| ▲ | kelnos 4 hours ago |
| I enjoy cool features like this, but as usual, I'm wary of the consequences. Android is becoming more and more locked down like iOS. Even if it weren't, it's still always been more locked down than a standard desktop or laptop machine running an operating system of the user's choice. With the advent of smartphones and tablets, already I see non- and semi-technical users often dropping their laptop or desktop and just using their phone or tablet. (I know people who don't even have a laptop/desktop anymore.) Android having a full desktop interface will just add fuel to this fire, and further normalize running a locked-down OS and device that users don't truly own or control as their only computing platform. |
|
| ▲ | ssl-3 3 hours ago | parent | next [-] |
| It wasn't always so locked-down as it is today. The OG Motorola Droid, for example: While it clearly wasn't a design intent, there was really nothing of any gravity to stop people from using it in any way they wished. Rooting was a simple matter of running a hacked su command, and voila: One becomes root. The bootloader wasn't locked at all. Custom kernels and userlands were normal. It was a great little pocket computer to goof around with for anyone who cared enough to give it a swing. Just install the "missing" su binary and...done. At the time, I felt that this was a perfectly acceptable way to keep it working reliably for regular folk. |
| |
| ▲ | palata 3 hours ago | parent [-] | | In a way I don't know what I think about them preventing me from modifying "their" certified OS. Many products do that (if I buy a Marshall smartspeaker, it's not like if I can modify the software, is it?). What I want is to be able to properly install an alternative OS (just like I don't care about what Windows or macOS do, as long as I can install Linux), and that goes with the bootloader unlocking/locking. | | |
| ▲ | bluGill 3 hours ago | parent [-] | | The problem is for every person who wants to do this, there are hundreds (thousands?) who wouldn't want to - and these people are vulnerable various security exploits that would allow someone evil to take over their device. This isn't just a made up situation: There are nations that have large teams of people who's job is to figure out how to get software installed on your device of their choice/make/design, allowing them to do whatever they want. | | |
| ▲ | palata 3 hours ago | parent [-] | | This isn't quite true. The Google Pixels allow me to unlock the bootloader, install my own system, and relock the bootloader. As a result, I run an alternative OS called GrapheneOS which is more secure than Android. The fact that I can unlock and relock the bootloader is not a security issue or a risk. People who don't know what that means cannot possibly do it by mistake. Now allowing root access to users on Android, that's a security risk because a user can be tricked into giving root access to some evil app. I don't have root access on my GrapheneOS, even though I chose to install it myself. Because it is more secure like this. So it sounds like a fair compromise to me: they make Android the way they want, and if I don't like it I can install an alternative OS. Just like I can install Linux if I don't like Windows. What I don't like is that most Android manufacturers actively try to prevent me from doing that, and I don't like it. | | |
| ▲ | makeramen 2 hours ago | parent | next [-] | | > The fact that I can unlock and relock the bootloader is not a security issue or a risk. People who don't know what that means cannot possibly do it by mistake. The second sentence is false. Lots of people blindly follow things and don't understand consequences until they brick their devices. Those who don’t break something won’t notice if they’ve silently backdoored themselves. People asking for support after getting themselves into some weird hole they never should have been in because some friend or online article said so is super common. | | |
| ▲ | palata 19 minutes ago | parent | next [-] | | When you reboot in fastboot mode and enter the commands that break your phone, I think you're responsible. If you take a hammer and destroy your phone, I think you're responsible. | |
| ▲ | Anvoker an hour ago | parent | prev [-] | | > The second sentence is false. Lots of people blindly follow things and don't understand consequences until they brick their devices. Those who don’t break something won’t notice if they’ve silently backdoored themselves. "Lots of people", how many though? Can that number be reduced? What number would be acceptable? I feel like it _has_ to be possible to devise an unlocking procedure that dissuades most people from self-harm. The problem is often treated as intractable, but intuitively this seems really unlikely to me. I don't think more than a tiny percentage of Xiaomi owners, for example, would go through the bootloader unlock process which often has a mandatory wait period attached to it without a reason more compelling than an impulse to randomly and blindly follow instructions on the internet. I would like to see user studies with good methodology before other people decide to barter long-term freedoms away for insufficient benefit. Why do I so rarely see people who are concerned about the security issues of bootloader unlocking calling for designing hassle and warning into the process. Instead, it's more common to hear that in the name of the average user, all escape hatches must be removed. |
| |
| ▲ | bluGill 2 hours ago | parent | prev [-] | | There are options. However security has consistently found subtle things about most answers and so I hesitate to suggest any. |
|
|
|
|
|
| ▲ | palata 3 hours ago | parent | prev | next [-] |
| I have mixed feelings as well. The security model of Android and iOS is vastly superior, and for "normal" users it is not so much of a problem if they don't have control they neither need nor want. On the other hand, I obviously don't like it when I don't have control over my hardware. But what I hate the most is when the manufacturers prevent me from installing an alternative OS. I like being able to install something like GrapheneOS. Also the fact that I'm forced (in practice) to use the Play Services is not really about the device being locked down. |
| |
| ▲ | ece 3 hours ago | parent [-] | | Vastly superior security doesn't make you give up freedoms for security. But do tell me how successful the war against scams has been for the average user. | | |
| ▲ | palata 3 hours ago | parent [-] | | I am not sure what you are trying to say. Convincing a user to give their password will always be an issue, that's fundamental. But because phishing exists does not mean that security does not matter. Without security, there is no need to phish, because the system does not protect anything. Once you have a good security, then the best attack is phishing because it's easier to trick the human than the system. This means that the security is good, not bad. | | |
| ▲ | ece 2 hours ago | parent [-] | | This level of security exists on open as well as closed platforms, the problem is the closed platforms not allowing you to do things that aren't giving your password away (like installing fdroid or using beeper easily). I just have a hard time believing this is superior in any way. | | |
| ▲ | palata 14 minutes ago | parent [-] | | I think you're confused. I you run GrapheneOS, it is an open source platform built on top of AOSP (the Android Open Source Project). Part of the security model is that you don't run as root. I am an advanced user and I don't want to run as root on my phone, I am happy with GrapheneOS as it is distributed. Now if you want to be root, you can install an OS that allows you to be root. Just like I unlocked my bootloader, installed GrapheneOS and relocked my bootloader, you can do that and install whatever you please. I will keep using GrapheneOS because that is the most secure OS I can find for my phone. The problem, IMO, is not that "some OS are opinionated and don't give you root access while other OSes do give you root access". The problem is that on many phones, you are not free to install the goddam OS you want (e.g. because you can't unlock or relock the bootloader). |
|
|
|
|
|
| ▲ | 3 hours ago | parent | prev [-] |
| [deleted] |
