Maybe the open source promise of Android was indeed a lie. To me this industry has no value to society at all.
Not a fan of Apple, but they seem to be serious about privacy showing other companies how it is done.
Microsoft could have really established itself as an alternative to Google on the same front, but they utterly failed by mirroring the worst aspects of the disastrous landscape we see on mobile devices. I hope their telemetry generates billions too, since that is probably in the range of their missed opportunities for both desktop and mobile devices.
Some still pretend that users want personalized ads and want to be tracked. Yes, there are some that really do. Glad we get options for the other ones.
To be fair, Apple is an advocate of privacy because it fits their business model very well.
You have to remember most of their money comes from selling devices and subscriptions, meaning they had a chance to take a stance against Android’s largest problem with no impact on their home turf, so they’ve wisely picked an achievable narrative.
Needless to say I’m grateful for it, but it’s by no means out of benevolence...
You're making it sound like there is no business opportunity on Apple's side to mine and sell customer data the way Google does. Why can't we assume they are doing it with the best of intentions?
In what way is open source Android a lie? I never used any other version, I do not have a Google account, nor do I have any Google-proprietary software on my devices yet they still run all software - including the Swedish "BankID" electronic ID app which is needed for just about any interaction with anything official nowadays. That "BankID" is, together with Firefox Preview, the only software which I got from the play store repository (using "Aurora Store", an alternative play store front end hosted on FDroid), the rest is all free software.
Of course that means I do not use things like Facebook, Twitter, TikTok, Whatsapp, Snapchat, Instagram, Skype, Zoom, Google Maps etc. I have replacements for the useful ones (Zoom->Jitsi Meet, Whatsapp->XMPP + Telegram, Skype->Nextcloud Talk, Instagram->Pixelfed (experimental for now), GMaps->~OsmAnd + Nextcloud Maps etc) and don't need the rest.
True, Android itself doesn't have to be horrible, but most distributions are full of adware.
Wouldn't want to minimize the work going into the core of the OS, I meant the critique to be directed against Android + gapps. I love Lineage, but you are dependent on other maintainers for your device or you have serious work ahead of you. It is quite simple to install for experienced users, but way too complicated for most people. Kudos to those that actually do maintain images for numerous devices. Granted, the problem are the hardware manufacturers here and lacking openness of viable drivers, also not the fault of Android developers.
Smartphone could have been really awesome tools. Instead we have toys that spy on you by default. I get that techies tend to make it hard for casual users to use modern devices, but I feel like I am scamming people when fixing their devices and not waste countless hours by making sure at least some privacy is protected.
I don't like closed ecosystems like Apple, but functions such as these actually do offer more worth. While I wouldn't buy Apple for myself, I started to recommend it to others for this reason.
It is meaningless if you install firewalls, if you compile android on your own, only to have to turn around and use proprietary, closed source libs to access proprotary, closed source radio firmwares.
Radio firmwares which often have full RAM access, parallel CPU control, GPS and full hardware access, and make intel's management engine, and closed source bioses look sane in comparison.
On my samsung phone, I often wonder what the radio firmware might be phoning home about.
Radio firmwares having full RAM access is an urban legend, at least on phones from the last 10 years. The baseband interface is actually done through a USB like protocol. The legend ticks all the boxes of privacy minded/distrusting people and so remains popular, but it's not substantiated by any facts, at least not facts that pertain to modern smartphones from the past 10 years.
This isn't the elephant in the room. This is a fringe problem of dedicated attackers. This is the fox hiding behind the elephant. The elephant in the room is that nobody needs to hack your phone to spy on you because all of that data is already being exfiltrated through the front door.
When I last deep dived to the cellular hardware, Radio always had its sealed off processor with a postbox firmware upload port. After initializing it, you left it alone and just used the comm-ports to talk with it.
As far as I understand, in the name of efficiency and compactness, they are on the same silicon now.
Are they still a different CPU core or just run on the main processor block?
The baseband is essentially ring -1, it has its own processor but it has access to the main memory, and often also the cache lines.
Wether or not all of the main memory is and even can be mapped I don’t know, I have no idea what CPU each baseband is running however in some designs it has direct access to the SoC MMU which means it could dump the entire memory over the wire to anyone.
The interfaces with the BB are also “virtual” this is done for various reasons including ease of integration with various operating systems so even if you on the OS level talk to it via the legacy serial COM interface using AT commands the hardware itself doesn’t actually have an isolated COM interface (that could be turned off) the SoC just emulates it.
Of SoC basebands have USB/Serial interfaces directly which could potentially be isolated and turned off when the BB isn’t in use, however the cost of that is usually very poor performance and limited capabilities at which point you might as well carry a portable cellular hotspot which you can physically turn off when you don’t need data or voice.
Also keep in mind that taking out the SIM card doesn’t prevent the baseband from talking to towers, it can still technically make calls the towers just usually don’t allow anyone to register without a subscriber ID which is stored on the SIM, and with eSIM you basically even lose the ability to control that.
Get a device with a separate baseband processor which connects to the main SoC through a serial connection. Both the PinePhone [1] and the Librem 5 [2] come so equipped, both also feature hardware kill switches with which the baseband can be disabled.
Both devices are aimed at the hacker and enthusiast markets but once you're at the level of 'paranoia' which makes you suspect the radio baseband processor is being (ab)used in nefarious ways to track you this should not dissuade you from taking the leap. The more esoteric the hard- and software, the less chance there is for some cookie-cutter exploit to catch you.
If I was paranoid, I'd say those devices are developed just to get the most paranoid to use them. :P
But in truth, I'm not paranoid.. merely a realist. Regardless, I was thinking of buying a Librem, but can you even get one yet? It always says "6 months to delivery".
The design seems to work in favour of the paranoid, it takes an extra-double-ultra-plus paranoid who takes the board through an X-ray machine to find those hidden traces or sandwiched secret baseband processors to uncover this nefarious plot.
Alternatively these devices deliver on this front, i.e. the user gets to control whether the baseband is active or not. I'm not paranoid enough for the former scenario so I'll keep it at the latter and am considering to get a Pinephone for fun and, well, fun I guess - I already have plenty of devices running different iterations of AOSP, some of them running headless Linux without zygote (i.e. without the Android user space). A truly modular multi-vendor architecture with pluggable SoC, baseband, storage, audio, camera, sensor package, power supply and display would be the preferred solution - something like the original PC clone market with vendors competing on price and features - but I'm not going to hold my breath waiting for it. Not that long, anyway.
Do you really think the adtech industry is using radio firmware backdoors to track users? It's theoretically possible I suppose, but several steps too far into conspiracy theory territory for me to worry about. Governments spying on dissidents is another story.
I know Samsung snarfs everything it can from my phone. I know it wants more. I know money is key, and even pulling some info... GPS, sensors, etc is helpful.
And with full control of the OS, of where kernel modules memory space is assigned, you'd only have to scan certain buffer regions of memory, to snarf contents of buffers, etc.
The problem is, I don't know, and can't. It's not open source. It is not under my control. I personally don't care about paying, but I do about seeing.
For most people, aosp without gapps is useless. Given an option, they will choose android over aosp every time. You don't use your phone for any popular apps so of course it's fine for you. I'd like to actually use my $1000 phone instead.
This has nothing to do with your point about Android OSS -
It's really a statement on our industry that avoiding spyware at this point basically means not using anything with a recognizable brand name. Apple's in a position to do this because they actually sell services to consumers; I'm curious if the rest of the industry will ever try anything that radical.
Remember when "doing well by doing good" was a phrase?
It’s important to consider not your specific implementation, but the common implementation that is Android. And that implementation is chock full of spyware/adware/malware.
Android is open, and therefore exhibits the classic tension of liberty: free to do what you want, including harm yourself.
I looked at Matrix (which is what riot.im/element is based on) but have thus far not seen its advantage over XMPP+OMEMO. When you install Jitsi Meet you already have an XMPP server (Prosody, used for signalling and interprocess communication) so it is trivial to add a configuration for 'regular' use. XMPP is more open than Matrix and there are far more clients (albeit not all of them useable with OMEMO, alas). On an earlier installation I used eJabberd since Prosody had some problems with OMEMO back then but this is no longer the case.
Microsoft already tried, very hard even. https://en.wikipedia.org/wiki/Scroogled
Problem is nobody likes Microsoft, its not sexy. Just look at all the dislikes under those videos.
Microsoft didn't try "Very Hard". They made some easy sacrifices on their ad-starved, money-losing search platform, then piled some money into advertising it, ran with it for a year or two, then gave up. This is historically one of Microsoft's biggest[1] weaknesses, they have no conviction. Their effort didn't touch anything outside Bing (or was it Live then?) and it certainly didn't extend to their APIs or anything challenging like this.
Apple's been pushing this for more than 5 years now, slowly working it pushing it through their stack and quietly[2] messaging about it for that entire time. They made it a company-wide priority, to the point where advertising companies and developers on their platform are complaining about it. They've been updating their APIs to block out this kind of crap for more than 5 years while gaining only small amounts of good-will around this.
So yeah... people take Apple's efforts here more seriously than Microsoft's half-effort.
[1] Pre-Satya Nadella. Seems like Nadella is quite a bit more focused than Ballmer, but still a bit hard to tell.
[2] Ok, maybe not too quietly, but they didn't make a big embarrassing advertising campaign either.
Hardly anybody outside of the tech bubble saw those videos. What happened there is a brigade of haters came along and down voted them. Probably a lot of Mozilla/Google supporters.
There are plenty of Microsoft videos with mostly upvotes. Try a video about the Xbox.
They bought Nokia, and had a presence in every Att/Verizon/Sprint/T-Mobile store.
Microsoft tried hard, and kept trying long after it was clear to most of the market that they didn’t have traction. The owners of Windows phones were some of the most vocal champions at the time too. They legitimately made good but unpopular products at the time.
It's ironic, but Google's monopoly was already well in abuse when Windows Phone was around, and being used to block Google's competitors. Gmail required you enable "less secure apps" to let a Windows Phone connect to it and they continually blocked Windows Phone from having any access to YouTube as well. Even when Microsoft invested their own development resources in building support for Google's already monopoly-scale platforms, Google would just find excuses to block them.
I believe Gmail switched at that time to pushing you to use effectively a Gmail-proprietary method to authorize access to a Gmail account. Nobody else was doing it at the time, I think official OAuth scopes actually came later.
And bear in mind, OAuth to authorize mail access is weird. Generally speaking, mail clients use IMAP or POP3 and SMTP. One of the more popular open source Android mail clients, K-9 mail, still doesn't support it: https://github.com/k9mail/k-9/issues/655
But the biggest issue is that, like the "unknown sources" checkbox in Android, Google uses scare tactics to discourage non-Google-proprietary apps and protocols. Use Google apps on Google devices only, otherwise you'll have to authorize "less secure" things.
I think people who talk up Microsoft's phone efforts must have been wearing blinders. I won't argue that Microsoft's phone was decent at one point, maybe even "Great" for a short while. But by the time they had a decent phone, they'd already burned out all the good will people had towards them on Mobile. Microsoft had... 4? Different mobile operating systems over the 15 years or so they were selling mobile OSs. I honestly lost count.
Microsoft had WinCE then Windows Mobile for quite a few years before the iPhone, then Apple released the iPhone, Windows Mobile started hemorrhaging market share... so Microsoft dropped WinMo like a bad habit, leaving developers and users out in the cold. STRIKE 1
Windows Phone 7 came out with piles of great press and hoopla, but notably, it didn't support older hardware so existing owners were left in the lurch. Developers were also screwed because WinPho7 wasn't compatible with older apps. It was a pretty interface with no software, no users, and no developers. It also had some serious shortcomings, ironically iPhone enterprise support was much better. WinPho didn't work well with Exchange server or Office. But that's OK because you didn't have long to be frustrated with WinPho 7 because 2 years later, they released Windows Phone 8 which dropped support for all old hardware. That's right, if you bought a brand new Windows Phone 1 year after launch, you couldn't run the next major release of the OS.
But the few people who managed to stick around after getting screwed over twice... boy did they love their Windows Phones.
After a certain point, there were just no developers, OEMs, or end users left around willing to be Charlie Brown to Microsoft's Lucy.
They fucked people over further than that. A whole bunch of Win8 devices were promised an upgrade to Win10, and then weeks before release, Microsoft were like "nevermind LOL" and people were furious.
Also, for quite some time before they officially pulled the plug on mobile, core MS apps would come out for Android first.
1. Apple users are the ones that cannot browse without adblocker. Safari is not as good as ublock-origin
2. Most Apple users use google maps.
> Not a fan of Apple, but they seem to be serious about privacy
If they are honest then they can remove the default search engine from Google to DDG or whatever. They get billions from Google for default search engine.
2. I don't use Google Maps. People can choose to use Google Maps, sure. So?
2b. I use DDG as my search engine. A default is just a default. Are you suggesting people use Google's Android, where the default is... somehow... not Google?
3. The cheapest brand-new iPhone is $399 from Apple in the US. That's full-price directly from the manufacturer. It is super-easy to pick up second-hand phones for much less than that. I see them for $100 very frequently. People use iPhones in nearly every country of the world, so it seems at least some people can afford them.
Note that your complaints include both that people ignore the default mapping application to use Google's, and that the default search engine is Google's. Seems silly to argue both for and against defaults.
The stats I've seen don't back this up. Maybe in some countries? Certainly not "Most" overall, and Google doesn't even have a third of iOS users in the US.
> Apple need to release a good search/maps product before complaining.
Duck Duck Go does just fine 99% of the time. Apple Maps likewise in most regions at this point. Google Search has gotten worse over the years as they've chased revenue while its competitors (DDG primarily) have gotten better. Likewise, Apple Maps have improved at a much faster pace over the past few years and closed the gap. Where Apple Maps used to lag quite a bit, they are now extremely close in functionality. A lot of people prefer the Apple Maps interface.
> If they are honest then they can remove the default search engine from Google to DDG or whatever.
While this is a ding against Apple's privacy policy, it isn't a great argument when you consider the worst "Privacy issue" Apple has is the fact that in one place they touch Google by default. If Google is bad for privacy as you suggest here, then by default, having a platform which only touches Google in one easily swappable place is vastly better than a platform that is neck deep in Google's anti-privacy Shit. You can't have it both ways here.
I'm far from representative of all users, but I can't be bothered to use Google Maps anymore. The various integrations that Apple Maps has with Apple Watch and all the improvements it has received over the years makes it just as good if not better than Google Maps for a vast majority of my usage.
You've likely given this far more thought than most people. The majority of people just use what's installed by default and don't ever even look at Google. Defaults are powerful. This is doubly true now that Apple Maps is as good as it's gotten.
Won't use it after it sent my friend to a wrong location and won't use it after it gave me bad coordinates. New iOS will let you change defaults don't remember if it has maps to swap.
He's sort of right about the adblocker situation. The content blocker framework is definitely weaker than what ublock has access to on chrome/firefox. It's much closer to the much derided chrome manifest v3.
WKWebView cannot use any of Safari extensions, unfortunately. I just use DNSCloak connecting to my private VPS instance to do adblocking over DNS which kinda works fine, but leaves out a lot of blank canvas in the page.
Biggest drawback is that DNS based content blocking has no way to apply cosmetic filters.
Ads on platforms that deliver their ads embedded and from their first party domains (think google, facebook, reddit, youtube, instagram, linkedin, amazon, etc.) can not be blocked this way.
The only two places I see ads on my phone (currently using NextDNS, earlier DNSCloak) are Amazon sponsored listings inside the Amazon app, and Twitter sponsored content in Firefox.
BTW, every one says this - but nobody uses it like a daily driver. Yes, it will work as a spare - with just one app - like whatsapp - but for many poor - they need
1. Uber or Ola
2. Facebook or WhatsApp
3. linkedin to whatever local app
4. youtube
Why dont you try to use it for a week with all your existing apps?
I'm still using a 6s Plus 128GB. I keep thinking about getting a new one, but this one still works great. Haven't found a slow app yet. Everything is still responsive. Screen is still scratch free. And it's going to get iOS 14 this year. Even though it was relatively expensive when new, it's probably been one of the best values in tech I've ever seen. And yeah, it's a daily driver. Use it for everything.
None of these apps are essential even in the developed world where anyone who uses Uber regularly can probably afford a newer iPhone, these apps also run just fine on a 5s/6 which can be found for under $150 without much issues.
Literally millions of people use these phones as their "daily driver." They work perfectly well. Maybe people are still using them from when they were new, other people buy them used, or buy the iPhone SE, for exactly the reason you suggest: they don't need the latest and greatest.
So do Android devices, I'm using a Samsung SIII from 2012 as 'work phone' when doing rough work on the farm etc. The device runs Android 9 (LineageOS 16), I have not felt the need to update it to 10 yet. It has a user-replaceable battery but since it still lasts for about 2 days of normal use (playing around 8 hours of audio per day) I have not yet replaced it. I did put in a larger microSD card to support a larger off-line audio library. Neither would be possible with the iPhone, no matter which version.
Upgrading your OS is only part of your software security footprint. The unlocked bootloaders/firmware running on many old devices are full of unpatched security holes and are often susceptible to attacks where physical access is available. These security holes are a common method to install third-party ROMs on some devices.
Yes, although some can not, the vulnerability which Checkra1n [1] exploits being an example of such. In this case I consider this to be a good thing since it makes it possible to circumvent vendor-imposed restrictions. I like to be the one who gets to decide what runs on my hardware, I see no need to hand off this responsibility to any vendor no matter how virtuous they portray themselves (or are portrayed as such by others).
I really don't understand the fawning over Apple Inc. when it comes to their claims of supporting privacy, I trust them no more nor less than I trust other similar companies. I know I can keep my devices ad-free because I am the one who decides what gets to run and what does not, which software gets network access and which does not, what goes through the firewall and what not. I also know what software gets access to which OS features and what does not. Can this veil of security be circumvented by a serious opponent? Sure, there are likely to be bugs in the software and holes in the veil, no more or less than there are such bugs and holes in other systems. I deem the chance of a serious opponent singling out me and my devices as slim so for now I assume I can use my devices without being mined by the ad-tech industry.
It doesn’t really need to be a serious opponent. If you randomly drop a phone in a cab, chances are, it will end up in the hands of someone running one of these exploits on it.
Doing network security on-device is antipattern. Doing it at the network layer is easier and more portable. Not only do I block ads on my iPhone, I even run an IDS/IPS on all of the traffic, no exploits or jailbreak required.
Although, if you still prefer to block-ads on device, those solutions also exist for iOS.
> Although, if you still prefer to block-ads on device, those solutions also exist for iOS.
Of course I run content blockers on my devices, this is not 'antipattern' at all. I also run them on the local network into which I, when needed (e.g. when using public wifi) connect through a VPN (used to be OpenVPN, now using Wireguard).
While Apple is slowly opening up the content blocking possibilities I have been doing this for about 9 years now, including egress blocking (using a whitelist, only those programs explicitly allowed are able to transmit data). Android being built on top of the Linux kernel made it possible to use most of the existing tools (iptables etc) more or less right from the start - which for me was with Android "Donut" (1.6) on an HTC Prophet (which was sold with Windows Mobile).
It more or less maintains itself with OTA updates, just like a stock distribution. The initial (slight) hurdle is installing the thing but once that is done these devices can be maintained by anyone who can maintain a stock Android or iOS distribution.
Even the cheapest Mercedes Benz car cannot be afforded by > 80% of the world. The cheapest Rolex cannot be afforded by > 99% of the world. They do care about the world population, but they don't have to serve them, even if they have needs. Having needs satisfied is not someone else's obligation.
Smartphone is a necessity. For example, without covid app you cannot go out in many countries. Yes, most people do not need Mercedes- agree.
You can live without mercedes but not without smartphone. Paying for services; employer; calling people; if you swap 3 jobs then you are informed by your boss through WhatsApp or fb (at least in parts of 3rd world - I went through that in the last years).
Of course, there is no obligation for anyone to care about others - let alone mega corporation. Agree to your point.
What about removing Google search from iPhone to demonstrate honesty about privacy?
1. People cannot live without smartphones. I wonder how the past 10,000 were: how people made phone calls 100 years without smartphones, how they paid with card or cash, how to live without Facebook or WhatsApp. It must be terrible to be so entitled.
2. When people need smartphones, they should afford iPhones. Why a $100 Huawei is not enough?
3. When people have needs, someone is obligated to satisfy it. Oh, that sex maniac across the street ...
1. You could make the same argument about fridges, electricity, light bulbs, vehicles (yours or by proxy), houses, chairs, agriculture. The point is that not having a smartphone available to you puts you on the margins since at this point it's assumed that everyone has one. Every restaurant in our area is now doing virtual no-touch menus that require scanning a QR code and requiring online ordering for take-out. Like you can live without a smartphone but at this point you're only making life more difficult and annoying for yourself.
2. It's plenty enough. Phones have been plenty fast for years. The issue is finding a vendor that will support your software for long stretches of time which right now that is community Android distributions and Apple.
I don't think he's wrong. Society has expectations and throwing money to buy things works. I don't have Uber and Lyft and that puts me at margins with society. Does that mean they're essential apps? Making life difficult and annoying is just how many people without money live.
Bullet point one: in the past 10 000 years no one had so such info and requirements to be online.
Calling someone is not even on the priority list of a smartphone. But I can't access easily half of services (including banks) without an internet-connected device. Which is almost invariably a smartphone.
Bullet point 2: older versions of iPhones can be had for that money
The only complaint I have about Apple Maps so far is that it uses Yelp for review information and photos. I wouldn't mind Yelp, except they try to force you to install their app so they can spy on you instead of just letting you view a mobile site. I'm sure their crappy app is just a wrapper around a mobile site anyway, so it's doubly frustrating
Telephony is dead. These days in many places cannot get a job or function without access to email or chat. In a lot of non-rich markets the smartphone is the cheapest option to gain access to these communication systems.
Yeah - although at least according to analytics a lot of western world people also own a computer. In many asian/african areas most of the population only has a smartphone to access the internet.
Not a fan of Apple, but they seem to be serious about privacy showing other companies how it is done.
Microsoft could have really established itself as an alternative to Google on the same front, but they utterly failed by mirroring the worst aspects of the disastrous landscape we see on mobile devices. I hope their telemetry generates billions too, since that is probably in the range of their missed opportunities for both desktop and mobile devices.
Some still pretend that users want personalized ads and want to be tracked. Yes, there are some that really do. Glad we get options for the other ones.