Their arguments are kind of lame. To install APKs from outside the store is already an involved process that generally makes it harder for the uninformed to sideload. Make sideloading a bit harder, but possible. My xiaomi makes me wait and read warnings before installing APKs, for example.
Side loading will still be possible but the apps themselves will need to be signed by the developer through Google, so Google ultimately still controls what can be installed. Maybe someone will crack it.
[Installing software] will still be possible but the apps themselves will need to be signed by the developer through Google, so Google ultimately still controls what can be installed. Maybe someone will crack it.
Fixed that for you :-)
It’s a great way to workaround them being forced to open the ecosystem a little and allowing alternative stores and that stuff. It only took more than a decade, they obviously not happy about it, so gotta screw people in another way.
That’s apple. Android has traditionally allowed sideloading. They aren’t be forced to open up anything, they’re just adding restrictions.
“Uugfhh, but the users don’t read the warnings!! They just click yes until it works!!”
And that’s my problem because??? For fucks sake
I know it’s not really ready for it yet, but I guess I’m gonna be looking into a Linux phone before I thought I would.
My main problem with linux phones is that many apps only exist only for android or ios.
Sure some apps are basically a website that you can acess by web browser but many apps cant be replaced able (banking, tickets, public transport, games)
My main problem with the current crop of Linux phones is, or at least it’s my impression - is that they still struggle with the basic phone part. As in network connectivity (at least in the US), making and receiving calls, SMS & MMS, and VoLTE support. If there’s a Linux phone where that stuff is solid and works, I’d buy one. I don’t really care about the whole app ecosystem - I barely have any apps on my Android phone now.
Most Android apps can be run under a mini-VM in the Linux systems I’ve tried - but some apps won’t function well that way (banking, NFC tickets, etc)
I think I’d be willing to let go of the handful of things that are exclusive, given that I could probably do more with a proper Linux system. It’s the basic phone functionality (as others have mentioned) that keeps me from switching.
Wait, Linux phones are a thing? How do they get the market share to compete with the big tech?
That’t the neat part, they don’t. They’re still very niche
deleted by creator
This is about Revanced, isn’t it? They failed to kill it via the YouTube backend so now it’s down to lock down the os and browsers as much as possible to keep feeding people the juicy ads.
This is bigger than “just” Revanced though. It is about using any open source software that could replace a Google app and losen Google’s grip on your data.
It’s time to start self hosting your own services people!
Yeah, but that doesn’t help if you can’t make apps that support the hosted services. Google is trying to have complete ownership of what runs on your phone.
I hate this move and love my sideloaded apps. However, there are plenty of self hosted apps on the play store. It’s just putting in a unique address at setup, not compiling a whole unique app for each server.
Gotta buy a different phone then
This is about preparing for DMA and the likes in other countries.
I don’t see how the DMA would cause this other than Google preemptively setting themselves up for malicious compliance. The whole point of the DMA seems to be to give users choice not take it away.
DMA is only partly for choice.Sorry, different act, but same group (EU). But the rest pretty much stands the same, the EU won’t see it as malicious compliance, but as a great design choice.This is also huge part of it about being able to “prevent illegal” content.
“easier reporting of illegal content” “less exposure to illegal content” “level-playing field against providers of illegal content”
This will help give paper trails for everything, and that allows for easy reporting which is the bigger part of the DMA.
I think you’re on point with the malicious compliance. Google doesn’t want to give up power and control. Requiring all installations to run through them seems to be their workaround.
Something kind of concerning I just found - there’s an option for “limited distribution” which is “Intended for ‘students, hobbyists, and other personal use.’” One of the differences is the following:
Has “capped number of apps and installs”(specific limits not disclosed)
Doesn’t this imply there’s going to be global tracking of what apps people are installing even through sideloading or APKs? I can’t think of any other way to enforce this. They would have to know how many times people installed an app even when its not through any kind of app store or even from the internet at all.
I’m pretty sure that was implemented a while ago. My install of VLC from F-Droid started showing up in Play Store’s update list.
It couldn’t update since the signature didn’t match, but Google knew about it and included it anyway.
That has just always been the case as long as the app in both stores uses the same package string. (Like org.blitzortung.android.app or org.videolan.vlc)
Wasn’t always the case (I think it changed within the past two years), but upon doing research on when it changed I stumbled on this gem.
“Google would never do something like that” comments just one year ago. Oh my! Google dropped the “don’t be evil” motto a long time ago.
It’s been the case ever since I started using Android (and modded APKs such as old versions of apps re-signed to not update) in about 2011.
Some of the root apps back then such as Titanium Backup had features to “unhook” an app so it wouldn’t appear as installed in the store, but my experience was that it never lasted long enough to be worth doing.
Could be, but that could also just be done locally. Like your phone checking the apps you have installed and seeing if the same ones are on the play store. Having an install limit for an app - assuming that means that the app can only be installed some total number of times globally (a local install limit wouldn’t make any sense I think) - necessarily implies that when you install an app through an APK, it has to tell Google that you installed that app so it can track how many people have installed it and not approve installation of the app if it’s over whatever the limit is.
If your phone is checking for that information, it’s a safe bet it’s reporting it back to Google.
Probably. But that might be under the umbrella of optional usage statistics/reporting that you can opt out of. Since this new tracking would be “necessary” for their “security” feature to work, there’s no chance that it could be avoided.
I think that’s how it works when you have apps with the same name from different app stores, I noticed it with a different app like two years ago.
That’s interesting. I was just checking to see if Cromite showed up there but couldn’t find it, is there a menu you found yours under outside the update tab? If something as simple as a browser I use is going to be blocked from installs/monitored I can’t see why I’d stay in this ecosystem.
They provide the OS, what makes you think that kind of tracking isn’t already happening?
App stores provide the apks but then you’ll use your phone’s installer to actually, well, install the apks.There are some alternatives to the default apk installers
Presumably that will work like test flight does where you can only install the app through an invite system
I readily await the visibility and interest this will give mobile linux development.
Nearly 100% of the development for handheld Linux is Steam OS / Steam Deck. If Valve moves to ARM at some point then you might see useful improvements that benefit the mobile use case.
the collaborative world works off of demand. Pocket laptops and linux phones have been a nice distraction for long enough. They may soon become more of a saving grace.
I’m not saying you’ll be able to run Spyware Simulator 2000 on PostmarketOS. I’m more saying that any secondary device you use for foss software will be more focused upon as an actual decent alternative for getting work done without being spied on by capitalist nazis.
These devices can run web browsers. That’s 80% of your needs already taken care of and we haven’t even left Firefox.
CARRY TWO PHONES??!!
What will the neighbors think!?
It seems like fewer people care about being spied on, “I have nothing to hide”, and many people don’t even change the settings to prevent sharing contacts, photos, and location with privacy hostile apps like Facebook.
Can a steam deck be turned into a phone?
It won’t do phone calls or SMS but otherwise sure why not. Just call/msg with matrix or discord
Also JMP.chat
probably doesn’t have the necessary antennae
Attach some dangling USB modem with a data SIM, or just keep a mobile router with a data SIM in your backpack, for 3G/4G/5G data connectivity over WiFi. Then, use some VoIP provider if you actually need a phone number as well.
My shitty country cant use those anyway.
What is blocking it? I haven’t done much research yet but was hoping to find a new OS if this goes through. Wouldn’t it be the same as putting a sim card into a tablet/laptop? Or is there something specific to your country that stands out?
Probably they need to pay for an IMEI fee their government wants. I know because it’s the same here. I got PinePhone for $200 and had to pay for $250 IMEI fee. What did I do? Changed the IMEI to my old dead phone’s.
Nice, that makes sense. Doesn’t is store more data than just an IMEI number though, like make/model, did you have to spoof that as well or was that easily ignored
Normally, yes. As for my government concerns, I’m using Nexus 5X. They probably would notice if they investigate but as long as there are no more than 1 active phones with the same IMEI, they most likely won’t notice.
Look up Australia’s whitelisting system.
If you phone isn’t manually approved, it won’t be able to connect to a cell tower, not even for emergency calls.
not even for emergency calls.
That’s wild.
https://www.youtube.com/watch?v=zIJavqEzEIw (sources in video description)
If your phone isn’t manually approved, its assumed your phone doesn’t support 4g/5g, therefore, blocked.
4G/5G phones have already been blocked
Fairphone isn’t certified in Australia, Pinephone also isn’t, nor Librem 5.
Custom ROMs on an approved phone might work for now, but they could potentially start verifying OS in the future if the autocratization trend continues. Also, manufacturers could starts start locking the bootloader.
The best realistic way forward is have two devices, one is the “normie” phone, the other is your own pocket PC running a Libre OS.
What the hell
If Google is going to lock down my device to the point where I can’t install apps without their permission, I might as well dump Android and go straight to Apple. I sacrificed my phone being good for the openness of the platform, but if Google loses that openness, why shouldn’t I go with Apple?
Because the cheapest new iPhone is $600 and you can get a cheap new android phone for around $100-$200 and get 6 years of security updates (Galaxy A16 for example)
If a smartphone is no longer a computer where you can install whatever you want, why bother investing so much money on a very locked-down phone? You can use the hundred of dollars you saved to spend on a small portable PC or something to run any software you want.
Yeah but my banks don’t support my small portable PC, nor does my mobile phone provider. If I wanted a small portable PC I’d get a small portable PC. What I want is a smartphone.
$600 is pocket change for a phone these days. And for that $600 you’re getting a flagship phone. You couldn’t pay me enough money to put up with a non-flagship. Been there, done that. They’re too slow and frustrating, and apps keep closing due to lack of RAM. Never again. I much rather spend $600-800 on a high-end device that’s a couple of generations old.
A $200 phone in 2015 is not the same as a $200 phone in 2025. I know from experience.
Those phones in 2015 were awful, but in 2025, they feel more like mid-range phones.
Edit: And $600 is pocket change? Sound like someone lived a privilaged life.
This 100%
I have used tracfone since 2012 and only bought phones from their store, sub $150. The budget phones today are so much better than the last 10 years.
I just can’t wrap my head around sinking that much into a phone when you replace it every year and it cost as much as a decent budget computer, but worse.
I just can’t wrap my head around sinking that much into a phone when you replace it every year
Usually the people who replace their flagship phone every 1 - 2 years aren’t paying full price for it, or at least not upfront. They are receiving trade-in and pre-order discounts, or spreading the cost out over a 12 - 24 month period through a plan with their telco.
People who upgrade every year sell their old one at >50% the price.
So they don’t fork over €600, they only do €250 or so.
I make $19/hr and live paycheck to paycheck. I’m just being realistic about the current cell phone market.
Surely cost relative to income is more relevant than cost relative to the rest of the market? Something doesn’t magically become cheap just because everything else is ridiculously expensive.
Openness isn’t just a nice to have. It is essential.
The difference between general purpose computing and gatekept walled garden computing is night and day.
Identifying the devs is not in the “need to know” for Google. Google sells or helps to sell a general purpose open device where it is on us to exploit that device however we will.
Now Google wants to switch to a walled garden, moderated development model.
If Google promises it won’t use those dev IDs to moderate development, their promise is only worth the wind it moves and the sound it makes.
You might say their words are like farts in the wind
We don’t even need to assume: https://torrentfreak.com/apple-revokes-eu-distribution-rights-for-torrent-client-developer-left-in-the-dark/
now while at first view, your sentiment is understandable, i actually kinda differ.
when you buy any product at any store, i believe that there has to be a legal entity behind the store that sells you this product, and the legal entity needs to be identifiable. i.e. if you run a shop and give packages to people, you need to show ID to open up that shop. i believe it is the same for charity organizations which give away packages for free.
now, why would it be different for apps? apps are software packages, and if they’re given away, there should be a legal entity behind it that is identifiable. this isn’t to surveil or suppress people, it’s just how business has always been done, and for good reason so. businesses need legal representatives to operate, even if it’s a charity, because otherwise there’s nobody to “talk to” when there’s issues, and also imposters would have an easy game.
that doesn’t mean that you can’t donate packages away on the streets. just put it in front of your front door and wait until somebody passes by and takes it, or give it directly into the hands of your friends, you don’t need to open a business for that. just, if you do it regularly, interacting with people you don’t personally know, there is a legal entity that represents that recurring activity, like a business or charity.
If i understand it correctly, even with the new changes, what can be done is that open software distribution sites like F-Droid can sign the packages instead of the original developers and therefore circumvent the identification of the original developers, and also you can still install unsigned third-party apps if you enter a command on the command line to disable ID certificate checking. it’s just an extra step, not a block-all.
The only answer is money at that point. I don’t know how much phones are these days, but aren’t iPhones like $1400, but Android is like $900?
I may be wrong though. Last time I bought a phone was 2018, and it was $600. Still using it.
You can get Android phones with reasonable specs around $200. No need for the so called “flagships”.
Oh, I was comparing flagships, because iphone doesn’t have a non-flagship to compare to.
You probably didn’t do it on purpose, but you made a comparison on Apple’s terms, thus implicitly priveleging Apple.
Last thing Apple needs is us priveleging it.
I’m just saying Apple doesn’t make anything close to a cheap stripped down $200 model.
I made the comparison based on feature set. For that you need an android flagship phone. Android DOES make cheap phones…but therexs no 1:1 comparison for Apple.
I’m just saying Apple doesn’t make anything close to a cheap stripped down $200 model.
Yes, I think that’s exactly the point people are trying to make to you.
i have a phone for less than $200 and it works fine.
I already tend to buy the expensive flagship models of phones. I buy unlocked and it lasts me ~5+ years, so I get the best phone I can get at the time and make it last, so money isn’t as much of an issue if I were to move to an iPhone.
Apple hardware has always been a generation ahead. Even when android/qualcom catches up, next generation is out already. The reason to avoid apple was it being a closed system money grab.
Apple hardware ahead of Android? I’ll have what you’re having!
Please show me a single benchmark with a flagship android beating a flagship iPhone.
a18pro beats M3 max in single core. Compared to 7840hs, it has 40% high single score geekbench 6, though 50% less multicore. Even beats ai395max at single score. Android competition catches up to even in gaming/gpu, but single core/responsiveness is still light years ahead. a19 next month, likely. M3 ultra has competitive aspects to xeon and epyc. Apple definitely has a lead on arm implementations.
Credit where credit is due, iOS runs lighter than Android and thus needs less powerful hardware, simply: JVM vs LLVM ObjC
This change requires you to attach your real name when publishing software. That’s all. You can still publish to and install packages from anywhere. This doesn’t come close to Apple’s complete control.
Google already scans packages you’re installing for malware and alerts you and allows you to install them anyway. This gives that scanner one more tool to identify bad actors.
I find it very strange how many people in the comments here think the solution is to buy an iPhone. Maybe you are all just rich and can afford to spend $1000+ based on vibes, but considering the Android market still has a massive value advantage I’m not really sure what the point of switching is. This all feels very similar to how some Westerners decided Chinese tech and even the Chinese government were suddenly problem-free just because Americans elected Trump for a second time.
Can you even (easily) install custom apps on iOS? The last thing I remember is it being a huge pain in the butt…
If you’re in the EU there is now at least one alternative app store. iOS hasn’t opened up anywhere else in the world AFAIK, so it’s still a pain for everyone else. You used to be able to use the AltStore without jailbreaking iOS (maybe you still can), but the process was annoying and didn’t feel particularly secure as you had to provide your Apple account details.
The upgrade cycle on iphones is longer than that on android. $1200 flagship samsung phone turns to shit after 2 years. $1100 iphone keeps chugging for 4-5. The android rot is real. Apple is far from perfect but the phones last way longer on average and end up having a lower cost overtime. That is if youre not buying bottom of the barrel budget phones to compare against.
All of my old phones work fine as the last time they were updated. My 10 year old Sony xperia z3c would be fine except for security updates and it’s only 3g, and the storage on it is quite measly. I still use it everyday for playing music, though.
Most of the speed issues are google bloat. Play services are absolute hogs, and anything that needs them will not work on this phone, but everything that doesn’t is perfectly fine. So I’m basically stuck with f-droid apps. Which is fine, because it’s a glorified iPod at this point
…Used or refurbished iPhones are relatively cheap and better for the planet.
Relative to what? Better for the planet than what? I’m not really sure what your point is here, you seem to be implying that a secondhand market for Android phones doesn’t exist (note: it does, and Android phones are still much better value secondhand because they lose value so quickly relative to iPhones).
Apple now allows sideloading of apps and Google is trying to get rid of sideloading.
What… the Fuck?
Apple now allows sideloading of apps
Apple allows as much sideloading as google wants to next near.
Yes, you can install from .iPa files, but you still need to pay 100€ a year to be able to sign the IPA files, otherwise you cant run them. as much as with googles new policy you now need to pay 25€ + your full name to get a signature, to sign the Apks with
This ⬆️ Apple has set the lowest bar, and google is simply following the trend of “how to keep your App Store the monopoly while conforming to the dma“
Now we have to get EU on the case 😀
The EU is no longer an ally in such matters but a bad actor.
Gonna have to elaborate on this because the European union has both good and bad people pulling strings.
If this is about chatcontrol. Scary as it is that the idea keeps coming back it has also always gotten shot down.
True. But it needs to be shot down every time it comes up. For them to succeed, they only need to succeed once.
them bringing it up again and again is a very significant problem. Imagine you’re spending time with a girl and asking her to have sex with you. She says “no”, and you simply keep asking her daily until she says “yes” once, probably because she’s just not paying attention to your actual question on that day. Such a behavior would be recognized by most people as being improper, immoral and not in the spirit of “consent”.
Now, the same is happening on the EU. They keep asking the same question after they already got an explicit answer, and such a behavior should be illegal by itself. No means No.
Why? Because of the chat control stuff?
Forgive my ignorance since I’ve been out if the loop, how have EU switched from being good to bad?
As more countries within the EU shift to right wing governments, the EU as a political body itself will also shift more to the right.
Ah, yeah I don’t like that trend that’s been going on. Or like chatcontrol that somehow seems to find it’s way back despite being shot down again and again.
Apple now allows sideloading of apps and Google is trying to get rid of sideloading.
afaik only in the EU?
Don’t call it sideloading. Did you watch the video?
To be fair, they are now both on the same level. Both now allow sideloading from “trusted” sources, aka developers verified by Apple/Google.
Yea but Apple got sued into allowing that
So ,i install graphene OS on a pixel phone ,problem solved
Sure, but the problem is the ecosystem of alternatives stores effectively collapsing or falling under Google’s control. That will affect everybody who uses them, whether on GrapheneOS, LineageOS or certified devices.
Only a matter of time before Google will shut that down too.
GrapheneOS is one of the last bastions of freedom remaining. I don’t know what we’ll do if that happens.
For my next phone it will be between a used Pixel with Graphene OS and the Fairphone 6 with the de-Googled e/OS option. A modern Pixel would be a little better for CPU, camera and RAM, but the Fairphone has decent hardware specs and tries to be more ethical about the environment and its suppliers, and it has a replaceable battery. The Fairphone is expensive in the USA though.
https://shop.fairphone.com/the-fairphone-gen-6-e-operating-system
https://www.wired.com/review/fairphone-gen-6/
Edit: After reading this thread I would lean towards Graphene OS:
Recently a user here did the math on that and the fair/eco part of fairphone is really miniscule (they spend less than 5$ per phone and a big part of that are fairwashing credits). Unless you need the repairability or the specific specs, you might be better off to buy a cheaper phone and just donate money to a good cause.
Here is the original post: https://lemmy.world/post/32013987
sailfish?
I’ve quickily looked up Sailfish and am shocked that we haven’t been hearing more about it. Why is so? Where’s the catch?
We currently sell and ship Jolla C2 within the European Union, the United Kingdom, Norway, and Switzerland.
From a cursory glance, they don’t ship to any of the largest smartphone markets. That’s likely why you don’t hear much about them as opposed to any of the global distributors.
It actually looks decent, and their C2 phone looks reasonable though not premium (8GB RAM, 4G LTE, a 1600x720 screen and no fingerprint reader are not brilliant specs, though they’ll do the job and it’s a nice looking phone). The OS subscription might put some people off though: you get one year of updates and then have to pay about €5 per month.
I’m pretty curious about the C2, as well, but don’t live in their market, and don’t want to pay 100% of the phone cost in shipping fees, etc. And after all that, I have no guarantee of support. As for the €60 per year, my latest phone is an S22 Ultra, half of whose features I no longer use due to the updated Samsung TOS. I can absorb that cost for the sake of updates, if they’d let me.
The forums suggest there are quite a lot of bugs and the device is slow. I hope Sailfish OS continues to improve but for a daily driver I’m leaning towards Graphene OS as the best option for now.
deleted by creator
A phone that works with proper linux: PostmarketOS, Sailfish OS or Ubuntu Touch.
Probably own a privacy-invasive phone and use it as little as possible.
deleted by creator
Just give google more money, no thanks. Fairphone with lineage OS is a better option in my opinion.
Easy. Refurbed phone. Google didn’t get a penny.
That’s keeps the used price for pixels high, which encourages people to buy new pixels cause they know it has a good resale market.
Child slaves labored to make raw materials for the device you’re holding. Your purchase kept the market rate for raw materials high, encouraging the continued use of slave labor. Don’t you feel bad?
We do the best we can with the decisions we have available to us.
I agree, that’s why I have a Fairphone. It’s a way to minimize that impact.
Unfortunately a Fairphone is not a secure device.
From a practical standpoint it’s secure enough for me, and I value the fair sourcing of components and labor a lot more than the little I am losing on security.
Fairphone is contributing directly to the linux kernel so they have my vote!
Plus their mission to try to make a phone with fair materials and compensation in their entire production chain. Is it perfect, of course not, but a lot better than all other brands.
Yes, throw more money towards the company doing this, sounds solid
Pixel phones cost several times what my phone costed.
The delictable irony that if you don’t want to use their os, you need to use their phone
Yep ,thats is the way
Purism scams their customers left, right, and center and have for effectively their entire existence. They should not be trusted, and their phone specs are basically from 2013 sold for $800.
So even if you’re idealistic enough to pay $800 for a phone that’d be in a landfill if it didn’t have hardware privacy features, Purism will take that trust you have in them and screw you over – delay you for as long as they need to/can/want with no recourse for a refund outside of maybe the courts. After which you hope you either get a functioning product or get good luck with a disorganized, opaque, scumfuck company like that.
Thanks for sharing so looks like that one is not an option anymore
You’re not being honest. They struggled to deliver their ambitious mainline Linux phone on time during Covid yes, but they eventually delivered. The fact that they did is a huge win for the mobile Linux ecosystem becoming a real contender just when we need it. All their other products are just fine.
NXP i.MX family debuted in 2013; Intel i7 family in 2008. Their phone uses a 2017 i.MX 8M Quad, the same year they crowdfunded their phone. 2017 i7 computers are equally not from 2008…
It still today remains one of the best ARM processors with open source drivers without an integrated baseband. It means basically any flavour of Linux can install on the device, with a significant layer of protection from carrier conduited attacks. Other modules have similar tradeoffs between performance and interoperability/security.
Want better specs? We either need SoC companies to release more of their drivers open source, or more people to patiently reverse engineer closed source ones.
They struggled to deliver their ambitious mainline Linux phone on time during Covid yes, but they eventually delivered.
And for the people who requested refunds who waited months if not never received them? Despite them moving back their timeline literal years with repeated delays? I don’t care what challenges they faced; they knowingly took people’s money and refused to give it back to them when they couldn’t deliver. It’s their responsibility to be prepared for challenges. And in some extreme edge case where they couldn’t have been prepared, it’s their responsibility to be transparent about that to the people who gave them over a million dollars (let alone purchased the product after the Kickstarter was finished). I suppose too that the pandemic affected Purism in January 2019 when they were supposed to deliver their product?
The fact that they did is a huge win for the mobile Linux ecosystem becoming a real contender just when we need it.
The Librem 5 is not a contender for shit. It’s so overpriced that it can only be successfully marketed to people who care so deeply about their privacy that they’re willing to use an inconvenient mobile OS, get completely boned on hardware specs, and deal with a company notorious for fucking over its customers. Purism’s behavior is a fucking embarrassment to the Linux ecosystem.
NXP i.MX family debuted in 2013; Intel i7 family in 2008. Their phone uses a 2017 i.MX 8M Quad, the same year they crowdfunded their phone.
That CPU is based on the ARM Cortex-A53 and Cortex-M4, launched in 2012 and 2009, respectively.
2017 i7 computers are equally not from 2008…
When I say “2013”, I’m not talking about the debut year of i.MX. I’m talking about the fact that you can compare this phone side-by-side with a Galaxy S4 or S5. 3 GB of RAM, 32 GB of eMMC storage, a 720 x 1440p IPS display, no NFC, USB 3.0, an 8/13 MP front/back camera (which they inexplicably call “Mpx”; good job, guys), 802.11n Wi-Fi, no waterproofing, and a shitty-ass i.MX 8M CPU. I still remember watching a trailer for the Librem 5’s continuing development, and as they were scrolling through a web browser, it was noticeably stuttering. This was years and years ago; I can’t even imagine it today.
It still today remains one of the best ARM processors with open source drivers without an integrated baseband. It means basically any flavour of Linux can install on the device, with a significant layer of protection from carrier conduited attacks. Other modules have similar tradeoffs between performance and interoperability/security.
I do not give even the slightest inkling of a shit try to confirm or deny this, so I’m just going to assume it’s 100% true, because it’s not relevant to the point that the spec is absolute trash and being sold for $800. If you are not absolutely married to privacy, this is not a sellable product in 2025.
Want better specs? We either need SoC companies to release more of their drivers open source, or more people to patiently reverse engineer closed source ones.
Actually, if I want better specs, I’m just going to go out and buy a phone that isn’t from Purism. It really sucks that it’s not open, private hardware, but Purism is such a scummy company that so wantonly fucks over their customers that I wouldn’t touch the Librem 5 even if I could justify spending $800 for that spec just for privacy’s sake.
Does it…work yet? Last I heard phone calls were dodgy…
It works well enough to use as a daily driver on Bookworm and Trixie (and some other distros) but would only recommend if you’re ok with Linux, and either are a developer or don’t mind some rough parts around the edges.
E.g. some carriers uses 2 APNs, one for internet and one for MMS. You can send/receive on both, but the router is not yet complete, so if you send/receive media or use a group chat via text, need to switch to MMS mode in settings to do so first, then switch back to internet. Not an issue on most carriers as they only have 1 APN, but an edge case for the ones that do have this configuration.
Yeah, that’s a really rough edge, but also…if it doesn’t apply to you… 🤔
Good to hear that it’s a potential option, if you do your research.
For which one? so far both are option outside iOS and android
Either one, I mean Linux mobile in general
C2 works on sailfish linux
Sailfish’s GUI is proprietary. I’d rather have a fully FOSS system (or rather, however much is possible).
Fair point
What’s C2?
From the link I pasted https://commerce.jolla.com/products/jolla-community-phone
Pixels are inferior to even the cheapest android phones out there. I have a two year old Motorola stylus that cost $100 and battery life is still over two days and I’ve dropped it a million times. Evey pixel I’ve owned had major issues with screen or battery life not worth the price when google can’t handle making reliable hardware. Plus I have a headphone Jack.
I mean everyone has anecdotal evidence to “prove” their point… I have a Pixel 7a that still lasts 2 days and I’ve dropped it a million times and the screen hasn’t cracked. It’s also 2+ years old.
We had a 4a (battery life) and 5a (sudden screen failure). Both failed just after warranty lapsed. The 5a made it just outside the extended screen warranty period. These are well documented issues and I’ve read about issues with newer gens as well. It just doesn’t make any sense not to support cheaper phones when it comes to custom roms because you’re voiding the warranty on it. With the pixels track record of poor quality I’d rather not risk $1k+ just to run custom firmware.
pixels battery life is lacking, but they sacrificed that for an AI-spy ware machine anyways.
This is the risk of “trusted computing” architectures. Who is governing the “trusted” part of that.
These cryptographic signatures are not as much of a death knell for Android as some would have you believe. The trick is to get a common code signing cert into your device, that is then used to sign any third party APK you want to run. You can avoid the Google tax this way. I assume that’s how most sideloading sites and apps are going to handle this.
The question is, how do you add that certificate? Is it easy and straight forward (with plenty of scary warnings), as a user? Or is it going to be a developer options deal? Or will I need root to add the cert?
I’m not sure what that answer is right now.
I just want to finish this post with a few words about trusted computing models. Plainly: Apple has been doing this for years … That’s why you download basically everything from an app store with Apple. Whether on your Mac OS device, your iPhone, iPad or whatever iDevice… Whether the devs need to sign it, or the app gets signed when it lands on the store, there’s a signature to ensure that the app hasn’t been tampered with and that Apple has given the app it’s security blessings, that it is safe to run. Microsoft and Google have both been climbing towards the same forever. Apple embedded their root of trust in their own proprietary TPM which has been included with every Mac, and iDevice for a long ass time. Google also has a TPM, the Titan security module, I believe that was introduced around pixel 3? Or 4?.. Microsoft made huge waves requiring it for Windows 11, and we all know what that discussion looks like. Apple requires a TPM (which they supply, so nobody noticed), Google has been adding a TPM and TPM functionality to their phones for years, and now Windows is the same. None of this is a bad thing. Trusted computing can eliminate much of the need for antivirus software, among other things. I digress. We’ve been going this way for a long time. Google is just more or less, doing what Apple has already done, and what Microsoft will very likely do very soon, making it a requirement. Battlefield 6 I think, was one of the first to require trusted computing on Windows and it will, for damned sure, not be the last that does. The only real hurdle here is managing what is trusted. So far, each vendor has kept the keys to their own kingdoms, but this is contrary to computing concepts. Like the Internet, it should be able to be done without needing trust from a specific provider. That’s how SSL works, that’s how the Internet works, that’s how trusted computing should work. The only thing that should be secret is the private signing keys. What Google, Apple, and Microsoft should be doing, is issuing intermediary keys that can sign code signing certs. So trusted institutions that create apps, like… Idk, valve as an example, can create a signature key for steam and sign Steam with it, so the trust goes from MS root to intermediary key for valve, to steam code signing key, and suddenly you have an app that’s trusted. Valve can then use their key to sign software on their store that may not have a coffee signing key of it’s own. This is just one example based on Windows. And above all of this, the user should be able to import a trusted code signing cert, or an intermediary cert signing cert, to their service as trusted.
Anyways, thanks for coming to my Ted talk.
If they only cared about thwarting malware they could have just relied on code signing via public certificate authorities, like with binaries on Windows.
Code signing offers slight protection from malware but not as you might think. If a company signs an installer, or executable then it tells you it came from them but not what it does. It could still be malicious, or it could be inadvertently bundled with malware in DLLs or scripts and you wouldn’t know. You’re just hoping the company has done its due diligence and you trust them to run.
Microsoft does have an antivirus system on top and fingerprints downloads too and applies some kind of trust score that is better if an exe is signed. There is probably no single mitigation that stops malware infection but apply lots of smaller mitigations in in depth and most people will be safe.
The irony is Microsoft still lets people run files ending with .scr way too easily. Much of the malware on torrent websites is a file ending with .scr knowing the OS will hide the extension, e.g. movie.mp4.scr appears as movie.mp4 in File Explorer and people click through and get infected.
I think I am just done with the whole concept of the convenient prepackaged tech product, and especially staying “connected” with them.
For example, I stopped wearing a smart watch this summer and it’s been a positive. I was the type to wear it 23 hours a day and track my sleep with it and everything. It turns out that not instantly seeing every notification or knowing the exact minute of the day are not a big deal, sans are even good for me.
Part of what I’ve also done is use my phone a lot less and my linux desktop a lot more. I use it as a mobile communication device and not my computer for everything. I guess the next time I need to replace it I’ll either get an iphone since everybody in my family has one, or I’ll see where these wonderful Linux phone projects end up.
I’m wearing my smartwatch as a wristwatch. All notifications are off, but I see the temperature, UV index, step and calorie counters, which is nice. And if I ever want to review my sleep data, pulse, sPO2 saturation and location history, I got it available just in case. And for the very rare case that my phone is charging and I want to access messages from another room, I can do that manually.
In all fairness to smart watches, mine is what turned me on to regularly checking the UV index. That’s an important thing for all people, but especially me because I have an increased skin cancer risk due to unrelated medical stuff. And it was extra-extra important this year because I have done a ton of good work outside this summer.
And to be more specific about my watch situation, there’s more going on than just avoiding notifications. I have been minimizing the amount of stuff I keep on my person in general, right down to finally getting my wedding ring tattooed on this year. There are various reasons ranging from abstract introspective life improvement stuff to the practical where that outside work I mentioned was constant and pretty rough on anything on my hands/arms.
So even if I wore a nice mechanical watch, I’d probably still be going with the double bare wrists right now.
In all fairness to smart watches, mine is what turned me on to regularly checking the UV index.
Can’t you just do that on your phone? Surely if the UV is high, you just plan accordingly for the day? Sunscreen, wide brim hat, stick to the shade where possible, etc. I can’t imagine what benefit constantly checking the UV on your watch gives you. Even if it did happen to fluctuate for some reason, you would be wasting so much time constantly ducking in and out depending on what your watch says at any given moment.
Yeah you are absolutely right. I do just check it on my phone or PC now.
But having it constantly visible for the months or years I had it on my watch face etched the habit into my ADHD brain. It also gave me a feel for how weather and time of day affect it. But not in a way where I try to vibe measure the UV index. It reminds me to check the weather data. :)
I look at the length of my shadow, if it’s not taller than I am I use an umbrella.
How does this affect “second-party” apps (i.e. apps you have created yourself)? Are you still allowed to go to Android studio, make an APK, transfer it to your own phone, and install that app? If no, this spells the death of experimental indie developers on Android.
yes. from what I understand, you will get a developer key from Google, and then you will sign your APK with your key.
you’ll still be able to sideload apps that have been signed with developer keys. the main point here is that Google is forcing the developer to identify themselves.
You don’t need to sign anything just turn off play protect with 1 adb command:
adb shell settings get global package_verifier_user_consent adb shell settings put global package_verifier_user_consent -1 # disable Play Protect
Not a solution to our problem, but this is a crumb in our favor.
I know why you included both, but saying “1 adb command” and then posting two is funny to me.
One gets the current value to verify it and another actually sets a new value. It’s the way these commands are usually shared.
Does this work with any app or just second party ones? Can you re-enable it?
Yes it modifies the phone not the app and you can re-enable it anytime with 1 instead of -1
They might copy from apple. 3 apps with a self signed cert that needs to be renewed every week…
deleted by creator
So yeah we’ll do a decentralized Linux phone of sorts, if Google is going full 3rd Reich with Android we’ll move to a Linux based OS phone.
Simple as that.
Its like Microsoft and Google are teaming up to drive me closer to Linux.
Yes, learn the truth and be enlightened. Both Microsoft and Google have been secretly scheming for a while now, with the sole intent to get girthero closer to Linux
Windows 12 phones are going to come. Microsoft will have their own RISC chips to run mobile platforms. Their relationship with Intel has limited them too much while the rest of the Tech giants grew too powerful with their own branded chips and devices.