[jeswin]

What I wish India would do is this: force Chinese phone companies to ship stock Android and full source code. They sell hundreds of millions of phones in India and will have to find middle ground, and the outcome will be good for everyone.

[sova]

Okay, source code, then what about chip schematics and everything on the hardware layer you can't audit for?

[_8j50]

Also, auto updates! They ship good code but selectively deploy backdoored updates sometimes

[qppo]

How do you verify the chip on a schematic is the chip on the device you purchase?

[phre4k]

X-ray it.

[metta2uall]

From my very basic understanding X-ray doesn't reveal silicon doping layers

[orbifold]

Put it under an electron microscope then. That combined with carefully removing metal layer by layer should do the trick.

[nextaccountic]

I'd like schematics for US ships as well. Specially NVidia.

[chillacy]

Firmware presents an extra challenge too, seeing as how you basically can't see what was flashed, and most toolchains are proprietary.

[dielll]

Google neither uses stock Android on Pixel phone nor release full source code of pixel phones, so why should only the Chinese be forced to do that?

Before anyone downvotes or questions if Pixel uses Stock Android, ask yourself why Pixels have Pixel exclusive features not available in AOSP or not used by Android 1 phones like Nokia

[suifbwish]

Because google isn’t a fascist regime with a military

[fomine3]

But Google is in the country that operates PRISM.

[0xdeadb00f]

Google does not release the OS running on Pixels, correct. But don't they release builds + source for AOSP on Pixels?

[adventured]

I would like to see India start replacing inexpensive phones made in China with inexpensive phones made in India. In all cases it's better if India develops their own industry further such that they rely on China less.

If they can make iPhones in India, they can certainly figure out how to build competitive, inexpensive phones to replace those made in China.

[shalmanese]

This has already happened. All of the cheap Chinese phone manufacturers build their Indian phones in India and this features prominently in their advertising.

[magicsmoke]

They manufacture iPhones in India, they don't design them there.

[tchalla]

Apple assembles phones in India, it doesn't manufacture in India yet.

[yumraj]

Technically phones are assembled in China also.

[magicsmoke]

Xiaomi, Oneplus, and Huawei do phone design. To be fair, the design involves choosing from US/Taiwan designed/fabricated chips and gluing them together with firmware and PCB layouts, so it's not like China can replicate the entire phone manufacturing supply chain either.

[yumraj]

I realized, I had missed an 'i'.

I had meant, "Technically iPhones are assembled in China also."

[searchableguy]

I expect this to increase prices for chinese phones. It is well known that xiaomi operates on thin margin so they can push their IT services and recoup the cost.

[ffpip]

> IT services

Ads in default apps, user data collection and selling the said collected data.

[searchableguy]

> Ads in default apps, user data collection and selling the said collected data.

That's almost everyone. Yesterday, I opened a brand new budget samsung phone. Despite not logging in anything and declining every box I could, it was automatically filled with invasive apps. It came with made in India sticker.

At least with xiaomi, I can flash it with a custom rom and remove the bloatware. Many alternatives lock down their phone.

The other phones that I would trust are expensive and out of reach for many Indians such as the pixel (their last device was banned in India).

[cooljacob204]

Yup, I bought an S8+ and after the terrible experience with bloatware and Bixby I have sworn off buying a Samsung phone again.

Over the past few years it has updated and installed new bloatware multiple times and even re-enabled Facebook background services.

[greycol]

I flashed my s8+ with LineageOS 4 or 5 months ago and am happy with the results.

You'll need to check if your snapdragon or exynos for compatability.

It gets you the latest version of android (since samsung decided that 2 years is all they're willing to support their flagship phone for) and a complete lack of bloatware.

I'll add that some apps (noteably netflix and banking) can throw a hissy fit on rooted phones and you will have to use something like Magisk to get the app store to function correctly and allow you to download the apps.

[milankragujevic]

All Samsung phones (except those bought on carrier in USA) have unlockable bootloaders.

Xiaomi phones have a waiting period, you are required to log in with a Mi account then use the phone connected to the internet for 7 days to be able to unlock it.

Samsung here seems way more user friendly. And with Treble GSI ROMs, you can flash a custom OS on any phone, except Samsung has less problems on average with the kernel (ignoring their security features) compared to Xiaomi which requires a custom kernel in many cases to enen boot a GSI.

[Spivak]

I flashed my old Samsung phones a just a few years ago. Did something change and they finally lock the bootloaders permanently?

[sudosysgen]

They are trying their best. There's always a chance of an exploit getting found, though. Happens pretty frequently.

[ffpip]

Samsung budget phones have unlockable bootloader too?

Yes. I do know that. Even I use a custom rom on a redmi phone

[searchableguy]

> Samsung budget phones have unlockable bootloader too?

Not consistently and many don't have much support in the ROM market anymore.

[milankragujevic]

It is not true, all Samsung phones have unlockable bootloaders except those bought in the USA on carrier.

[sudosysgen]

It's more complicated than that, not always, and it invariably comes with restrictions.

Plus, the devices are pretty much just worse than Xiaomi's, so they don't get much attention from the ROM scene.

[Spivak]

Yep, it's pretty much the only way TV manufacturer's are able to compete these days too. I wish these kinds of things were considered market failures because if a gov't came in and forced the whole market to stop TVs would get a little more expensive but now they wouldn't feel like they had to sell their users out because everyone else is.

[HenryBemis]

The first app I install in any Android device I get my hands on is NoRoot Firewall, and block (global) any offensive IPs or URLs.

Another option that annoys me (but I understand it is user friendly to have it enabled by default) is that when you install an app it automatically switches on Data and WiFi access to it (and the firewall blocks it until I allow it).

[pier25]

And how come Xiaomi has models with Android One?

[yumraj]

You forgot Chineses government subsidy to get a backdoored phone in the hands of the masses in an enemy nation.

[shalmanese]

You significantly overestimate the geopolitical value of users who wouldn't buy a phone for $35 but will buy a phone for $30.

[chanmad29]

Likely India was a market that was super price sensitive, but based on anecdotal info, I think users have already started to get pickier.

[jariel]

The issue is not hardware or OS software, it's content control.

CCP has a unit within almost every Chinese company making sure they adhere to CCP policy it's impossible to avoid when data is on the other side of the fence.

[on_and_off]

how does this work in practice ?

is there some kind of signature you can use to ascertain that the code you have is what's actually on the device ?

Is it possible to do the same for the SIM (as I understand it, it is its own microsystem and intelligence companies have already _at least_ attempted to insert their code in there) ?

what about play services or its equivalent ? These are often closed source and have lots of system permissions (since they handle lots of capabilities, they need a broad access).

edit : for clarity, I don't think it is a bad idea, I just wonder how doable it is.

[glglwty]

Oneplus is one of the most lineageos-friendly vendors out there.

[DarthGhandi]

Right after Xaiomi's Android One models.

I own both.

[t_minus_3]

Are you kidding ?? Source means nothing if you can inject code through resources. ever heard about virus authors being ahead of virus scanners?