Google Is Rolling Back Security To Pursue Their Own Interests
(twitter.com)
from Genghis@monero.town to degoogle@lemmy.ml on 31 Jul 2024 00:50
https://monero.town/post/3841784
from Genghis@monero.town to degoogle@lemmy.ml on 31 Jul 2024 00:50
https://monero.town/post/3841784
I have my respect for GrapheneOS for addressing the Play Integrity API issue.
#degoogle
threaded - newest
Nitter link
Mastodon for those who avoid Twitter entirely
This isn’t the same post?
It’s the same thread, the linked post is down the thread a little bit
we need a bot for this now that we have healthy instances again
Oh shit I thought nitter was dead
Shit. All google needs to do is F GOS and game over for pixel phones and GOS. GOS really needs a backup manufacturer that maybe can achieve GOS goals.
I always found it weird that the OS that attempts to limit the impact of Google’s severe privacy issues mostly only runs on hardware by Google.
As soon as Google wants to, you kind of just lose.
The Pixels (and the Nexus before them) are very hackable compared to most other phones. They’re a good platform for this sort of thing, and why not use it? If you have alternatives, get portin’.
Their modems are crap. The primary function of a phone is to access cellular signal. No thanks.
Not only weird, but it’s beyond rich. There’s no way on God’s green Earth I’m giving money to Google to buy hardware that allows me to escape Google’s corporate surveillance machine. That’s just too much irony for me.
My deGoogled cellphone therefore is a FairPhone running CalyxOS.
CalyxOS is a mighty fine AOSP distribution, in case you wonder. Very pro, very polished, and I’ve never had a problem with it.
+1 for Calyx, wish more people talked about it
Well. I was literally considering getting a pixel fold in the next few days to give grapheneOS a try. I guess I won’t now? What other good options are there for a (mostly) casual who wanted minimal fiddling and maximum privacy? Just switching back to iPhone?
There’s nothing wrong with Graphene. I’ve been using it for months now on my Pixel 7.
Did you read the post…? It seems like Google is starting to fuck with app access, unless I’m misunderstanding?
Play integrity api is implemented by some app developers to check OS integrity. Google blocks all third party OSes from utilizing this verification method, including GrapheneOS. This isn’t new, what’s new are the apps that utilize this integrity API which is where the story comes from. Most apps still work without it. Graphene has full support for hardware anttestation and they’re pushing for this to be the norm rather than relying on Google as the gatekeeper. I use graphene every day, and while I mostly use FOSS apps from other repos, the stuff I personally use from the play store works perfectly
Okay, thanks for clearing that up for me! Good to know graphene is still worth getting into :)
Hold your horses that hardware attestation stuff is crap. No developer is going to use it instead of the play integrity api. Both authy and relay for reddit don’t work on GOS due to this. The play store even hides the existence of these when running on GOS.
I also had a temporary limitation with uber app functionality. They were doing some AB testing that would disable various features if you didn’t pass integrity api. That’s since gone away for me but i wouldn’t be surprised if it comes back
Is there a different OS with the relative ease and functionality of graphene (android auto and other such features being big one) that you could recommend to a beginner? Or is graphene still worth it, in your opinion? Ease is important to me as someone with a new baby but cares about privacy.
What’s wrong with GOS?
They didn’t change anything. Banking apps rely on play integrity to check if the device is secure (not bootloader unlocked/rooted). Google abuses this, so grapheneos devices also don’t get the support.
I doubt iPhone is better, and it’s marketing instead. Or it’s a matter of time before they wanna go the data mining road. You can also get a fairphone and install a custom ROM
Right, but not Graphene, though, right? The whole draw of Graphene is that it’s relatively easy and android-feature complete, no?
No idea tbh. I edited my message to fix my mistake too
Yeah, apple is always teetering on that fence where on the one side, they’re a Corpo and want to sell your data, but on the other side their whole draw and the logic behind being a walled garden is the privacy aspect for their users. If they drop the privacy draw, then why would some users want to stay in a walled garden
Familiarity
Only a few apps enforce Play Integrity so it is still the best option for a casual user. Cash App enforcing it is my biggest hurdle.
Is there a master list of apps that do this, I wonder?
When your backend is google, you give google your backend.
postmarketos.org
How is it for receiving calls from idle?
I really want Linux Mobile to work but last time I looked the receiving calls from idle was unreliable and it’s the most important part of a mobile phone.
This was on the OG Pinephone.
By idle I assume you mean while the phone is suspended? It works fine for me (verizon US, phosh) though there’s an extremely rare bug where the phone will fail to resume from suspend and needs to be rebooted. Also I find I need to restart modemmanager after I boot or the modem doesn’t come online, though that may just be a problem specific to me since I think I installed the open source firmware for the pinephone modem incorrectly since there’s a bunch of other stuff that doesn’t work properly (hangs on a lot of AT commands).
Interesting. Which distro are you using?
PostmarketOS
That’s a great one liner!
This does not solve the Play Integrity API issue. This would make app compatibility even worse lol.
I’m confused. Authy is just a 2FA client. There’s half a dozen in fdroid. I use FreeOTC myself. Are graphene users unable to use anything else?