It feel like we’re losing to Google, day by day. They aren’t killing AOSP directly, but they are making it useless step by step.
Now it’s Google Play Services, Play Integrity checks, installation source checks… more and more apps just refuse to run without GMS. Banking apps? Most of them don’t work. And it’s only getting worse. I run vanilla AOSP on my main profile, no Play Services. I keep GMS only in my work profile for the apps that absolutely need it. But now even some regular apps that don’t need any play services won’t work on my main profile anymore. They simply block your from running , like le chat.
Maps is google’s most important app there is no way to run without play services. Sure we can use webview or gmaps wv, but they don’t provide turn-by-turn directions. Earlier maps used to work without play services, but two years ago, an update stopped it from working. Now that old version is out of date and no longer works.
Google is slowly making GMS very important to run. The problem with GMS is they require to run as system app and has to have all the permissions by default.
Hope EU puts pressure to make google allow apps to run independently without GMS or atleast install them as user apps(like graphene os sandboxed play services).
If we keep going on like this, AOSP can only run fdroid apps in the future.
I keep my old smartphone precisely so I can install banking apps and other annoyances.
Feel free to track the burner phone that stays on the same location, turns on once a week, is got tape on the cameras and never uses the browser.
For banking, I use the website instead of the application. I have very few non-open-source applications left on my phone.
in my country they won’t let you do that without at least the proprietary 2fa on your phone. and that of course needs play integrity in 90% of cases.
I was upset about Duo authenticator when I found out someone made a workaround that lets you export the secrets to a normal totp app. I can only hope you have some project like that for your situation
Real question is
Why can’t a rooted android fake play services?
If they really had interest in stopping you they could definitely stop you. That’s the direction they’re heading with all of these apps that are doing the integrity check. It’s just a matter of time that it’ll take for them to do it gradually enough not to make everything backward compatible explode.
Microg and stuff like that are probably on their way out within the next few generations.
When postmarket finally manages to reverse engineer the modems and the voice and support something with a half decent camera I’ll readily leave the ecosystem.
Afaik this is possible, but the banking apps don’t like rooting either. No achievement there.
I thought that was the reason for the cloned app that runs outside the Insular sandbox. I am dumb on the subject and making assumptions though.
You can stop using Google and Apple… It’s that simple. But it seems that you, like many other, want their cake and eat it too…
Quite a comfortable way to do this is with grapheneOS. That really gives you a choice. Can’t say much about each and every app, how they run. Although most of my usage hasn’t changed much with grapheneOS as I changed from gsm-free custom ROMs. Works quite good with a nextcloud.
It’s different for every one, but for me it would mean, I can’t use Microsoft authenticator, so I can’t do my job anymore, as it is required to access my mail, teams, files, logging worked hours, etc etc.
I can’t use any of my bank apps anymore, I can’t use my phone anymore for paying in a store or checking in public transportation.
And many more apps that would stop working.
Tell your employer to provide you a corpo phone.
You shouldn’t be using personal device for anything related to your job imho
I do freelance work, so they would just tell me to get it myself. But I really don’t want to have multiple phones. In don’t use teams or mail on my phone anyway, only the authenticator apps (we have multiple).
That’s fair.
Some countries allow the corpos to lock your device down when you delete it, and they have collaborated with the providers to disallow Open Source OS alternatives like Lineage. The only way I know of is to get a Pixel, which is still owned by Google, and then I think only one provider allows the after market OS to function on network. For those of us entering a dictatorship gov, it really sucks.
Well, then there’s a market for someone to crack…
If only there was someone that could afford as much lobbying as Google and Apple, we would have another parasite that was just as bad. Lets just get CB radios. Maybe morse code. God, what a shit show. This country is so fucked.
I believe it depends more on people-power, than on their wealth. That’s why they spend so much money on lobbying - it’s a testament to how scared they are.
Sure but what’s a viable alternative for normies? It would be simple if a viable alternative existed. For normies, I reiterate.
It’s to do the grass root movement, and get enough to demand it, for a provider to feel the need to expand their customer base that way…
Normies don’t care about that. They care about WhatsApp, Instagram and tiktoks.
The normie is the battle ground.
They need better info and they need to be hurt by corpos for change to heppen.
Uk age verification should see a bump in freedom enjoyer ranks
Maybe postmarketOS?
Run as many open source apps as you can is about the best option. Also, OSMAND does provide turn-by-turn directions.
What it does not do well is street addresses, so at times you may find that you have to use the GPS coordinates of the place you are going to in order to get directions.
It’s never had any trouble with street addresses for me. It’s using open street map so if there are addresses that aren’t right you can submit changes.
Where it has trouble for me is on long trips over great distances. If you ask it to route a 6-hour trip to another state through a couple of metropolitan areas It has a pretty good chance of sending you a non-optimal route.
I’ve found that it can get you to businesses fairly well. where I have seen failures is navigating to an individual’s home address. What you can do is you can get the nearby intersection of two roads fairly easily, but the home address is much more difficult.
Maps?
Use OsmAnd and MagicEarth? I’ve been doping it for years now. Works fine.
Comaps has been awesome for me
Also Theres comaps
I enjoy Organic Maps.
Comaps is the fork, we moved away from organic maps. You will find basically the same experience.
Of the largest android sellers, only samsung requires gplay. Xiaomi, vivo, oppo, realme, honor, are all chinese companies that require non-bundled google play for their domestic (and maybe other countries?) releases. Google can’t alienate these sellers, and if they did, all of these companies would create their own AOSP fork (or just switch to HarmonyOS)
I recently bought a xiaomi android tablet that doesn’t have google play services luckily.
Xiaomi is terrible when it comes to locked bootloaders unfortunately.
If the goal is too swap one parasite for another, this is a valid strategy BUT
Custom ROM is the only proper solution, ideally GrapheneOS, if you actually care about security and privacy.
It is only slightly on topic, but I’d like to give a hateful shout out to Ticketmaster/Live Nation’s new “mobile only” ticketed events that require you to have an iPhone or fully Google blessed Android phone. They do not allow you to use a QR code or printed ticket anymore, only their app with a constantly changing bare code or Google wallet (unsure of the IOS experience).
I am going to a concert this weekend and I either have to dig up some old phone that can work with this app or sell my tickets.
I stopped going. Fuck it. Not giving in to their bullshit.
I’ve been quietly boycotting them for over 13 years now, shortly after online scalpers started having their field day with their sites. It sucks not being able to go to any major shows but I have made myself compromise by going to small local shows only and it hasn’t been that bad.
Everyone votes with their wallets, so as long as people keep paying, they’ll keep making us jump through more and more hoops.
So messed up that they too are the scalpers. A band I liked put pressure on them and managed to catch them in their bullshit, but that is rare.
That’s how I’m feeling I will go after this concert since they already have my money.
It was the fees for me. Their CEO needs to be Luigi’d for leading a parasitic company that has made so many music venues go under.
Just go to the box office when you get there and present an ID that matches the name the tickets were purchased under. Depending on the venue, they will either print your ticket or text you a link that opens a page in your browser that can be scanned.
Everything I’ve read is that they only offer accommodations to people during time of purchase, and even then you’re basically at the mercy of the venue. I’m going to call them and see what I can do, but I don’t have high hopes.
Someone recently crack their shit code. Can use offline app after extract secret once. Will link once find.
Edit: https://conduition.io/coding/ticketmaster/ app (javascript) https://github.com/conduition/ticketgimp
Thanks, that might be a handy workaround.
Boop, source found.
Thanks!
I’ve never had an issue loading my tickets in the browser.
Then you weren’t at one of the new “mobile only” ticket events. https://help.ticketmaster.com/hc/en-us/articles/9786597785617-How-do-I-use-Mobile-Entry-tickets
We are in war with big tech, why would anyone think they would just let us win without a fight.
EU won’t be too friendly either given the nature of their recent identification app. You should still write to your legislators, but they’re a mostly tech-illiterate bunch, so expect it to be a low ROI activity.
Really do consider donating to projects like GrapheneOS. The GrapheneOS team are a very passionate and clever group, and I’d like to think that they can at least give us something to work with, even if Google completely cuts the cord. Hopefully they can also secure an additional revenue stream once they release their own phone.
If it really does all fall through and there’s no deGoogled way to run Android apps, I’ll keep a separate phone, preferably with a removable battery, with regular Android just to host the proprietary apps. Treat it as a work phone, i.e. power off when not needed, don’t connect to my main home network, don’t do anything that doesn’t need to be done on it. Proprietary apps only make up a small fraction of my mobile workflow, so everything else stays on another phone that respects my privacy.
I am thinking a tablet with Linux and a hotspot rather than phone number. Maybe supplement with a dumb phone in a Faraday bag for your phone, Iike on Swisscows.
they’re a mostly tech-illiterate bunch
Y’all keep saying this… These people are not stupid, they are corrupt. Start calling spade a spade. You are giving them something to hide behind jfc.
Hope EU puts pressure to make google allow apps to run independently without GMS or atleast install them as user apps(like graphene os sandboxed play services).
I doubt they will put any pressure. EU decided to rely on GMS for their upcoming Digital ID app. While they claim they want to switch to open source alternatives of big tech services, they designed their app so that it forces EU citizens to either comply with Google’s ToS, or Apple’s.
Related discussion: https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/issues/18
Damn we are stupid in the EU!
What do we want: digital sovereignty
When do we want it: ehrm… Well… We have some things in pipeline and it is really hard…
They know that NSA is directly spying on us and they don’t care
Furthermore, they do not seem particularly open to criticism on this subject…
if you could just have read one more update on that issue, you would’ve seen that it is moved to a discussion post now
Well spotted, my bad!
The link the new discussion is here: https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/discussions/19
The app is reference implementation, not supposed to be used.
Yeah, this is a problem. I attempted to switch to GrapheneOS just a month ago and had to roll back to stock Android. One of my banking apps worked, but 3 others didn’t. My 2FA app didn’t work. I stopped receiving important texts as they were previously RCS and that refused to validate no matter what I did.
Google has made it extremely hard to degoogle.
One of my banking apps worked, but 3 others didn’t.
Same issue, I just did web browser instead
My 2FA app didn’t work.
I suggest just exporting and using a different 2FA app, especially an open source one like Aegis
I stopped receiving important texts as they were previously RCS and that refused to validate no matter what
RCS on GrapheneOS is very finicky and requires using AppOps to enable
READ_DEVICE_IDENTIFIERS, and you have to let carrier services and google messages have more permissions to work. You also might have to deregister your previous phone to use the number (i.e. my old iPhone still had my number in the settings, had to remove it). There’s a very long GrapheneOS thread about it, but the link should be the solution.I suggest just exporting and using a different 2FA app, especially an open source one like Aegis
Authy dropped their desktop app and killed the ability to export. I will have to start from scratch, but I definitely plan to.
I spent a week with that discussion your linked plus several other posts, I just couldn’t get it working. I might have better luck next time I try it though.
Why not just access your financial institutions in a web browser?
That was an inconvenience, but one I could make if it was the only issue. It was more the total accumulation of things. My 2FA app pulling support for “unsigned” operating systems coupled with missing work texts due to RCS failure were the main straws to break the camel’s back. Having to find an alternative and then manually change all 2FA was almost a deal breaker in itself. That played into using a web browser for my financial institution access.
Work texts go to the work phone. Work 2FA also on work phone. I use a hardware TAN generator for web banking.
My work 2FA is physical token based, it is my personal 2FA that causing me problems. Email and text authentication is insecure enough that I try and use a software authenticator whenever possible.
Great point about the work phone. I don’t want a work phone as I don’t have any desire to be reachable 24/7 outside of the rotating week I’m on call, but if I was expected to have email and Teams and everything on my phone I would definitely require one. Thankfully my work texts are all for team updates, heads up about issues, scheduling matters, etc, but I still consider those to be important while not riding to a separate work phone
There is always a trade-off with privacy and security. It’s totally okay to decide you prefer convenience over privacy.
If you wanted to give it another shot:
- You could use a different 2FA app - I know Bitwarden works well
- You can use a soft phone SMS, bonus that you can send and receive from a computer
That was why I wanted to move to GrapheneOS, I could selectively use Google services or apps for convenience while still being more secure than stock Android. I’ll have to plan my next attempt out instead of Yolo and adapt, lol.
I do plan to migrate to a new 2FA, but Authy made that hard by getting rid of their desktop app so you can’t port and have to go to each service and manually sign up a new app one by one. I tend to boycott services when they get that anticonsumer/anticompetitive out of principle.
Missing texts is definitely a deal breaker. I hate how RCS was championed as the “open” protocol and yet only google and samsung are able to implement it… we were lied to. Or i feel lied to idk i thought it was an open knowledge spec when we were hearing about forcing apple to support it.
Convenience and security probably.
The website version of a lot of banks require you login (each time) with a customer numer and then random letters from your password and or pin, which takes forever so I never bother unless I need the website.
Im (more) paranoid whenever I use a sensitive website. Quadruple checking the domain name, am i on https (even tho i use no-http and have a password manager). It’s a bit more relaxing using an app.
Theres probably some security downsides (other than user error), but a modern banking site shouldn’t suffer much since they invest heavily in locking down their shtuff.
Google has made it extremely hard to degoogle.
Just remember that there are no nice reasons why they are working this hard to keep your phone captive.
We can argue about how bad it will get, but there’s only worse things coming from this effort.
Oh, totally, which is why I am working towards as much decoupling as possible. I plan to replace my Nest gear with Ubiquity for cameras and stuff as I can afford it, and eventually set up my own offline automation server. This can only end badly for consumers.
The collusion between services like Authy and Google indicates this to me, but it’s also effective and means I have to pivot in slower degrees. I am encountering similar issues moving to Linux from Windows, so this is a full Silicone Valley issue.
With respect to 2FA, if you want to be more ready for any future next time, you could migrate to an open-source TOTP app. E.g. andOTP. I use this one, it’s fine. The underlying standards don’t change in decades, so you can choose any compatible client and be without trouble for years and years. And it may be good to do in any case, googlified phone or not. Good apps also tend to provide password-protected backups.
I have no knowledge about RCS though, never used it so can’t tell. Otherwise GrapheneOS user for ~2 years, before that LineageOS, before that CopperheadOS for another few years.
Your absolutely right and I will be moving to an open source TOTP solution going forward, it just sucks that great services keep getting enshitified and we have to keep moving to better pastures. LastPass to Bitwarden, now Authy to something else.
I highly reccomend comaps which has turn-by-turn directions and doesn’t require Google services.
transit routing still doesn’t work iirc, though gtfs stuff is in development
CoMaps is quite nice.
There are also still companies selling navigation devices that mount in a car windshield, assuming the car doesn’t already have one built in.
Pro tip - those navigation devices also often have an accident camera that records if it feels an impact - which is a good idea anyway.
Wow, supports Android Auto too!
Edit: Says it supports Android Auto, to be clear - not tested by me, and issue(s) reported below.
I run GrapheneOS and organic maps was working fine with android auto. You have to enter in developer options to allow third party apps tho. I was using it in a restricted profile with only proprietary apps (like banking apps). Comaps is a fork of organic maps so it should work too.
You sure about this? I haven’t been able to get it, or any other maps app on GrapheneOS, to play nice with Android Auto.
Not at all, no! Just going off the support article that says it does. Only just installed it, will try it out with my car this weekend at the latest.
Please respond back if you can get it to work, navigation has always been a big sticking point with using GrapheneOS.
Linux phone operating systems aren’t ready for daily use yet, but they are being actively developed. https://linmob.net/
we’d still have to deal with locked bootloaders and adoption.
I can’t wait for when they are ready!
It’ll be awhile. They’ve been in a development state since the launch of the original pinephone in 2020. And even the pinephone is going to be unavailable in two years as pine64 is ceasing sales on it. Not trying to crap on devs. I bought two pinephones (Braveheart & Mobian bundle). Tested multiple distros and excitedly followed their progress for years. I never had a reliable working phone in that four year span. IMO SailfishOS and Post Market OS are the two most usable mobile distros. SailfishOS now requires an ongoing subscription to use which I don’t like.
Linux based phones have been in development for more than a decade now. I had a Neo Freerunner from OpenMoko in 2008… it kinda worked, but it was not good enough for a daily driver.
What we have now is much better, but there’s still some ways to go before I’m able to ditch my non-linuxy smartphone.
Sailfish only needs a subscription to get updates, you can use it without a sub.
I use danctnix on my pinephone, which is basically arch. It does the basics, that’s about it. What’s missing is more convenient apps. Most of the stuff is catered to desktop.
Of all the OSes I tried, I liked ubports the best, but it was not updated and not all hardware worked iirc, and suffered the same problem of apps. At least arch gets updated constantly.
Actively developed sure but Linux phones are a solution looking for a problem. Who wants to run scaled down desktop apps on their phone and who wants a terminal on a phone either? I may be a Linux enthusiast but I want a phone that simply works.
A Linux phone doesn’t need to be, and definitely shouldn’t be, a scaled down desktop. There would obviously need to be some purpose built phone apps made, but I am pretty sure the existing Linux phones already do these, they aren’t really breaking new ground here. The whole point would be to have a workable modern phone that isn’t under Google or Apple’s greedy untrustworthy thumbs.
Have you acturally tried Postmarketos or any mobile Linux interface? I have and its just a scaled down Linux desktop.
I have used postmarketOS, and I thought the interface (Plasma Mobile) was OK, but could use some improvements. How long ago did you use it?
Edit: Now that I think about it, I think the last time I tried the Pinephone it was using Manjaro, not postmarketOS. I have used that before though, but you may want to give it another try as it is vastly improved IMO. That being said, the Pinephone itself still kinda sucks from a hardware perspective.
I’ll eventually try it on a pixel 3a
the problem is that google is capable of slurping all of your data and your phone becomes an enhanced avenue for access; the linux phones are the solution to this.
i’m convinced that the “it just works” mantra is the reason why google or apple or microsoft is able to do this sort of asshattery and i can understand why people would want something that simply works.
however, the trade off for this mantra is that you’re giving yourself over to a corporation that not only doesn’ t have your best interest at heart but has proven will happily sell your control for a penny.
i can also understand why someone wouldn’t think that any of this matters and; if you’re lucky; it won’t matter all, but for the rest of us unlucky sob’s (and the people who don’t want to put their faith in luck), linux phones matter.
I use GraphineOS and it already does that but more secure and with aps
That’s the point of the original post though. Google is starting to make development of these custom ROMs more difficult. If Google ever decided to lock down the bootloader for new Pixels, Graphene would be in a world of hurt. I also use GrapheneOS and love it, but who knows if it will be alive two or three years from now.
My point is its absolutely absurd to yell that AOSP is dead because GOOGLE SPECIFIC files such as device trees and firmware files (that maybe one or two other oems regularly distribute) and just jump ship to a platform arguably over a decade behind. Are there concerns? Yes, but those concerns are absolutely nowhere near close to justify the absolute mess the mobile linux space is in. It would be like if amazon packages starting arriving a day late and we all switched to aliexpress.
I also run GrapheneOS, but I’d love to have a decent true Linux alternative that wasn’t tied to Pixel phones. Maybe I can even get my headphone jack back.
i was going to do this too, but none of my functioning androids are supported and i expect google to take another step in disabling alternatives.
Who wants to run scaled down desktop apps on their phone
I believe the UI of most apps could be made to work well with phone display sizes and resolutions.
and who wants a terminal on a phone either?
Well, I do! It’s great when you want to connect, do or automate something there isn’t an app for. For now I sometimes run Termux on Android. Among smartphone users in general I’m probably an edge case, but among Linux users, I must say, using a terminal on the phone doesn’t seem that crazy to me.
It doesn’t matter if they look ok (they still look out of place and feel wrong), the fact is they’re built with keyboards in mind. Hell even on phosh you’ll see keyboard shortcut indicators.
What stops anyone from making new GUIs, maybe even a new framework for doing that, optimised for touchscreens rather than keyboard and mouse?
Maybe I’m just unknowledgeable, but to me that idea doesn’t sound very far-fetched.
Because people keep defending the keyboard and mouse based mobile interfaces and as long as people and devs say its ok there will be no incentive to make proper mobile interfaces.
A single app can have separate interfaces for mobile and desktop. Mobile/Touch interfaces are uncommon right now because linux on mobile isn’t ready, and it is extra work to make a separate GUI.
We arent even close to developers considering implementing the frameworks to potentially start working on implementing that.
They’re actively trying to solve:
- e-waste and making devices last longer (contributing upstream)
- escaping data harvesting and surveillance
- offer an alternative to the mobile duopoly
I’m baffled that they even bother, given how much people complain about it not being good enough. But I’m glad they do, and I think it’s awesome.
Because they’ve yet to implement basic security features android had a decade ago and the interfaces are clunky, also once again who thought putting desktop apps on Mobile is a good idea?
They’re not a multi-billion dollar company. If you don’t like it, then don’t use it. That’s your choice.
But please stop talking nonsense about them not addressing real problems. Because they are. And they deserve credit for that. Not whining about the imperfections of a work in progress.
You dont have to be a multi billion dollar company to implement security features that exist in aosp, open source features based on freely available software that simply isnt implemented.
No, but it is going to take a considerable amount of time as they don’t have the manpower and resources of a multi billion dollar company.
GraphineOS didn’t start over from scratch for no reason nor did LineageOS so they dont need billions of dollars in funding, if you want to do everything youself then yeah its gonna cost that much.
