Sorry to piss off all the Apple shills on here, but sounds like an opportunity to me. I think there’s enough of us that want something better and some traction with Graphene and some Linux options. This should be a spark to ignite some fires. I’m disappointed but unsurpised by this news, but also a little excited about the window of motivation and opportunity this opens.
Honestly, I’m worried. Current Linux options are expensive and or shitty. IDK if Sailfish is still a thing. I can’t use Apple. If I keep taking good care of my not-so-shitty Xiaomi phone, maybe I have a couple more years until I’m pwned.
SailfishOS is still very much a thing and they have a brand new phone on the way. Since it hasn’t been released yet it’s hard to get into specifics, but early interest seems to point in a positive direction at least.
If you care about using third-party Android apps, I have good news for you, but grim news for the ecosystem. You will still be able to use third-party apps. But it’s going to be harder. You’ll probably need to use something like Shizuku or an ADB tool. The first wave of those affected won’t be you and me; it’ll be people who aren’t quite as technically competent. Then, slowly, a chilling effect will echo across independent development.
PostmarketOS is already in a good state for a secondary device, though I don’t think it can completely replace an Android phone just yet. Most devices still have some fundamental hardware support issues even on the more well supported phones (camera is the big one, call audio is also problematic on a lot of devices). However, as a pocketable Linux machine, it is wonderful. I got a second cheap SIM card so I can have data on my OnePlus 6 postmarketOS phone as there are a lot of tasks that work better on Linux than Android. I keep an Android daily driver but am trying to do less and less on it and more on the postmarketOS device.
It’s Android with all of the Google removed where possible and sandboxed where not. You can choose to install the Google Play services and use it like any other Android phone or use it without any Google software.
Some things won’t work, namely things like some banking applications and NFC payments, because they require on hardware attestation that Google will not allow Graphene to pass. Essentially everything that isn’t banking/payment related works exactly like any other Android phone.
It is just a secure phone (though you can still install Facebook on it if you want) that is designed around mitigating attacks that could violate your privacy and security.
Very easy to install, you just buy a Pixel directly from Google (don’t buy from the carriers, they’ll be locked). Enable OEM Unlocking in the Developer menu and then plug it into USB and you can install it directly from the Graphene site via WebUSB. It takes about 5-10 minutes, then your phone will reboot (It’ll give you a scary looking screen about not running a Google OS that you’ll see every time it reboots but it’s just informational, it doesn’t affect anything and the system will boot into GrapheneOS in a second or two).
The more complete instructions and WebUSB install process:
My thinking is that the part of Google that I think is bad is their advertising and algorithmic recommendation systems which are built on private data that I no longer wish to divulge.
The Pixel is made by a company that used to be called HTC before they were consumed by Alphabet. That company produced good hardware that was smartly designed and innovative. That legacy continues with the device that Google has sells as the Pixel.
There are a few things about the phone that Alphabet has tainted, such as the inability to use NFC payments because hardware running GrapheneOS isn’t allowed into their secure hardware attestation chain. Not for any real technical reason, only because it allows Alphabet to disincentivize people away from a competitor by abusing their many monopoly powers.
GrapheneOS takes advantage of the excellently designed HTC hardware to create an operating system that is designed from the ground up to be secure. It then leverages the complete control over your hardware to put Alphabet’s other software inside of a little box where it constantly lies to the software in a way that lets your applications work without them actually being able to access everything on your device.
Yes, it is technically an Alphabet product and giving them money can feel distasteful. However, in this case by buying their hardware you can cut off their software, which is the actual thing that is negatively affecting everything.
Until then, I’m less worried about giving HTC money than I am about having a device that I know is under my control and that works to protect my privacy.
Its a version of android OS that can be installed on Google Pixel phones. Its a relatively easy switch if you’re technically inclined, but the device needs to be carrier unlocked.
Neither is true, that’s not how forking works. But there is some truth to it in that it can start to become significantly more difficult to keep in sync as time goes on, depending on how obnoxious the security becomes and how many places they have to remove it.
Consider the trivially naive case where Google implements this feature in a single function: “function app_is_signed() -> bool” then the fork just adds “return true;” to the beginning of that function, and happily merges every other update Google makes from then on with zero issues. Even if the code for “app_is_signed” itself changes, nobody cares, because the first thing it does is return true and everything else Google ever tells it to check or do is ignored, the function can still be used everywhere throughout the code, it just no longer actually checks anything in Graphene, whereas it does check things in Google’s Android.
Of course the reality is much more complicated than that, but the principle is the same. It’s only a question of how obnoxious and difficult Google chooses to be about it. They could move the function around every update, or use many different functions, make a whole system out of it, make it do crazy cryptographic validations and checksums in various different places of the code, have watchdog tasks that are checking that the validation code is getting used. They could be really, really obnoxious about it, if they want to be, and they have more resources than the Graphene OS developers probably do to undo and keep undoing all these obstacles, so if they really want to devote that much time and energy to making Graphene’s position untenable, they can. But they could also be doing that now, and they’re not. Crackers have been fighting these sort of battles against copy-protected software for ages, it’s the same principles, and much of the same economic choices go into it. How much does Google want Graphene OS to go away? How much is it worth to them? It has to have a dollar value to them, and that dollar value might be significantly higher than they’re willing to bother with.
No. As long as the base remains opensource (AOSP), they can remove the bad parts. Graphene has made numerous contributions to AOSP, I’m confident they can manage that. And if the user base growths, I hope their fundings will follow.
It would be a good thing for the world if AOSP was forked with big resources behind an open project with an open governance. But that needs lot of resources.
Sorry to piss off all the Apple shills on here, but sounds like an opportunity to me. I think there’s enough of us that want something better and some traction with Graphene and some Linux options. This should be a spark to ignite some fires. I’m disappointed but unsurpised by this news, but also a little excited about the window of motivation and opportunity this opens.
What kind of traction? Is it missing something? Or do you just mean more developers behind it?
Honestly, I’m worried. Current Linux options are expensive and or shitty. IDK if Sailfish is still a thing. I can’t use Apple. If I keep taking good care of my not-so-shitty Xiaomi phone, maybe I have a couple more years until I’m pwned.
PostmarketOS seems promising, though.
SailfishOS is still very much a thing and they have a brand new phone on the way. Since it hasn’t been released yet it’s hard to get into specifics, but early interest seems to point in a positive direction at least.
If you care about using third-party Android apps, I have good news for you, but grim news for the ecosystem. You will still be able to use third-party apps. But it’s going to be harder. You’ll probably need to use something like Shizuku or an ADB tool. The first wave of those affected won’t be you and me; it’ll be people who aren’t quite as technically competent. Then, slowly, a chilling effect will echo across independent development.
I look forward to LibrePhone coming online. I hope it comes soon …
“Librephone — Free Software Foundation — Working together for free software” https://www.fsf.org/campaigns/librephone
PostmarketOS is already in a good state for a secondary device, though I don’t think it can completely replace an Android phone just yet. Most devices still have some fundamental hardware support issues even on the more well supported phones (camera is the big one, call audio is also problematic on a lot of devices). However, as a pocketable Linux machine, it is wonderful. I got a second cheap SIM card so I can have data on my OnePlus 6 postmarketOS phone as there are a lot of tasks that work better on Linux than Android. I keep an Android daily driver but am trying to do less and less on it and more on the postmarketOS device.
Could you go over what Graphene is for phones? Is it easy to switch to an alternative to android?
It’s Android with all of the Google removed where possible and sandboxed where not. You can choose to install the Google Play services and use it like any other Android phone or use it without any Google software.
Some things won’t work, namely things like some banking applications and NFC payments, because they require on hardware attestation that Google will not allow Graphene to pass. Essentially everything that isn’t banking/payment related works exactly like any other Android phone.
It is just a secure phone (though you can still install Facebook on it if you want) that is designed around mitigating attacks that could violate your privacy and security.
Very easy to install, you just buy a Pixel directly from Google (don’t buy from the carriers, they’ll be locked). Enable OEM Unlocking in the Developer menu and then plug it into USB and you can install it directly from the Graphene site via WebUSB. It takes about 5-10 minutes, then your phone will reboot (It’ll give you a scary looking screen about not running a Google OS that you’ll see every time it reboots but it’s just informational, it doesn’t affect anything and the system will boot into GrapheneOS in a second or two).
The more complete instructions and WebUSB install process:
https://grapheneos.org/install/
What really bugs me about it: The first step from “how to ungoogle your phone” is “go, give money to Google” by buying their hardware.
It bugs me also.
My thinking is that the part of Google that I think is bad is their advertising and algorithmic recommendation systems which are built on private data that I no longer wish to divulge.
The Pixel is made by a company that used to be called HTC before they were consumed by Alphabet. That company produced good hardware that was smartly designed and innovative. That legacy continues with the device that Google has sells as the Pixel.
There are a few things about the phone that Alphabet has tainted, such as the inability to use NFC payments because hardware running GrapheneOS isn’t allowed into their secure hardware attestation chain. Not for any real technical reason, only because it allows Alphabet to disincentivize people away from a competitor by abusing their many monopoly powers.
GrapheneOS takes advantage of the excellently designed HTC hardware to create an operating system that is designed from the ground up to be secure. It then leverages the complete control over your hardware to put Alphabet’s other software inside of a little box where it constantly lies to the software in a way that lets your applications work without them actually being able to access everything on your device.
Yes, it is technically an Alphabet product and giving them money can feel distasteful. However, in this case by buying their hardware you can cut off their software, which is the actual thing that is negatively affecting everything.
I’d buy any other phone that fully supported GrapheneOS’s requirements for future devices.
Until then, I’m less worried about giving HTC money than I am about having a device that I know is under my control and that works to protect my privacy.
Buy refurbished. GOS support will be coming to a (yet unnamed) OEM.
Its a version of android OS that can be installed on Google Pixel phones. Its a relatively easy switch if you’re technically inclined, but the device needs to be carrier unlocked.
I’ll switch in a heartbeat if they support a nonGoogle phone
If it’s just a fork of Android, doesn’t that mean 194 days from now they either need to branch off entirely and write their own code from here on out…
Or…
Never advance the base code?
Neither is true, that’s not how forking works. But there is some truth to it in that it can start to become significantly more difficult to keep in sync as time goes on, depending on how obnoxious the security becomes and how many places they have to remove it.
Consider the trivially naive case where Google implements this feature in a single function: “function app_is_signed() -> bool” then the fork just adds “return true;” to the beginning of that function, and happily merges every other update Google makes from then on with zero issues. Even if the code for “app_is_signed” itself changes, nobody cares, because the first thing it does is return true and everything else Google ever tells it to check or do is ignored, the function can still be used everywhere throughout the code, it just no longer actually checks anything in Graphene, whereas it does check things in Google’s Android.
Of course the reality is much more complicated than that, but the principle is the same. It’s only a question of how obnoxious and difficult Google chooses to be about it. They could move the function around every update, or use many different functions, make a whole system out of it, make it do crazy cryptographic validations and checksums in various different places of the code, have watchdog tasks that are checking that the validation code is getting used. They could be really, really obnoxious about it, if they want to be, and they have more resources than the Graphene OS developers probably do to undo and keep undoing all these obstacles, so if they really want to devote that much time and energy to making Graphene’s position untenable, they can. But they could also be doing that now, and they’re not. Crackers have been fighting these sort of battles against copy-protected software for ages, it’s the same principles, and much of the same economic choices go into it. How much does Google want Graphene OS to go away? How much is it worth to them? It has to have a dollar value to them, and that dollar value might be significantly higher than they’re willing to bother with.
No. As long as the base remains opensource (AOSP), they can remove the bad parts. Graphene has made numerous contributions to AOSP, I’m confident they can manage that. And if the user base growths, I hope their fundings will follow.
It would be a good thing for the world if AOSP was forked with big resources behind an open project with an open governance. But that needs lot of resources.
deleted by creator