We're continuing investigation to the performance issues, you can follow and react here: https://lemmy.world/c/friendicaworld

mastodon - Link to source
Google won't allow you to install Android apps whose developers' identity Google hasn't verified. Starting in 2026 in some countries and in 2027 everywhere: androidauthority.com/android-d…

Google wants to make sideloading Android apps safer by verifying developers’ identities - Android Authority

Google wants to make sideloading safer on Android by verifiying the identities of developers who distribute apps outside the Play Store.
Mishaal Rahman (Android Authority)
This entry was edited (3 months ago)
in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

We need to fight Google's new ID requirement for app developers. It isn't like showing ID at the airport. More like showing it at the printing press and only IDed authors are allowed to print books.

What Google doesn't talk about is that they build this ID system to ban developers and their apps.

in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

People saying "But I use a degoogled custom ROM, so I won't be affected" are missing the point. Apps not on Google Play are already a niche. Banning them on most people's devices is a big issue, even if some people can still escape.

Also the general trend of Google becoming more closed may make even custom ROMs impossible eventually.

in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

In the past, when books were censored and forbidden, people could still print them in their basements and spread them. Everybody who got their hands on one, could read it. This won't be possible anymore in our new digital age.
in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

Under-reported detail: If you don't pay a fee to Google, they limit how many people can install your apps and how many apps you are allowed to have.

Source: developer.android.com/develope…

Android developer verification  |  Android Developers

Android Developers
in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

Google asks what we think of their plans to block Android app installs outside of Google Play (unless the developers let Google verify their identity and pay a fee).

Want to tell them your opinion, just submit this form:

docs.google.com/forms/d/e/1FAI…

Android developer verification requirements

Use this form to submit questions or feedback about the new Android developer verification requirements announced in August 2025. You can learn more about the requirements in the Android developer verification guide. Sign up for early access here.
Google Docs
in reply to Torsten Grote

mastodon - Link to source

Benjamin

Because governments and businesses let them, yes. They COULD have provided the packages outside of Google Play, then they COULD now put pressure on Google, but they CHOSE not to, and now they have no leverage.

Time and again I contacted various entities to provide the APK files outside of Google Play, but they refused to even understand the question, if they answered at all.

Shame on all of them.

in reply to Torsten Grote

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

Do i understand it right, that having open source Apps from F-Droid would be no longer be technically possible on an Android phone that is not degoogled (like Murena)?
So you'd only be able to download Apps from Playstore if this becomes reality?
And ANY App developer has to pay a fee to google in order to he "verified" as allowed App?
Which gives Google finally complete controll over the App market on Android side from that day on?

F4GRX Sébastien reshared this.

in reply to Torsten Grote

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

But i would be still able to do sideloading with say a Murena phone?

I doubt that Google will allow sideloading Apps like NewPipe that matter of factly do stuff they don't like, like allowing to watch Youtube with playlists but without showing your own IP.

This plan is complete monopolization to app usage on google and i hope they get sued.

This entry was edited (3 months ago)

F4GRX Sébastien reshared this.

in reply to Viktoria D. Richards/Uddelhexe

mastodon - Link to source

Torsten Grote

@v_d_richards Yes, the Google Play Services will be doing the blocking. So any ROM without those will do. However: chaos.social/@grote/1150945508…

Torsten Grote

2025-08-26 10:17:54

mastodon - Link to source

People saying "But I use a degoogled custom ROM, so I won't be affected" are missing the point. Apps not on Google Play are already a niche. Banning them on most people's devices is a big issue, even if some people can still escape.

Also the general trend of Google becoming more closed may make even custom ROMs impossible eventually.

@Viktoria D. Richards/Uddelhexe
in reply to Torsten Grote

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

At the end of the day there is only solutions to prevent this from becoming reality ( google voluntarily stopping their world domination fantasys is not one of them.)

- legislature stops them to take complete controll over every function the moble phone usage on the Android side

- companies offer their Apps on other stores ( which Google will try to prevent too by telling them: if you do, you will be banned from playstore)

If this is not stopped ny law, google is inavertable.

F4GRX Sébastien reshared this.

in reply to Torsten Grote

mastodon - Link to source

LukefromDC

@v_d_richards So on a phone that is not supported by any 3ed party ROM, ADB uninstalling Google Play Services kills this?

That would work for me, though apps from non-ID uploading devs will not be able to coexist on the same phone with Gapps. That might limit the availability of such apps, though it won't effect anyone writing apps for non-Google Play devices only.

I refuse to allow any part of Google Play into any device containing my contacts, files or any sensitive communications apps

@Viktoria D. Richards/Uddelhexe
in reply to Torsten Grote

mastodon - Link to source

Jan Penfrat

Thank you @grote for sharing this.

In addition to telling #Google that locking down #Android is bad, I'd also recommend every app developer to write to the @EUCommission's #DMA enforcement team and tell them that this practically circumvents Article 6(4) of the #DigitalMarketsAct, which was supposed to *enable* 3rd party app (stores).

The EC is discussing the same question with #Apple atm and they have to understand what happens if they let this happen.

Contact form:
digital-markets-act.ec.europa.…

Contact the DMA team

Contact form to contact the DMA team
Digital Markets Act (DMA)
#google #apple #android #dma #digitalmarketsact @European Commission @Torsten Grote
in reply to Jan Penfrat

mastodon - Link to source

gunstick

@ilumium @EUCommission
Wrote this:

Google plans to require all developers only being allowed to publish apps through their play store and nowhere else. This to control malware. Which is not the real reason as people get most of malware from the google play store and not via alternate ways.
Many small hobbyist apps will stop existing as those developers even don't have the money to pay google to get verified.

@European Commission @Jan Penfrat
in reply to Jan Penfrat

mastodon - Link to source

Torsten Grote

@ilumium
The
@EUCommission responded: "the DMA also permits Google to introduce strictly necessary and proportionate measures to ensure that third-party software apps or app stores do not endanger the integrity of the hardware or operating system or to enable end users to effectively protect security."

So the question is if it is necessary and proportionate.

@European Commission @Jan Penfrat
in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

The @commonsguy has some uncomfortable Questions About Android Developer Verification for Google: commonsware.com/blog/2025/08/2…

Uncomfortable Questions About Android Developer Verification

Google announced a program that is proving to be unpopular among Android app development experts. I have questions.
CommonsWare: Android App Development Books
@Mark Murphy

Rita reshared this.

in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

Android published new APIs that seem to confirm that your phone will phone home when you install apps. It will refuse installation when you are offline or developer got blocked by Google:
developer.android.com/referenc…
in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

Google now says "we are also introducing a free developer account type that will allow teachers, students, and hobbyists to distribute apps to a limited number of devices without needing to provide a government ID."
It is unclear how verification will look like.
android-developers.googleblog.…

Let's talk security: Answering your top questions about Android developer verification

News and insights on the Android platform, developer tools, and events.
Android Developers Blog

padeluun ⁂ reshared this.

in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

Android "hobbyist developers can get a free account [for developer verification] but will face strict distribution limits, requiring them to manually authorize each device installing their app."

Having to get a device identifier from each of your potential(!) users and then manually allow-list them is an impractical limitation making this account type useless for most use-cases while allowing bad actors to exploit it.

Source: androidauthority.com/how-andro…

Here's how Android's new app verification rules will actually work

Google has shed more light on how Android's app verification rules will work, which will block sideloading apps from unverified developers.
Mishaal Rahman (Android Authority)

reshared this

in reply to Torsten Grote

mastodon - Link to source

Torsten Grote

Google is now "building a new advanced flow that allows experienced users to accept the risks of installing software that isn't verified." android-developers.googleblog.…

But hasn't shared any details on how this would look like. Also, it wouldn't be the software that is verified, but the developer's identity.

Google is otherwise continuing to push ahead with developer verification.

Android developer verification: Early access starts now as we continue to build with your feedback

News and insights on the Android platform, developer tools, and events.
Android Developers Blog

Conny Duck reshared this.

in reply to Torsten Grote

mastodon - Link to source

Kevin Karhan

that is #literally #malware and I hope you intent to collect said #evidence and seek legal advice re: pressing charges against them...

infosec.space/@kkarhan/1152680…

Kevin Karhan

2025-09-26 01:47:59

mastodon - Link to source

thanks for the info.

Personally, I use @fdroidorg / #Fdroid exclusively and think that their approach for their own repo (pull the #git sources for any #App and compile the release version before signing it with F-Droid's key) is sufficiently secure.

  • OFC one can add 3rd party repos to it and those could be malicious as similar to #Linux package managers like apt, they've to provide their own signatures and knowingly adding malicious repos will enable #malware

Personally, I hope @EUCommission and other #regulators will tell #Google that this is unacceptable and I hope developers will instead file charges for #blackmail and #extortion against Google rather than #SelfDoxxing!

#malware #evidence #literally
in reply to Torsten Grote

mastodon - Link to source

IzzyOnDroid ✅

And for developers who who will not go that road (I guess most of the FOSS devs who have their apps explicitly NOT on PlayStore), there's this library: github.com/woheller69/FreeDroi… to let the folks using their apps know (and hopefully raise more noise).

(I haven't seen it in action yet, but the idea seems sound)

I hope the @EUCommission will take action against Google's abuse of power there, though I wonder if they'd do so in time…

GitHub - woheller69/FreeDroidWarn

Contribute to woheller69/FreeDroidWarn development by creating an account on GitHub.
GitHub
@European Commission
in reply to Torsten Grote

mastodon - Link to source

knirirr

I replied to this. They will recognise the email address as it's the same one I used when I told them (several times) that they must be joking if they thought I'd send them scans of my ID to keep distributing the same FOSS app I've had there without issue for over a decade. Annoying to have a load of hassle moving users over to FDroid/Github only for the villains to do it again!
in reply to Torsten Grote

mastodon - Link to source

BOplaid

"I don't make apps, but you need to remember that many of your services (which you make money off of) such as YouTube, are blocked here in Iran. The Google Play store is very frequently blocked. Developers of proper VPNs are mostly hobbyists that usually cannot afford the fee. As such, it isn't unlikely that you will lose some money.

Now, make your decision."

I don't have much hope tho

in reply to Torsten Grote

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

I dared it and told them my issues in a polite way.

Pray for my google account that i still need because of banking apps and Deutschlandticket and to monitor my childrens phones with family link
(and because i am really too lazy to make a new account to make my old Android phone running again if they are petty and nuke my google account)

in reply to Torsten Grote

mastodon - Link to source

mcc

Seems to clearly indicate they'll be tracking which devices run which apps? So Google will know every time I open an app on my own phone…?

What if I'm installing something that a government somewhere considers illegal, like an emulator, or a period-tracking app? Does Google have that information? Could they derive it from information they do have (for example if they know the app developer I ran but not the app, but the developer only has one app)? Will they report it on subpeona

in reply to mcc

mastodon - Link to source

Olivier

@mcc I think it would be trivial for Google to record and report what apps are installed and used on a phone, and how often or for how long. Whether Google does that already or not, I don't know.

This new controversy is to restrict and control who can develop software for Android, who can distribute it, and whether you can install it on your device. It's Apple's so called walled garden idea.

It essentially removes one of the most important differentiators between the two brands.

@grote

@mcc @Torsten Grote
in reply to Torsten Grote

mastodon - Link to source

• Łącze

@Viktoria D. Richards/Uddelhexe @Billie @Bobo_PK 🦄 @Navi
in reply to Torsten Grote

mastodon - Link to source

Frank

As an example I'd like to add: In our school we actively explain to our pupils how to install F-Droid to demonstrate, that there are ways to control your device, for example to get an ad-free YT experience with Newpipe. So you can explain problems like walled gardens etc

The whole educational aspects are gone, when this is no longer possible, it does not matter if some nerd is able to circumvent the restriction - every Android device will no longer be his/hers for the average user.

reshared this

in reply to Frank

mastodon - Link to source

Frank

In the end, users will be accustomed to the fact, that they can no longer control which apps do and don't run on their devices.

I often think of the brilliant talk by @pluralistic - this is from 2021 (!) an the big corps follow their goal relentlessly.

"The coming war on general computation"

media.ccc.de/v/import-6942ef79…

The coming war on general computation

The last 20 years of Internet policy have been dominated by the copyright war, but the war turns out only to have been a skirmish. The co...
media.ccc.de
@Cory Doctorow
This entry was edited (3 months ago)

reshared this

in reply to Torsten Grote

mastodon - Link to source

Okuna

people dont understand the difference of Facebook and a toaster.
99% of people dont know, dont care.
We have been brain washed.
Every big tec wants to suck us in deeper, lock us in, make us dependent. And politics, people want this.
The few people recognising what is going on, are outsiders.
Me: Philips hue collects your data in average every 24 seconds.
Them: What can they do with it? How could they profit?
Me: I am not here to tell them their business model. But I can tell you: In capitalism, no one does something without a reason. They need servers, infrastructure, programmers to write this code. Do you think they do this because there is no business reason behind it?
Them: <shrugg shoulder>

I have to explain it. No: They have to explain. But no one cares.

in reply to Torsten Grote

mastodon - Link to source

Ati

That's good news because Android is evil and custom roms just a prosthesis. The more they push ppl to the corner the more effort and money flows to true linux on mobile projects. And you have no say on what google does enyways, right? Helping linux materialise on mobile is all we can do. And stop settling for custom roms 100% dependent on google, as some kind of final solution. I mean great job, hi 5 to all custom rom devs but time to make another step.
in reply to Torsten Grote

mastodon - Link to source

Jari Pennanen

We need a third platform! Fully FOSS Linux phone!

Android is already a lost cause, with apps requiring Play Services, Play Integrity checks, etc. It is fight we've already lost.

Today, it's just banking apps, but given enough time, the Android ecosystem of apps will be even more locked down.

The only way is to have a third platform, and it should be big. Who is there to champion for Fully FOSS Linux phone and app ecosystem?

in reply to Torsten Grote

mastodon - Link to source

viq

@Em0nM4stodon there's androidaps.readthedocs.io/en/l… that very much could cease to exist under this, and even me sharing the built APK with you would fall under "unlicenced international distribution of medical equipment", so there is no chance in hell of it ever being available on any distribution platform.

Welcome to the AAPS documentation — AndroidAPS Documentation

Android APS (AAPS) is an open source app for people living with insulin-dependent diabetes. It is an artificial pancreas system (APS) which runs on Android smartphones.
androidaps.readthedocs.io
@Em
in reply to Torsten Grote

mastodon - Link to source

Little Rao

Sensitive content

in reply to Torsten Grote

mastodon - Link to source

Akkana Peck

Does this even apply to apps I write myself? I won't be able to adb install the apk?

Anyone learning Android development, will no longer be able to try their first apps without registering? People writing small apps for themselves will have to register?

Neither the androidauthority article nor Google's official page makes this clear.

in reply to Torsten Grote

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

If i needed a final straw to finally try out a degoogled Phone or completly different mobile OS despite it being bothersome...this is it.

"To protect from malware"..my ass.
They now say that and next they decide how apps should work outside of playstore or they will otherwise block them from devices.
If something blocks shit from their spyware, or is better than their own app...they will block it.
Complete controll over the market.

in reply to Noodlemaz

mastodon - Link to source

Kevin Russell

@noodlemaz @Cal
Easier and easier every day.

Murena phones and tablet.
arstechnica.com/gadgets/2025/0…

and dumb phones
The 7 Best Dumb Phones of 2025
bestproducts.com/tech/electron…

Purism Phone
puri.sm/products/librem-5/

The 7 Best Dumb Phones of 2025

For privacy and simplicity, try one of these expert-recommended minimalist cell phones for calls, texts, and other basic functions.
Stewart Wolpin (Best Products)
@Cal Q Alaera @Noodlemaz
in reply to Torsten Grote

mastodon - Link to source

Klaus Frank

This sounds so much like #google is begging for another anti-trust from the @EUCommission ...

This basically is google trying to restrict 3rd party sales on android all over again. Didn't they just recently get a slap on the wrist for their abuse of market power with the google play store?

Them trying to big daddy what you can instal is not just the same but even more excessive and more overreaching....

#google @European Commission
in reply to Torsten Grote

mastodon - Link to source

Buntbart

In 2013 I got my first used smartphone bc Google-free CyanogenMod was available for it and F-Droid. Later I switched to LineageOS and DivestOS and back to LOS and never got any Google-account. I hope I'm never forced to.

I don't expect much from EU regulatory or data protection authorities. They will probably submit without hesitation.

Hopefully, this move by Google will motivate more developers to get involved with Linux on smartphones like #postmarketos, or at least with custom ROMs.

#postmarketos
Unknown parent

mastodon - Link to source

F4GRX Sébastien

@runoutgroover @v_d_richards it might, but it will also mean that alternative notification services will have to up their game. Thats the main topic of problems for me.

We're gonna see how much work is really required for actual full degoogling.

Note that all of this is in line with previous efforts to reduce the availability of code in the AOSP project. At some point it will not be possible to build alternative roms anymore.

Not that *I* care but many people will.

@Ames @Viktoria D. Richards/Uddelhexe
in reply to F4GRX Sébastien

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

@f4grx @runoutgroover
Question from someone with close to none understanding of software:

Could alternative Roms that exist now, that are based on Android, in theory, develop further on their own? Meaning: they'd grow like a new branch away from the ecosystem of Google/Android but would need services/apps to develop app versions compatible with their OS ( like companies having programms compatible with Apple, Windows and Linux)?

Is some ROM already doing that?

@Ames @F4GRX Sébastien
in reply to Torsten Grote

mastodon - Link to source

FKA ZOG

I like this comment from mastodon.social/@Gargron/11509…

"Sideloading" is the rentseeker word for "being able to run software of your choosing on a computing device you purchased". There is no reasonable case for an operating system developer having a say over what programs you run on your hardware.

Eugen Rochko

2025-08-26 04:30:36

mastodon - Link to source

"Sideloading" is the rentseeker word for "being able to run software of your choosing on a computing device you purchased". There is no reasonable case for an operating system developer having a say over what programs you run on your hardware.

#Android #Google

in reply to Torsten Grote

mastodon - Link to source

Протест и сопротивление

I agree with your position in general, but politely - yet vehemently! - disagree with certain details.

This is once again the "your personal choices don't matter" mantra. I'm sorry, but no. My personal choices do matter very much - to myself!

"But many other people..." - it's their choice. I've spent a lot of time and effort on demicrosofting my desktop. I have a very old phone with no apps on it at all. It's just a phone. Nothing Google does will affect me - because of my choices.

in reply to Torsten Grote

mastodon - Link to source

Zło To 🏴‍☠️ ᵃʷᵃʸ

So technically requiring dev verification doesn't mean you can't install software from other sources. I'm only saying it, because google might easily answer "that's not true" and be right.
It's possible to make it that you can always install software from any source, provided it's signed be a certificate signed by google.
The problem is that they could revoke your certificate for any reason (that they put in their TOS), e.g. using the wrong payment processor or not including some government spyware.
Unknown parent

mastodon - Link to source

GrapheneOS

@AlexanderMars @aleksandrayulia @grote@chaos.social We're partnered with a major Android OEM and actively working with them on upcoming devices. That's how we have security partner access including the December 2025 patches which we'll be shipping soon. It's also how we'll have early access to quarterly and yearly releases to port in advance but we don't have that set up yet.
@AlexanderMars
Unknown parent

mastodon - Link to source

AlexanderMars

@aleksandrayulia @GrapheneOS as a graphene user I'm not particularly concerned about the APK at all. What I am concerned about is some c-suite clown at google deciding that allowing bootloader unlock and relock doesn't fit with their new security theatre.

I mean, if google actually gave a shit about security for users, they'd be distributing GrapheneOS and not whatever they currently foist upon oems.

@GrapheneOS
Unknown parent

mastodon - Link to source

GrapheneOS

@tomjennings @AlexanderMars @aleksandrayulia @grote@chaos.social PinePhone and Librem 5 are not libre phone projects. They're closed source hardware with closed source firmware. The reason they're not supported by GrapheneOs is because they have extraordinarily poor security. It's not possible to provide a reasonably private and secure device on top of hardware with very low security components. They're not working towards what we are and are misleading people about what they provide to sell devices.
@tom jennings @AlexanderMars
Unknown parent

mastodon - Link to source

GrapheneOS

@AlexanderMars @tomjennings @aleksandrayulia @grote@chaos.social Android-based operating systems including GrapheneOS are Linux distributions. These are closed source hardware with closed source firmware, poor security and extremely bad security. The hardware is very low-end and outdated too, but is being sold at a premium based on leading people to believe these are private and open devices when they're not those things. The devices objectively have awful security but that's not the end of what's wrong.
@tom jennings @AlexanderMars
in reply to tom jennings

mastodon - Link to source

AlexanderMars

@tomjennings @aleksandrayulia @GrapheneOS it mostly comes down to hardware security concerns, that platforms like pinephone simply never intended to address. I’ve read a few threads where @GrapheneOS lays out the technical issues, and I’m sure there’s a blog post if you wanted a deep dive. Suffice to say, pinephone is about fostering and maturing the Linux ecosystem for mobile than a secure platform for GrapheneOS.
@tom jennings @GrapheneOS
This entry was edited (3 months ago)
Unknown parent

mastodon - Link to source

GrapheneOS

@DanielDNK @tomjennings @AlexanderMars @aleksandrayulia This article from Ars Technica is highly inaccurate. There's nothing open source about the Librem 5. It's closed source hardware with closed source firmware. The SoC is entirely closed source hardware and firmware. The same applies the SSD, memory, radios, touchscreen, battery and the other components. It's not open source and Purism is falsely marketing the devices. Ars was duped into presenting it as open when it's not in any way open.
@tom jennings @AlexanderMars @Daniel
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@DanielDNK @tomjennings @AlexanderMars @aleksandrayulia Running open source software on top of closed source hardware and firmware doesn't make the hardware product open source. Purism is primarily selling a hardware product, not software. It's incredibly inaccurate to present the product as being open source when it clearly isn't due to the 99.9999% closed source hardware and firmware. An extremely insignificant portion of the hardware is open, and you're quite wrong about it being 'most open'.
@tom jennings @AlexanderMars @Daniel
in reply to GrapheneOS

mastodon - Link to source

Daniel

@GrapheneOS @tomjennings @AlexanderMars @aleksandrayulia
There is a blob for the RAM init process arstechnica.com/gadgets/2020/0…
But they are probably the closest of an open source smartphone which on the market that you can buy.
And by looking at the direction Google is taking, it is the best moment to make a viable alternative to Android thanks to the communities around these real Linux phones. The goal is to make Linux on a phone a go to alternative before Google close Android too much and people like us have no other choice than going back to an OEM Android with Google close source shit

Librem 5 phone hands-on—Open source phone shows the cost of being different

It’s not finished, but many of the basics for an open source smartphone are here.
Ron Amadeo (Ars Technica)
@tom jennings @AlexanderMars @GrapheneOS
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@DanielDNK @tomjennings @AlexanderMars @aleksandrayulia GrapheneOS is a Linux distribution and no amount of false claims about it will change that. Linux doesn't mean using systemd, glibc, X11/Wayland, GNOME/KDE, etc. Linux means using the Linux kernel, which Android-based operating systems do. Android is fully compatible with using a mainline Linux kernel. Linux is already the norm on phones. What they're actually doing is working on using systemd, glibc and GNOME on phones, not Linux.
@tom jennings @AlexanderMars @Daniel
Unknown parent

mastodon - Link to source

GrapheneOS

@aleksandrayulia @DanielDNK @tomjennings @AlexanderMars GrapheneOS is a Linux distribution. Purism's devices are extraordinarily insecure and non-private. They have highly insecure components without basic updates. You don't get basic cellular patches on those and it rolls things back to desktop security at an OS level. It goes back to not having a proper app sandbox and permission model, lack of basic privacy and security throughout the OS, memory unsafety and lack of exploit protections.
@tom jennings @AlexanderMars @Daniel
Unknown parent

mastodon - Link to source

GrapheneOS

@jawsh @AlexanderMars @tomjennings @aleksandrayulia Android works fine on top of mainline Linux kernels and drivers. Mainline drivers have their own issues since there's often no proper maintenance. A driver being upstream doesn't mean that it has proper development, maintenance and testing. Drivers regularly break in new Linux kernel releases and there's always ongoing work addressing hardware-specific regressions including basic functionality not working. The same goes for Linux LTS branches.
@tom jennings @AlexanderMars @Jawsh
in reply to Jawsh

mastodon - Link to source

GrapheneOS

@jawsh @AlexanderMars @tomjennings @aleksandrayulia Linux doesn't mean using the desktop software stack that's also available for FreeBSD and other platforms. It means using Linux, which Android does. They should say what they really mean which is bringing systemd, glibc and GNOME to mobile rather than Linux. Linux is already the norm on mobile and if people care so passionately about bringing systemd and GNOME to it, that's fine, but they should say what they're actually doing rather than that.
@tom jennings @AlexanderMars @Jawsh
in reply to GrapheneOS

mastodon - Link to source

Jawsh

@GrapheneOS I know but it's what a majority of people mean when they say this. I'm in no way saying you're incorrect because you're not. Just that most people who mention "mobile Linux" are meaning that. Both use the Linux kernel but are still distinct from one another. I run GrapheneOS on my Pixel 8 but enjoy playing around with a secondary device running @postmarketOS
Running your same desktop apps on mobile is appealing for sure.
@AlexanderMars @tomjennings @aleksandrayulia
@tom jennings @AlexanderMars @GrapheneOS @postmarketOS
in reply to Jawsh

mastodon - Link to source

GrapheneOS

@jawsh @postmarketOS @AlexanderMars @tomjennings @aleksandrayulia GrapheneOS will fully support running desktop Linux and desktop Windows apps. The current proof of concept support for that via the Terminal app including the primitive GUI support will get much better and will be better integrated, similarly to how it is on ChromeOS. Virtualization is going to be used for sandboxing apps or groups of apps in GrapheneOS too. It's currently only used by Android for certain internal OS sandboxing.
@tom jennings @AlexanderMars @Jawsh @postmarketOS
in reply to GrapheneOS

mastodon - Link to source

Jawsh

@GrapheneOS I'm aware and that's great but still not the same. That being said, will these apps have access to storage and work like native apps? I've been periodically trying to set the terminal app in GrapheneOS for a few months now but still haven't gotten beyond "preparing terminal" even after letting it run 8 hours while sleeping. It's definitely something I'd like to play with in the future. @postmarketOS @AlexanderMars @tomjennings @aleksandrayulia
@tom jennings @AlexanderMars @GrapheneOS @postmarketOS
in reply to Jawsh

mastodon - Link to source

GrapheneOS

@jawsh @postmarketOS @AlexanderMars @tomjennings @aleksandrayulia The Terminal app currently requires that the profile you're using it in doesn't have a VPN because there isn't yet an exclusion for the interface used internally for communicating with the VM from the app running in the profile. It sounds like you're trying to use it with a VPN. It's technically already possible to use it with a VPN with VPN lockdown enabled but it's best to just use it in a profile without one for now.
@tom jennings @AlexanderMars @Jawsh @postmarketOS
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@jawsh @postmarketOS @AlexanderMars @tomjennings @aleksandrayulia It only takes a few seconds for it to initialize, there's no reason to wait that long. The upstream Terminal app currently shares the Download directory from shared storage as a proof of concept but that will be replaced with a saner approach since it shouldn't be giving unconditional access to a directory that's already used for other purposes. It should end up getting support for dynamically sharing specific directories.
@tom jennings @AlexanderMars @Jawsh @postmarketOS
Unknown parent

mastodon - Link to source

GrapheneOS

@DanielDNK @aleksandrayulia @tomjennings @AlexanderMars No, that's not accurate. Linux is a kernel and does not refer to using systemd, glibc, GNU coreutils, GNOME/KDE, etc. There are plenty of other Linux distributions not using those things. Linux does not mean using a specific desktop software stack commonly used by desktop Linux distributions, FreeBSD, OpenBSD and other operating systems. Linux is a kernel and Android uses the Linux kernel and projects like iproute2 developed with it.
@tom jennings @AlexanderMars @Daniel
Unknown parent

mastodon - Link to source

GrapheneOS

@DanielDNK @aleksandrayulia @tomjennings @AlexanderMars GrapheneOS has a partnership with a major Android OEM and is in the process of obtaining substantially more funding to greatly expand the project. You know very little about our situation and where things are headed for us.

GrapheneOS is already a Linux distribution, contrary to your inaccurate claims about what that means.

postmarketOS lacks the most basic privacy/security infrastructure and is not a suitable base for GrapheneOS at all.

@tom jennings @AlexanderMars @Daniel
Unknown parent

mastodon - Link to source

Daniel

@aleksandrayulia @GrapheneOS @tomjennings @AlexanderMars the GrapheneOS team is not a big team, not sure they can keep up with Google or any OS company who had much more money, organisation and team.
The best alternative will be for them to port the hardened parts to an already existing Linux phone os like postmarketOS to reduce the amount of work. Staying on an older android version is not the goal of GOS at all
@tom jennings @AlexanderMars @GrapheneOS
Unknown parent

mastodon - Link to source

Daniel

@aleksandrayulia @GrapheneOS @tomjennings @AlexanderMars Linux just does not rely on Google, GrapheneOS can make a Linux phone in the future but for the moment they use Pixel and Android.

I don't understand how a Linux can rely more on Google than GOS even in the future. GOS can maybe stop rely on Google and be more like Linux but it is the maximum, they cannot rely less than not rely

@tom jennings @AlexanderMars @GrapheneOS
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@DanielDNK @aleksandrayulia @tomjennings @AlexanderMars postmarketOS is a hobbyist project lacking privacy, security, usability and compatibility. If we were going to start from scratch we might as well use a secure microkernel instead of Linux. We're using Linux, starting from a distro with a proper app security model, sandboxing throughout the OS, strict full system SELinux MAC/MLS policies closely developed with it, majority of code in memory safe languages, modern exploit protections, etc.
@tom jennings @AlexanderMars @Daniel
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@DanielDNK @aleksandrayulia @tomjennings @AlexanderMars Our work cannot be ported to postmarketOS and it isn't a viable starting point for starting over either. Aside from that, you're proposing we build on top of a hobbyist project with core developers engaging in attacks on GrapheneOS including not only consistently spreading misinformation about it but participating in Kiwi Farms harassment towards our team. The team and software isn't trustworthy and NEVER will be with those people involved.
@tom jennings @AlexanderMars @Daniel
in reply to Daniel

mastodon - Link to source

GrapheneOS

@DanielDNK @aleksandrayulia @tomjennings @AlexanderMars Pixel phones are the most secure available Linux phones. GrapheneOS is a Linux distribution. GrapheneOS is not a ROM and that term is inaccurate for referring to any AOSP-based operating system. Continue spreading misinformation about GrapheneOS and we'll block you from grapheneos.social.

We can see you've been regularly spreading misinformation about GrapheneOS for a while on Mastodon. We're going to be addressing that now.

@tom jennings @AlexanderMars @Daniel
Unknown parent

mastodon - Link to source

GrapheneOS

@AlexanderMars @DanielDNK @tomjennings @aleksandrayulia PinePhone is closed source hardware with closed source firmware. It doesn't eliminate blobs. Not updating them from the OS is not eliminating them. It's falsely marketed as being open hardware when it's nothing of the kind. SoC has closed source hardware and firmware, as do the radios, storage, touchscreen, memory and everything else. It's a hardware product and as a hardware product it's not open despite it being marketed as being open.
@tom jennings @AlexanderMars @Daniel
in reply to GrapheneOS

mastodon - Link to source

Daniel

@GrapheneOS @jawsh@207.social @AlexanderMars @tomjennings @aleksandrayulia unfortunately a Linux PC is less driver (or equivalent) dependent than a phone with all of the blobs directly implemented in the OS with much less hardware standardisation unfortunately. So if the "driver" is not open source, but just a blob, it make the upstream process dependent of the supplier. What can we do to improve that.
@tom jennings @AlexanderMars @GrapheneOS
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@AlexanderMars @DanielDNK @tomjennings @aleksandrayulia Pine64 is a for-profit company and PinePhone is a product sold by them for profit which is misrepresented as being open when it isn't. It's not a community project and it's not community hardware or open hardware.

Beyond misrepresenting the device as open, they spread a lot of misinformation as part of their false marketing. They misrepresent the cellular radio as more isolated when it's much less isolated and extraordinarily insecure.

@tom jennings @AlexanderMars @Daniel
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@AlexanderMars @DanielDNK @tomjennings @aleksandrayulia It's a highly unusual cellular radio with a very outdated Qualcomm cellular radio with outdated firmware combined with a whole extra CPU running a proprietary fork of an ancient Android release and cellular drivers/services. That exposes adb with full root access and fastboot via USB. Being able to replace this strange extra OS running on a strange extra CPU has been misrepresented as open source baseband firmware for marketing the device.
@tom jennings @AlexanderMars @Daniel
in reply to Jawsh

mastodon - Link to source

GrapheneOS

@jawsh @postmarketOS @AlexanderMars @tomjennings @aleksandrayulia It's an upstream Android bug and we've had too much higher priority work to fix it. You can just put Terminal in a secondary profile without a VPN for now and it's still an experimental feature.

Android 16 had changes which broke the basic GUI support a fair bit but we expect that to be resolved soon once we port to Android 16 QPR1.

Pixel 10 GPU has GPU virtualization support instead of needing VirGL or the newer gfxstream.

@tom jennings @AlexanderMars @Jawsh @postmarketOS
in reply to GrapheneOS

mastodon - Link to source

GrapheneOS

@jawsh @postmarketOS @AlexanderMars @tomjennings @aleksandrayulia NVIDIA calls that vGPU and it's a proprietary feature with a licensing fee. AMD has MxGPU for free now. It's a feature which was not even available for desktops in general and is now available on a phone. Qualcomm cares a lot about virtualization support and our hope is that we can have similar functionality on Snapdragon-based devices. They're also finally shipping MTE for their custom cores with their new SoC launching soon.
@tom jennings @AlexanderMars @Jawsh @postmarketOS
in reply to Jawsh

mastodon - Link to source

GrapheneOS

@jawsh @postmarketOS @AlexanderMars @aleksandrayulia Split tunneling on a per-app basis only works if you don't have VPN lockdown enabled for leak blocking. Split tunneling for local networks can work with VPN lockdown but almost always doesn't with how VPN apps tend to implement it. It seems you're not using VPN lockdown mode if it's working for you that way regardless of which form of this you mean.
@AlexanderMars @Jawsh @postmarketOS
in reply to Torsten Grote

mastodon - Link to source

Viktoria D. Richards/Uddelhexe

Question about the #Sideloading ban that #Google plans:
( not a question to discuss the term "sideloading" ).

What happens to phones with #Android versions that now still can install , say from #FDroid ?

Will Google update something on them to make those phones not able to do it anymore, or will this only go in effect for special Android versions and not updating to them will prevent it?

What happens to "not approved" apps on phones that eventually get said updates?

@fdroidorg

#FDroid #google #android #sideloading @F-Droid
in reply to Viktoria D. Richards/Uddelhexe

mastodon - Link to source

Torsten Grote

@v_d_richards Their communication so far suggested that it will happen via an update to old Android phones as well. However, technical details are still unknown. Some goes for updates to already installed, but not approved apps. Best to ask Google. There's a link to their feedback form in my thread.
@Viktoria D. Richards/Uddelhexe