| ▲ | xnx 19 hours ago |
| No fix yet for Samsung. Being reliant on the hardware manufacturer (or network operator?) for OS updates is the crazy world we live in. |
|
| ▲ | bigbadfeline 19 hours ago | parent | next [-] |
| > Being reliant on the hardware manufacturer (or network operator?) for OS updates is the crazy world we live in. Being reliant on a single OS permanently nailed to the hardware is no less crazier. I'd like to be able to install another OS on a vulnerable device, it would help tremendously and not only with the security of that specific device. Now I've got some expensive paperweights that I can't even use as such because every time I see them I have the urge to throw them in the trash can. Provide a way to unlock the phones and a standard BSP, it should be the law. |
| |
| ▲ | chasil 17 hours ago | parent | next [-] | | If you are buying now, you want a device on a v5 Linux kernel with BPF support, where the bootloader can be unlocked and VoLTE is implemented in the 3rd-party ROM. LineageOS has a build roster of current devices at this URL: https://lineageos.org/Changelog-30/ The Pixels are the most flexible, but don't buy a model from Verizon (they don't allow unlocked bootloaders). Most other OEMs require you to generate an unlock token and send it to them, then wait a week, which is extrememly inconvenient (and sometimes they just stop and refuse, as I understand OnePlus has). If you want a locked bootloader at the end of the process for security, then you will be on a later Pixel with Graphene. | | |
| ▲ | askvictor 16 hours ago | parent [-] | | Unfortunately, even with the best after-market support, banking apps and/or contactless payments becomes a cat-and-mouse game, that, even if it works, can stop working at the drop of a hat. | | |
| ▲ | chasil 15 hours ago | parent [-] | | I can tell you that Wells Fargo works both on Lineage with Mind the Gapps, and Graphene with the Play store installed. I have it on my OnePlus 5 and Pixel 6a. I understand that most U.S. banking apps work on Graphene. As far as contactless payments, try a Pixel watch. I understand that it is entirely separate from the phone. | | |
| ▲ | tadfisher 15 hours ago | parent [-] | | Provisioning payment cards on your watch without being able to run the phone app will be quite a challenge, however! | | |
| ▲ | chasil 15 hours ago | parent [-] | | I have never tried this, as I am happier with RFID on my individual credit cards. However, Google Pay will certainly run on my Lineage OnePlus 5. It will not provision localhost, but I am guessing that it will provision a watch. I would go buy the parts and try it just to know, but I doubt interest would remain here by the time I assembled everything. Edit: Graphene has a page on this subject, and Garmin appears to be the best option. https://discuss.grapheneos.org/d/1040-compatibility-with-sma... |
|
|
|
| |
| ▲ | celeryd 15 hours ago | parent | prev | next [-] | | > Being reliant on a single OS permanently nailed to the hardware is no less crazier. Locking OS upgrades to a network vendor is substantially crazier. It creates pockets where the hardware vendor ships a security update but your network doesn't care to ship it and isn't incented to. It is BANANAS. | |
| ▲ | GuB-42 15 hours ago | parent | prev | next [-] | | Just because one layer of the security stack is compromised doesn't turn your device into a paperweight. I know many people who use out-of-support and vulnerable devices and I am not aware of a single one getting pwned by a system exploit, it is always some kind of phishing or scam. This is anecdotal evidence but I couldn't find actual data, as most don't distinguish between malware that rely on system-level vulnerabilities (as in 0-day) and the ones that don't (like fake apps that steal credentials, mine crypto or inject ads). But it is clear that the former are a minority on Android. If you don't know what to do with it because your security standards are so high, just give it to someone with lower standards then you, or use it for some project that doesn't involve sensitive data. And if security is broken to the core, there is probably some vulnerability you can exploit to root your phone and do whatever you want with it, including installing a custom ROM. Still, I agree with you on making it mandatory to provide an unlock method, at least for out-of-support phones. | | |
| ▲ | avadodin 14 hours ago | parent | next [-] | | It's not 1999 anymore.
If you get RCEd today as a nobody you don't get a purple gorilla. Just silently enlisted into a "Residential VPN" and a background script that checks for the SSID "Iranian Research Facility" every time you turn your wifi on for some reason. | |
| ▲ | _factor 14 hours ago | parent | prev [-] | | "I've never had someone steal from my car, so the fact that my car lock doesn't work is not a problem." | | |
| ▲ | GuB-42 13 hours ago | parent [-] | | More like: "Every time someone stole from my car, that's because I forgot to lock the door, that the lock can be picked is not a problem". Sure, a thief may pick your lock, but unless he knows there is something valuable in there, he will probably go find a car the owner forgot to lock, it less effort and there are plenty of them, or he may look for more valuable targets. |
|
| |
| ▲ | edoceo 18 hours ago | parent | prev [-] | | Please try to e-recycle rather than normal land-fill trash. | | |
| ▲ | secstate 16 hours ago | parent [-] | | e-recycling is only marginally better than a landfill. At least a landfill in pseudo-regulated government economy has the chance to be safely abated in 100 years. Though a few things of value are sometimes extracted, mostly it all ends in places like Turkey or India and burned or buried. Sorry for the cynical take, but patronizing folks like this is worse than cynicism because it suggests that you actually believe what you're saying is true. |
|
|
|
| ▲ | JohnTHaller 16 hours ago | parent | prev | next [-] |
| I switched away from my flagship Samsung tablet when they pushed it to quarterly updates, meaning security issues often went unpatched for a while. In the fine print of the "X years of updates" they mention that they switch devices to updates only every 3 months and then every 6 months down the road. |
|
| ▲ | ChocolateGod 19 hours ago | parent | prev | next [-] |
| I hoped with a move to Fuschia, Google would attempt to fix this, but unfortunately Fuschia on mobile is dead. |
| |
| ▲ | shwaj 18 hours ago | parent [-] | | It’s “Fuchsia” with a “chs” not a “sch”. Where do you get your information that it’s dead? | | |
| ▲ | jcranmer 18 hours ago | parent [-] | | As Randall Munroe pointed out in https://blog.xkcd.com/2010/05/03/color-survey-results/, almost nobody knows how to spell "fuchsia" correctly. I only remember it by the mnemonic of it's fuck, but with an s. | | |
| ▲ | Angostura 16 hours ago | parent | next [-] | | It’s helps if you know that the flower the fuchsia, was discovered by Dr Fuchs | | | |
| ▲ | crazygringo 18 hours ago | parent | prev [-] | | I vote to just change the spelling to what almost everyone already thinks it is anyways. It'll still be just as weird. But "chs" is just nonsensical. The idea that it would sound like "sh" is baffling. I mean, I know this is English spelling which is not known for its regularity, but this is just too much. | | |
| ▲ | pwdisswordfishy 18 hours ago | parent | next [-] | | It comes from the surname of a German botanist. Which just happens to mean "fox". Never had problems with it. It would probably help if you pronounced it right, with a /ks/. | | |
| ▲ | umanwizard 18 hours ago | parent [-] | | The beginning of the English word "fuchsia" is not pronounced like the German word Fuchs, so indeed the spelling does not match the pronunciation. This is independent of the fact that it comes from that word. Plenty of things in English (and, in fact, loanwords in every language) sound different from the words they're derived from; that doesn't mean trying to imitate the source language is the "right" pronunciation. If you pronounce fuchsia like "fuksia" nobody will understand you. | | |
| ▲ | darkwater 15 hours ago | parent [-] | | > If you pronounce fuchsia like "fuksia" nobody will understand you. TIL and yet another case of "English is fucking weird". | | |
| ▲ | 9 hours ago | parent | next [-] | | [deleted] | |
| ▲ | debo_ 15 hours ago | parent | prev [-] | | Fuching weird, even. | | |
| ▲ | darkwater an hour ago | parent [-] | | :)
Yeah, probably in this case English is doing the right thing, pronunciation wise.
Anyway, checking in Google Translate the pronunciation it plays "fuksia", while Wikipedia has the right version. |
|
|
|
| |
| ▲ | lloeki 16 hours ago | parent | prev [-] | | > But "chs" is just nonsensical. The idea that it would sound like "sh" is baffling In the word "french" C H is pronounced sh and nobody bats an eye, I don't think it's that outlandish that someone once read it as fuch-sia, incorrectly splitting it compared to the original. In the language French, fuchsia is unequivocally read something more like few-shia, and I'd bet that even though it comes from German Fuchs-ia (fooks-ia) English has picked it up from the French side. If you find such a loanword weird, don't you dare try reading Japanese. https://aethermug.com/posts/the-beautiful-dissociation-of-th... | | |
| ▲ | soiltype 16 hours ago | parent | next [-] | | > In the word "french" C H is pronounced sh No, it's not. Unless you think the "n" in french is pronounced "nt". | | |
| ▲ | lloeki 12 hours ago | parent | next [-] | | Fine, and legit. I get what I deserve for not looking it up! Scaramouch and crochet though. | |
| ▲ | 14 hours ago | parent | prev [-] | | [deleted] |
| |
| ▲ | majoe 15 hours ago | parent | prev | next [-] | | Damn, I always thought Fuchsia is just a colour, but today I learned - Fuchsia is a flower
- which is named after a German botanist (Leonhart Fuchs)
- Fuchsia in English is pronounced completely different than in German.
- Google is surprisingly bad at naming their products
| |
| ▲ | crazygringo 14 hours ago | parent | prev [-] | | > In the word "french" C H is pronounced sh It's not, though. |
|
|
|
|
|
|
| ▲ | mschuster91 17 hours ago | parent | prev [-] |
| That's always the case, even on Windows, even on Linux for closed-source third party drivers. The only exception is macOS because Apple insists on writing the drivers themselves - that was, in addition to Soldergate, the reason why Apple dropped NVIDIA. |
| |
| ▲ | ifh-hn 16 hours ago | parent [-] | | Are apples drivers open source? | | |
| ▲ | AnthonyMouse 16 hours ago | parent [-] | | No. Which is why "the only exception is macOS" is also false. At some point Apple drops support for that model and then that hardware not only gets no more driver updates, because the whole system is tied to the rest of it, it gets no more updates at all. So the only exception is systems with open source drivers. Those are basically supported as long as the hardware architecture is and enthusiasts even have the option of adding support themselves. You can install the latest version of many Linux distributions on the first generation of x86-64 hardware from 2003 and some on 32-bit PC hardware going back to the 1980s. It should literally be a crime that you can't do the same thing on a five year old phone. | | |
| ▲ | mschuster91 4 hours ago | parent [-] | | My point is that with macOS, Apple writes the drivers which means at least as long as the hardware is supported you can be pretty sure that there will be prompt fixes for any issue. With Android, Windows or closed-source Linux drivers (cough NVIDIA) you're left entirely at the mercy of whoever made the tiny little component controlled by the driver to provide a fix, which then has to bubble up through the ODM/OEM until it finally appears in an update you can install. If you want fast responses to driver bugs, you only have Apple or a fully open-source Linux systems as an option. | | |
| ▲ | ifh-hn 3 hours ago | parent [-] | | I can't see how the situation with apple is any better considering what you've said, you're still beholden to apple to provide a fix. Even if that fix might be quicker coming IF apple is currently supporting the device; not at all otherwise. |
|
|
|
|
