We shouldn't let naive or mentally disabled people to dictate how computing should work. That's the same logic behind the age verification shit that's happening worldwide.

If you (not you specifically) are unsure of your abilities to use computers, let a friend or a family member buy a dumbed down device for you or install parental controls or something. Or maybe have clicking the build number 7 times reveal "toddler mode" where you can lock your device down irreversibly as much as you want.

Because my new phone would be my new phone. And a phone is a computer. That should be enough of a reason.

I'm quite surprised people who post here don't get that. I've been lurking for years even though my account is new and even though general hackerishness here has gotten a bit reduced over the years, but it's still HackerNews, not ConsumerNews. No offense implied - I just hoped I'd see more people willing to claim their right to own and modify their OS like a true hacker.

> I think a problem is that phones, as a concept, are communication first, rather than general computing first.

I use all kinds of computers for communication. I'm communicating with you on my desktop. I had a call earlier on my laptop. And a phone IS a computer, so why pretend it's not?

> If you want to partake in social networks, messaging, work communication, banking, etc you're at the mercy of the service's owner and their moat. You can't access Instagram in any other way than their app, and at that point an open OS doesn't help a lot.

I wouldn't use proprietary work tools on a personal device. It's not good hygiene.

I don't care if Instagram requires an app on a non-rooted phone with verified Google attestations because I don't use it and it's not essential.

Banking apps ARE a problem because a lot of banks don't let you use their site without their app at all. That should be solved with regulations - give people a FOSS banking app or, better yet, an API, so they can bank however they want to. Let us create FOSS interfaces for the different banks. Right now we need to revert the regulations who more or less force us to rely on Google or Apple's attestation. Internet banking is important both because there's a trend, even in countries where cash is still widely used, to have places that don't take cash, and because it's a highly regulated system paid for my taxes - I should be able to participate in a modern way with bullshit restrictions allegedly made to prevent someone's grandpa from getting hacked or phished.

But if I can't access my bank online, I'm not going to bow my head and buy a bank-approved phone with a bank-approved OS and a bank-approved $tech_company account. Who banks that often that they really need to do that, outside of places like Sweden where cash is almost dead?

> 99% of the time nobody [...] needs root on their phone

Do you also not have root on your laptops or desktops? I don't get why it's so different. I don't just want to open TikTok and Instagram, I want to use my phone computer as a computer. I assumed HN folks would get it.

I would choose something as locked down as GrapheneOS for its security if I was going to use it to install random apps left and right and give them root or run JavaScript from random sites on a browser I gave root to.

Anyway, not having root seems like a very weird way to harden security. What about compartmentalization?

And what's wrong with my my terminal app having root sometimes? How is shadycryptonews.xyz/exploit.js going to leverage it? How would even the Official Authoritarian Police State app leverage it?

I probably don't get it, but it's like people see 2 extremes - run nothing ever in root or run everything in root all the time.

I want to run like 5-6 apps I trust.

Maybe if I wanted to secure a billion dollars worth of Bitcoin, I would be OK with a separate phone without root, but then again I would likely use a hardware wallet. What's the threat model for someone who doesn't blindly give apps root or do anything stupid, really?

It was a long time ago, so I don't remember. Phosh or Plasma. I tried to like Sxmo, but it was really unintuitive, unlike tiling WMs on Linux.

Fairphones seems OK, although for €549 I'll probably stick to a dumb phone and invest in a better laptop for now. I'm not saying it's too expensive for what it is, though - it's still a tiny computer with all kinds of periphery.

I just wish there was a version with a shitty camera for €50 less or with no Bluetooth for €10 less - you get the idea.

Interestingly, when I went to

https://www.fairphone.com/shop-home

the prices for the headphones were lower for a few seconds and got higher afterwards.

€186.75 -> €249

€74.25 -> €99

while the phone price remained the same. Both are increases of 33.(3)%. Probably a script that determined my location and added a VAT.

What's the phone OS landscape now? What can someone who values their agency and wants FOSS choose?

* iOS - walled garden, so no

* Android:

* * with a Google account and Play Services - a bit less of a walled garden, but still no

* * Android without Google:

* * * GrapheneOS - root or adb not supported, so no

* * * LineageOS - (edit: root or adb not supported, so no - just learned) seems like a viable option although it seems like it depends on Google's development of Android and keeping it FOSS. How's the situation with security updates? Which phones would you recommend? I don't count Samsung or whatever crap as they're generally quite user-hostile.

* Linux - IIRC only PMOS supported FDE. Is that still the case? Are there are good Linux phones? I tried PinePhone a few years ago, but it was crappy. The OS also lacked basic features like new windows showing up inside the screen.

* anything else?

> Google had their own versions of things. IIRC bugs had both a priority and severity for some reason (they were the same 99% of the time) between 0 and 4.

At the company I worked with (not Google, but a major one) this was the same. We used Salesforce, the "Lightning Experience" or whatever it was called [0]. Our version was likely customized for our company, but I think the idea was the same - one, I think the "priority", was for our eyes only, one was for the customer (the "severity"). If the customer was insistent on raising the severity, we'd put it as sev1, but the priority was what we actually thought it was. I was actually surprised that for the ~4 years I was there no one made the mistake of telling the customer the priority as a mistake, especially when a lot of people were sloppily copy-pasting text from Slack or other internal tools that sometimes referred to a case as either the severity or the priority.

Those were heavy customers with SLAs, though, not supermarket apps or anything like that.

What was sad was that our internal tools, no matter how badly written, with 90's UI and awful security practices, our tools were 50 times as fast as whatever Salesforce garbage we had to deal with. Of course, there was a lot of unneeded redundancy between the tools so the complexity didn't stay in the Salesforce tool. But somehow the internal tools written by someone 10 years ago, barely maintained, who had to still deal with complex databases of who-what-when-how, felt like you had the DB locally on a supercomputer while SF felt like you were actually asking a very overworked person to manually give you your query right on each click. I'm exaggerating, but just by a bit.

[0] That name was funny because it was slow as shit. Each click took 5 to 20 seconds to update the view. I wonder what the non-Lightning version was.