I've been staunchly on the Android side of the Android / iOS question, but this carry-on with refusing to block tracking like Apple has done is really making me consider switching.
I already have a second hand iphone for iMessage. Having a "sanctioned" device for baking apps and a device I control for everything else seems like the best hope for compromise these days.
You can buy a ready to use phone on their web site or you can install the OS on a compatible phone of your own. I have installed this on about 10 phones (all Motorola) for friends and family. Here is an example of one that I just put together as a Christmas present.
> the Google Play store doesn't work but that's no big loss
It's the loss of an entire ecosystem worth of apps.
If you want an inexpensive phone that will get five or six years of first party support with security updates after that, go with an iPhone SE.
The original $399 version got six years of OS updates and just got another security update last month. That's $67 per year that got both an OS update and security update.
It's the loss of an entire ecosystem worth of apps.
No, it's not. With very few exceptions, the Aurora store pulls apps from Google Play. About the only thing I have seen missing from Aurora store is a few super strict banking apps but you can usually just use their web site.
You can do paid apps. You just have to login to Aurora using a Google account instead of anonymously.
This isn't so bad if you use a privacy focused ROM and create a special, single purpose Google login that is only used for app purchases. I also suggest keeping a Google gift card for the occasional purchase.
Privacy invasion doesn't really kick in until you start re-using your Google login and your phone/apps are reporting back to Google on a regular basis with your location, device IMEI, advertising ID, hardware fingerprint, email address, browsing/search history, banking/purchase details (aka Google Pay), etc..
>It's the loss of an entire ecosystem worth of apps.
He literally just said that he used the Aurora store as an alternative. If you don't know what that is, it is basically an anonymous version of the Play Store. Highly recommended
I'm not happy with that compromise. I don't want to choose between charging and audio. And the dongles that can do both are actually really bulky. And Bluetooth headphones are a scam: too small to be repaired, must worry about batteries, Bluetooth likes to be flaky in general, almost all buds have terrible frequency response curves so the audio quality is not very good.
Take a look at my Amazon link above. This is a 5G "daily driver" from 2021 with a headphone jack, 6/128 GB and a big 5000mAH battery.
It's everything that the average Joe really needs for only $99 refurbed. As I said above, I just installed e/OS on one as a Christmas present. It runs very smooth and fluid, better than stock because the background Google spyware crap is gone.
where did this come from all of a sudden? I thought I knew all the Android alternatives. why does this super polished website for this out of nowhere suddenly maintained technology give me strong [intelligence agency of your choice] vibes?
With hardware remote attestation there will no longer be any point in even owning an android phone anyway. Android is obviously inferior to iOS in every way but the whole point was you could have control over the machine and do whatever you wanted. Now apps will be able to verify that you "tampered" with the phone and will refuse to run, and since it's hardware cryptography it cannot be faked without massive effort. Might as well get an iPhone which at least isn't a shitty Google product.
Termux is the one android exclusive software I can't live without and they managed to fuck even that up by killing processes indiscriminately in order to save battery or whatever. If there's no solution by the time my phone dies, my next one will be an iPhone.
>With hardware remote attestation there will no longer be any point in even owning an android phone anyway. Android is obviously inferior to iOS in every way but the whole point was you could have control over the machine and do whatever you wanted. Now apps will be able to verify that you "tampered" with the phone and will refuse to run, and since it's hardware cryptography it cannot be faked without massive effort. Might as well get an iPhone which at least isn't a shitty Google product.
Wait a minute, will something like this really come to Android phones? I guess that installing a custom rom will become impossible at the same time?
If this happens, then there truly isn't going to be much point in using an Android phone over an iPhone
Google SafetyNet can be used to attest that the device has not been modified or "tampered" with. Basically Google cryptographically proves it owns your phone and has control over what you do with it. You can fake the software attestation right now with stuff like Magisk but once it moves to hardware attestation it's over. You'll be able to install custom systems but what's the point if they can't run the apps you want or need?
Why wouldn't an app require this? Banks want it because "fraud", streaming services want it because "piracy"... You can come up with pretty much any reason for any "rightsholders" to want control over our computers. If WhatsApp starts requiring this, it's either accept Google control or my phone turns into a paperweight.
It won't become impossible to install a custom rom, it will simply become impossible to use many if not most popular apps.
Android already provides a mechanism for apps to refuse to run on modified devices, it's called SafetyNet and is widely used for example by banking apps. Currently, it's usually possible to trick it, but with hardware attestation it will become practically impossible.
The simple solution --- install the bank's web site as an app.
Go to the site, click the browser menu button (3 dots on Android or up arrow on iOS) and select "Add to Home Screen". You now have a link icon on your phone that looks and acts just like any other app.
Some banks (Chase for example) offer a "Progress Web App" which removes the browser interface elements so the causal observer can't even tell it's not a native app.
I am able to use Chase's app on my LineageOS + Magisk rooted device. The annoying part is that they seem to disable fingerprint login, so now I have to copy/paste the password every time.
Wait a minute, will something like this really come to Android phones?
Google has been doing this for quite some time to prevent unlocked devices from accessing the Play Store. The solution is to avoid Google Play --- along with all other Googly things.
This is a security feature and the play store doesn't require it AFAIK. Apps can choose to use it as a signal on whether a client is secure. Unlocked devices are insecure because an attacker can flash a malicious image and steal all of your sensitive data such as an authentication token for your bank account.
If your solution is to just be less secure go ahead, but don't complain when services don't want to serve you or treat you different since you are less secure than the other users.
> don't complain when services don't want to serve you or treat you different since you are less secure than the other users
Hell no. They should not be allowed to discriminate against me just because I chose to own my system. They should not even be able to figure out what software I'm running, to say nothing of "treating me different".
"Don't want to serve us" unless we let them invade and own our machines? Please. This should be illegal.
>They should not be allowed to discriminate against me just because I chose to own my system.
App developers don't care if you own your system. They just want a way to prove that the device their app is running on is secure and that the client has not been modified. If there was a way for you to prove that to them they wouldn't mind.
>They should not even be able to figure out what software I'm running, to say nothing of "treating me different".
They just want to know that the client has not been tampered with so that they know you are not going to shall user's tokens, scrape people's information, or mondo automated actions as a bot. A signal that you are using the vanilla client makes you much more trust worthy to a service.
>"Don't want to serve us" unless we let them invade and own our machines?
Apps aren't invading your machine. They just want some guarantees about the environment they are operating in. The information that they get from you is the package's name, certificate, version, whether it's from the play store, whether your device passes integrity checks, and whether the app is properly licensed.
> According to an analysis by StockApps.com, out of the five major digital firms (Google, Twitter, Apple, Amazon, and Facebook.) Google harvests the most data on its users. The corporation collects thirty-nine data points for each user.
Apple is in a league above Amazon in protecting user privacy. It is the most privacy-conscious firm out there. Apple only stores the information that is necessary to maintain users’ accounts.
Apple stores data on who reads what articles in its News app to target ads. It stores data on who downloads which apps in the App Store to show ads. It will do more and more of this. Unlike Android, iPhone offers no other source for apps, and it does not let you uninstall the News app. User choice is required for real privacy. By that measure (for users who care about privacy and choose apps accordingly), Apple is the worst choice for privacy.
Basing the ad displayed on search terms entered or the page content is the opposite of a privacy violation.
The problem is companies like Google and Facebook, which track users across the web and relentlessly spy on everything they do.
Google literally spies on everyone's credit/debit card transaction data now, so they can spy on your offline life as much as they already do online.
>Of course, Google has been able to track your location using Google Maps for a long time. Since 2014, it has used that information to provide advertisers with information on how often people visit their stores. But store visits aren’t purchases, so, as Google said in a blog post on its new service for marketers, it has partnered with “third parties” that give them access to 70 percent of all credit and debit card purchases.
It would increase the privacy of Google products if they blocked third-party tracking on their devices. It would be more private still if Google didn't do their own tracking but that is still a separate point.
I'm considering one of the Linux phones, don't use many apps anyway. I know that's a hard sell for most but it's becoming a real option even for normal users.
This is the cost of Librem 5 USA (made in USA) [0], not Librem 5 (made in China) [1]. Also, I preordered it for $600 a long time ago, and sometimes you can buy from resellers for a similar price [2].
>>This is the cost of Librem 5 USA (made in USA) [0], not Librem 5 (made in China)
I suppose that helps a little. I seem to have incorrectly assumed that the USA model was intended for use in the USA, not simply assembled there. Still crazy expensive. For that price I'd expect it to come with a keyboard and mouse and replace my Thinkpad altogether.
Well if you really want a phone that's secure and private, prove it by paying for it. Mass production and the ability to sell your data to advertisers means the stuff that does that will always be cheaper.
How does the Librem 5 support verified boot? What about user data encryption? Those are the first, most basic security features I am expecting from a smartphone. How about app sandboxes and strict MAC policies?