| ▲ | jwrallie 6 days ago |
| Probably in the long run the only way to go will be to own/carry two devices.
A long supported phone with stock firmware and apps you are "forced" to use to interface with the world around you, and a second Linux portable machine where you have your freedom. |
|
| ▲ | subscribed 5 days ago | parent | next [-] |
| No, it's not "long supported" phone fallacy. Google and by extension banks, are claiming that the phone on, Android 9, without security updates AT ALL since 2009 is perfectly safe and secure to use. Meanwhile, really well locked OS, hardened so well some of the improvements were later picked up upstream (both by Google and Apple), running _the_ latest AOSP version and releasing new security updates within hours is not considered safe and secure, despite assuring full chain of trust (including locked bootloader, verified boot, etc). This is what Play Integrity does. Of course Android supports better scheme, hardware attestation, but od course Google enforces their iron grip on the ecosystem, and instead uses the outdated, flaved system that certifies only the devices with preinstalled Google services running in the privileged mode. Snooping on everything you do and have. Thats the reason. |
| |
| ▲ | bakugo 5 days ago | parent | next [-] | | When companies like Google talk about a device being "secure", they don't mean secure from malicious third parties, they mean secure from the user. The device is considered "secure" if the user cannot do anything with it that Google does not approve of. | | |
| ▲ | ho_schi 5 days ago | parent | next [-] | | That's it. It is a device secure for Google to: * Enforce Hardware-DRM
* Enforce PlayServices
* Enforce apps which don't circumvent their business model e.g. YouTube-Downloaders ("Watch my ad again...")
* Payment fees from PlayStore Taking a look at the dangerous crap in the official Play Store confirms that. It is full of awful and dangerous apps. It was never about the security of the user. | |
| ▲ | FollowingTheDao 5 days ago | parent | prev | next [-] | | This is my exact feeling. Louis Rossman talks so much about this (YouTube). I think the only secure device now is a dumb phone. I am really learing to live life without the internet anymore. Between the lock in, the privacy risks, and just the hassle, it is easier to act like I am living back in the 1990's and just get used to the "inconvenience" of life without a smartphone. I can leave my smartphone in a faraday bag and just pull it out when I need it, or just wait to be in wifi. (I am homeless living in a minivan so this makes it much harder for me.) I just do not know how much this will effect GrapheneOS or I would get a Pixel 9a. It seems like it will not, at least for the older phones. At least we still have linux (for now). But more and more computer technology is looking like a trap. If anyone has any recommendations for a dumb phone that will work with AT&T please let me know. | | |
| ▲ | nemomarx 5 days ago | parent | next [-] | | It's been a minute but Nokia was selling dumb phones. I would also just check what at&t sells for very cheap prepaid phones in a physical store - they could tell you what kinda hardware still works? | | | |
| ▲ | spookie 5 days ago | parent | prev [-] | | Look at Sony phones and Sailfish OS |
| |
| ▲ | IOT_Apprentice 4 days ago | parent | prev [-] | | The irony is those are the same words Android users say about Apple & iOS. |
| |
| ▲ | IlikeKitties 5 days ago | parent | prev [-] | | > Google and by extension banks, are claiming that the phone on, Android 9, without security updates AT ALL since 2009 is perfectly safe and secure to use. Funnily enough that's actually a good thing in a twisted way. Long term, it will either force manufacturers to become much better with their update support, because apps will refuse to work on non-patched devices... or they won't and we'll all have one of those devices at home rooted through a long known CVE as a proxy for device attestation. |
|
|
| ▲ | dTal 5 days ago | parent | prev | next [-] |
| I've been doing this for years already, except I split it further to three devices: 1) an old iPhone with 0 personal data on it and in no way linked to my identity, which is used for completely untrustable commercial apps, and rarely even leaves the house. 2) a LineageOS Android which is my daily smartphone for things like camera and GPS, running almost exclusively open source apps, except for unavoidables like WhatsApp which are run in an separate profile 3) a GPD Micro PC running Void Linux, which is roughly the same size as the phone and a true swiss army knife. Its purpose is to reliably do what I want, when I want it. No systemd, for it does not spark joy. It is used for web browsing, note taking, light productivity, and playing movies on the TVs of friends who have overinvested in streaming and dongles only to find that $CHOSEN_MOVIE is not on any of their services. I am not entirely happy with this state of affairs - too many devices, and still not enough siloing of closed apps like WhatsApp. |
| |
| ▲ | jbstack 5 days ago | parent | next [-] | | It seems to me that they way you have divided up the roles, you actually need 4 devices, because you need one to run commercial apps which are linked to identity (which rules out device 1) and which will only run on a "secure" device (which rules out 2 and 3). For example banking apps. | |
| ▲ | fainpul 5 days ago | parent | prev | next [-] | | Keeping all those devices charged is already too much of a hassle for me to do this. | |
| ▲ | jcul 4 days ago | parent | prev [-] | | Wow, that GPD Micro PC looks cool.
How well does it perform? I find void linux super lightweight, can get great battery life out of it on an old thinkpad. |
|
|
| ▲ | CalRobert 6 days ago | parent | prev | next [-] |
| You won’t be able to do much with the second. Web sites will force login with google, etc. and only work for attested browsers. |
| |
| ▲ | antonkochubey 5 days ago | parent | next [-] | | Both Apple and Google decided against implementing device attestation in browsers. https://news.ycombinator.com/item?id=42522490 | | |
| ▲ | pessimizer 5 days ago | parent | next [-] | | They'll both change their minds at the same politically-opportune time. They're not competitors. | |
| ▲ | jsnell 5 days ago | parent | prev | next [-] | | Apple has been shipping device attestation in their browser for years (Private Access Tokens), with no backlash. | |
| ▲ | CalRobert 5 days ago | parent | prev | next [-] | | And Google decided against evil too | |
| ▲ | hollow-moe 5 days ago | parent | prev [-] | | for now* |
| |
| ▲ | UnreachableCode 5 days ago | parent | prev [-] | | I don't use Google login any where and have a lot of accounts with many different websites? Youtube and other Goolag ecosystem being the exception, but, of course they are? | | |
| ▲ | CalRobert 5 days ago | parent [-] | | Give it a few years, the google login nag screens are getting pervasive. And old school user/pw login is dying | | |
| ▲ | Hackbraten 5 days ago | parent [-] | | > And old school user/pw login is dying Is it though? Almost every new service has it, and all existing services keep offering it. |
|
|
|
|
| ▲ | at-fates-hands 5 days ago | parent | prev | next [-] |
| >> Probably in the long run the only way to go will be to own/carry two devices. Been doing this for a while. I have a smaller Samsung S22 for the apps I absolutely need that won't run on my Graphene phone. The majority of my day-to-day stuff is handled on my older phone running Graphene. Been tinkering with Ubuntu Touch, but AFAIK they haven't figured out how to solve the issues with VoLTE yet here in the US but its on my radar to try and make the switch soon. |
|
| ▲ | pbnjeh 5 days ago | parent | prev [-] |
| This is what I expressed considering, in another recent thread. Phone does phone things and "necessary" apps. Otherwise, it's a hotspot for the "unhindered" device. I'd enjoy suggestions as to suitable unhindered devices. P.S. I just hope we can continue to access / create unhindered devices -- and programs/apps (cough Manifest v3 cough). |
