It's seriously time to re-embrace the idea of ownership and control of our devices, and reject Android and iOS altogether. Developing for those platforms has become worse and more restrictive over the years, and this kind of crap is now just everyday news.
How good are Pinephones[1]? Are there better alternatives?
The biggest problem with "alternative" platforms is just the lack of app support.
I used to have a Nokia N9; great phone. But it didn't support WhatsApp and I was out on the loop on the WhatsApp chat all my other coworkers were in.
Then there's things like banking apps, flight check-in apps, food ordering apps, dating apps, etc. etc. Can you do without those? Sure, of course. But if I want to order food where I live then the only option is to use an app.
No platform will have any chance of any sort of adoption unless it supports some way of running those apps. There are options here, for example Jolla/Sailfish OS can run Android apps (no idea how well that works in practice; the latest update says it supports "Android 9, and the support for Android 10 is already nicely on the way").
It's a "vendor lock-in" ecosystem that's worse than the Windows lock-in of yesteryear IMO.
Since I don't really use my phone all that much I decided to "just use an iPhone" (because it's the only phone that's not huge), even I think they're really horrible.
I use Sailfish OS and the android compatibility layer is decent, but not perfect. Some apps have issues understanding the network connectivity state, and photos taken with the Sailfish camera app sometimes don't show up in the Android file selector until the compatibility layer is restarted. Other than that, most apps work fine. (I mainly use it for spotify, slack and maps.)
> It's a "vendor lock-in" ecosystem that's worse than the Windows lock-in of yesteryear IMO.
For regular companies, if they want to shoot themselves in the foot by not being on the web, they're welcome. It's not such a huge issue as it would be with government for example.
Also "any chance of any form of adoption" is a bit overstatment. I still use a dumbphone, and if I migrated to pinephone, lack of the kind of apps you mention would certainly not concern me. Even then, many apps have web alternatives here, or alternative GPLed clients for Linux (that includes whatsapp, apparently), that can be made native on pinephone.
"Not being on the web" doesn't seem like a huge footgun. There are probably more people with a mobile phone and no traditional computer than the other way around, especially if you go outside of the US and Europe.
Revolut, Grab, Gojek, Tinder, WhatsApp, and many more are all successful that offer a mobile-first solution, with either no web/desktop client or just as a an additional client (usually with fewer features, and/or still requiring access to a smartphone).
> Also "any chance of any form of adoption" is a bit overstatment. I still use a dumbphone
Of course it's possible; but depending on what your interests in life are you will pay a price, and in practice for the vast majority of people the price is too large to use a non-Android/iOS compatible device.
> many apps have web alternatives here, or alternative GPLed clients for Linux (that includes whatsapp, apparently), that can be made native on pinephone.
Unless they somehow hacked the encryption, you're still going to need a connection to the phone's WhatsApp client.
> Unless they somehow hacked the encryption, you're still going to need a connection to the phone's WhatsApp client.
Apologies if I sound a bit naive, but what would be there to "hack"?
WhatsApp clients are available for many platforms, whatever encryption they might be using can easily be figured out by decompiling the code, and if they are using a key on the client side to do any encryption, that key is available for extraction from the distributed client too.
Basically, my question is what can a closed source downloadable client do to protect the encryption it uses to connect to a public network?
Well first of all that's just total BS, but secondly this thread isn't even about privacy. None of this is. In fact your comment is the very first mention of that word in this thread.
I dream of a dual phone (conceptually 2 phones glued back to back) where you do web and open stuff on one side, and the inevitable proprietary apps on googled-android on the other side, with a quick button to freeze the prop side (for power saving and mitigating spying).
(Or same where the 2 phones are somewhat multiplexed on a single screen, preferably in hardware.)
You can do it on Pinephone with two different independent operating systems, one on the eMMC storage and the other on the microSD card. When you put in the microSD card, the devices boots from it. Otherwise it boots from the internal storage.
You can do the banking (from most banks) and food ordering from a web browser on your smartphone. No apps required. Grubhub, Uber Eats, Doordash, all those sorts of things. Most of them have a web version, and you can use that instead of an app most of the time. Just shake loose the Apple-induced app mentality that keeps you locked in.
A lot of hardware devices require use of an app these days. Any with wifi will also require use of location on ios and are thus unusable if you have location services disabled systemwide.
I just returned some IP cameras recently because of this.
No, it's the bad hardware. With high-end hardware, it would be no problem to just run something like anbox and immediately have most of the important apps running. Except asshole apps that require DRM/safetynet of course, but I don't use them on my current android phone anyway.
I keep hearing this and it's totally wrong. Desktop Linux has a huge app ecosystem and arguably has more high quality software than Android does. All of this works on the pinephone and other similar devices.
Okay, so how can I chat to my friends or companies with WhatsApp on Linux? How can I order food similar to Grab or Gojek on Linux? How can I get a date on Linux like Tinder?
You can't. Sure, there are technological solutions to all of those, but in the real world that alone is pretty much useless.
> if you're using Whatsapp at all you're either massively ignorant or stupid.
Lets not name call here. Many people have different motivations and concerns different than you. Most people likely already gave facebook their number, or someone else did for them through contact book sharing.
I think many would argue that thinking Facebook doesn't have your phone number is either massively ignorant or stupid. After all, it only takes one person you know signing up and allowing access to contacts.
That said, I am considerably less concerned about Facebook having my phone number versus Facebook being able to mine all my conversations to create a pretty complete profile of who I am and what I do.
I have never uploaded my phonebook to WhatsApp durring the short period I used it nor did I give my number to Facebook (either by entering it into my profile or by answering the nags to enable 2FA when I used to use the site.) It was not included in the recent leak (which doesn't mean they don't have it.)
And you still need the phone app for that Linux client; everything is routed through that.
Good grief, I keep bloody repeating this. Do you people actually read anything?
> Although, if you're using Whatsapp at all you're either massively ignorant or stupid. I mean, giving Facebook your phone number is just not wise.
I'm a normal human being who values social contact and doesn't want to pester all my friends in using some other app, and a lot of businesses use WhatsApp here too.
I am neither "ignorant" nor "stupid". This is literally the worst of HN right here. Do you even listen to what people have to say and consider perspectives outside of your own?
I can't help but notice that it's not a “Linux”'s job to do something about WhatsApp demanding this and that from you. It's a problem (let's not belittle it), and it's yours (well, you share it with others).
Also, people who can't get in touch with you because you don't use some fad-of-the-year app are not your real friends. Tell them that you still use MySpace (wearing a Myspace T-shirt), or prefer WeChat (a billion of users can't be wrong), and see how it goes.
> Also, people who can't get in touch with you because you don't use some fad-of-the-year app are not your real friends.
I'm in touch with many people, most of whom are not close friends. To break up a social contact just over this is too high a price to pay (and acquittances can be upgraded to close friends over the years, too, but not if you start by badgering them in to using some other app).
I got my Pinephone last week, and have been fairly surprised that it's reasonably usable. I viewed the purchase more as a donation and a signal that there is a market, but I've been using it more and my Android phone less as the days go by.
I'd encourage more people here to purchase one, even if just to tinker with. There's so many "I'll buy one when it's ready" replies, but that may never happen if there's no money to fund the companies trying to make an alternative to Android/iOS.
Android is opensource, and is technically really great. There is a great opensource community of people that are very capable in this area, and supports already the vast majority of devices in the world.
You only need to get rid of Google. Which many custom Android provide. Personally my smartphone is a Pixel 5 (IMO best smartphone currently available that fit in a hand), running Android, without any Google application. I'm very happy with it, and from what I discussed with Pinephone users, it's lightyears more usable than what exists for Pinephone.
More and more functionality is being shoved into Google Play Services. I have a deGoogled phone running Lineage, but even with that, no Google Play Services, and some custom settings (like changing the captive portal URLs), there's still network traffic to Google. Add in relative unknowns like AGPS and the situation gets even worse. I also have no push notifications for most apps, have to keep a static notification so Android doesn't kill apps like my email client, AND still run micro-G for basic functionality to work. Oh, and thanks to SafetyNet there are still apps that refuse to run, even with systemless "undetectable" root.
Android itself might be really good, but it's pretty obvious that deGoogled phones have a strong chance of being functionally useless in the future.
The ratio of available apps of Android without gapps over pinephone is still more than 1000 fold, despite SafetyNet or other reliances on Google.
For push notifications, microg does fill the gap, so I'm not sure what you're talking about. UnifiedPush is coming to fill this gap without violating Google's ToC, with self-hosting, and fully FLOSS. Is anything like that coming to PinePhone or Librem?
The Google phone-home "features" can be removed, and this is exactly the point of this thread. Android is opensource, you can control this platform however you want, especially removing all connections to Google services.
I'm guessing what you're saying is that you installed some custom Android ROM, and expected it to remove any Google tracker, but that's a wrong assumption, most Android ROMs don't target deGoogling.
Even my AOSP GSI, with FLOSS variant doesn't target removing Google phone-home features. Why? I don't approve of any data collection on Google's DNS, AGPS, or generate 204, which means it is illegal for them to use it to track me without my consent, and I believe that they are not total outlaws. Running a DNS, AGPS, or even generate 204 reliable infrastructure is hard.
> I have a deGoogled phone running Lineage, but even with that, no Google Play Services, and some custom settings (like changing the captive portal URLs), there's still network traffic to Google.
I'm running LineageOS without Play Services too and didn't about know this!
Do you have any reference materials (I guess getting busy with Wireshark and the source is my next step)? I found this Reddit thread[1] talking about a connectivity check but am keen to start tracking down any others.
> Small numbers (1-3) of stuck or dead pixels are a characteristic of LCD screens. These are normal and should not be considered a defect.
Their product line does not really inspire much faith. I can't say I've bought a device in the past 10 years which has dead pixels on the display. To me, this is a defect, given that I can pick up a device, overwrite Windows with Linux, and have a device without dead pixels.
Check out their philosophy[0]. They aren't exactly a company targeting end user consumers. They want to put affordable hardware in the hands of a community of tinkerers.
Good luck with that. See how long that last, if the current trend continues.
Soon you might have to aquire a certified developerversion to unlock your device to tinker with it.
This warning is present, albeit in much smaller print, on all devices with a screen that you buy. The unofficial apple policy appears to be "repair starting from 1 dead pixel on iphone, 3 on ipad". Samsung has a policy which depends on the screen type: 1 for normal LCD, 3 for Super AMOLED, 4 for WVGA-resolution LCD. Every single manufacturer has this kind of clause, you cannot fault pine64 for this.
Though of course as it is a much smaller venture, you can’t hound a sales rep until they accept to repair it nonetheless.
That warning is designed to scare away 'regular' consumers, so it's doing its job. If the prospect of a couple dead pixels scares someone, they are not the target customer for a PinePhone. It is absolutely not a device for the average consumer.
How do you know if you're the target customer for a PinePhone? You read the 'dead pixels' warning and think 'I don't care... I want a Linux phone'. People who would find a couple dead pixels unacceptable would also likely find the features and functionality of it unacceptable as well. For months it couldn't take pictures or (reliably) make phone calls/text.[1] Now we can take poor quality pictures and have marginal phone functionality and think life is good! It's not that we're nuts (ok, maybe a little ;-) but rather that we accept this a long term process/effort and not something that will be even remotely perfect anytime soon.
[1] Hell, mine will never be able to reliably work with most USB-C chargers due to a hardware bug in the first iteration. Didn't care... I want a Linux phone! (and I'm too cheap to replace the board, I'll wait for a v2 to fix that and other issues)
I’d be hesitant to jump on another platform unless it has a way of locking down app permissions similar to iOS. I think it’s been shown that the app review process is a farce, but the permissions system like the new app tracking feature is great for privacy and security.
If this droid script equivalent were going to start reading my emails watching me through the camera, reading my clipboard, or tracking my real world location, I’d definitely want something that alerted me to that before it happened.
> If this droid script equivalent were going to start reading my emails watching me through the camera, reading my clipboard, or tracking my real world location, I’d definitely want something that alerted me to that before it happened.
Android has supported permissions since at least Froyo (2010), and these permission requests were made on-demand/runtime rather than pre-install with Marshmallow (2015). So Droidscript would be unable to do any of those things (except reading the clipboard) until you explicitly granted those permissions to the app.
Remember that you can still use Android without Google apps entirely. Depending on how popular your device is, you can retain close to 100% of functionality. You can also use banking apps etc. but methods are in constant flux and it's an ongoing battle
Maybe it's just time to see phones as what they are - a phone.
I don't really care what software is ran in my truck, as long as it works (And that's why I'll not buy a Tesla). It's a phone, use it to call text and guide and browse some internet. That's it.
But for many people, maybe even most people, they're not just "a phone". They're a multi-purpose tool that comes in the form factor of a mobile phone. Camera, chat, web browser, games, social media, music player, access to nearly the sum total of human knowledge... Treating such as tool as merely "a phone" doesn't make any sense.
It’s still a phone actually and colloquially even if I use the Phone App infrequently.
The point isn’t what you call it. OP’s point was and I agree that you don’t need to have full control over every device that can possibly run code. Just let it be a device that does its thing.
It’s the difference in people that want calm technology vs “power users”. I want the device to exist waiting on my input and even though I have deep knowledge of its internal systems and processes, I don’t care, I just want it to work, solve a problem for me, and I’ll put it away.
Go ahead and root your phone to do whatever actively complex thing you need... it’s a tool for me and I personally want the walled garden to prevent it from possibly not working when I need it.
> you don’t need to have full control over every device that can possibly run code
I argue that if the device sends data to third parties over radio/internet and/or the manufacturer can remotely push updates that changes the devices behavior then users must have full control.
Something like that should become law.
Then manufacturers can keep devices locked down as long as they stay out of the surveillance game.
> The point isn’t what you call it. OP’s point was and I agree that you don’t need to have full control over every device that can possibly run code. Just let it be a device that does its thing.
That's not how I read the op, who said "It's a phone, use it to call text and guide and browse some internet. That's it". The tone in that reads not like "you don't need to..." it reads like "you should not...", which I disagree with. I rarely use my phone to make calls. I use it as a multi-function tool of tremendous capability. If I wanted a simple flip phone, I would have bought one of those, instead.
I envy your chill. We all do need to take a deep breath at times and realize it's truly a first world problem.
With that said your truck analogy isn't perfect. Your truck will last as long as you keep it going. That can be 20 years or more. It would be more like having a truck that the doors do not lock anymore after 2 years and you cannot fix that you must buy a new truck if you don't want thieves.
Also I think the analogy doesn't quite work because a truck is a truck. You can do some customization, you might (or not be) able to change some parts, or being a mechanical engineer you might even be able to repair it or enhance. But it will always fundamentally be a truck.
The difference from phones is that a phone is a computer, and as such it has computer's endless potential. For some it can be just a phone, sure. But many people want to use it as an extension of their mind, as knowledge management tool, as a creative tool, etc. The frustrating bit is that is many aspects phones are much nicer and better suited for such tasks than regular desktop computers (think portability, having cameras & sensors etc), yet because of these walled gardens it's much harder for a knowledgeable person to leverage this potential.
You are displaying your ignorance of trucks. For decades now, all automobiles and trucks have included proprietary computer systems. Some are easy to hack and alter. Some are more expensive/challenging, but people do it. An EV is missing _most_ of the mechanical parts that defined a "truck" for a century, and is basically only four tiny motors, brakes, a computer system, and a battery with wheels. The sole characteristics of "truck" that still remain which Henry Ford would recognize are "has wheels" and "can carry cargo".
Exactly. You have almost complete control over it which is exactly why trucks can last so long IRL. If your radio stops working you don't need to buy a new truck.
Phones are the only pocket computers that see quick advances in performance and battery use. For someone who wants a pocket sized computer, it's just most convenient to combine it with your phone.
But they are horrible as production machines, at least until when our brain is no longer using our body as interfaces.
For pure pocket sized computing, why not use RPi? It's both much cheaper, more customizable, and it runs Linux. With enough tweaking you can make it run completely headless, plug-and-run mini computer that you can ssh over local network.
I think the biggest problem with the combining idea is that computing in general is about productivity, and phone is about phone stuff.
It's not much cheaper if you want battery, LCD with CTP, and perhaps a LTE modem for non-wifi mobile internet. Also it would have a horrible form factor.
Pinephone is basically a smarthpone shaped SBC, with much better software situation than rpi, and you can use it as such. I ssh into mine all the time. You can connect anything you like to it via USB hub, incl. the full keyboard and mouse. You can use bluetooth keyboard, and just do normal computing you'd do on your dekstop, etc.
Except for small display and lower performance there's no differnece.
Phones are kinda too small, but iPads (which are, in essence, oversized phones) are just fine for production machines if you don't equate productivity with programming.
With a Pencil and Procreate, it's really hard to beat for drawing and illustrating. With an external keyboard and some kind of stand writing is a joy, I like it better than on a proper computer because of a ton of little things that help me keep focused and because the device is so portable and doesn't have the laptop form factor with a permanently attached keyboard, with bluetooth periphery it's more like a wireless battery-powered external screen.
Light to medium spreadsheet work is also totally doable, and I've build dozens of slide decks in various apps, with hand-drawn illustrations.
I use a Pi as a mini server, but doing creative work on one, I can't imagine that to be as nice and slick as on the iPad. Last time I tried the PiOS desktop, it definitely wasn't.
You're absolutely right about drawing and other 2D renders. I may have overlooked this because I have not a bone for arts in my body and prefers the terminal to UI.
I uninstalled all social media from my phone. I feel so much better.
I use it for chat apps, phone calls (usually via chat apps), and occasionally wandering around Imgur when it would be socially awkward to not be on my phone.
The rest of the time I've come to appreciate being present in the moment.
So yeah, I'm looking at the new generation of Linux phones with interest. If I can run the chat apps in a browser OK, then I think it might work for me.
When loitering, I've found that phones are a strong signal that distinguishes those uninterested in engaging with the strangers around them, from those that are. When trying to convey one's innocuousness to the wardens of a domain, it can be helpful to use your phone.
Related, if in a group, everybody else disengages to be engrossed in their phone, it can be helpful to do the same if one does not want to demonstrate a vulnerable dependency on the generosity of their attention.
A lot of awkwardness comes down to self-perception of vulnerability.
I'm a middle-aged white guy. In situations where everyone else is 20 years younger and dressed in half the clothing I am, I come across as a total perv if I look at anything except my phone. Or at least that's how it plays out in my head.
I do find it useful to sometimes be absorbed in my phone and not aware of what's going on around me. Or at least to have that impression.
> Maybe it's just time to see phones as what they are - a phone.
Maybe it's time to call phones what they really are: pocket computers with a legacy voice call functionality that is increasingly irrelevant to anyone who isn't a Boomer.
Now, regarding the locked-down of both iOS and Android ecosystems, I can see both points of view. The majority of ordinary users need to be protected from increasingly sophisticated malware stealing their online banking credentials or other mischief, but power users also need to do whatever they want to do once they've signed a disclaimer
> pocket computers with a legacy voice call functionality
I don't necessarily agree with this, because this is the direction that everything is moving towards.
It is so much cheaper to embed an SOC into everything that needs some form of automated/assisted control. Not necessarily a good thing, but that's what is going to happen regardless.
Your fridge can become a pocket computer with refrigerating capability - but you'll still see it as a fridge. It's really about how you see and utilize these items.
Indeed! Half seriously, we just need thermoelectric generators to get efficient enough, and then our phones can be powered directly from our body heat, and also refrigerate us on a hot day!
You don't need to use any of the driver assistance features. It’s not doing any of that if you don’t explicitly engage it and sometimes even requires enabling settings toggles.
Here's the deal though, when I press the brake pedal in my truck the force is mechanically applied via a hydraulic system to brake pads in the wheels.
I've read that Tesla abstracted all that with electric signals coming from a computer, now a proprietary software system sits between my legs input and the brake pads.
What if it goes wrong? You can try to convince me that it is an RTOS where signals from the brake pedal have the highest priority. And it seems to be that way, but I'd rather not.
I've dealt with enough computer problem to trust some onboard computer that can receive updates from the internet over how I brake.
Not sure where you’re getting your FUD. The steering and breaks on a Tesla are mechanically connected with electric assist motors just like all modern cars, including your truck.
Per mile driven Teslas are the safest vehicle on the road. The software helps ensure the safe operation of the vehicle. It’s really not that scary. The software is overlaid on a pretty standard vehicle aside from tue fact that it uses electric motors instead of an internal combustion engine.
One thing that comes to mind is that the wiper functionality has to be accessed from the center console touchscreen, and generally when you need it on you need it right then.
Most users would prefer a mostly safe experience and gladly give up the option to run arbitrary code on their device for that experience (including arbitrary code they've written). In an all-out "this or that" between allowing IDEs on the Play Store in general and giving the average Play Store user what they want, the IDEs would lose.
But it does suck if there is no legitimate way to release an IDE targeted to run on a mobile device via the Google Play Store.
Most users don't really understand what they're giving up when they give up the option to run arbitrary code
As with privacy (Facebook privacy settings, cookie boxes), it's easy to bamboozle the general public with complexity and then interpret their confusion and (violated) trust as consent.
I will burn karma forever on continuing to assert, on behalf of the average user, that even if they don't understand the details they do know what they want.
It's not like people didn't have the experience of using Internet-enabled devices without an app store equivalent in the nascent days of the Internet, where many options were good, a few would inject malware onto your system, but (most importantly) all of the options were equivalent and there wasn't a "correct" one to choose.
Don't make the mistake of assuming that people spend so much on Apple products for no reason. A major portion of the marketplace likes the lack of choice paralysis. The ability to run arbitrary code is one giant choice-paralysis engine. Google has found a good middle ground in selling a device that is basically configured as "safe by default, but here's the break-glass button if you want to run arbitrary code and maybe be more vulnerable to someone tricking you into root-kitting your own device," but their average customer would still rather never worry about the risk of rootkits and they have the data to know that.
If we are to be in the business of protecting the right to free(-as-in-speech) machines in the mobile ecosystem, we need to understand the average consumer that is paying the bill for that industry to exist, and asserting they just don't get it isn't how you start that process.
This is one case though where that lack of understanding leads to the right conclusion. The average user is giving up nothing by losing the right to run arbitrary code, because they never were running arbitrary code.
JavaScript is allowed on iOS and Android already. So if Goole or Apple do not allow you to run some scripting language you want then the reason is not security(the sandbox and permissions should be enough and if is not enough then it means the sand boxing is a lie).
... which is, unfortunately, a weakness of F-Droid's own making (for the right reasons!). Because they don't do stat-tracking on users, they don't have numbers. So Play Store is able to claim "1 billion active monthly users" (as of 2015) with some certainty, F-Droid can give an approximation and a shrug.
Tweaking your wording slightly, it's basically the fundamentals of social contract theory.
I may have the freedom to bash my neighbor's head with a rock, but they have the same freedom to do the same to me. This isn't as useful as the freedom to sleep at night, so we voluntarily give up this freedom.
Reframing to the topic at hand: if the freedom to mutate the code on my mobile device makes it more likely that I'll get pwned by some clever social-engineering than the odds I'll improve my quality of life by tweaking some behaviors on the phone, then it's entirely rational for me to give up that freedom. And, indeed, millions of phone purchasers annually make that decision.
Ditching Android is not a good solution - see the application support problem on Linux for why. What we need is a serious and well-funded Android "distro" that lifts Google's dumb restrictions and reimplements Google's proprietary APIs for compatibility. MicroG is doing very well on that second part, but due to lack of funding still has far too many holes.
No amount of funding can fix this, at least for all use cases where apps communicate via google services between phone and app HQ. The average bank is not going to send data between bank and user via microg-operated pipes instead of google-operated pipes because 0.1% of their users don't like google.
The average banking app doesn't communicate via google-operated pipes. Basically the only thing I've seen baking apps do via Google (and I've reverse-engineered quite a few) is the SafetyNet check to ensure their bullshit policy about modified devices. Well, that and notifications, but microG already emulates that library and uses Google's servers afaik.
If a phone manufacturer started shipping Android phones without GApps and they got popular enough, developers would start being more careful with relying on Google Services. We saw this with Huawei - their phones are reall popular where I live and after tons of complaints from huawei users, a bunch of companies fixed their apps to gracefully handle the lack of Google Play Services.
It doesn't much matter how good they are, since you can't buy them (their products are usually out of stock for months at a time; right now, they are in pre-sales etc).
I like what they are doing, but it is definitely not mainstream products.
When Mozilla was trying to get their OS for mobile phones, I think they stepped in too early. Right now it's probably a better time for an alternative.
How good are Pinephones[1]? Are there better alternatives?
[1] https://www.pine64.org/pinephone/