We all agree. But what's the solution? We know 99% of the users don't care. So, the only pressure point is phone manufacturers. I don't have any power to influence anybody significant in this space. I feel helpless.
For me, it's litigation, because the nature of GMS and Play Integrity is highly anticompetitive and these shouldn't even be legal (and most likely already aren't)..
See, mobile phone vendors have their hands tied - they can offer bootloader unlocking, but they can't touch Google spyware, otherwise they won't be "certified", won't be able to use Google Play or even the name Android.. That's of course not enough for Google, they also want to go after users which of such systems / modified systems (with unlocked bootloader) - that's what "Play Integrity" is about, they work hard to make sure the phone gets as useless as possible.. Together those two basically prevent vendors from making the mobile privacy landscape any better.
In the EU, we should outlaw Play Integrity first, by mandating that security level attestation might only be done in a way there's an independent auditing body that might certify alternative operating systems (these could use standard Android attestation) based on objective security criteria, not the Google spyware criteria. I heard about the "UnifiedAttestation" initiative but I'm not sure what's the progress on that.. not that I'm a fan of attestation at all, but you need to understand that it's a different thing when you attest the security model of the system, and a different thing where a system being "secure" actually implies Google spyware must be installed. For banking apps, I'd just want a secure OS, like GrapheneOS - without GMS.
Howver, the main antitrust investigation should happen in the US, only US courts can bring relevant Google executives to justice.
I don't think it's going to be a savior... the same things that make Android hard to modify can happen just as easily when GNU/Linux phones become popular.
Well one way would be just like how Android phone manufacturers are doing it now... with locked bootloaders and binary blobs. Even current GNU/Linux phones still largely need blobs to work properly.
This is misleading. The blobs are only in the firmware, not in the OS, not in the bootloader, not running on the CPU.
Having a technical possibility to lock down GNU/Linux phones in principle in undefined future by undefined entity that doesn't even produce them yet is a FUD argument.
Oh wait they released "Liberty Phone" - still low end(!), this time with absurdly high price.. You can get true linux phone 10x cheaper by buying something that supports PostmarketOS
Your post sounds like you're trying to spread FUD.
Librem says the Liberty phone is the same, it just costs more because it is assembled in the U.S. for people, companies, or governments that don't want it intercepted and modified by a bad actor.
See, mobile phone vendors have their hands tied - they can offer bootloader unlocking, but they can't touch Google spyware, otherwise they won't be "certified", won't be able to use Google Play or even the name Android.. That's of course not enough for Google, they also want to go after users which of such systems / modified systems (with unlocked bootloader) - that's what "Play Integrity" is about, they work hard to make sure the phone gets as useless as possible.. Together those two basically prevent vendors from making the mobile privacy landscape any better.
In the EU, we should outlaw Play Integrity first, by mandating that security level attestation might only be done in a way there's an independent auditing body that might certify alternative operating systems (these could use standard Android attestation) based on objective security criteria, not the Google spyware criteria. I heard about the "UnifiedAttestation" initiative but I'm not sure what's the progress on that.. not that I'm a fan of attestation at all, but you need to understand that it's a different thing when you attest the security model of the system, and a different thing where a system being "secure" actually implies Google spyware must be installed. For banking apps, I'd just want a secure OS, like GrapheneOS - without GMS.
Howver, the main antitrust investigation should happen in the US, only US courts can bring relevant Google executives to justice.