Hacker News new | past | comments | ask | show | jobs | submit login
Android phones are sending significant amount of user data with no opt-out [pdf] (tcd.ie)
700 points by giuliomagnifico 15 days ago | hide | past | favorite | 367 comments



A distinction needs to be made clear here with regards to the data being transmitted to Google by LineageOS in this study.

In the cited paper (https://www.scss.tcd.ie/Doug.Leith/Android_privacy_report.pd...), the device used to test LineageOS was a Google Pixel 2 running LineageOS 17.1 which also included an installation of OpenGapps 10.0 nano.

It's not the OS that is transmitting the data over to Google, but rather OpenGapps (ie. Google Play). OpenGapps is software that can be optionally installed after the initial installation of LineageOS (but before first boot). A user can still use LineageOS without OpenGapps, though they just won't have the benefits (and drawbacks) that come with it (such as being able to use apps that require GSF). The user can instead opt for an app manager like F-droid or possibly Aurora Store.

In addition, there exists an alternative to OpenGapps called MicroG. This is like Google Play but allows users the option to anonymize themselves. One can find custom LineageOS builds that include MicroG from the MicroG website (as the members of the LineageOS project do not advocate for its use, instead giving preference to OpenGapps). Keep in mind, however, that there are fewer devices supported by those builds.


Technically, the Internet Connectivity Check on LineageOS also sends your position/IP to Google, and also avoids a VPN tunnel because it's lower down the stack.

I can recommend LineageOS, however be aware that lots of malware infected builds have made it to xda dev in the past, so you should build it yourself if possible (or use the official downloads).

Regarding the Connectivity Check: You can add all google related domains to /system/etc/hosts if you have root/sudo access.

Additionally I'd recommend everyone to use RethinkDNS as a DNS adblocker and app firewall - and AppWarden to patch out the Analytics parts of proprietary Apps.


Some Android flavors, including /e/[1] and GrapheneOS,[2] don't use Google servers for the internet connectivity check by default.

[1] https://gitlab.e.foundation/e/backlog/-/issues/268#note_1809...

[2] https://grapheneos.org/faq#default-connections


Looking through the GrapheneOS source, the servers may not be Google servers but the system is still designed to phone home. As such, have they solved the problem or is this just another case of "Dont' trust them, trust us instead."

Has anyone succeeded in running multiboot on "smartphone" hardware, i.e., where the user can boot into a choice of kernel/userland. One choice might be Android, another might be GrapheneOS/LineageOS, another might be an OS that does not rely on any third parties whatsoever (no conveniences, "app stores", "connectivity checks", etc.) and is fully controlled by the user. In other words, the third choice lets the pocket-sized computer be used more like a pre-smartphone era desktop/laptop OS. Basic functionality.


Eh, if you want an airgapped phone, use it in airplane mode. Obviously, the phone needs some network infra for things like updates or timekeeping. You can route it over vpn if you want and you can build everything yourself and host all the servers yourself too if you so prefer. This type of pedantry is more harmful than useful to casual users who would be far better served with grapheneos than some non-existent ideal phone.


"...if you want an airgapped phone, use it in airplane mode."

Right, that's what I do. In fact this post comes from a smartphone sans SIM with airplane mode on, with a firewall against apps phoning home, no Google or Gmail account, all Google Gapps nuked including playstore - in fact all Gapps have been completely removed - not to mention that most replacement apps come via F-Droid.

Yes, technically it's not fully airgapped but it is against Google and that's my main aim.

Of course there's a penalty: I also carry around both a pocket router with WiFi and SIM to which the smartphone connects as well as the dumbest of dumb phones just for phone calls.

Yes, it's a little inconvenient in that the combined paraphernalia is about equivalent to two normal smartphones (both the router and dumb phone being somewhat smaller). Next step is to upgrade to a Fairphone or equivalent. (I've often wondered where I'd fit on a percentage scale of users who'd go to such lengths - somewhere between 0.1 and 0.001% I suspect.)

You may well ask why I've gone to such lenghts. It's more principle than privacy really. It's because governments around the world completely abrogated their responsibility when they deregulated the once-private telephone networks in the 1980s, when they did they let the Wild West take over. This 'vacuum' then led to a depreciation in the value of privacy on telephone networks. The ultimate insult came when the vacuum was filled by the likes of Google and others who usurped the last vestiges of our telephone privacy for good - and these damn governments just stood by and let it happen without so much as whimper. Remember, we telephone users were never first consulted about our privacy - governments just let Google and Apple et al take over the whole damn caboodle without question. (In the future after all the world has finally woken up to the disaster then we'll have dozens of historians trying to figure out what the hell happened and why. When realization finally dawns everyone will be flabbergasted.)

Now, long after the horses have bolted and without so much as an apology, governments are trying to reign in the likes of Google and Facebook. Right, our governance is a fucking farce - it has to be when governments simply allow Big Tech to not only effectively overrule longstanding law but also to go on and do whatever they damned well feel like with impunity.


Is the pocket router battery powered. Really we need an suitable open source, easily compiled OS to run on a suitable "smartphone" that can be re-purposed into a "pocket router". This to function as the gateway through which our "phones" reach the internet.

The router/modern is battery powered or it will run continuously off a USB charger. The one I'm using currently is a Vodafone (Huawei) R216. Here are the specs: https://wirelessgear.com.au/vodafone-pocket-wifi-4g-r216-mod.... That link is the first one I found, if it doesn't work for you just search the modem's model number.

The R216 lasts for at least 6 hours on battery, often much longer (and the battery is removable, so you can have spares to extended its operational life). Whilst this modem is principally an ISP one (Vodafone) it comes unlocked. I note that that link says it's locked but it's likely not - as most assume ISP-supplied stuff is but to be sure you'd better check that's so where you are. Also, if you aren't using a Vodafone SIM then first just check that it works even if it's guaranteed unlocked (some other SIMs may need setting up).

If the R216 isn't available or its locked in your country - or you have that common aversion to using Huawei equipment - then there are several other brands that are essentially equivalent. If you want the details I'll provide them.

Note this is a real router/modem and it'll run up to five smartphones/PCs at a time (which can be very handy). Some others that are a little more expensive can connect 10 devices to each other by their WiFi LAN and or to the SIM's mobile network. Also the R216 will take a micro SD card (one's mobile NAS so to speak :-)). Given its small size size and usefulness I'd never be without one (I've three of this model and several earlier types).


Regarding a portable router - I wonder what you think about that one?

https://www.gl-inet.com/products/gl-e750/#specs

It's about double the price, based on openWRT (but not fully open source).


That Mudi GL.iNet router/modem combination seems a very substantial device with excellent specs. I've not seen it previously (but I've not been looking of late either), with specs like that I'd certainly consider it when deciding my next purchase.

Here, it seems to me the key issue of whether to buy that one in preference to, say, a somewhat lesser model with fewer features will depend on how you use it. Right, that's stating the damn obvious but from experience I've found it's very important when it comes to mobile stuff, all too often I (and others) have glanced over this important portability factor.

If your intended use is to, say, carry it in your luggage and only use it after you arrive in your hotel or conference room then I'd reckon there'd be nothing better than to buy the Mudi GL.iNet device. On the other hand, if you intend to use it like I use my Huawei R216 router/modem, that being as part of my kit to replace a normal default-type Android phone (as per my previous posts to 1tSlEv and 1vuio0pswjnm7), then a physically smaller device would seem preferable.

As mentioned, carrying around three devices instead of a single smartphone is rather inconvenient in that there's more bulk to carry around, also there's more chance of losing one of the devices. I'm pretty adept at doing so now but when I first started some years back I'd sometimes only take the smart and dumb phones and forget the router/modem—thus I'd have phone access but no internet (right, being Don Quixote and always tilting at windmills isn't necessarily the easiest way to run one's life) :-)

My 'combo phone' isn't the only stuff that I carry around, it has to share my pockets with other junk like screwdrivers, pliers, thumbdrives, multimeters, etc. so physical size is major consideration. From the specs, I've noticed the size of the Mudi GL.iNet router/modem is 145 x 77.5 x 23.5mm and weighs 285 grams; by contrast, my R216 is 95 x 58 x 11mm and weighs only 77 grams. Thus my R216 is only about 22.9% the volume of the Mudi unit and weighs just a nudge over a quarter of its weight. This difference is very significant if one is trying to carry it in, say, one's jeans' pocket along with both a dumb and smart phone.

This brings me to one of my pet peeves; that being the ongoing and progressive decrease in the depth of men's trouser pockets over recent decades. This is no joke or trivial matter; I lost an almost brand new HTC smartphone after going to a concert and sitting in laidback seating, it just slid out of my pocket without me noticing its loss, by the time I had then it was too late. If I were a conspiracy theorist rather than someone who understands that such negative occurrences are 95% the consequence of fuckups then I'd believe there was a conspiracy between phone and clothes manufactures to sell more phones! I cannot understand why the average guy isn't up in arms over the continual withering of his pockets; after all, surely the cost of extra cloth necessary to correct the problem would hardly be measurable in the overall schema of things (BTW, this pocket problem even extends to coveralls/overalls). Anyway, as someone who's been sartorially challenged from birth, I've largely overcome the problem by ignoring fashion altogether and taken to wearing ex-military BDs or equivalent cargo pants. Penny-pinching accountants haven't yet sufficiently infiltrated their manufacturing to have made much difference.

The upshot of this is that I keep the smartphone in one of my trousers side pockets and the dumb phone in the other whilst the R216 router/modem I put into one of my shirt pockets. The caveat here is that it's important to have shirts whose front pockets can be buttoned or zipped up to stop the device falling out whenever one leans over. Given the average size of shirt pockets—and they too have been shrinking in recent years—then there's no way the Mudi GL.iNet router/modem would fit in them.


Interesting approach.

Which goal gets served by the separate router? I've been thinking here for a while, but the only thing that comes to mind is a very restrictive "allow-list only" firewall.

Which dumbphone are you using? The majority thereof seem to be KaiOS based, which frankly is not sufficiently dumb for me to warrant the switch.


First, the dumb phone is just that—voice and SMS only sans internet but more on that in a moment.

The router was designed to serve three purposes and I use all three of them: (a) to simultaneously connect up to five devices (smartphones/PCs etc.) to the internet via normal WiFi connection which it then routes to the internet via a mobile SIM card; (b) it's also a WiFi LAN switch in that it will allow local interconnection between the five connected devices; and (c), it has provision for an onboard SD card to which the five devices have access (i.e.: it acts as one's local mobile mini NAS). You'll see reference to detailed specs of the Hauwei R216 that I use in my previous post in reply to 1vuio0pswjnm7.

In my case, I use a fully-fledged reasonably current Android smartphone operated without SIM card and set to airplane mode for normal app usage, location and maps when needed, as well as internet browsing and non-Google email (POP/IMAP)—thus, the phone's only internet access is by either WiFi (to the router—my usual way) or Bluetooth—to another phone's internet connection (normally off).

Note: the phone is never used for telephone calls and it cannot be used as such as the router's SIM is a data-only type (that's to say one has a mobile phone number that cannot be used to make normal phone calls). Moreover my ISP, as many do, differentiates a data-only SIM/service from a normal one that does both. (In data-only services, one trades normal voice phone for extra data/cheaper data rates—you know, the usual ISP con job of artificially inflating a mobile phone's data charges. Nuking phone/voice access in data SIMs somehow—as if by magic—justifies ISPs to sell you data at a much cheaper rate. Furthermore, normal SIMs often won't work in routers for similar nefarious reasons).

As mentioned, I deliberately avoid Google services but using a phone this manner doesn't preclude one from doing so. I've found that if you use Google services, etc. then there's an added privacy advantage of disconnecting the phone from the actual telephone number as that now belongs to the router, moreover any app that that reads the phone's IMSI number will not be able to find a corresponding telephone number. I've several phones that I connect to the internet in this manner and every one of them has never had a SIM in it so Google is unable to link the phone's current ISMI-only configuration to any former IMSI/telephone number combination as there's never been one. Furthermore, in one instance when rooting one of my phones I accidentally formatted the partition containing the IMSI information, etc. and whilst I had the means of putting the info back I decided not to—thus apps no longer have even an IMSI number as an ID reference. Incidentally, this is still legal as far as regulations are concerned as the router and router SIM now provide the IMSI/phone number combination.

My phones also gain extra privacy from the fact that they're rooted, one can use the many Xposed Framework tools and such to improve privacy, nuke ads etc.

On the matter of firewalls, I normally use one on the smartphone itself rather than say installed in the router for purely practical reasons in that it's easy. The drawback of course is that if the firewall stops for any reason, which on occasions does happen (especially so after a full restart), then any apps that have a collection of data will use the opportunity to send it (my default is that no apps have internet access unless it's specifically needed as part of the app's function and the firewall is set accordingly—this also acts as extra method of nuking ads although I mostly use F-Droid's ad-free apps). This risk can be essentially eliminated with a rooted phone but I've not time to go into that here. BTW, I use several Android firewalls apps (not on the same phone of course) but I've found the easiest to use is Karma Firewall.

Re my dumb phone, I've been using an Aspera F28: https://asperamobile.com/phones/easy-phones/aspera-f28/ and its later incarnation the R30 but I'd not recommend them and they're unlikely to be available in many places. Their batteries are too small and of inferior quality and have to be replaced often (at least they're removable). Nor would I recommend other Aspera phones for similar reasons. I doubt that they use KaiOS, if they do then I've seen no sign of it. I reckon you're right to be worried about KaiOS especially so since Google has invested millions into the project.

Incidentally, I've other better flip phones such as Motorola ones that I can no longer use as they're only 2G (which is ideal for dumb phones) but unfortunately where I live they've now killed 2G. Doro dumb/feature phones may be worth considering as they've have always had a reasonable reputation (in the past I've thought about getting one but I've no practical experience of them). I know that Doro used to use their own OS but I cannot tell you much more than that except to say they do use KaiOS on at least some of their phones, the 7050/7060 for instance.

Of course, much depends on what you actually want to do. As I've mentioned in my previous post to 1vuio0pswjnm7 that carrying three devices instead of one can be rather inconvenient as there's more bulk to carry around and also the chances of losing one of the devices is potentially higher—one needs sufficiently large pockets to carry them thus size and bulk matters. As a person who's always carrying around lots of technical junk this is a hobbyhorse of mine and I'll address it in more detail when I reply to Iolaum.


Based

Looking at the FAQ provides more details on various ways GrapheneOS phones home by default. Thankfully, some of these "services" can be disabled.

The time service is enabled by default but can be disabled.

"An HTTPS connection is made to https://time.grapheneos.org/ to update the time from the date header field."

"Network time can be disabled with the toggle at Settings System Date & time Use network-provided time."

Connectivity checks are enabled by default but can be disabled.

"Connectivity checks designed to mimic a web browser user agent are performed by using HTTP and HTTPS to fetch standard URLs generating an HTTP 204 status code."

"You can change the connectivity check URLs via the Settings Network & internet Advanced Internet connectivity check setting. At the moment, it can be toggled between the GrapheneOS servers (default), the standard Google servers used by billions of other Android devices or disabled."

Why these are enabled by default, i.e., opt-out instead of opt-in, is strange considering this OS is aimed at technical, security and privacy-conscious users. Users who would surely know what services they want and be capable of enabling them.


Yeah I agree, these settings should be disabled by default and require explicit opt-in. That said, I am impressed by how privacy/security-conscious the OS seems to be otherwise!


You can't really get rid of connectivity check, because it is a part of public API. Applications use it to check whether a network has internet access. Android itself uses it to detect captive portals and prompt user to authenticate when network requires authentication/payment via a web page.


I'm not suggesting they get rid of connectivity check. They already provide the option to disable it. All I'm suggesting is that it's not enabled until the user indicates they want it to be. This could be asked during a "first time" setup flow like most smartphones have.

Not an awful lot of stuff breaks if you just patch the api to always return true.

Network time is pretty important for things like HMACs.

Maybe, but couldn't they let me set my own server and not hit a predefined time server without asking me?

A couple thoughts:

* Usability: An OS without network connectivity checks and time sync might not be usable by non-geeks

* Obscurity: The threat from these pings is low. The threat of having a phone that behaves differently than "billions of other Android devices", indicating that it's GrapheneOS or some other security-oriented OS, is arguably higher.


Connectivity checks can't possibly be useful, because the network can go down after the check. Then what, the phone explodes?

I'm a little confused: GrapheneOS is the exception; almost every OS successfully implements connectivity checks. Also, the answer to the problem seems obvious: check again. Check every second or every 30 seconds, etc. It's just a ping.

Did you actually find any examples of GrapheneOS phoning home?

GrapheneOS doesn't rely on any third-parties I'm aware of. The only service provided is over-the-air security updates. It doesn't even come with an app store (although you can install F-Droid).

For that reason, GrapheneOS alone fits all three categories you mentioned: It is Android, it is GrapheneOS, and it is fully controllable / doesn't ship bloatware.


"The only service provided is over-the-air security updates."

Connectivity check / time servers

https://grapheneos.org/articles/grapheneos-servers#grapheneo...

Amongst others.


It is not controllable at all: It still enforces any app author's will against the user's. Root is not offered, and the grapheneos maintainer seems to be personally offended by the thought that root could be helpful.

>enforces any app author's will against the user's

I'm not sure what you mean by this. All apps run in a sandbox and you can deny permissions if you like.

>Root is not offered

Root access on Android is a security hole.


What I mean: I cannot see the app's files, I cannot edit them, I cannot backup the app locally, only by uploading data unencrypted to googles cloud. Adb backup was unreliable in the past, could be switched off by the app against my will, an is deprecated anyway. I cannot screenshot an app if the app doesn't want me to. I cannot block ads properly, only via some fake VPN app, but then I cannot use an actual VPN at the same time. I cannot firewall an app, except with a hack using another fake VPN app. I cannot disable an app into background. I cannot give a fake GPS to an app. I cannot have f-droid auto-update my apps. All of these things I should be able to do, but the anti-user "security" enforces this against me, actually hurting my security in order to make googles and shady app vendor's business models possible. And then they claim it's for my own good. A lot of the "root is bad mkay" is fueled by this more or less hidden agenda. That it helps to idiot-proof devices is a nice side effect only. Historical proof of this hypothesis is: When TCPA was first introduced it was explicitly made for DRM. People fought it a lot, so today they are introducing it disguised as security measure.

For your later linked examples, those can be changed.

But as for the microG/GApps question, GrapheneOS provides a sandbox for the actual GApps, so that almost everything can run properly, with very strong control over what is seen by Google.


My pinephone has multiboot to several different Linux and Android varieties.


How is Pinephone coming along toward this year's end?

I check in every now and then, but I need it to be where current Lineage/Graphene are. I don't need trivial software (games et al), but I need it to be automatic enough* that I don't have to spend an evening or weekend unbreaking things – and reliable all the same.

* barring basic things like package manager updates


And nowhere near the security of even stock Android, unfortunately. Every app is free to spy on everything else on the system, just like most desktops.

Librem 5 can also boot different operating systems.

As well as NetBSD, and probably others, eventually.


From GrapheneOS FAQ:

"Unlike AOSP or the stock OS on the supported devices, GrapheneOS stops making network time connections when using network time is disabled rather than just not setting the clock based on it."

"... rather than just not setting the clock based on it."

Wow, that is really sneaky and deceptive. The user thinks she has disabled the constant connections to the tech company time servers but in truth the connections persist.

The time checks are equally as annoying as the connectivity checks.


> however be aware that lots of malware infected builds have made it to xda dev in the past,

Can you point me to some? How were they caught? I knew this was a possibility, but I hadn't seen it actually happen before.


Back in the days I was maintaining the driver support for Cyanogen for the MSM7227 based models and I found some builds on xda dev that came preinstalled with some RATs.

I only found out by coincidence of another dev asking me to verify the build. The nature of how Android is built (with all its hundreds of repositories) isn't made for verifiable builds, so it's really hard to prove or audit.

From what I've found usually the builds with custom UIs or skins on top are infected with stuff either the person packaging it doesn't know about (benefit of the doubt) or do, but it comes out a year later when someone skeptical checks for it.

Verification is especially hard because everybody on xda dev is using some paid adfly links or some google storage or dropbox links that will change in intervals (depending on how much traffic they produce they'll get blocked quickly).

So yeah, I think the need for a hash based end to end verification tool is kind of there.

But honestly I have no idea how to build it because even the partition setup of old flash storage using devices is so messed up that there can be side effects when an apk is put in /emulated storage folders.

I think the only future proof way to do this is going mainline like the postmarketOS devs try to do. But until we're there I'm probably dead of old age already. I don't believe in the Android ecosystem anymore, because this is a governance coordination problem that's not easily fixable. Hosting all outdated kernels alone with all the custom drivers is way too much traffic for any open source project to pay for.


I can't recall the exact settings to push via ADB, but the Internet Connectivity Check is "easy" to fix. Create a server that's always up that responds with a 301 (or whatever the check expects), and push the address to the phone. Done.

It's a shame that Google's servers are the default, and I wish it were at least called out by Lineage. That said, I doubt they want to cover hosting costs of such a service (although I'd think they'd be fairly minimal).


This internet connection check actually caused problems for us when we started having users in China on android. Our code was checking for a connection before transmitting data and android thought the device was disconnected due to the great firewall. I think there’s just a hack around it for now that disabled the android connection check for those users.


For anyone trying to implement this, the HTTP status code that Android looks for is 204.

https://android.stackexchange.com/a/186995


I'd recommend libredns.gr, it's free and available for non-Android devices.

> You can add all google related domains to /system/etc/hosts if you have root/sudo access.

Root access is harder to get with each new Android release - Google don't like adblockers.


> Regarding the Connectivity Check

the last (stock) android phone i touched had an option to change the url used for the check. i was pleasently surprised - comments here suggest this is not "normal"?

> or use the official downloads

ime the meaning of the word "official" has been severely diluted esp. in the android community


One used to be able to change the captive portal url using adb [0], although I'm not sure that's still the case in current android builds.

[0] https://gist.github.com/tonyseek/bc5b72197ddb15418c614060617...


I can confirm this used to work, but I'm not sure if that's the case now. These were the instructions I used:

https://android.stackexchange.com/a/186995


you can disable captiveportal and block everything else with netguard

(check Netguard thread on xda)


Yep MicroG is the route I'm going on Pixel3a I just bought. You don't need to sign into any Google services to use them. For now I'm just using maps. I found a nice Reddit article on de-googling even more as well. If you install OpenGapps you might as well forget it-

https://www.reddit.com/r/fossdroid/comments/clg2ca/how_to_de...


My exact setup. Using Gaia for maps.

I'm using LineageOS with neither OpenGapps nor MicroG, and can confirm that Aurora works without. There are numerous apps available from Aurora that will not function, of course, and many other inconveniences of varying severity, but it's overall a good experience.


I am using Lineage without Gapps, and every app on my phone came from F-Droid.

I assume that my carrier sees location data on my device, but as I have learned to live within F-Droid on my daily driver, I assume that I am immune from this Google intrusion.

I do have an older stock phone that keeps my Google login for when I need access to Google services. If it is powered down for a month, I am assuming that I am free of Google for that month.

Google is a destructive force upon their customer base. Abandoning Google is always the correct action.


> I am using Lineage without Gapps, and every app on my phone came from F-Droid.

Did you transition or quit cold turkey? I switched to Lineage OS with micog. Actually, now that I look through what I installed via Aurora, I'm surprised how few apps there are. 3 required for work. I guess I could reduce that to one with some effort. A few financial / shopping apps that are nice to have vs using their website. Google maps (not sure the replacement to that is).


RE Google maps, /e/OS ships with this: https://www.magicearth.com/

I've found it to be more than good enough. There's also various OSM based apps:

https://wiki.openstreetmap.org/wiki/Comparison_of_Android_ap...


> Google maps (not sure the replacement to that is).

Try HERE WeGo: https://play.google.com/store/apps/details?id=com.here.app.m...

It’s not quite as polished as Google Maps, but I use it as my primary maps app and have mostly not been disappointed.


I used the MicroG respin of Lineage for perhaps a year, then on my next hardware upgrade I switched to naked Lineage.

I keep an iPhone 7 for corporate apps, but I'm on a Pixel 3a XL that hasn't talked to Google since I bought it.


> Google maps (not sure the replacement to that is).

OsmAnd~ is great :-)

https://f-droid.org/en/packages/net.osmand.plus


OsmAnd has been real hit or miss for me. It definitely has a lot more friction than Google Maps, and sometimes I'm not able to find a destination even with the full address. I want to use it, and I want to support the ecosystem, but damn if it doesn't make it difficult.

I agree. I'm trying to switch to OsmAnd from Here and even that is tough when it comes to finding an address on the map. You can find place names if they have been added to OpenStreetMap, which is mostly in big cities but that doesn't cover everything.

I uses a separate app called GPS Coordinates. I give it an address and it gives me lat/long which I paste into OSM. I'm sure there's gotta be a better way.


Thanks for the coordinates tip, I'll likely end up using that as a stopgap.

For the average end user however, this is a distinction without a difference. A Galaxy S21 you buy from the store has Google Play and will be sending info of 99.99% of users to Google


A Galaxy S21 comes without Lineage pre-installed.

> One can find custom LineageOS builds that include MicroG

Why bother? Just use Calyx.


Because it's not well supported on many devices


I use GraphineOS and LineageOS without Google Play Services. They are great and are suitable replacements for Apple and Google.

- Osmand(FOSS) for maps (supports being fully offline!)

- Signal and Discord for messaging (Discord is sandboxed)

- Newpipe(FOSS) for Youtube

- F-droid(FOSS) for my FOSS appstore

- APKmirror for the few non-free apps I need

- Libretorrent(FOSS) and VLC(FOSS) for watching movies

- Firefox(FOSS) and Vanadium(FOSS) for browser

- K9 Mail(FOSS) for email

- Infinity(FOSS) for Reddit

- Secur(FOSS) for 2FA

- Taskkeeper(FOSS) for reminders

Almost everything you need is in the F-droid FOSS app repository. It all works, and it works well. You can buy a used Pixel 3a for around $80 on Ebay and have a better experience in every category than iOS, hardware and software.

The only limitation is push notifications, which isn't a problem because FOSS apps like Signal bundle their own notification system that does not use Google Play Services. Discord however, does not get push notifications (which I wouldn't want anyway)


There's an app available on f-droid called Aurora Store that lets you download apks from the Play Store directly, avoiding the need for stuff like APKMirror (where you don't know where or what happens to the apk you're downloading). On desktop you can use the program Raccoon for the same.


Thanks for the suggestion!


> ...and have a better experience in every category than iOS, hardware and software.

Really? I tried GrapheneOS on a Pixel 4A, and without exaggerating or trying to come off sensationalist the experience was really tepid compared to iOS, and even "normal" Android. Stuttering and jerky UI (which often also wanted to take a brief nap), very poor GPU hardware acceleration support, notably worse battery life, loads of things that just didn't work well (or at all) without Gapps, and trying to get Play Services shoe-horned into GrapheneOS was still quite the bug-ridden hassle. Additionally, the Open Camera app produced rubbish results compared to Google's native Android camera app, which matters a lot to me.


I'm surprised to hear you say that. I've played the most demanding Android games on the Pixel 3a with no issues. I've never experienced anything but a butter smooth UI on Graphine or Lineage to be honest. The battery life has been all day for me even when using GBA emulators for multiple hours a day.

I agree the default camera app of Graphine isn't great, but it's picture quality better than the iPhone I came from (iPhone SE gen1)


Can you install GCam as apk from somewhere? Will it work? I use GCam on the default Android (8) on my Nexus 6P and it works well. I am thinking of upgrading to Pixel 2XL or 3A and install Lineage OS with GCam, so I believe it would be a much better experience than the default ROM on a Pixel. But I have no idea whether GCam would work in LOS.

I use this: https://github.com/lukaspieper/Gcam-Services-Provider to make the GCam app work

You should be able to get GCam via Aurora Store by setting the spoofing to a Pixel device, but newer versions of GCam check for something that cannot be spoofed with an app (issue #22 in above github) so you have to get a modded GCam app if you want to user newer versions and use an android rom that does not spoof this.


The mid-level processor on the Pixel 4a may just not be performing to your expectations. A phone with a high-end processor would perform better. For GrapheneOS, the fastest compatible phone available (used/refurbished) right now is the Pixel 4 (or Pixel 4 XL).

Also, if you are using a Pixel phone with a non-default flavor of Android, the Google Camera app still works if you download it manually. APKMirror is a trustworthy app source run by Android Police:

https://www.apkmirror.com/apk/google-inc/camera/

(For Pixel phones using an older Android version, you may have to use an older version of Google Camera if the current version does not work.)


Pixel 4 running graphene. I'm sure it's fine by android standards, but if you're used to iOS, it is unbearable.

Going back to iPhone as soon as I've got some free time to get everything set up again.

Unrelated, but I'm still very surprised there's no standard way of doing live photos on Android. They really do add a lot to the experience of reviewing old memories and Google has had at least 5 years to catch up.


Software patents are often used to stifle competition.

It performs worse than my 10 year old iPhone 4S. It really shouldn't have to.


On my Nexus 6P I use GCam v. 5.2.019.188906351 and it performs really great! It is quite slow with HDR+ (but usable), and almost on par with the default camera without HDR+ (still producing great camera quality). I am curious whether the experience is similar on a Pixel line, with Lineage OS (or any other custom ROM).

>very poor GPU hardware acceleration support

Pretty sure GrapheneOS doesn't do anything to change GPU h/w acceleration.


Pretty sure GrapheneOS didn't even engage with GPU HW acceleration. Everything felt like software framebuffer.

This in fact sounds quite exaggerated. I've had nothing like this experience with the Pixel 4a. Battery life has been exceptional, UI works fine, Play Services work with about 90% of the apps I tried. Google Camera worked also with Play Services so you don't have to use Open Camera.

I run GrapheneOS on a 4A with TMobile and the frequent reports of people trying to call me telling me my line is out of service and days where calls won't initiate from my phone at all makes me want to run back to my iPhone.

The tethering seems to be pretty flakey as well with me often having to reboot the phone.


I've been using GrapheneOS on a 4A with TMobile as my daily driver for over a year and have had none of these issues. Never had an out-of-service notice from someone calling me, never had a call not initiate, and tethering works great.

Maybe it's something to do with OpenGapps? I never installed it or microG, I'm perfectly happy with just Fdroid.


I'm running GrapheneOS on a 4a right now and it's smooth like butter - maybe you needed to wait for a few updates. The camera has improved a lot as well but is still not close to the stock google camera.

It seems like what you're looking for is CalixOS + microG.


Do banking applications work? I mean as in "I buy X online. It requires me to login to my bank application and press 'confirm'. I perform this sequence, and online purchase is completed. "?


I switched to /e/ rather recently, and it also just happen that I am in the process of switching banks, which means I currently have two banking apps on my phone.

Both are rather strict on having a clean, non rooted, non modified phone. Currently, they both work without any caveats, but I had to install magisk, add them to magisk hide, and use the magisk renaming feature to have them work.


I recently had a bank detect Magisk Hide. Since on principle, I don't think it's their business what I do with my phone, especially once added Magisk Hide, I went into my branch, told them just that and asked for everything in cash to move to a different bank. These are the same banks that only have SMS for 2FA and it's required.

I also ironically had to install Magisk on my previously unrooted LineageOS phone in order to convince a bank app my phone is not rooted.

Some will, however I have heard some of these apps have janky hooks into Android's trust system which will break them on non-google distros.

Personally I wouldn't suggest having banking apps on a phone.

You can always use the web browser if you absolutely must access those accounts.


Most banks in EU require phone app based confirmations for transfers and other operations (according to PDS2 directive).

Visa and Mastercard also introduced 3DSecrue system which piggybacks on the same system of confirmations. Vendors are incentivised to adopt it by lower rates.

In essence when paying with card or making a wire transfer (or using some instant transfer method, for example Blik in Poland), you get notification on you phone asking you to confirm operation, even if you initiate it from your account in the browser.

In essence Bank apps became 2FA devices. The only way to avoid it is to opt-out of the App 2FA and use paper one-time code pad. You regularly then get sent a list of codes by snail mail, which you have to type to confirm operations.


It depends per bank; mine discontinued the paper OTP pad as well as the SMS codes, and gave me a separate 2FA device when I didn't want to use their app. I don't think banks can force you to have a smartphone yet.


> I don't think banks can force you

They can and do. There are a number of banks where you have absolutely no choice.


you have a choice to not be their customer.

unless of course they are all equally bad :)

Does nobody in the EU do computers ? How do they pass asinine laws like this ? I mean, from the outside, it always appears as though the EU is much better than the US when it comes to consumer rights, but it always feels like they don't have a very good grip on technology.


Where I live, the authentication systems implemented by banks are also used for verifying user identity to various other services, including governmental ones.

Basically, there's a common (government-backed) user identification system which hooks up to interfaces that banks provide. When you're logging in to an online service that requires strict identification of the user (such as ones that would require an official id document if done in person), you first pick the bank you're using, and the service forwards you to the bank's website. Once you log in with your bank credentials, the original requesting website gets informed that you've provided valid login information, and the identity that the login matches with.

I don't know the exact technical details of how that works, but essentially the bank also acts as a user identification service for various official and governmental online services. It's treated as similar to proving your identity with a document, or to signing a document with your signature.

I don't know if this is a common thing in other European countries, but if it is, that might be a reason why the EU has an interest in enforcing 2FA.

You're not strictly required to use a smartphone, as at least my bank has other means of 2FA that satisfy the regulatory requirements, but they are more cumbersome.


> Where I live

Do you live in Denmark perchance?

> I don't know if this is a common thing in other European countries

There is a similar system implemented in Poland and works very well.


I don't think this was driven by law, but by an appropriate wish to increase transaction security (you really shouldn't use SMS for this anymore).

There are some rules here that are nonsense, such as know-your-customer laws that force me to enter my home address even when the product or service (say, a concert or train ticket) is delivered to me entirely electronically.

Most of the move to purely electronic payment is driven by the market and the large banks; e.g. in the Netherlands we actually never had laws that force shops to accept cash as payment.


I agree that you shouldn't use SMS. My point was that unless the law (if there is one), requires that 2FA be enabled in an accessible way, the banks will do their own thing with the phone push notification system. The 2FA situation is quite bad in the US too, but a small no. of banks do offer TOTP.

This whole situation caused me to throw up my hands in Thailand and now I pay for most everything in cash since it's still a cash-friendly nation.

It's hard to explain but Poland got hooked on mobile payments/banking, the adoption is very high and one of the major players is home grown.


Btw, I live in Poland, and I use my banking app for internet payments and NFC payments using Pixel with CalyxOS.

So it's possible to do that with some of the banking apps.


> separate 2FA device

FYI in New Zealand a few banks can provide a device (e.g. RSA SecurID) for proper non-bank 2 factor auth with consumer accounts. However some major banks only use phones for 2FA (app or SMS).

The norms seem to vary considerably depending on country.


Which banks provide a device?

I have had SecurID tokens for ASB and SBS accounts. I have been told Westpac does not provide secure 2FA. I am not sure about other banks.

Didn't know this was driven by PDS2. As much as I appreciate the convenience, I still find the whole drive fucking annoying - especially that, with all the talk about data portability, I still can't get a simple API endpoint I could point a script at to fetch me my account's balance.

Yes, I'm bitter. If there's ever a bank that puts end-user automation first, I'll switch in a second.


From all the banks I've tried over the years I always check for this feature, sometimes asked and never got what I wanted. "No the API is only available for our 100k a month or more users" is the closest I got.

However when I really wanted a solution i build a small service that receives the confirmation SMS most banks offers and pushes my balance in a small API.


If you are in the UK, Starling offers a relatively simple API.

My bank uses SMS. It's simple and platform agnostic: even a Nokia 3310 is compatible x)


also not very safe. Attacker can duplicate your sim. This way he can call the bank and use the mobile numer as to restore bank account details. At least in Poland


The number one reason to use a banking app on your phone is to deposit a paper check by taking a photo of it. I am not aware of a bank that lets you do that from a webpage.

Vanguard works on my completely google-free phone, although I had to change the OS language to English because w/ Android set to French their app would force the use of commas as the cents separator, then complain that commas are not a valid character. Another fun thing was it uses its own internal camera app, which would focus the preview, then completely ignore the focus setting and take a blurry photo of the check. Eventually I figured out the camera's default focus length and take the photo from that distance.


I will try to do so with web account, however I doubt it will work..


What kind of purchase/checkout system works like this? I have never seen one, but if I had, I would not complete the transaction.


Most in EU do this or will do - it’s part of EU bank regulation (PSD2). SMS isn’t considered safe anymore and debit/credit card payments are confirmed through banking apps (you get a push and confirm).


Wait, but smartphones are less safe than SMS. The attack surface of SMS is your surrounding, the attack surface of a smartphone is entire world, and virus infections happen much more regularly than sim copies.

That's not the issue though. I can log in to my cell account and see the content of every sms i send and receive. an app establishes an encrypted connection between your phone and the bank. sms is open to the public.

in addition, you don't need to copy a sim. you can copy a cell tower. which the authorities do all the time, without any warrants, and capture data en-masse. The fake cell tower fits in a backpack.

But it's not just the cops capturing your cell data. It's anyone, they've been doing it for over a decade, and it's cheap and easily accessible.

https://www.vice.com/en/article/vv7zn9/surprise-scans-sugges...


Online purchases with UK bank accounts often require this. Some banks use an OAuth-style redirect instead. I think the merchants get lower rates if they enable this feature (called "3D secure") because it lowers the risk of fraud.

It's basically 2FA for online transactions, which seems very sensible to me.


Reading the comment I was confused as well - it sounds as if the user provides his banking login to the merchant as part of the checkout process. However they mean that the transaction has to be approved via banking app, not unlike a 2FA authenticator app.

amazon paysend many others do too. bank is Boursorama


Is this something more popular outside of the US where credit/debit cards are not as ubiquitous?


I think it's called 3D-Secure for debit/credit cards. In Ukraine for example it is pretty much a normal path for online payments. Also our "credit" cards aren't the same your "credit" cards. Ours are basically the same as debit cards but with added overdraft amount and different service fees. They are created by the same banks as debit cards, not by a separate corporations.


It usually happens when someone pays with a credit or debit card. If the confirmation is not given in the app within a certain time limit, the bank rejects the card transaction.

Edit: to clarify, my comment is about the UK, and it does not happen with most card transactions; "usually" here refers instead to card transactions being the usual trigger (in my experience) for this app-based authentication flow.


"Usually" is a bit of sticky word here. Your usual is not my usual, hence my questioning of it. My experience is US centric, so I'm assuming non-US but non-US is a really big place.


Maybe. I never owned a credit card, however I also basically didn't use cash for years, only debit card


I've had a US debit card where 3D secure was triggered.


On /e/OS with microG, I successfully use the apps for Starling Bank and Hargreaves Lansdowne. Nationwide and Nivo also both work. (these are all UK services, not sure how far they are known elsewhere)

I just use the website


> I mean as in "I buy X online. It requires me to login to my bank application and press 'confirm'. I perform this sequence, and online purchase is completed. "

Huh? This is not a real thing.


It is real and absolutely routine.

Bog standard in Germany

Thanks for the list!

> You can buy a used Pixel 3a for around $80 on Ebay

It's worth noting that GrapheneOS recommend Pixel 4a or newer for best support: https://grapheneos.org/faq#recommended-devices


I use the exact same setup, works like a charm. I can definitely recommend it for anyone concerned with the privacy issues of current mobile OSes. Furthermore, it never feels limited after getting used to this suit of apps, which may take up to a week at most.


I prefer FairEmail (FOSS) over K9 Mail because it's more modern.

I also recommend CutTheCord as a Discord client. It's not FOSS because it's based on the official client but it's privacy oriented.

https://gitdab.com/distok/cutthecord


Could you elaborate on what you mean by "Discord is sandboxed"? Are you using an app to sandbox it?


Could be using [Shelter](https://github.com/PeterCxy/Shelter) to isolate apps. I don't know how effective it really is.


Insular is another app that activates the Android work profile: https://secure-system.gitlab.io/Insular/

Both Shelter and Insular are effective for isolating your files, contacts, and phone logs in each profile. If you are using a VPN, it is limited to the profile that the VPN app is installed on, and you need to install and run it again on the other profile to cover the apps in that profile.


Same here. I can also recommend :

- Organic Maps which is cleaner than Osmand

- KeepassDX for password management

- AntennaPod for podcasts

- I have a Tutanota email address. Their app is fully open source, downloadable on FDroid's main repos.


Organic maps isn't there yet IMO. OSMand is huge, but it's the only app to match Google Maps features.

I can also recommend BRouter (with OSMand) for bike navigation. It's ugly and hacky, but once it works, bike navigation is much, much better than Gmaps'. E.g. it's not sending you down cobblestone roads all the time.


OSMAnd is visually difficult to parse (especially at a glance) and fairly complicated to use. It is not a good map app.

Fun, I guess this is just a question of habit. Nowadays I use OSMAnd mostly, and when I have to use Google's Maps (OSMAnd's search isn't great, and public transportation isn't there), I'm lost, and the app never shows the information I want.

It's happened to me a lot of times with Google's Maps (with regard to how frequent I use Google's Maps) that I'm looking for something, I KNOW it's there, I'm searching for it (like "groceries" for a grocery store), and the only way Google's Maps would ever show it to me is by zooming it until the ONLY thing on screen is building, and then it does display it.


I had the same feeling. I now use Organic Maps which I find much better.

You mentioned Signal and Discord for "messaging". Can you or someone else confirm that video calls work with GrapheneOS or LineageOS. I am getting ready to try these but I am still not sure video calling works. When reading about them I cannot find much discussion of this particular application.


I can confirm that video calls work in Signal on Android flavors that don't use Google Play Services, including both GrapheneOS and LineageOS.


Thank you. Much appreciated. :)

(Perhaps WhatsApp might work as well, since, IME, it can be sideloaded and will work without a functional Google Play Services.)


Signal is specifically designed to work without Google Play Services, so expect a 1:1 experience when using it with these privacy conscious distros.

I'm confident Whatsapp will work, but I have not tried. Push notifications will not work without Google Play Services.


According to Plexus, WhatsApp works perfectly on Android without Google Play Services, whether or not you have microG installed.[1] I think they implement their own push notification system if you download directly from them,[2] though I haven't confirmed this.

Discord works perfectly with microG, and has a 3/4 rating without it since notifications will only work if you have microG.

[1] https://plexus.techlore.tech/applications/whats-app

[2] https://www.whatsapp.com/android/

[3] https://plexus.techlore.tech/applications/discord


IME, the notifications do work. I downloaded .apk directly from WhatsApp.


> expect a 1:1 experience

Push notifications are bad and it drains significantly more battery.


What do you use for photo management?


The default Gallery app is functional, and there are other FOSS options such as LeafPic and Simple Gallery.

- LeafPic Revived: https://f-droid.org/en/packages/com.alienpants.leafpicrevive...

- Simple Gallery Pro: https://f-droid.org/en/packages/com.simplemobiletools.galler...

If you are looking for a hosted service to back up your photos, Stingle is an end-to-end encrypted photo hosting service. Alternatively, you can use Nextcloud to self-host. Both are FOSS on the client side, and Nextcloud is also FOSS on the server side.

- Stingle: https://stingle.org

- Les Pas gallery app for Nextcloud: https://github.com/scubajeff/lespas


I just reinstalled my FP2 with LineageOS and microG after reading your post.


I've tried Osmand and found it way too slow/janky for everyday use (since it has to render the tiles locally and doesn't seem to pre-render for scrolling).

Newpipe loads videos much slower than the official app and occasionally fails completely (likely because YouTube changed something).

F-droid (regular, non-root install) shows me notifications to update apps, then when I tap them, I get a "there was a problem parsing the package" - this is a bug that has remained unfixed for over 5 years (https://gitlab.com/fdroid/fdroidclient/-/issues/669).

It's not impossible to use a FOSS phone, but it's truly painful.


If you don't like Newpipe you can use Youtube Vanced which is basically a pwned version of the native Youtube app. I've had some stutters with Newpipe but overall I like it.

Osmand really isn't bad, sure it's a little bit slower to render but we're talking maybe 500-1000ms on a Pixel 3a.

Regarding F-Droid you're right it is quite buggy, but thankfully once you've got the apps you want you don't really need to use it except to update.


Skytube is also a good YT client available on F-Droid

As mentioned elsewhere, Organic Maps provides a much smoother OSM experience (fork of older maps.me version)

If you wanted to install something like WhatsApp or Lyft would it work?


Yes they will work, however to get notifications when the apps are closed you would need to have to some form of Google Play Services. I suggest MicroG if you are intending to do this since it seems to be the least invasive.

In my personal case though, I would still not use MicroG, and would just leave the app open until I am done using it. This is easier on Android because apps are not suspended in the same manner iOS apps are.


What about when the phone locks? My phone is set to autolock after 1 minute. Leaving an app open just to receive notifications seems like a waste of battery.


If your phone is locked you will most likely not get the notifications, it just depends on the app. I do agree it can waste battery.

It's important to remember this is only a concern on non-free apps. The FOSS apps have very low power background services that check for notifications without the app running.


I use /e/os. It is based on LineageOS, is completely de-googled and has MicroG integrated. MicroG means push notifications with apps like WhatsApp will work. https://e.foundation/


Almost all of these just need a browser, without any apps. I personally don't need any notifications, but I'm retired so it's easier.

Android takes snapshots (screenshots) of apps as soon as you switch to another app. When you view the app list, it already has the last view of each app.

But the Xiaomi/MIUI Android sends over those screenshots back to the company is new information.


I had a Pixel. That it took a screenshot when I switched apps makes sense. It allows the task switcher to open immediately and show the most recent state of all my apps. A screenshot of some sort is mandatory for the OCR functionality that allowed me to select text from these tiles in the task switcher (super handy!).

I’m now on iOS 15 on an iPhone 12 Pro Max. I think I’ve seen movement on the tiles in its task switcher, so I’m not clear if it takes screenshots. But the fact that the task switcher opens with no delay suggests that screenshots might be used?

I’m only defending taking screenshots. Transmitting them to other parties is problematic.


> I think I’ve seen movement on the tiles in its task switcher, so I’m not clear if it takes screenshots.

In my experience, it seems like only the app you were in when you brought up the task switcher continues to update the screen. If you go somewhere else, like just back to the home screen, it goes static like all the rest.


This is correct. iOS snapshots the app as soon as it's moved into the background, and that snapshot is what you see. When you bring up the switcher, the foreground app isn't backgrounded yet — that only happens if you go to the home screen or actually switch apps.


If the app is using the Background App Refresh entitlements [1] (Background fetch / background processing) then it is possible for iOS to update the screenshot for the app switcher periodically even when the app is in the background

Messages does this, as you will notice that an active conversation tends to be up-to-date in the app switcher

[1] https://developer.apple.com/documentation/uikit/app_and_envi...


As I understand it, each iOS application is sort of like its own 3D plane within a larger environment, hence why the launcher shows up without any lag.

I hope someone can do the work of pasting the original Aqua framework overview that’s probably still hiding somewhere on the Apple website. The manner in which the combination of OpenGL (Metal?) and PDF work to render UI and elements on OS X and iOS is really quite remarkable. I think even now, 20 years later, there isn’t anything comparable being done by Android/Linux or Windows. I would love to be proven wrong, however (I haven’t followed this closely for the past few years).


Yeah the iOS multitasking view tracks all the way back to windows in OS X 10.5 Exposé being actual windows instead of snapshots, and the parlor trick of QuickTime player windows continuing to play video when minimized to the dock all the way back in 10.0 (and perhaps the 10.0 public beta, I forget). It’s the kind of thing that family of operating systems has handled well for a long time.


Compiz and all subsequent compositing managers do the same thing for Linux (each app has its own surface in the GPU and can be composited in 3D), and I believe the compositing in Windows Vista and later is similar.



This is close. There was something that introduced Aqua to the world and played up the combo of PDF and OpenGL... Probably also explained in some WWDC 2001-ish video.

How have you found the transition to iOS? For me, the task switcher OCR feature is absolutely killer, one of the main things still keeping me on Android. Does iOS have anything similar?


I find the Pixel experience to be superior. But I took each of the areas where Pixel is better, item by item, and scored their value, and came out with a score recommending I keep the iPhone: https://www.arencambre.com/iphones-are-inferior-to-android-p...

Context: I made that right after I got an iPhone 12 Pro Max. It was running iOS 14. iOS 15 may bias the score towards Apple even more with the current phone, and iPhone 13 biases it a bit more.

I still like Android better.


iOS 15 now OCRs text across the OS, including screenshots. So you can take a screenshot and get OCR'd text from there.


That's more of a process than simply selecting text on the task manager tile.


I guess. You have to hit the screenshot combo and then tap the screenshot, versus hitting the app-switcher button. Are you doing this often enough for that 1 extra step to be a big deal?


I’m increasingly finding great value in reducing complexity of simple tasks. I thought the push button rear door closer on my minivan was silly, but it came with it, so (shrug). I’ve grown to like it!

Reducing from a few steps plus a major context switch to just one step is valuable.


Where’s the context switch?


For me, yeah this would be a much different experience. I use this feature all the time, to select anything from the title of a song on Spotify to a phone number embedded in an image on the web.


In the latter case, you could just select the text in the image directly. How often do you use this feature per day?


from what i gathered, this is only available on the newer phones thou

> Android takes snapshots (screenshots) of apps as soon as you switch to another app.

For the interested, here's info on where those are stored: https://android.stackexchange.com/questions/172913/where-doe...


> But the Xiaomi/MIUI Android sends over those screenshots back to the company is new information.

i looked in the paper but could not corroborate this


The article doesn't mention screenshots at all.


> System apps on several handsets upload details of user interactions with the apps on the handset (what apps are used and when, what app screens are viewed, when and for how long).

I am too far away from Android development to make any claim about what "app screens" are. Is that android-lingo? Could someone please clarify?


Sounds like an attempt at phrasing for the general public.

Android apps have zero or more activities, each of which may be thought of as a single screen and a single Intent, which is a bit like a URL (and sometimes very much like a URL). A messenger or email app will typically have a main activity, an activity to view a single message, an activity to view a conversation with someone, perhaps an activity to view a single attached image, probably an activity to view and edit the application's settings, and so on.

What is sent is perhaps the app's name and a class name within the app for each activity that's started.


Exactly right. And you don't have to be a system app to access this information. Any app with sufficient permissions granted explicitly by a user can access these data (no root needed), and it may have legitimate reasons for doing it.


It sounds a lot like the screen events Firebase reports (a library by Google for analytics, among other things)

It allows you to know which screens a user views, but not the data on the screen. A pseudo-example would be like "User opened LoginScreen/LoginActivity at yyyy-mm-dd and stayed on that screen for X seconds"

Not an actual screenshot of said screen


Last I checked the default keyboard samsung installs on their phones was collecting what you typed and sharing/selling that data with third parties. I try not to store or access any personal information on my cell phones when i can avoid it, but at a certain point, just having one is enough to seriously compromise your privacy. Strong regulation with real sharp teeth is the only thing that can fix this situation.


https://play.google.com/store/apps/details?id=org.dslul.open...

OpenBoard is a 100% foss keyboard based on AOSP, with no dependency on Google binaries, that respects your privacy.


Thanks for this, just installed it and when I click to enable in my settings, I get an Attention message:

"OpenBoard may be able to collect all the text you type, including personal data such as passwords and credit card numbers"

This appears to be from Samsung, trying to deter users from using keyboards other than their own.


That's a generic warning that shows up on all flavors of Android, including AOSP and LineageOS, when you enable any new input method.


I'm glad they let people know it's possible, a keyboard isn't something you should install without some careful consideration because they can be used as keyloggers. I just wish they'd been as clear about that with the keyboard already installed on the phones when they ship. Anyone seeing that warning might easily think it's safer not to replace their stock keyboard even though it's already doing the very thing they fear a new keyboard might do.


> a keyboard isn't something you should install without some careful consideration because they can be used as keyloggers

To be frank, Android should not allow input methods access to internet/filesystem in the first place. But that would have hindered Google's own keylogger, so...


I use Google Pinyin Input. (Which seems to have been deprioritized or something, but still...)

The general shape of input methods that let you produce 汉字 is that you provide some type of input that hints at the character(s) you want, the input method displays a menu of options that match your input, and you select the correct option from the menu. For example, if I'm using pinyin entry and I type `shi`, I can choose from 是, 时, 事, 使, 试, 世, 市, 十, 式, 师, 石, 室, ......, which are all pronounced shi. (And heck, those are just the top 12 suggestions. They mean things like "ten", "be", or "stone". The `shi`s go on for several pages.)

You can enter more than one character at once. If I type `bhys`, I'll see the suggestion 不好意思 ("sorry").

The presented options are chosen based on what the input method predicts I'm most likely to want. They are context-sensitive -- the order of suggestions will change depending on what I typed just beforehand -- and the likelihoods and the phrases are collected from what people elsewhere in the world type. Suggestions can be quite current! Without an internet connection, this would be a much worse experience; the predictions would be wrong or useless much, much more often.


It wouldn't be as bad as you might think without prediction - back in the days with "dumb" input method, the word choices would be listed by frequency of use, and you'd remember which choice the word you want would be.

So you'd type shi and click the first choice for 是, second choice for 时, etc without even needing to read the options since they'll always be in that slot. If there's a word you use frequently but is listed late in the list you can change that in the settings file. Same for shortcuts like bhys and you can always add your own shortcut.

The Chinese keyboard I use does not have internet access and only does prediction based on set phrases - eg if you type 时 it'd offer 間, 代, 事, 空 etc; if you type tmd it'd give you you-know-what, and I prefer it over the Google keyboard since my muscle memory can do most of the work instead of my eyes.


Once I realized what samsung was doing I switched to AnySoftKeyboard and I'm pretty happy with it. It's got a lot of options.

https://f-droid.org/en/packages/com.menny.android.anysoftkey...


One may replace the keyboard, but the underlying "input method" framework is still under OEM's (in this case, Samsung's) control: That is (afaik), they could key-log just fine regardless of whatever keyboard one may install / use.


I've tried both anysoftkeyboard and openboard, and liked openboard layout better but wanted swiftkey like support from anysoftkeyboard. Looking at reddit fossdroid I discovered the one fitted me better as a closer to openboard with swiftkey support : FlorisBoard


FlorisBoard is really nice. Among all of the FOSS Android keyboards, I've found the gesture typing on FlorisBoard to be the most accurate.

https://github.com/florisboard/florisboard


Thanks, I'll check that out.

I've been using Swiftkey since before Microsoft bought it, and really enjoying it.

I know I shouldn't be surprised but I feel really betrayed that they use it to track app usage and link it to IMEI and the Google advertising id.


I was also a long-time fan of Swiftkey, and switched to OpenBoard a few months ago. The main differences are lack of swipe input which I miss dearly, and slightly less intuitive correction. I think since switching I've put a little more effort into being more accurate which has helped.


FlorisBoard is another open source keyboard project that has experimental support for gesture/swipe typing. It requires a bit more accuracy than spyware keyboards but might be worth a try.

https://f-droid.org/en/packages/dev.patrickgold.florisboard/


Alternatively, you can just disable internet access to any of the keyboards via 'Settings' > 'Apps and notifications'.

Looked promising until I noticed that Japanese isn't an option (despite practically every other language being listed).


There are lines in the sand, and a default key logger sending data to undisclosed third parties should be a pretty easy one everyone can agree on.


This isn't the sort of news that wins on people's Facebook or Instagram feeds.


Hi! I have a Samsung and I looked around online and couldn't find any real info on this topic. I don't doubt it's quite possible, but where is your source from? It's been hard for me to confirm. A good point, though, I'll look at the open source options....


Samsung's own privacy policy and those of the 3rd parties they use. It's been over a year and checking now some things have already changed, but if you click on the gear icon from within the keyboard you can select "about sumsung keyboard" which should give you a list of policies including gify and tenor (both used for gifs I guess) but i didn't even check those. The one you want is the legal info which tells you that in addition to samsung's privacy policy (which outright says it's collecting and selling everything it can get their hands on (see https://www.computerworld.com/article/3514999/samsung-sellin...) you also have to accept the policy of a 3rd party called Nuance which they use for "language data".

The wall of legal text there eventually links to their privacy privacy which opens in the browser. They collect and store things like "your choice of words, speech and writing patters, how you use your keyboard, custom words you add, the number of charters you type, your typing speed, etc. and they share (read sell) that data to affiliates, subsidiaries, vendors, subcontractors, etc (pretty much anyone they feel like). They specifically state they use this data to draw inferences reflecting your characteristics, behavior, abilities, preferences and aptitudes all of which they can sell to anyone at any time without even telling you about it because what they learn about you by going over all your data is their data and they don't have to tell you anything at all about what they do with their data.


This is super brilliant thank you. I have never personally done that much searching through the EULA / Privacy Policy. I'll take a deep dive and look for alternatives.

Samsung could really make some advances on Apple by just being more clear on these aspects of their data collection. Even if they just said "We want to collect your data, but it's YOUR data, so we will always ask for your permission, and in case you are wondering what we collect, you can find it all here..."


They specifically ask you when something like that is being used.

And I don't think giffy or others are receiving your emails. This is probably just usage stats, but someone needs to check that.

Windows 10 start menu on the other hand send every keystroke to bing. You cannot turn it off either


But this is all speculation no? The privacy policy is concrete...

> Last I checked the default keyboard samsung installs on their phones was collecting what you typed and sharing/selling that data with third parties.

How did you check? Do you have a source/link?


as stated elsewhere:

Samsung's own privacy policy and those of the 3rd parties they use. It's been over a year and checking now some things have already changed, but if you click on the gear icon from within the keyboard you can select "about sumsung keyboard" which should give you a list of policies including gify and tenor (both used for gifs I guess) but i didn't even check those. The one you want is the legal info which tells you that in addition to samsung's privacy policy (which outright says it's collecting and selling everything it can get their hands on (see https://www.computerworld.com/article/3514999/samsung-sellin...) you also have to accept the policy of a 3rd party called Nuance which they use for "language data".

The wall of legal text there eventually links to their privacy privacy which opens in the browser. They collect and store things like "your choice of words, speech and writing patters, how you use your keyboard, custom words you add, the number of charters you type, your typing speed, etc. and they share (read sell) that data to affiliates, subsidiaries, vendors, subcontractors, etc (pretty much anyone they feel like). They specifically state they use this data to draw inferences reflecting your characteristics, behavior, abilities, preferences and aptitudes all of which they can sell to anyone at any time without even telling you about it because what they learn about you by going over all your data is their data and they don't have to tell you anything at all about what they do with their data.


Strong regulation by whom? The organization that brought us the CIA, NSA, FBI, and the rest of the alphabet soup of “security” bureaucracies that spy on us arbitrarily?

Strong regulation could easily worsen the problem, as it can lead to a ratcheting up of the regulatory burden until only mega corps like Apple and Google could afford to make phones, and upstarts like Purism and Pinephone get squeezed out.

How about before getting so gung ho with pointing the government gun at everyone’s head, we consider the option of rolling back the unjust regulations that already exist which give the mega corps undue government privilege (patents are a good place to start), and encouraging (by voting with our wallets) organic alternatives to emerge, like they already are doing.


> The organization that brought us the CIA, NSA, FBI, and the rest of the alphabet soup of “security” bureaucracies that spy on us arbitrarily?

Which origination do you think that is? you think they all came from the same place? Every one of these agencies came into existence under very different circumstances at different times and they fall under different branches and operate in different areas. Do you mean "government" in general?

Yes, it's a horrible thing that these agencies are being used to spy on all American citizens in violation of our freedoms, but that fact doesn't mean that we shouldn't allow any government agency anywhere enforce regulations. How that does that make any sense at all? You could say the same for literally anything. "Who should regulate the amount of lead in our drinking water? The organization that brought us the CIA, NSA, FBI, and the rest of the alphabet soup of “security” bureaucracies that spy on us arbitrarily?"

> Strong regulation could easily worsen the problem, as it can lead to a ratcheting up of the regulatory burden until only mega corps like Apple and Google could afford to make phones, and upstarts like Purism and Pinephone get squeezed out.

It literally couldn't worsen the problem of our privacy being violated and used against us by cell phone companies. If it's illegal for Google to do it, and we had regular independent verification that they were not violating those laws, than it wouldn't matter if the only cell phones that existed on the whole of Earth were made by Google. Google still wouldn't be doing the bad thing we're trying to stop.

Yes, I'd prefer to have more choices but there's zero requirement that regulations make it prohibitively expensive for any company even an upstart. In fact, because this would be regulation against collecting, securing, maintaining, analyzing, marketing, and selling our personal data it'd actually save companies tons of money since they'd no longer be dong any of those things. Established companies who are currently exploiting consumers won't get to profit off of them as they are currently, but they will still save a lot of time and money not exploiting the public.

> How about before getting so gung ho with pointing the government gun at everyone’s head, we consider the option of rolling back the unjust regulations that already exist which give the mega corps undue government privilege (patents are a good place to start)

This isn't an either/or type of thing. There's a lot of great and important things we should be doing. This is one of them. Let's do them all.

> and encouraging (by voting with our wallets) organic alternatives to emerge, like they already are doing.

If "the market" were going to solve this problem, if it were capable of solving this problem, it would have been solved already. It's not. Until strong regulations are in place there will continue to be a very very strong perverse incentive to not solve this problem. We're coming up on 50 years of mobile phone technology and at present there are no comparable options for cell phones and mobile networks that preserve privacy. None. It's not regulations forcing Google and Apple to collect our personal data. They are choosing to do it. They could stop tomorrow if they wanted to. They don't want to. They won't stop until they are forced to stop.


I use GraphineOS and LineageOS without Google Play Services. They are great and are suitable replacements for Apple and Google.

- Osmand(FOSS) for maps (supports being fully offline!)

- Signal and Discord for messaging (Discord is sandboxed)

- Newpipe(FOSS) for Youtube

- F-droid(FOSS) for my FOSS appstore

- APKmirror for the few non-free apps I need

- Libretorrent(FOSS) and VLC(FOSS) for watching movies

- Firefox(FOSS) and Vanadium(FOSS) for browser

- K9 Mail(FOSS) for email

- Infinity(FOSS) for Reddit

- Secur(FOSS) for 2FA

- Taskkeeper(FOSS) for reminders

Almost everything you need is in the F-droid FOSS app repository. It all works, and it works well. You can buy a used Pixel 3a for around $80 on Ebay and have a better experience in every category than iOS, hardware and software.


Consider Fennec instead of Firefox -- I just switched yesterday, and I think the only difference is that Fennec is usually a couple of versions behind because it removes some Mozilla crapware.


Nowadays, Fennec F-Droid is usually on the same version as the release channel of Firefox, or at most a version behind for a week or so.

https://f-droid.org/en/packages/org.mozilla.fennec_fdroid/

Fennec also lets you install any add-on from addons.mozilla.org through a tedious process,* which is still an improvement over Firefox release/beta on Android. The only channel of Firefox that supports this process on Android is the nightly channel.

* https://blog.mozilla.org/addons/2020/09/29/expanded-extensio...


What about Firefox Focus? It's private by default and VERY unbloated. The ephemeral nature of sessions also forces me to not leave a hundred tabs open.


Does it support extensions? I can't go anywhere without uBlock Origin :D


There's a workaround to support pretty much any FF extension at this point -- but you have to create a "collection" with your firefox account and then point your Android FF install at that collection. Not too hard, but a little bit of a PITA. If you're like me and maintain the same couple dozen extensions on every FF install, though, it actually works pretty well.


FWIW, Mozilla has worked with devs of some popular extensions to get them working on "new" mobile FF, including uBo.


It does


FairEmail is also a nice open-source, privacy-focused email client available on F-droid.

https://f-droid.org/en/packages/eu.faircode.email/


FairEmail is really great, almost as fully featured as Thunderbird with the best support for multiple accounts/identities that I've seen on Android so far. The developer asks for a small donation to unlock a few advanced features,* which I recommend doing.

* https://email.faircode.eu/donate/


What do you use as Dialer/SMS/Contact app?

I tried to switch myself from iPhone and almost everything was OK but these were the worst to get right... I ended up using suite from Tibor Kaputa (Simple Dialer etc) but I ran into some rather annoying issues.

Also, do you use phone recoding? This was actually my breaking point, because i have an iPhone w/ jailbreak that enables me to record phone conversations (for my use only, not trying to get into the legal discussion). I did not find anything for GrapheneOS (or Android in general) - just some info that I need to root my phone to get this working and with that I just reverted to my jailbroken iPhone.


The only functional FOSS call recording app for Android that I'm aware of is the Call Recorder app on F-Droid:

- Call Recorder: https://f-droid.org/en/packages/com.github.axet.callrecorder...

To use this app, you'll need to root your phone using Magisk[1] and the install the Magisk module for Axet's Call Recorder.[2] Then, upgrade the Call Recorder app to the latest version in F-Droid. Note: do not enable "System Mixer Incall Recording" in Call Recorder, since it is not needed and may cause issues with recording.

[1] https://github.com/topjohnwu/Magisk

[2] https://github.com/Magisk-Modules-Repo/callrecorder-axet

The default dialer and contact apps are both FOSS and functional, so I never felt the need to replace them. Signal can take over as the default SMS/MMS app, and there are alternatives with more features such as QKSMS:

- QKSMS: https://f-droid.org/en/packages/com.moez.QKSMS/


LineageOS's default phone app supports call recording out of the box. I'm using LineageOS 18. I don't know if this is true for earlier versions.

Just bought a pixel to test lineageOS out. Worth mentioning that if you want less Google and still want to use normal Android services in the OS you need to install the MicroG lineageOS ROM. Otherwise, you're still sending Google a lot of info through Gapps or MindTheGapps.

Graphene or lineage without any of those is also an option but you'll be missing a lot of the normal everyday apps you use. IMO if you're going that far though you might as well just go back to a flip phone.


I don't agree regarding your flip phone comment, that's silly. I don't use any form of Google Play Services (No OpenGapps or MicroG even) and my phone works completely fine.

The only thing that doesn't work is push notifications, which isn't a problem because FOSS apps like Signal bundle their own notification system that does not use Google Play Services. Discord however, does not get push notifications (which I wouldn't want anyway)


Regardless of what software you put on the phone it is a tracking device. It has gps, audio, cameras, and web browsers that are all vulnerable to being hacked or used for tracking. I signed into gmail via the Bromite browser on my Pixe3a. I immediately received an email from google about my new Pixel device. They now know what device I use, what browser etc.

I don't care how locked down and FOSS you make your smart phone it's not going to be as secure as a dumb phone. There's a reason criminals don't use smart phones.


If you think Google is adversarial then don't use Gmail; It seems strange to avoid using their 'apps' but continuing to use their products? I think you just handed them that information when you logged into their website.


>I think you just handed them that information when you logged into their website.

Obviously and that's my point. You are not going to avoid Google if you use the web. The best you can do is limit exposure.

>Google is adversarial then don't use Gmail

This is ignorant and unhelpful. Do you think I just decided not to consider that option? I don't have an option. I have to use it for work. This is the problem with the "don't use it" crowd. Most people are not going to get away from the major email provider options. The best I can do is sign in via browser or a 3rd party app.


> Obviously and that's my point. You are not going to avoid Google if you use the web. The best you can do is limit exposure.

That couldn't have been your point. It's very easy to avoid having a gmail account.

> This is ignorant and unhelpful.

People here don't know you personally, or your needs. Most people don't need gmail for work. If your job requires you to use google products, it's going to be difficult for you to avoid google. But, again, your situation is not representative of the vast majority of people.


>That couldn't have been your point. It's very easy to avoid having a gmail account.

Did you miss the part where I told you we have Google Workspace (GSuite) and I have to use it for work? What part of getting rid of that is easy? I cannot stop using it end of story.

>People here don't know you personally, or your needs. Most people don't need gmail for work.

I feel like you're not aware of the fact that Gmail is used in corporate environments through Google Workspace. You need to research before spouting off stuff that's obviously misinformed. It's a direct competitor to Office 365 and MS Outlook servers.

https://www.cnbc.com/2020/04/07/google-g-suite-passes-6-mill...


Do those companies accept login G Suite account on custom ROM?


Depends on your administrator. If they allow IMAP to be turned on for your gmail account then yes. However, your email is still going through Google's servers and this is still only a partial mitigation. You get the gmail app off your phone but that's about it.

A lot of admins won't enable IMAP for security purposes though.


I don't think it's fair to say I was ignorant when you only now mention need it for work. You could use a second handset, or try asking your employer to move away from Google products, or even find a new employer. There's plenty of options here.

If you say that the best you can do is limit exposure, then do that!


GraphineOS constantly spoofs the device's MAC so that argument is not valid (I also don't know how a website based email client is getting your MAC). It's also extremely easy to spoof the device's name. The way they are getting that is simply your browser's User Agent, or if it's an app, your phones root properties. There may be some other identifying properties about the device they can collect though, I agree with you on that.

Also, I agree with your argument about phones being tracking devices. Anything with a radio that connects to cell towers is going to be logged and tracked in perfect detail.


You're correct about the MAC address. However, the rest of the information collected is plenty to build a profile of any person.


I hope you have recurring donations setup for all these FOSS apps. FOSS still means that developers need to eat.


It's unbelievable that I'm getting downvoted for asking people to pay for software on a platform where a large % of users are involved with technology. No wonder opensource based businesses are dissatisfied with how they are treated.


At a guess, it may have something to do with how rude the original comment was and how you doubled down on that rudeness with this one. If you toned it down a little and actually spoke to other people as human beings it might help you with this problem.

[flagged]


How does "I hope you at least pay for these apps" adds anything even remotely relevant to the thread about what apps someone uses as part of their de-googled phone?

Yeah, developers do need to eat, but this (IMO) snarky comment is hardly relevant to the OP.


The way I read this submission is:

1. Google is tracking you. They track you because they need this data to target better ads, this is how they make money.

2. The OP for this comment, says they use FOSS apps to get around Google’s tracking.

My comment is about - if you are against the idea of being tracked from profit, it would be a good idea to vote with your wallet to help open source developers get paid and to show that there is a viable business model for other individual developers.


I'm going to setup a librapay account exactly for this purpose

https://en.m.wikipedia.org/wiki/Liberapay


I think it's a bit misleading to say Lineage OS sends data, because it doesn't. It's just the GApps installed with Lineage OS that sends data to Google. But you don't need to install GApps, then it doesn't send anything just like /e/OS does...


This is the exact thing I was wondering about. As far as I understood, they flashed GApps, even though GApps is not part of the default installation. I wonder what the findings would've been like on LineageOS without the GApps.


Companies like Google hold a lot of power over their users.

It's all-or-nothing, and not being part of the Google ecosystem is extremely inconvenient as more and more services depend on it.

Only legislation can give power back to the users. It shouldn't be necessary to put up with this level of surveillance by big corps in order to function in society.


>Only legislation can give power back to the users. It shouldn't be necessary to put up with this level of surveillance by big corps in order to function in society.

Don't worry, after about 7 years there will be a low key class action suit and we'll miss the $7 payout and lawyers will collect the leftover millions for the sake of symbolic justice. Then perhaps big industry won't ever learn it's lesson again.

Congress has already proven that they're the Rip Van Winkle of IT awareness unless it pertains to boosting their personal investments.


I would go further and say that this describes the ineffectiveness (I’d say corruption) of Congress and the justice system across all industries. This is just the one you notice because you’re well acquainted with it. If you have a strong stomach go look up Steven Donziger.

you mean the legislation that forced banks to use google safety nets create hindrance in rooting the phone? I really find myself in hopeless position these days when Google can do anything freely because they have enough cash to lobby anything.


>the legislation that forced banks to use google safety nets create hindrance in rooting the phone?

You're saying some legislation made SafetyNet a legal requirement?!

You should try and elaborate on that.


How far are we from a phone that: ships fully formed - no flashing and stuff, has reliable supply chain and production, is open source only, usable on a daily basis (stable, normal battery life, all basic apps, easy upgrades) and ideally repairable / recyclable as much as possible?

I would leave "high-end" specs and price constraints out of scope to make this a reality sooner than later.

There are several contenders and combos /e/, lineageOS, pinephone, fairphone etc and I wish them all godspeed (also other small efforts out there I am not aware of), but its not clear which one is ready for just the simple, honest, society and environment friendly mobile computing that we should have had all along and it is really a crime that we don't.


Far in never. There's no (real) money to be made, manufacturers don't care.

I use GrapheneOS. It's rough but at least it gives me peace of mind.


Why is there no money to be made? I would at least pay to buy the hardware and possibly for ongoing software support as well (depending on how they structure such support or any other "soft" features). E.g. I think its a jolly good idea if somebody really checked for a living all those open source apps.

In any case if there is really no viable business model for private mainstream mobile computing we have been duped big time: This is not a consumer device, it is track-and-trace machinery.


In order to have a reasonable, stable supply chain at all, you need quite large scale; and even then your phone would have much smaller scale than the mainstream competitors and so would be be significantly more expensive than their models with similar hardware, both because it's targeting a niche and also because all this tracking&targeting does result in some revenue stream for the manufacturers.

It indeed is a jolly good idea if somebody really checked for a living all those open source apps, however the math works out only if you allocate the salary of those people over a million phones, not if you have only 10000 customers.

Perhaps you would actually be willing to pay a large premium for that, but the vast majority people are not. Perhaps a meaningful number of people would be willing to pay a small premium like 10-20%? But that's not what's reasonably achievable, the differences are much larger as soon as you go off mass market production or start needing software modifications which are a large fixed cost that is cost-effective only if you're distributing it over very many phones.

There have been many companies in the past which have found out the hard way that few people really care about privacy that much (or they care but can't really afford much, which has the same effect), but for a recent example, you can look at the troubles of Librem 5; IMHO it's trying to do similar things, but its price/performance is suffering because of that and you be the judge whether their business model looks viable. And if you want a trustworthy supply chain, then your (already high) costs literally double, again, Librem 5 "USA" model is an example of that - a $2k phone where the core functionality (excluding the privacy) is essentially the same or worse as a $200 phone from a Chinese brand.


you sketch a good frame to help think about this challenge holistically. the list of failed initiatives is by now so large it almost gives you a statistical sample of factors to take into account (I contributed a data point once - one of the <10K firefox-os/zte users :-(

but somehow the numbers could/should add up at some point. If you think (ballpark) a billion devices in circulation and assume that 1-in-1000 people has a combination of awareness and ability to afford a private / open source device, that is your 1M right there.

this should be a very conservative estimate. it assumes that people (more precisely those who claim to represent their best interests) will continue with the inexcusable practice of governments "not interfering" with the "market" (in quotes because it not a real market when you have two options). While some governments slowly take legislative steps in the data privacy space, I have never seen any actual warning from official lips about privacy (the way they warn about assuming financial risk, being overweight, drunk driving, not getting vaccinated etc).

maybe the current business model only stands due to the "subsidy through silence"?


> Why is there no money to be made?

Not enough people care to use cut rate hardware that actually conforms to the 'wholly open' philosophy. Even Stallman couldn't maintain using fully open hardware. He had to switch to a Thinkpad with Coreboot.

People have expectations when using devices as complex as a phone or laptop to where, compared to even a desktop with Linux, having a smartphone that is fully open comes with serious drawbacks.

You could always get a LibrePhone or a Pinephone but you probably won't enjoy the experience.


well, "fully open" is just an ideal. I think I could live with proprietary bits that are not involved in the private data trade.

it doesn't have to be "cut rate". I left the specs/price point open for that reason. But indeed thinking of it as a tool, not as a trend-following gadget with 12 cameras and the screen size of a laptop.

Just interested to see whether this approach is viable.


> Just interested to see whether this approach is viable.

Spoiler alert: It's not. The better SOCs end up becoming more proprietary because it's the companies' own implementations that make them perform better. That leads to proprietary drivers/software.


> Why is there no money to be made?

Because we don't really know how much hardware costs anymore. Most hardware you buy is subsidized in one way or another through data collection, from phones to TVs. Building stuff is very capital intensive, and the world changes very rapidly. And most people don't really care about data collection because they don't understand the consequences, or they don't care at all (which I find baffling). This means you'll be always facing cheaper competition. It's very hard to keep a company like that afloat.


this is plausible (and very worrisome if really true). We are not talking about an aspirational consumer device, it is already the case that you are being cutoff from regular life / the economy without one.

Incidentaly, I don't buy the "people don't care" argument. First of all, people do care. There is massive legislation in the EU (which represents half a billion people) towards data privacy. They are not freaks - well informed people obviously care about privacy. This touches also companies / commercial privacy and states (data sovereignty etc). But it is true that large numbers around the world are dazed and confused ("don't care") as nobody credible (and holding a large mouthpiece) is actually warning them.

But if you are right and its not viable (e.g why did blackberry not survive given companies at least should appreciate privacy) it is a baffling state to have degenerated into.


> I don't buy the "people don't care" argument.

A lot of very informed people do really sincerely not care. A coworker of mine (IT professional) literally told me that the fact that his phone is constantly tracking him and that he could show me his whereabouts during the last week/month on google maps was a feature.

A lot of people really, truly don’t care. Is as baffling to me as it is to you.


> it is already the case that you are being cutoff from regular life / the economy without one.

it's true that you can't easily buy stuff online while on the move, but _life_ is happening outside and without a phone.


This has been my experience with e os. Everything just works


Nothing that appeals to general public, OpenMoko was released in 2006.

ime fairphone is good enough hardware, but the software and experience is a trainwrek despite their best to emulate the iphone feeling. given they only sold a few thousand of each series, i would still count them very much as "small effort"

there was a mass market sailfish phone in India but it was a flop. ofcourse it has Android emulator that used to send just as much crap out as tthe original... but atleast you could stop that.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: