps was slightly more difficult, Apple made it pretty much impossible. So Apple was a pretty logical target at that point (and honestly, up until then, they had pretty much gotten a free ride - think of the default browser issue in Windows, no one every bothered with Apple).
EU be like: Really? Didn’t you learn from Apple?
Right now the only decently speced phone with mainline Linux support is the Oneplus 6, and the only one I can find is being sold for $2000
There’s the FairPhone 6, running e/OS, Which is a deGoogled port of android, running microG
https://murena.com/america/shop/smartphones/brand-new/murena-fairphone-6/
If f-droid doesn’t expect to survive I think the whole stack /e/OS relies on might eventually collapse (microg, lineage, …).
I dunno how viable it is, but linux phones with waydroid is a thing
Also, I’d imagine that a small pocket of custom ROM amd root folks will still exist
Come hell or high water, i will retain control of my phone
Damn, I was hoping my Oneplus 6T was worth a couple grand. Nope. Someone has one on Swappa unlocked and in mint condition for $180. A Oneplus 6 is listed on Ebay for $130.
Is it in stock though?
It is, but why does that matter?
I think that’s the one I have, but please explain what mainline Linux kernel means? Would it be about installing bare Linux instead of Android?
It means you can use the regular Linux kernel instead of fucking around with a custom kernel (like Asahi) or with some sort of Android layer (like Halium). So running whatever distro you want shouldn’t be too difficult.
My job doesn’t allow me to use a jailbroken/rooted device
So if/when this goes through I’ll be switching to iOS.
Given the choice between two closed platforms, I’ll pick the one that ostensibly says they’re privacy focused instead of the one actively enshittifying their product.
I obviously don’t know your situation, but using your own phone for work is a bit of a red flag. If you’re required to use a phone for work, ideally the job should provide you one that meets their requirements.
Yeah, a mandatory work phone (where the employer can define requirements) should be purchased and funded by the employer.
Exactly.
My work only requires that I have their MFA. They don’t care if it’s rooted, it just needs to allow me to login. I’m guessing if I pushed back enough, they’d find an alternative.
You should just get a cheap phone to use for work. No reason to have their software on your own device. That will undoubtedly be used for creepy purposes.
Work profiles exist for this reason. A completely separate environment that is isolated from the rest of the phone and can be turned on and off on demand.
Some manufacturers, like Samsung, make it difficult to access, but it’s there.Yes i never saw this feature until I discovered shelter which uses this to protect your personal info.
Your job can say what phone you have? I don’t get it
The moment my work says what phone I need is the moment I demand they provide a phone for me.
