croemerGoogle just gave Android power users a sideloading win
https://www.androidauthority.com/android-sideload-carry-over-3652845/
What's the phone OS landscape now? What can someone who values their agency and wants FOSS choose?
* iOS - walled garden, so no
* Android:
* * with a Google account and Play Services - a bit less of a walled garden, but still no
* * Android without Google:
* * * GrapheneOS - root or adb not supported, so no
* * * LineageOS - (edit: root or adb not supported, so no - just learned) seems like a viable option although it seems like it depends on Google's development of Android and keeping it FOSS. How's the situation with security updates? Which phones would you recommend? I don't count Samsung or whatever crap as they're generally quite user-hostile.
* Linux - IIRC only PMOS supported FDE. Is that still the case? Are there are good Linux phones? I tried PinePhone a few years ago, but it was crappy. The OS also lacked basic features like new windows showing up inside the screen.
* anything else?
fairphone support for pmOS is improving. What DE were you using? It was probably just slow on the pinephone.
librem 5 is also an option. It is sorta expensive and weak but is the most capable.
https://wiki.postmarketos.org/wiki/Devices
right now im on calyxos but development has been paused for like a year
It was a long time ago, so I don't remember. Phosh or Plasma. I tried to like Sxmo, but it was really unintuitive, unlike tiling WMs on Linux.
Fairphones seems OK, although for €549 I'll probably stick to a dumb phone and invest in a better laptop for now. I'm not saying it's too expensive for what it is, though - it's still a tiny computer with all kinds of periphery.
I just wish there was a version with a shitty camera for €50 less or with no Bluetooth for €10 less - you get the idea.
Interestingly, when I went to
https://www.fairphone.com/shop-home
the prices for the headphones were lower for a few seconds and got higher afterwards.
€186.75 -> €249
€74.25 -> €99
while the phone price remained the same. Both are increases of 33.(3)%. Probably a script that determined my location and added a VAT.
GrapheneOS - does allow you to root/ADB. It's just not official, just like LineageOS. You can even sign your own images and relock the bootloader and have root i f you put in the effort.
So I misunderstood about LineageOS - I haven't read anything about it for a while. Everyone on GrapheneOS's forum is really anti-root, they even mention it's not GrapheneOS anymore. From what I saw you can't get any support whatsoever if you have an issue with root or adb, which seems like a core component to any OS to me. Would've been nice if there was a community that gave each other support for rooted LOS or GOS. There could be one, though - I haven't researched it.
> GrapheneOS - root or adb not supported, so no
Like the other poster said, you can get root on GOS. However it's highly ill advised and severely breaks the security model of devices. 99% of the time nobody, especially the average person, needs root on their phone (imo). Allowing that easily just opens up the average person to getting duped into getting their phone rocked with exploits and possibly persistent malware.
There is no reason that a lack of root access should be viewed as a negative within the context of GrapheneOS. In that case why even mention or choose GOS? Just choose an Android fork with poor security or a Linux phone with zero security instead.
> 99% of the time nobody [...] needs root on their phone
Do you also not have root on your laptops or desktops? I don't get why it's so different. I don't just want to open TikTok and Instagram, I want to use my phone computer as a computer. I assumed HN folks would get it.
I would choose something as locked down as GrapheneOS for its security if I was going to use it to install random apps left and right and give them root or run JavaScript from random sites on a browser I gave root to.
Anyway, not having root seems like a very weird way to harden security. What about compartmentalization?
And what's wrong with my my terminal app having root sometimes? How is shadycryptonews.xyz/exploit.js going to leverage it? How would even the Official Authoritarian Police State app leverage it?
I probably don't get it, but it's like people see 2 extremes - run nothing ever in root or run everything in root all the time.
I want to run like 5-6 apps I trust.
Maybe if I wanted to secure a billion dollars worth of Bitcoin, I would be OK with a separate phone without root, but then again I would likely use a hardware wallet. What's the threat model for someone who doesn't blindly give apps root or do anything stupid, really?
I think a problem is that phones, as a concept, are communication first, rather than general computing first.
If you want to partake in social networks, messaging, work communication, banking, etc you're at the mercy of the service's owner and their moat. You can't access Instagram in any other way than their app, and at that point an open OS doesn't help a lot.
I'm sure FOSS can make a feature equivalent Instagram (or Whatsapp, or whatever) but the people aren't in there.
> I think a problem is that phones, as a concept, are communication first, rather than general computing first.
I use all kinds of computers for communication. I'm communicating with you on my desktop. I had a call earlier on my laptop. And a phone IS a computer, so why pretend it's not?
> If you want to partake in social networks, messaging, work communication, banking, etc you're at the mercy of the service's owner and their moat. You can't access Instagram in any other way than their app, and at that point an open OS doesn't help a lot.
I wouldn't use proprietary work tools on a personal device. It's not good hygiene.
I don't care if Instagram requires an app on a non-rooted phone with verified Google attestations because I don't use it and it's not essential.
Banking apps ARE a problem because a lot of banks don't let you use their site without their app at all. That should be solved with regulations - give people a FOSS banking app or, better yet, an API, so they can bank however they want to. Let us create FOSS interfaces for the different banks. Right now we need to revert the regulations who more or less force us to rely on Google or Apple's attestation. Internet banking is important both because there's a trend, even in countries where cash is still widely used, to have places that don't take cash, and because it's a highly regulated system paid for my taxes - I should be able to participate in a modern way with bullshit restrictions allegedly made to prevent someone's grandpa from getting hacked or phished.
But if I can't access my bank online, I'm not going to bow my head and buy a bank-approved phone with a bank-approved OS and a bank-approved $tech_company account. Who banks that often that they really need to do that, outside of places like Sweden where cash is almost dead?
>I use all kinds of computers for communication. I'm communicating with you on my desktop.
Sure, now get a date, connect with old friends, get invited to a party or join your children's school parent groups exclusively on free software.
>And a phone IS a computer, so why pretend it's not?
I agree we shouldn't, I'm just saying that it's unlikely for that need to meet a large enough demand.
You might consider Instagram, whatsapp or similar apps personally not essential, but for many (I would say most) people they are - if not truly essential for living, at least essential in the sense that they don't have much use for their phone outside of those apps.
Which was my point, as long as the main use of a phone requires passing through meta's (or whoever else's) hoops, it's going to be a hard battle.
The only minimally mainstream uses of a phone that currently lie outside the walled garden are piracy and emulators, and that's already a stretch.
Because my new phone would be my new phone. And a phone is a computer. That should be enough of a reason.
I'm quite surprised people who post here don't get that. I've been lurking for years even though my account is new and even though general hackerishness here has gotten a bit reduced over the years, but it's still HackerNews, not ConsumerNews. No offense implied - I just hoped I'd see more people willing to claim their right to own and modify their OS like a true hacker.