• humanspiral@lemmy.ca
    link
    fedilink
    English
    arrow-up
    8
    ·
    10 hours ago

    This is an android 16 feature, scheduled for sept 2026 “prerelease” and 2027 rollout. I expect/hope some phones will have a setting to disable “the security”. If not, there is great opportunty for high end hardware linux first phones, with good android emulation software.

  • MystikIncarnate@lemmy.ca
    link
    fedilink
    English
    arrow-up
    19
    ·
    13 hours ago

    This is the risk of “trusted computing” architectures. Who is governing the “trusted” part of that.

    These cryptographic signatures are not as much of a death knell for Android as some would have you believe. The trick is to get a common code signing cert into your device, that is then used to sign any third party APK you want to run. You can avoid the Google tax this way. I assume that’s how most sideloading sites and apps are going to handle this.

    The question is, how do you add that certificate? Is it easy and straight forward (with plenty of scary warnings), as a user? Or is it going to be a developer options deal? Or will I need root to add the cert?

    I’m not sure what that answer is right now.

    I just want to finish this post with a few words about trusted computing models. Plainly: Apple has been doing this for years … That’s why you download basically everything from an app store with Apple. Whether on your Mac OS device, your iPhone, iPad or whatever iDevice… Whether the devs need to sign it, or the app gets signed when it lands on the store, there’s a signature to ensure that the app hasn’t been tampered with and that Apple has given the app it’s security blessings, that it is safe to run. Microsoft and Google have both been climbing towards the same forever. Apple embedded their root of trust in their own proprietary TPM which has been included with every Mac, and iDevice for a long ass time. Google also has a TPM, the Titan security module, I believe that was introduced around pixel 3? Or 4?.. Microsoft made huge waves requiring it for Windows 11, and we all know what that discussion looks like. Apple requires a TPM (which they supply, so nobody noticed), Google has been adding a TPM and TPM functionality to their phones for years, and now Windows is the same. None of this is a bad thing. Trusted computing can eliminate much of the need for antivirus software, among other things. I digress. We’ve been going this way for a long time. Google is just more or less, doing what Apple has already done, and what Microsoft will very likely do very soon, making it a requirement. Battlefield 6 I think, was one of the first to require trusted computing on Windows and it will, for damned sure, not be the last that does. The only real hurdle here is managing what is trusted. So far, each vendor has kept the keys to their own kingdoms, but this is contrary to computing concepts. Like the Internet, it should be able to be done without needing trust from a specific provider. That’s how SSL works, that’s how the Internet works, that’s how trusted computing should work. The only thing that should be secret is the private signing keys. What Google, Apple, and Microsoft should be doing, is issuing intermediary keys that can sign code signing certs. So trusted institutions that create apps, like… Idk, valve as an example, can create a signature key for steam and sign Steam with it, so the trust goes from MS root to intermediary key for valve, to steam code signing key, and suddenly you have an app that’s trusted. Valve can then use their key to sign software on their store that may not have a coffee signing key of it’s own. This is just one example based on Windows. And above all of this, the user should be able to import a trusted code signing cert, or an intermediary cert signing cert, to their service as trusted.

    Anyways, thanks for coming to my Ted talk.

  • F_OFF_Reddit@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    14 hours ago

    So yeah we’ll do a decentralized Linux phone of sorts, if Google is going full 3rd Reich with Android we’ll move to a Linux based OS phone.

    Simple as that.

  • ClydapusGotwald@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    12 hours ago

    This was the main reason I have a spare android phone to install whatever I want on it and just factory reset if there’s an issue. Android / Google is really shooting itself in the foot cause there isn’t a point in owning an android after this imo

    • tidderuuf@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      11 hours ago

      Similar story here. I’ve got apps that I need to use from developers that are not around anymore. My old phone only needs wifi and I’ve disabled/uninstalled everything else. The phones battery last like 7 days now.

  • Gemini24601@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    14 hours ago

    When it comes to the current final frontier, Linux phones, what brands/models would be the best option? Or are you all really recommending iPhones?

    • JeremyHuntQW12@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      3 hours ago

      You can’t sideload in Linux.

      “All” you need to do is reflash your phone and reinstall Android/Chromium (soon to be renamed Android). Since you are not a certified supplier, the checking is not activated.

      On Chromebooks the setting will be on, since they are used in schools, but since it has a terminal you can remove the block, it won’t be simple, probably terminal commands and changing configuration files, but it won’t be impossible.

    • zeca@lemmy.ml
      link
      fedilink
      English
      arrow-up
      3
      ·
      14 hours ago

      Linux handheld with a 4g usb modem, doing calls over the internet. Just an idea, im not doing this, nor do i know how practical it actually is.

    • Luffy@lemmy.ml
      link
      fedilink
      English
      arrow-up
      16
      ·
      edit-2
      22 hours ago

      Apple now allows sideloading of apps

      Apple allows as much sideloading as google wants to next near.

      Yes, you can install from .iPa files, but you still need to pay 100€ a year to be able to sign the IPA files, otherwise you cant run them. as much as with googles new policy you now need to pay 25€ + your full name to get a signature, to sign the Apks with

  • SkeletorOfDeath@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    21 hours ago

    I have LineageOS on my second phone, so the issue doesn’t apply to custom ROMs, as the developers assured me. On my main phone, however, I still have the stock ROM because it’s a new and expensive phone, and there are no custom ROMs for it yet, especially as it’s a MediaTek. If they try to block sideloading, it would be a good time to report it to the European Union.

    • GreenShimada@lemmy.world
      link
      fedilink
      English
      arrow-up
      11
      ·
      19 hours ago

      They also stopped support that allowed for easier development of custom ROMs a couple weeks back. So it’s not good news for custom ROMs. Either someone needs to form Android for good, or Linux phones are our next best bet.

      Back in 2019 when the leadership changed, they moved to be 100% about advertising, which is why Google started going browser fingerprint tracking. Invasive is the name of the game. Within 6 months of that, they’re also locking down their entire ecosystem like Apples does, specifically to squeeze more data out for advertising. This isn’t an action taken in a vacuum.

    • Eagle0110@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      18 hours ago

      Just get root, and it wouldn’t be too difficult to bypass.

      I already bypass many of Google’s stupid and arbitrary restrictions like their minimal SDK version requirement for side-loading apps and such with Magisk and Xposed modules.

    • DupaCycki@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      20 hours ago

      Are you sure it won’t apply? As far as I understand, it’ll apply to all devices with Google services installed. Which includes most ROMs, as well as non-Google ROMs after you manually install gapps. Is my understanding off?

      • Ihnivid@feddit.org
        link
        fedilink
        English
        arrow-up
        5
        ·
        edit-2
        17 hours ago

        The requirements apply to all “Google-certified Android devices” which includes:

        Devices with Google Play Store

        Devices with Google Mobile Services (GMS)

        Devices with Play Protect

        All mainstream Android devices from manufacturers including Samsung, Xiaomi, Motorola, OnePlus, and Google Pixel

        Custom ROMs without Google services & uncertified devices are not affected by these restrictions.

        From the linked wiki.

      • SkeletorOfDeath@lemmy.world
        link
        fedilink
        English
        arrow-up
        3
        ·
        16 hours ago

        I don’t have Google services, nor do I ever plan to install them. I’m perfectly happy with F-Droid, Aurora Store and NeoStore.

        • zeca@lemmy.ml
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          13 hours ago

          Soon aurora store may stop working. They could add some crap to the apks in the play store that checks whether the phone has google services. So either the devs put their apks somewhere available (like on fdroid, which most wont do), or theyll just put their binaries on the play store, which will just be a useless blob for those that dont have play services. Then we get another shitty cat an mouse game about spoofing play services, them catching up, on repeat.

  • PieMePlenty@lemmy.world
    link
    fedilink
    English
    arrow-up
    21
    arrow-down
    5
    ·
    edit-2
    23 hours ago

    > be me
    > buy new phone, chose android cause I can install anything on it
    > get free iphone from work
    > sell iphone on ebay cause I can install anything I want on my android
    > google doesnt want me to install anything I want

    Fuck me. I kept the wrong phone.

    • Luffy@lemmy.ml
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      1
      ·
      22 hours ago

      So in your world, a completely locked down phone is better than a phone that you can easily open up again by flashing a ROM or replacing Gservices for MicroG with adb + Magisk?

  • RedFrank24@lemmy.world
    link
    fedilink
    English
    arrow-up
    54
    arrow-down
    4
    ·
    1 day ago

    If Google is going to lock down my device to the point where I can’t install apps without their permission, I might as well dump Android and go straight to Apple. I sacrificed my phone being good for the openness of the platform, but if Google loses that openness, why shouldn’t I go with Apple?

    • Lost_My_Mind@lemmy.world
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      2
      ·
      1 day ago

      The only answer is money at that point. I don’t know how much phones are these days, but aren’t iPhones like $1400, but Android is like $900?

      I may be wrong though. Last time I bought a phone was 2018, and it was $600. Still using it.

      • RedFrank24@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 day ago

        I already tend to buy the expensive flagship models of phones. I buy unlocked and it lasts me ~5+ years, so I get the best phone I can get at the time and make it last, so money isn’t as much of an issue if I were to move to an iPhone.

    • humanspiral@lemmy.ca
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      8
      ·
      1 day ago

      Apple hardware has always been a generation ahead. Even when android/qualcom catches up, next generation is out already. The reason to avoid apple was it being a closed system money grab.

        • humanspiral@lemmy.ca
          link
          fedilink
          English
          arrow-up
          1
          ·
          11 hours ago

          a18pro beats M3 max in single core. Compared to 7840hs, it has 40% high single score geekbench 6, though 50% less multicore. Even beats ai395max at single score. Android competition catches up to even in gaming/gpu, but single core/responsiveness is still light years ahead. a19 next month, likely. M3 ultra has competitive aspects to xeon and epyc. Apple definitely has a lead on arm implementations.

    • wetsoggybread@lemmy.world
      link
      fedilink
      English
      arrow-up
      10
      ·
      17 hours ago

      The issue is that Android used to be open source but they’re moving to closed source under the guise of security as well which will make it difficult/impossible to update the rom

    • Valmond@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      21 hours ago

      Same here, got a recent (so not completely new) Xiaomi 13T Pro. Very little crap on it and it has impressive specs like 16GB RAM, 1TB storage and a very good Leica camera.

      I’d love putting Linux on it one day, the specs are almost as good as my main PC lol.

  • Zink@programming.dev
    link
    fedilink
    English
    arrow-up
    22
    ·
    1 day ago

    I think I am just done with the whole concept of the convenient prepackaged tech product, and especially staying “connected” with them.

    For example, I stopped wearing a smart watch this summer and it’s been a positive. I was the type to wear it 23 hours a day and track my sleep with it and everything. It turns out that not instantly seeing every notification or knowing the exact minute of the day are not a big deal, sans are even good for me.

    Part of what I’ve also done is use my phone a lot less and my linux desktop a lot more. I use it as a mobile communication device and not my computer for everything. I guess the next time I need to replace it I’ll either get an iphone since everybody in my family has one, or I’ll see where these wonderful Linux phone projects end up.

  • owenfromcanada@lemmy.ca
    link
    fedilink
    English
    arrow-up
    73
    ·
    2 days ago

    I know it’s not really ready for it yet, but I guess I’m gonna be looking into a Linux phone before I thought I would.

    • tomiant@programming.dev
      link
      fedilink
      English
      arrow-up
      13
      ·
      1 day ago

      My suspicion is that the main purpose of Googles decision is to stop F-Droid and Aurora Store from working.

      • lepinkainen@lemmy.world
        link
        fedilink
        English
        arrow-up
        10
        ·
        24 hours ago

        They don’t care about those.

        They want revanced and other ad circumvention tools out.

        They ARE an ad company, you know?

    • SaharaMaleikuhm@feddit.org
      link
      fedilink
      English
      arrow-up
      8
      ·
      1 day ago

      And especially any youtube app that blocks ads. OF COURSE Google will never allow Newpipe, Revanced, FreeTube and so on to be installed on Android phones ever again.

      • tomiant@programming.dev
        link
        fedilink
        English
        arrow-up
        4
        ·
        1 day ago

        None of those have worked for me on Android since a couple of months.

        Firefox with uBlock Origin is the last bastion, and don’t think that’s not on their radar.

  • dovahking@lemmy.world
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 day ago

    I’ll just buy and use decade old phones with unlocked bootloader till I can. There’s barely any innovation in phones these days and I’m sure someone will come to fill the gap Android left (hopefully Linux). I’m still using my 5 year old phone degoogled with custom a16 and still going strong. I also have a backup pixel 6 in case the current one breaks. I can easily wait 10-15 years.

    • rasakaf679@lemmy.ml
      link
      fedilink
      English
      arrow-up
      4
      ·
      23 hours ago

      Banking Apps in my country doesn’t even install on Android version of previous 2 version, because “security” reasons…not because of their incompetence to make their app more secure. I had to buy new phone to use my own money.

      • gian
        link
        fedilink
        English
        arrow-up
        1
        arrow-down
        1
        ·
        22 hours ago

        This do not depends on bank incompetence, it depends from the regulations the banks need to follow.
        And for the same reason you cannot install on a rooted phone (or at least, you should not be able to do it)