I have a similar feeling, but with modern smartphones.
Owning my computer is still relatively possible. I can build a computer from parts which I can choose, and have a choice in which operating system to install on them. Laptops are slightly more closed, but even on those I can choose the OS myself.
Modern smartphones however, seem like walled gardens in which I have no control at all. I cannot choose any of the parts, and even doing simple reparation tasks like replacing a battery is a nightmare these days. I am locked into a single OS on my smartphone, which either spies on you or is locked down even more. Every iteration a bit more control is taken away from the user. And its increasingly hard to step away from them, since a lot of normal interactions such as banking almost requires you to have such a phone.
Both Android and iOS suck. I've made my own Android phone tolerable with F-Droid and trying to ungoogle it as much as possible. But unfortunately I find myself locked into using google play services since solutions like MicroG just don't cut it. They lock me out of slightly too much of my daily smartphone usage (note that this is definitely not the MicroG's developers fault, they have done amazing work).
Well it is early days but Librem and System76 (and several others like Pine64) are making huge headway in the open hardware space. I know there have been lots of failures in this area but I think we are getting to a threshold point where building on top of these companies acheivements is quite possible.
Linux on Mobile and open EC and Coreboot etc. are all making rapid progress at the moment. I would still say we are talking in terms of years before more general Linux Phone adoption would be possible, and still the fact your online bank etc. doesn't make an app for Linux would be prohibitive to many (although anbox might help), so I understand pessimism here, but I think the excitement around Linux mobile and open hardware is sufficient that it will at least be revolutionary that it is possible to run open hardware and Linux phones etc. same as SteamOS was a failure if you look only at numbers of Steam Machines, and a revolution in Linux gaming if you look at Proton, GamerOS and all the improvements that came with it.
Viable alternatives affect the behavior of others, even if they "fail".
And if you're already a desktop Linux user like me, open hardware is already a reality. Only thing that's stopped me trading Dell XPS 13 for Purism 14 is that I will miss the QHD+ screen, as it is standard HD res. Still really tempted though.
> desktop Linux user like me, open hardware is already a reality
Power or RISC-V ISA hardware are in low stock, have very few, specialised vendors and are not affordable. I have great sympathy for people who refuse to pay the outrageous difference to off-the-shelf hardware that can be bought anywhere just to gain a level of privacy that they should have in the first place.
AMD and Intel have rootkits in their hardware which are designed to be exceedingly difficult to remove. If the customer is a spy agency, they will ship with the rootkit disabled. If the customer is just a normal person like the one writing the article, one will not be able to have one for money or good words.
I seriously doubt either Intel or AMD ship different silicon to the NSA or whoever else. At least from what I've read, the only difference (at least on Intel) is the "NSA bit", that can actually be turned on on any chip these days. System76 actually ships machines with it enabled by default.
If you're going through all that effort, then why bothering with hardening Chrome? Why wouldn't you start with Firefox, which doesn't require unGoogling to be considered secure?
OpenBSD's Chrome had pledge() first, but you're right, I should consider Firefox.
However, there was a recent Firefox bug in OpenBSD, and the patches weren't applied uniformly. It does seem that Chrome is more consistent, and gets more attention.
The issue with open hardware is that DRM vendors don't support it. A fully open phone doesn't have hardware DRM keys so you won't get FullHD in Netflix. And now you've lost 90% of the market.
Yeah, even when you boot up into Netlfix in Epiphany browser or something and discover you can't. It's not a great OOTB experience for new Linux users, never mind being locked out entirely. But that said, I don't really know how to fix the DRM problem without first making progress on open hardware. Viability and market share in spite of the adversity is the only chance I can see.
It still might fail. We try because we feel it is too important to simply do nothing, not because we expect mass success.
Maybe this is something that is a bit facile of me to say, but I like to try to compartmentalise, such that I have a little tablet for media stuff which I use to cast to TV via Chromecast. The other stuff not having Netflix access (both phone and laptop) doesn't bother me so much, and keeps a distinction between open and closed at home. The nice perk is that Chromecast is now doable from laptops under GNOME and will likely become available on phone OSes like PureOS etc too in time.
Not great for normies, but that's my tip anyway. Media consumption is a wedge issue and if you're prepared to spend money for privacy, there are a few ways it can be done.
I think the solution is to convince more people that we can live happy lives without access to big-budget entertainment. I've been mostly going without for about two years now, though I've wavered a few times.
IDK, many people spend their whole lives glued to the TV or movies. it feels like it has only gotten worse. it also feels like people don't have hobbies these days. I think to convince people of what you're saying, we need to get people back into having more hobbies. or at least reading or something
The only solution I know is very labor intensive process (and kind of not covid friendly atm), Call up said friend and meet them in person for coffee / hikes / whatever you two like. Refuse invites to do "screen time" things...
I think the trick is to start viewing the problem through the lens of anti-trust/pro-competition law. Something like mandating compulsory licensing of DRM technologies so that the DRM manufacturer and Hollywood studios don't get to be kingmakers in the browser or operating systems markets.
IANAL but seems to me like laws along the lines of "you can reverse engineer DRM without being arrested" and "the patent holder/whatever of the DRM cannot deny you a license to use this without a good reason" seem like the right direction to me. Then the linux distros or anyone else can go off and build/integrate the DRM to the extent that they wish.
Copyright violations would continue to be illegal. I am not proposing that they be legalized (though copyright law could use several reforms as well). I am proposing that for instance Google ought to be required to license Widevine to anyone who wants to build an implementation for it.
Because Widevine is so widespread and acts as a gatekeeper for content (for example Netflix), if Google doesn't bless your platform with Widevine support you're essentially dead as a consumer media platform.
Google should not have this kind of power because competition is good.
Seriously, I have slowly become subscribed to all of the streaming services; and I still use a system that automatically obtains rips of the content I actually want to consume. Having everything served to me in Plex instead of needing to remember/look up where something was streaming, load up that app, be at the mercy of my shitty connection, etc.
I fantasize of forced HDCP resulting in anti-trust action over what they forced upon thr market. The needless wasteful complexity of not being able to use a splitter and encrypting and decrypting both ends is clear consumer harm. Sadly that is unlikely to see a push.
For me Lenovo have been in between the pure and wonderful but too expensive for me of System 76 and the Pinebook Pro which I own but is too slow and low end to use for my daily get stuff done machine, which instead is an ideapad 3 with ubuntu 20.04.
I agree with this so much. It would be so convenient if I could just flash Arch Linux or something onto a modern smartphone and be able to use all the applications and settings and data I use on my desktop, but on my mobile phone. Android is markedly better than iOS when it comes to customization, but it's a far cry from a (real) Linux distribution. I've started getting OS-level push notification ads from Google News and other bullshit on my Samsung Note 9, and it makes me want to set the thing on fire.
It also makes me pretty pessimistic when it comes to privacy. I can uninstall Windows/MacOS on my laptop, coreboot it, use FOSS/privacy-centric software, etc. but it doesn't really mean much when my phone (which is basically attached to my body 24 hours a day, and is my main conduit of communication with others) is a privacy/security nightmare.
It's not quite a modern smartphone, but it's the best we have at the moment; have you looked into the PinePhone? I have mine running openSUSE Tumbleweed.
Some people will tell you that the Pinephone is daily-driver ready. They're right, but only in the sense that using a feature phone is daily-driver ready. It's only feasible if your lifestyle permits it, if you're willing to go without sometimes, if leading by example, and voting with not just your wallet, but whatever you value (be it time, money, or uncertainty) is a deal you're happy to make.
I love my Pinephone. It is undoubtedly my own, with no strings or trillion-dollar corporation helping steer. It's lots of fun to play with, but unless people already half-jokingly compare you to RMS due to your extremism, it's not ready.
Android circa 2009 would be a reasonable comparison: the potential is clear, the software is rapidly evolving, and there's a benevolent dictator at the helm. And that's enough for me to be happy with it :)
I'm really heartbroken that I can't use a Pinephone as a daily driver because of the simple fact that it doesn't have a 5ghz wifi antenna. Where I currently live there's just too much interference on 2.4ghz. It's literally the one feature I need. As soon as they come out with a model that has 5ghz wifi I'm happy to jump right on board, especially since they're coming out with a keyboard attachment.
The battery time, at 3–5 hours, and the inability of the phone to charge while turned on, they called "A stark reminder of the Librem 5's beta status".
You should be able to just put wifi USB dongle into the USB-C port. These things can be small. Though there are no USB type-c wifi dongles apparently (now that I'm searching the web for them), so you'd need an otg adapter too, and there goes the size benefit.
It's about the same quality as a budget Android 2-4 phone.
The basics are pretty much down. Kernel support is solid. It can make calls, send texts (MMS mileage may vary), and use data pretty reliably. Web browsing is actually pretty fast with Angelfish. You technically have access to the full repository of Linux ARM software, and some of it even resizes properly to the phone. The camera is usable but terrible. Anbox works for Android apps but is painfully slow and can't share data with the rest of the phone to my knowledge.
Battery life is terrible, I don't think that the phone has power states of any kind, so it's either with the screen on, on with the screen off, or off altogether. Updates frequently break my install, although updating through SSH has been working for me recently on Tumbleweed without breaking anything. Little things like Plasma not having a way to exit the keyboard, apps taking up full screen with no way to exit them, etc.
Performance is painfully slow, but has also improved (for KDE anyways) by leaps and bounds. It used to be completely unusable but now it's merely very slow.
I would say it's somewhere between for developers, and usable, at this point. You could use it with some sacrifices, and still have a functional wireless communication device. It absolutely is nowhere near replacing my OnePlus running Android, however.
How about going at it the other way around: There are laptops with SIM cards / card slots already, for wireless data connectivity. Does it take additional hardware to use that for telephony / SMS, or can the already-present hardware be used for that too, with only a software component to enable it?
Sure, not quite as handy — or Handy, for the German-speakers among us — as a physical phone... But, say you keep your laptop with you in a backpack (Rucksack ;-) ) or such, and a Bluetooth hands-free headset clipped to your ear...? I hear lots of youngsters listen to music continually nowadays, so they already have some kind of earbuds in all the time anyway. Or maybe even some kind of Bluetooth "satellite" handset, to make it easier to initiate outgoing calls / read and write text messages?
Money: Pine64 is a small operation with limited resources, factories have minimum order quantities among other commitments.
Most Pine64 products have pre-alpha software and are aimed at volunteers who can improve it. Lots of people are willing to buy a product for <$150 and "see how it goes". $400 filters out a lot of people who might otherwise chip-away at software bugs on weekends. Additionally, people are less tolerant of dead pixels on a $400 laptop, and Pine64 would rather not deal with returns.
The reason I've seen for the phone hardware is that they simply can't source hardware that is more performant but still open enough to sufficiently develop for.
I would suggest looking into Sharkbait[1].
Although full-disclaimer, I like to say that I am a part of the team and we are lazily trying to self-host Android.
Have you taken a look at Ubuntu touch? I came across it while researching for my next device. From what I recall, it gives you a full Ubuntu environment on your phone.
Didn't go that route though because of the unavailability of the supported models where I'm at
Canonical supported versions were based on snaps-predating app framework (click packages). There were a couple of phones released with it out of the factory (bq aquarius 4.5 and meizu mx4) and a bq tablet, but rest of the supported phones use android kernels for hw enablement.
Ubutouch has forked the software when Canonical pulled out and even runs an app store, but I think the best hw you can get is Oneplus 6t and then mx4.
I used mx4 as my daily driver for years prior to switching to Android for the first time 3 years ago. While not the fastest phone, mx4 was usable (things I hated most were sharp edges and how it would register touches in my pocket, and then get locked for 10 mins because of wrong passcode).
To be honest, I quite prefer the Ubuntu Touch over Android (and Nokia Meego/Maemo is up there too, but Palm Pre WebOS takes the cake as the best basic phone UX I've experienced).
I think Mobian has the biggest potential to be the pure GNU/Linux system in your pocket, so I am hoping it'd get Unity included too.
I've been wanting to cobble together a phone using a microcontroller hooked up to a 4g/5g module. Anyone have a module recommendation? I think everything currently available on sparkfun and adafruit won't work for me.
Many 4g/5g modules are basically stripped down/headless smartphones in themselves, running Linux + modem firmware, etc. You don't need the microcontroller, you just need to patch the firmware.
Yes. I was looking for an answer along the lines of a particular model from Telit/whoever. I'd rather use the external micro to control the module with AT commands.
I have yet to find a satsifactory way to disable them - it's pretty easy to disable notifications from userspace apps like Instagram or Snapchat or whatever, but disabling notifications or altogether uninstalling vendor apps is a huge pain in the ass.
Most advice I've gotten has been flash a custom Android kernel or a de-Googled distro. This would definitely solve my problems, but this removes the ability to install Play Store apps which are a necessity for me. Not to mention that it gives the possibility of bricking my phone, which is way outside my risk tolerance for just getting rid of some annoying ads.
In case you do want to install a custom Android distribution (ROM) to clean out the Samsung bloat more thoroughly, the risk of hard-bricking your phone is almost non-existent nowadays. The worst that can happen is usually a soft-brick which can be fixed by reinstalling the original OS. As for Play Store, most custom ROMs either include or support installing Google services and Play Store with full functionality.
Worth noting that Samsung doesn't allow the bootloader to be unlocked in most (if not all) of its flagship devices released in the US. Although, there's paid services that could unlock the bootloader.
It doesn't remove your ability to install apps from the Play Store. You can use the Aurora Store app to install those apps. For the apps that also require Google Play Services, microG usually suffices.
I'll play the (intentional) Devil's Advocate here to present an alternative viewpoint.
I like iOS, but not Android. Let me explain why.
I personally love Linux, Unix philosophy (I'm even sometimes an old beardy zealot about POSIX standards and the old way), and inherent customization possibilities.
On the other hand, I don't want to manage my phone like a desktop or laptop computer, or a server because of a plethora of reasons. First, user interface is not very suitable for that. Second, there's a lot more finicky things to manage. Last but not the least, that management task is continuous.
iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this). Defaults are sensible. Settings do not change spontaneously. OS behavior doesn't change drastically from device to device (Every android vendor tunes their OS and background process policy differently, creating a lot of WTH moments and more finicky management tasks). Updates are not slowed down by the vendor, the operator, the distributor and today's weather.
While iOS is a pretty strict walled garden, devices are set-up and forget. Even you forget that you have an iOS device, because you use it without thinking.
Radio security, isolation and its reasonable and unreasonable parts are discussed here extensively. As a HAM radio operator, I can only say that, radios can do wreak a lot of havoc even with informed tinkering, without any bad intentions. If you take a relatively cheap SDR and listen to your neighborhood spectrum (just see the traffic, not decode anything) your jaw will drop. It's a very crowded up there, and there's a lot of non-public traffic.
Another stuff about custom ROMs and Stock ROMs is SIM services. Yes, many of the SIM menus just sit here unused, but there are useful ones like mobile e-signatures. I carry my e-sig with my phone, in my SIM. So using it requires a verified and official software stack. As far as my experience goes, no custom ROMs run these services (intentionally or unintentionally).
I manage my family's Android phones, and I personally use an iPhone. As far as I can see, it's much easier to leave an iOS device on its terms and it'll fare better.
Feel free to discuss, counter or just burn this comment down. :)
> iOS takes all of these away. Complete backups are built-in (I know android has it, but I don't know how bulletproof is this)
Not to burn you down, but to burn Android down: no, Android does not allow you to take complete backups. Let alone "built-in". The only backups that are made are forced to Google cloud and only backs-up apps that where downloaded through Google Play and app settings for Google stuff. It is an extremely limiting almost non-backup if you're used to going around Google. When switching phones it's still a process of hours / days to get everything set-up the way you had it on a previous phone. Especially if it was rooted.
The only way I know to take a full backup image of an Android phone involves unlocking (not possible on all phones), rooting (not possible on all phones), installing Nandroid and pulling an image over USB. To restore to a "fresh" phone, you need to go through all of those steps again.
This would take hours to weeks depending on who does it and the puzzle your phone manufacturer sets up for you to unlock your phone.
This to me is one of the many absolutely mind-blowing facts about the trash Android OS (disclaimer: I'm still an Android user, because I can't accept a phone without a physical keyboard. Never used Apple products in my life).
Want to wipe your phone and restore an image after you travel into a "spy-state"? Nope. You simply can't with an Android phone.
You know a phone that was able to do this out of the box? My 2013 Blackberry Passport. No rooting or fiddling around required. Just install a desktop app, plug the phone into USB and press "full system backup".
It is ongoingly stunning to me given all Google's BS that Android has no backup option which will get my apps, their data and the state of my home screen back exactly the way I left it if my phone is destroyed.
I run a custom honescreen: it's just another Android app! And yet everytime I have to set that back up again manually.
Yes, I was going to say the same thing. My samsung galaxy s10+ has a cracked screen and I need to take it to repair but the thought of the work needed to backup everything stops me from doing so.
I have very little trust in Google so I don't want to backup to google cloud (I just researched and it seems they do provide end to end backup encryption without Google having the key anywhere since Android 9, is that really the case now?)
Your definition of complete backup exceeds even the definition the parent is using for IOS. There are some things like downloaded files that don't get backed up to the cloud. (Some of them probably do get backed up via iTunes backups, but even there, I'm quite certain that not quite everything gets backed up. Instead it contains nearly everything that an non-jailbroken user might care about.)
Things like the set of apps, settings (both app and system level), game progress, the set of open tabs, etc can be backed up, and IOS is even able to restore old app versions specified in the backup by downloading them from the store.
All that said, both IOS backup options are more comprehensive than the built-in android options.
> IOS is even able to restore old app versions specified in the backup by downloading them from the store.
iOS even restores your open applications and task manager state when you restore from the backup. Even more so, theoretically, it can restore every apps state at the point of backing up. It's a feature ported from macOS.
local backups (used to be iTunes, now it’s just done from the Finder) do indeed backup everything. And as another commenter pointed out, your application state is also backed up and restored.
#1. Local backups are still itunes based on windows.
#2. Stateing everything is still not quite true. The OS is not backed up, since old versions cannot be restored. and unless things have changed since a few versions back, local backups deliberatly omit some data if it can be downloaded on restore. For example, the actually apps just have their names and versions recorded so they can be redownloaded. Which is not really a problem, except in those rare cases where an app has been completely deleted from Apple's servers, which typically only happens for malware or for legal reasons. (I suspect that any apps not in the store at the time of the backup are included in the backup, so hitting this case should be incredibly rare.)
Backups are a total black pattern where you either pay Apple for ever or the respective APIs are horribly broken.
It would require zero effort on Apple's side to integrate backup to other servers using the OS or other Apps. That means without silently stopping them or even worse slowing them down to kb/s once in the background.
You can backup your iPhone anytime you want to your own computer. iCould makes it pretty easy to do settings and config backups that will be included in their free tier.
There is no way Apple is going to let 3rd party could providers do backups directly. I doubt exposing the iPhone as a USB device over the internet with a VM running iTunes would work efficiently.
Assuming you've already paid Apple for the device and you don't want to make use of the 5GB free iCloud storage for backups, you could backup iPhone to iTunes on your laptop (encrypted) and then ensure your laptop was backed up locally also. This way you avoid paying Apple for ever.
So yes you also need to install itunes to backup on your computer, because why directly mount it as a usb drive without an apple app?
That would also need zero effort from apple, but I was talking about an online backup with since forever established protocols.
"I can't back it up completely" and "I can't back it up completely the way I want to" are two different arguments. It's fine if the second is the argument you actually want to make, just be clear you're making it.
"When switching phones it's still a process of hours / days to get everything set-up the way you had it on a previous phone"
From my experience this is completely false. I just switched from Galaxy S8 to S20, and I transferred everything and had the new phone setup exactly like the old one, with all apps (that would allow it, LINE wouldn't) and even ringtones and text tones set how I had them in about 20 minutes.
1) You don't want to risk dumping a mounted filesystem because of inconsistencies
2) Good luck getting the right device - in the end it's devicemapper all the way down with a lot of layers (ecryptfs, sdcardfs, bind mounts, ...) stacked between your shell and the device.
3) Unrooted phones don't allow access to raw Unix devices
4) You can't restore these backups anywhere if your phone (like almost all, I think it's a Netflix requirement) uses hardware key storage - simply because the key is in the secure element of your phone. Rooting a Samsung phone kills the HSM and switches over to software key management though.
5) Assuming encryption keys don't get in your way, you can only restore the dump on exactly the same model and firmware of device you have, because every manufacturer does stuff slightly different.
Makes me wonder if you can just dump the Flash storage chips through JTAG or similar - assuming the JTAG ports are accessible without completely dismantling the phone.
And even if you do root your phone and dd the storage, you'll only be able to conveniently restore to an identical (or the same) phone. I generally prefer Android to iOS, but they're not even on the same planet in terms of backups.
"developer mode" is typically a custom recovery environment that requires an unlocked bootloader to be flashed. A nandroid backup is effectively a dd image.
It's a bit messier if your data also lives on an internalized sd card.
> Android does not allow you to take complete backups. Let alone "built-in".
Android has had full system backup capabilities through `adb backup` for years. It does not require removing carrier locks or rooting and has been available since Android 2.x iirc.
I've used this to transfer all of my apps, app settings, and system settings between all of my Android phones:
Nexus One -> Galaxy Nexus -> Note 3 -> Galaxy S6 -> Galaxy S8 -> Galaxy S9 -> Galaxy S10 -> Z Fold 2, all with one continuous chain of backup and restores via `adb backup` and `adb restore`.
These restores sometimes even worked flawlessly across different Android OS versions! Sometimes this has caused a lot of weird issues wrt system settings, so admittedly this process can be quite buggy.
> This is false. Android has had full system backup capabilities through `adb backup` for years.
Apparently this is false, because apps can "opt out" of ADB backup and many do (see other comments), furthermore it doesn't backup the entire phone, but only the system image (partly). Does it backup the root state of the phone? Nope. Does it backup the restore partition of the phone? Nope. Making it a "maybe full system backup but not full system image backup that is kind of buggy". In other words, like I wrote earlier: not a -full- system backup at all.
I was specifically talking about effortlessly backing up and restoring a full system image. Blackberry OS10 style: plug in phone, press "backup system image" and get a carbon copy of EVERYTHING that runs on the phone that can be restored to a new or existing phone with 1 click. Your post confirms that this is not possible in Android: using ADB is not "effortlessly" and it's not a full system image backup.
Even if I would backup and restore from and to the exact same rooted phone (that's all I'm asking), the restored backup would not be the same as whatever was on the phone when the ADB backup was pulled. Nandroid can do this, in theory, with a lot of hassle (but not on my phone, because TWRP for my phone doesn't support decryption of the system partition).
Many apps opt out of including their state in "adb backup" or act oddly when restored. Maybe this changed in the past few years, but it is still nowhere as complete as any automated or manual iOS backup.
It can if you charge from your PC and set up some very convoluted scripts (not recommended).
I use `adb backup` solely as a means of transferring my settings & app library between devices.
These are full system backups including potentially gigabytes of APKs, so I wouldn't want to run it every night. It is possible to use `adb backup` to only backup settings (no app files) if you want a lighter backup, but those backups aren't as useful for my purposes.
Thanks for the answer. I just wanted to highlight that, I can just take my phone for the day, throw it under a bus, go to an apple store, get a new phone and continue where I exactly left off (minus a couple of 2FA keys, which I have backups of).
This is what I like about iOS. I tested this method a couple of times (with less destruction though), and it just works.
You just described the whole iOS value proposition. Even Macs are basically "set-up and forget". My dad, a 76 year-old with no computer chops, was always losing his track on his computer (my old Windows desktop). I became tired of the permanent parental helpdesk service and I got him a late-13 Macbook Air and it's still running happily.
> iOS takes all of these away. Complete backups are built-in
They’re not. Backups are built-in but they’re not complete. For example google Authenticator data is not backed up. Microsoft Authenticator can be backed up, but you need to go through a few extra steps (and have a Microsoft account). Other secrets are not included either - my banks PhotoTAN app doesn’t store any credentials etc. There are reasons why this is so, but it’s really important to handle if you use your phone for 2FA.
> Authenticator data is not backed up. Microsoft Authenticator can be backed up, but you need to go through a few extra steps (and have a Microsoft account). Other secrets are not included either - my banks PhotoTAN app doesn’t store any credentials etc.
AFAIK, applications allow their secrets to be backed up or not, and I'm not mad that my 2FA keys are no backed up and shipped overseas. I keep another copy of my 2FA codes in another application, so it's not a very big problem from my PoV, though.
> I keep another copy of my 2FA codes in another application, so it's not a very big problem from my PoV, though.
It's not a problem if you took measures to make sure you have a copy. It's a problem if you just take "full backups" for granted until you figure out that some things don't get included in "full".
It’s not “some things”. Its things where the app developer explicitly chose to tag them to not be included.
And yes, for years one had to do the physical cabled backup restores for this, then these same app developers learned how to exclude their data from those as well. However, as of iOS 12, 13 and 14, there seems to be decreasing to zero effective difference in what’s included between tethered (with password), local WiFi (with password), and OTA iCloud backups.
You may be able to forcibly back these up using a third party tool that also lets you back up sandboxed temp files and the like, tools like iExplorer:
I have Google Authenticator with 5 or 6 2FA accounts. Am I to understand that I can use another app like 1Password for those same accounts? I distinctly remember some of them explicitly telling me to use Google Authenticator.
You should be able to, yes. Google Authenticator is pretty basic where it's simply scanning a QR code to get the TOTP token and storing that locally. It's apps like Authy which screw you over by forcing you to use them and ONLY them for 2FA for websites who opt to use it in their service. They don't make it possible (iirc) to get the token out so you can use your preferred authenticator app.
But back to your point: I used to backup to Google Authenticator and LastPass's Authenticator to prevent me from losing access when I migrated to a new iPhone since they don't backup. They both worked just fine interchangeably.
I switched to authy because I can use 2 devices (same "keys") and backup codes easily. I'm too clutzy not to have at least one backup device. I suppose most humans are.
Pretty much noone should be using any of the authenticator apps.
Get Keepass2Android, and it'll track TOTPs just fine. Throw Syncthing on their and you can securely get those to any device you own without involving Google.
2FA is about having a factor which changes everytime you use it so if the medium is intercepted somehow the account isn't permanently compromised.
It's protection for when using untrusted computing devices, or because most people have their passwords in some way visible or shared.
TOTPs can't be reasonably made much longer then they are while still usefully entered, but my password database never leaves my own devices and neither does the password to it.
If someone compromises my phone to the level they can get that database, then they've already got my Google Authenticator or whatever DB as well anyway.
IMO this reduces the protection of 2FA significantly. For me 2FA is primarily not having a single device that's enough to compromise to get access to your important accounts. This means that I never have both factors (password and TOTP key in our case) on a single device. That's why
> they've already got my Google Authenticator or whatever DB as well anyway.
is of course good for them, but they still need to get my password from my other device.
If your device is compromised to the point that someone is reading out the content of non-online, encrypted DBs, or keylogging aggressively, then they've also got your email and can much more easily just send a password reset to 90% of everything out there.
2FA as the internet uses it has always been about dealing with accidental disclosure and public PCs.
As an owner of Xiaomi phone I consider all data on it to be available to mid- and high-profile parties at least in China. Which might eventually leak into my country as well.
That's why my phone doesn't have any bank software installed and doesn't have any password saved. It is logged into my google account though to which you probably can restore some passwords, but for all resources I care about (banking, investements, crypto, etc.) it's not possible. I also use separate email for those. If my HN or reddit account will be compromised via my phone - so be it, I don't really care. I can also tolerate compromised 2FA app as it's useless without passwords which are stored on another machine.
For most of us 2FA as it is works fine. Until I become a CIA operative or drug dealer I suspect the current setups are fine via companies like authy, 1Pass, and google auth.
It's a bit ironic to criticize Apple's mobile solution via an app built by its direct competitor.
Google made the choice of not implementing backups for Google Authenticator, so that's really on them.
I would recommend Authy for 2FA. It supports backup straight out of the box.
Exactly opposite feedback of a colleague who switched from Android to Apple flagship few years back. After few days, he became frustrated how little the phone allows to tweak. I don't mean some low level tinkering, just normal things he got used to being able to change. He regretted the move since then but what happens people get often comfy with their choices and over time lose the will to do a big change again, so did he.
You mention setup & forget, that's how probably 98-99% of Android phones operate. Same for me, all the people and family I know. Initial install&setup after purchase, and then just running 1-click updates if one chooses to. After 3-4 years, switch to another one.
Hardware is +-same, what differences there are are invisible to user (apart from basic things like dual sims and memory card slots, which Apple lacks desperately... and bigger zoom for photos). Some like the smooth Apple UI, some feel they have the same on Android, most don't care. Some care about privacy which Apple seems to be the champion, most of the world simply doesn't care and isn't even aware. Some realize privacy is an illusion even with Apple, if you are 95% of the world that lives outside USA, various 3-letter agencies can do whatever they want and abuse your data in numerous ways without any recourse.
Its all relative, the most important is if one is happy with whatever one has and doesn't have unrealistic expectations.
Honest question: is it simply the fact you can't use a Gecko engine on iOS that makes it useless to you?
My impression is that the Firefox shell offered is still able to provide the various anti-tracking privacy features that many would point to Firefox for, and the variety of browser shells available should mean that you'd be able to find a UI to your liking if Safari's isn't.
At that point, the only thing I can see missing is a non-webkit engine. I get that that's an annoyance and definitely on the same anti-competitive level as 00s era IE, but by and large web developers account for it and it works acceptably. As much as I'd need it to for mobile browsing.
Would just be interested to know if there's something more I'm missing.
Gotcha, that's completely fair and not something I'd considered. Thanks!
As a vague counter point, I use Firefox Focus[0][1] which touts the tracker blocking and ad blocking I'd rely on extensions for normally. It meets my needs as the only additional extensions I use on desktop are for tab and session cookie management, both of which are moot points in a browser without tabs and a "clear cookies after each session" policy.
>That was supposed to be an honest question with an honest answer. There was no need for a snarky remark.
Well, somewhat snarky. It's still a legimate question.
Why would one "need" plugins on a mobile browser? What kind of functionality that mobile Firefox doesn't provide?
>The topic is about owning your own hardware/software combo - so having addons/customization is the definition of it.
Well, the topic is about owing your computer. Which has some merit (even though owing is a kind of a weasel word: you do own it, even if the OS enforces this or that measure. You can sell it at any time, for example, break it and nobody will ask you to return it, etc.).
So, the real topic is "doing whatever you want with your OS, with the ability to disable all checks, protections, etc, install custom everything etc".
Which I can see the appeal in some cases.
For a mobile phone what exactly is the great appeal?
There are ad blockers for Safari. There may be folks waiting to pounce with absolutely true complaints about how unsophisticated they are compared to what's possible in other browsers, but in practice they do a sufficient job.
There are certain extensions that I use on Firefox on the desktop. I would like to have some of those extensions available for my mobile device, in such a way, that I can enhance the usability of my mobile browser.
Because you usually work on a desktop, and might have all kind of handy extensions to help you.
You usually view webpages in a very minimal interface, small screen, often on the go or leisurly, and with limited interaction on a mobile phone. So, aside from something like an adblocker (for which there are solutions), what would one use?
AdGuard works pretty well on iOS. I don’t think there is a way to do a ‘dark reader’ specifically though perhaps pages honour the OS’s ‘dark mode’ setting these days? I would guess support is spotty.
Sites that use the prefers-color-scheme media query honor the OS setting on iOS, but it obviously doesn't work on sites that haven't implemented it - Dark reader[0] takes a invert-colors approach and makes it a little easier on the eyes.
well adguard only have ip, domain names etc. I mean it has less context? Addon has more context about the webpage lets say it can remove ads belonging to DOM with id #ads-1 ?
And in Europe, cookies / nag-popup-removers for all those GDPR compliance dialogs (though vanilla Firefox is becoming better in blocking trackers by default).
The main issue was (I guess still is), iOS does not allow JIT compilation - in order to keep control over the apps available (having JIT would allow running any code effectively).
Of course, nowadays the assets of apps have to be part of the deployable, itself. So it's common to run localhost web server.
Oh I totally agree. I treat my phone as purely a consumption and communication device. It's a dumb brick that should do those things well, including being secure. The more walled garden the better, in my opinion, as long as it's doing those things well and maintaining my privacy.
On the other hand, it's useless for creation. But that's fine, the trade offs are worth it in my opinion. I have dedicated hardware running Linux/Windows for that purpose.
Yeah exactly. I sometimes use it to view documents in a pinch but vast majority of everything I do is on a desktop/laptop. When I backup all I have to do is copy one folder over to my desktop and that folder also gets backed up to icloud. Iphone also obviously will reinstall the apps that I use if I need to switch devices. It works pretty well. my phone isn't the center of my world and in general I don't care about keeping old conversations on chat apps and such. Some people want to keep all their data into perpetuity but I don't.
I'm similar and for the most part don't really use the iPhone as computer. It just acts as a hotspot for the laptop and I use it to take photos so I don't have to worry so much about proprietary stuff running on it.
I agree with you overall, but felt the need of commenting as I thought "Settings do not change spontaneously" was true as well but it is not! I just discovered the other day that you cannot turn off WiFi or Bluetooth. If you do try to disable either of them, they will be turned off but only for a day. The next day they enable themselves automatically.
So much for not changing settings by themselves :)
The control center toggles specifically tell you what’s happening (“disconnecting from X until tomorrow”).
If that isn’t what you want to happen, you go to the Settings app and turn off those toggles. (But I wish they would have a matching statement on screen that clarifies their changes are permanent until you change them again.)
Temporary toggles being in the control center is great. Most of the time that I quickly disconnect from WiFi or Bluetooth, it’s to solve some immediate, temporary issue.
The settings aren’t “changing themselves” — they’re doing what you asked them to do. The written message tells you what you asked them to do in order to teach new users what these buttons do.
I can somewhat relate to you, but in different aspect. I own iPhone and I'm thinking about some home automation. I can program iPhones, I tried to find out some way to put my code onto my phone without restrictions and I did not find any. I can use web app, but it's restricted and I might need some API that's not available for web. I can install my development build, but it'll expire in a few days and I don't want to reinstall it over and over again. That's an absurd situation when I'm as a programmer can't put my own program onto my own device.
I love iOS in almost every way except sideloading restriction.
If I missed some way to implement what I want, I'd love to hear how can I do that. I don't need much, but I need push notifications from server and I need push notifications when I'm close to some particular location (like open a door when I'm near it). I might need NFC push notification, I'm not sure.
I don't agree that Android suck, I have second phone for testing and while I love iOS more as it feels more polished, I probably will switch to Android in the future, just because I want to run my code on my device.
All those Apple apologists should go and take a look at the world; I live in Iran, and here Iranian apps just use a business profile to install. There are even alternative app stores using device management profiles. And these apologists keep bullshitting that the monopolist walled garden actually keeps people safe. The walls don’t keep out anyone powerful, they just enforce rents.
All the Apple haters keep missing the point for why Apple users prefer “walled gardens”: They are fucking beautiful respites from all the crap outside their walls.
Apple has refunded me without question whenever an app tried to scam me, no matter how big people popular it was, whereas apps using third-party payment systems almost never give any refunds.
Imagine actually using free and open-source apps from free and open source app stores&operating systems instead of buying an overpriced rehash of open source software.
That's surprising as Apple is supposed to revoke those kinds of certificates pretty quickly. Enterprise certificates are for use inside enterprises, not for outer users.
Iran is under embargo by the US. Consequently, Apple doesn't do business in Iran. If someone buys an Apple product in Iran they're getting smuggled hardware that has likely been jailbroken. It won't be connected to anything Apple or iCloud unless they're going through some kind of VPN. Certainly nobody is getting developer certs there and they can't do any payment processing so most regular apps are gonna be out of the question.
Please stop opining on what you have zero knowledge on. The Apple devices in Iran are never sold jailbroken (in fact, I have never seen a jailbroken Apple device in my life). They can usually connect to all the Apple services without a VPN. There are apps that use Iranian payment processors in the App Store itself (e.g., https://apps.apple.com/us/app/fidiketabi/id1464658470 is an app that sells ebooks and audiobooks, its real name being Fidibo), and others have apps as direct installs that need the user to accept their profile, or use one of those Iranian app stores. There was a brief period after the Facebook VPN scandal that Apple did make a show of blocking these Iranian certificates, which caused a surge in web apps (which I liked a lot), but that didn’t last long. What is super clear is that Apple gives not a single fuck about privacy, security, US laws, or anything except PR. They do exactly what generates the most money for them, and have no principles. Every single big stunt they have done costed them nothing and further consolidated their monopolies. It is always others who shoulder the costs, never Apple.
If your app is using any payment processor that's not Apple within the App Store that app is not in compliance with Apple's own App Store policies. Epic Games would be very interested to learn this is happening. If you're using self-signed certificates or an "Iranian App Store" to install things you are also operating outside the bounds of App Store policy.
You're using Apple services in a region that is not officially supported by Apple. I don't understand how you think security and privacy protections are going to be in place when using smuggled hardware that's intentionally compromised and taking active measures to circumvent what protections Apple has, either by jailbreaking or rerouting requests to Apple to some other mirror.
You’re full of assumptions. Nobody is tampering with the hardware, nobody is routing Apple IPs to fake mirrors, nobody is using “self-signed” certs. People use stock iPhones, without a VPN (not that enabling a normal VPN is at all relevant here, but still), to enable profiles signed by Apple, to run Iranian software. All these can happen in the US as well, except Iranian app websites usually check the IP and sometimes the phone number before they give you links to install the app.
That Fidibo app is obviously not “compliance with App Store policy.” Said policy has never been followed consistently. Feel free to email Epic if you think this changes anything. My magic ball says the best result you can expect is that Apple says, “Oops, they lied, and we didn’t notice.”
Your article is also just an article. App Store is usually fine in Iran, but sometimes there are connection problems. This is not even always a ban from Apple, the Islamic Republic is all too happy to ban foreign services.
Instead of giving me all these made-up stories, give me a list of all the major sacrifices Apple has made for user security. I can’t think of a single one. The nearest thing to a sacrifice they have done is supposedly not selling your data to 3rd parties (except China and friends), but this isn’t that lucrative for them and the PR it generates translates directly into profits. Most privacy choices aren’t this PR-able.
I both hate and love both of Android and iOS. Currently I'm on iOS has the hardware is nicer but damn if the UX isn't confusing and downright dangerous sometimes (looking at you CarPlay).
I also looked into getting some of my own programs into my iPhone but rather than getting stuck on not being able to keep it there for a long time, I got stuck on how to even get the program into the phone. Turns out you need Apple hardware to push the code, so I'm stuck before even being able to try it.
To your point, Apple Developer does not require the $100/year Apple Developer Program fee to load software on your iPhone, but does by default require a weekly cert refresh.
However, the $100 is less a permission slip, and more buys you access to Apple services infrastructure that is largely worth the money so you don’t have to do it yourself and so your users can trust a single brand experience.
(For example, notifications before Apple’s notification service were insane, the app “Growl” made a lot of money just trying to tame the dozens of different ways confounded users’ expectations with notifications. Similarly, updating apps was crazy-making for users, then there was Sparkle, now you get the app hosting and distribution included in the $8/month.)
Just these few services are well worth $8 a month if you compare what you get to any other SaaS we’re buying all the time from HackerNews startups:
- App discovery, hosting, distribution, updates
- CloudKit, iCloud Documents, iCloud K/V Store
- Push Notifications
- Sign-in with Apple
- etc. (NFC is also in the list)
See this link for detailed differences between free Apple Developer and paid Apple Developer Program (also compares Enterprise distribution):
Since you specifically mention push notifications which of course require an infrastructure to run reliably for you 24/7, there’s a good value for the $8/month. The systems behind making these “just work” for users are complex and expensive.
It’s frustrating to have to pay, but I think you can shell out something like a 100 bucks to get an Apple developer account and it allows you to install your own code on your own phone. I hope it’s a 100 bucks forever and not once per year…
But I also need a mac for signing, don't I? Like, a Mac Mini? That's the most annoying part, tbh. I feel fine-ish for paying 8 $ a month for my dev account (if you calculate it that way), but buying additional, expensive hardware? No, not really.
Long story short, you pay $100/year or $8.33/month for access to a suite of services that make apps frictionless for your users, and easier for you as a developer to offer high end features like authentication, notifications, and sync:
- App discovery, hosting, distribution, updates
- CloudKit, iCloud Documents, iCloud K/V Store
- Push Notifications
- Sign-in with Apple
- etc. (NFC is also in the list)
You do not have to pay anything if you do not want any of those services, however you will have to “refresh” your test app cert weekly or work around that.
I can pay, but, as I said, my apps will expire in a few days, so I would need to rebuild and reinstall them every day to keep them working. The only way to have non-expiring apps is to submit them to AppStore which is obviously not possible, as it's only for me.
You can use AltStore to easily sideload apps to your iPhone without a developer account[0]. You only need to be on the same WiFi network as your computer once every 7 days to "refresh" the sideloaded app.
> I cannot choose any of the parts, and even doing simple reparation tasks like replacing a battery is a nightmare these days.
There is the https://www.fairphone.com/en/ which is a modular and easy to repair smartphone. They also make it easy to install alternative operating systems like Sailfish or an OSS version of Android.
The company itself only supports stock Android, although they do foster (some) community efforts for ports. Sailfish doesn't seem available for the Fairphone 3; /e/OS is, but to get it preinstalled you need to order from E, not Fairphone itself: https://esolutions.shop/shop/e-os-fairphone-3-plus/
Unfortunately they don't seem to work in the US, and from what I've seen they are mainly focusing on selling and making sure their phones work in Europe.
It seems like a lot of these problems at the core stem from corporations or the government not being held accountable. How do we fix regulatory capture so these privacy issues are a non sequitur?
I have increasingly come to the conclusion that the society’s average IQ matters an order of magnitude more than your own in your well-being. An obvious example would be to compare the life of a person with mental illness to that of a roughly similarly smart animal.
Not ever... when we vote corporations out of controlling the government, or "we the corporations". Red/Blue is for strawmanning, both parties are $green.
Genuinely curious: Has change of this magnitude ever been achieved entirely by voting? It feels to me like it can only be achieved by revolution (ie, replacing the government entirely with a new government that does what the people actually want). I very well could be wrong.
A problem is, that there's no such thing. There's a common denominator (punishing killers, rapists, thiefs), but this is what punish all governments anyway.
When you go past this point, people's interests are atomized.
indirectly thru elected representatives, legislation, I think so but I'm no political historian. Problem we've got now that you touch on is the judiciary gave this to corps through a 50 year push. Can we get citizens united overturned...
You will never own your smartphone. That would require you to be the licensed operator for the radio transmission. Instead the radio is licensed to the telco (or related) and the telcos have every regulatory and monetary incentive to prevent users from being able to access or control the radio. The government regulators demand the user not have control and the baseband modem manufacturer(s) demand their licensed intellectual property is not exposed.
Don't let perfect be the enemy of good. There are valid reasons to lock down the radio, that doesn't mean we have to accept every smartphone vendor, app author and cloud service provider violating your privacy in every possible way they can think of.
This isn’t the slam dunk that people think it is, unfortunately.
You see, in addition to controlling the cellular radio and all of those details, the bass band processor also does real time noise cancellation and a variety of other call quality functions that you would immediately miss if they were not there.
That processor is actually doing a lot of different things and is difficult to remove from a phone and maintain what most people would consider an acceptable user experience.
My point was more that if you can have a fully free PC except for the cellphone modem, then you can also have a fully free cellphone except for the modem. There's nothing about the rest of the cellphone that's any different from any other computing device.
As another commenter pointed out - the Pinephone is device attempting to do that.
Can I just have a wifi only phone and then have a separate wifi hotspot that actually does the connecting to the cell network? The hotspot wouldn't be "owned" but the phone could be.
You’ve drilled down to the critical issue - batteries. For better or worse, we have observed there’s a limit as to how much stuff people will willingly carry on the regular. Current phones barely fit in that space envelope. Make a phone twice as big or require a separate device, and for most users this is equivalent to not carrying a cellphone.
I don’t think the current dominance of the big two can end until the hardware and software requirements of making a good phone are much much more accessible to normal developers/engineers than they are today.
I never understood why they don't sealed box the wireless stuff then.
I could imagine a family of cellular and Wi-Fi devices that present as Ethernet bridges. They'd offer a configuration interface reminiscent of home routers (go to a magic IP either with a REST API or a browser-controllable menu). This eliminates a lot of the delicate, externally facing configuration options and has the side benefit of eliminating a lot of driver development hassle, especially on low-popularity OSs.
It is an isolated peripheral in many smartphones. Whatever you do, there is of course a risk malicious code could break out of the isolation, true for your Ethernet proposal too.
Having a malicious device on the other other end of a Ethernet connection is much less of a problem than having a malicious device that can DMA into main memory, which is something the baseband in Apple/Android phones at least allegedly can do.
Well I have completely degoogled mine [1], but it comes with problems like reversing banking application as it uses safetynet. Luckily I am quite profound at that.
Bottom line, it is doable, but I want a working linux phone, where camera and calls/sms/mms work and I dont use any newage communication software, so I dont care. Again, this is completely my use case as I practically consider the phone applications as mostly useless, dont play games and prefer paying in cash.
I hoped Cosmo Communicator[2] would be it but they didn't support the camera and since I am using it for taking notes, it is vital for me. Actually I even went into making degoogled rom for CC but I got stuck at selinux blatantly abused to prevent modifications and maybe some day I will recompile the kernel to kick it out or find time to reverse and binary patch the selinux checking.
Actually PinePhone is becoming more and more interesting option but they should really pump up the specs, again, at least for camera. The second possibility would be sailfish os [3] but again it has some closed source blobs.
I love the PinePhone. It is an amazing project, and I'm definitely considering buying one. However, it does not solve my main problem. For most scenarios I still need a "normal" smartphone with either iOS or Android. Apps like WhatsApp and banking apps are unfortunately needed for a large part of my daily life. At risk of either socially isolating myself or bringing major inconveniences without having them. All unavailable outside of the walled gardens.
I really want the PinePhone to be a solution here, but unfortunately I know it isn't.
>Apps like WhatsApp and banking apps are unfortunately needed for a large part of my daily life
That is the opposite of what they want. Do you think whatsapp and a banking app will allow installations that let them track users less? With banking I can sort of understand it, they have to protect the lowest denominator (reused password, no 2fa), so barring different installation methods that are used for "anonymous" purposes I can sort of understand the reasoning behind.
but something like whatsapp where the main commodity is your data? Hardly their priority.
The (not cost effective) solution is to carry both.
Shut off the 'normal' smart phone when you don't need it (for banking or what have you).
Use the web version of Whatsapp (https://web.whatsapp.com/) if you must use it. You could even consider having a WhatsApp specific phone if you have an older model that you've upgraded from that contains no other data.
I do similar. Just use my previous Android (eg Pixel2) with the apps on it and my current phone (Pixel3) is trimmed (disable what you can, no apps but Firefox). I leave the 2 in a known safe location.
Not a 100% solution but is dead simple and better than 0%
A way to mitigate this is to just accept having multiple devices. This doesn't solve issues like unaccountable microphones, but does give you at least one device that you do control and the no-nonsense software benefits that brings.
I'm at the point in my life where I don't really need proprietary apps on the go, so my "full take" device is a tablet that mostly stays home.
My bank’s app is essentially a wrapper around their mobile site. I can’t think of any specific features it has that require it to be an app, both technically, and in their implementation.
Check deposit may be the only feature not available in the mobile site. It’s certainly not a technical requirement that they can’t implement that though.
Probably the most noticable feature of banking apps that I've noticed is real-time payment authorization.
Sometimes when making a card payment online (not necessarily on the phone), my phone shows a notification from the app asking me to confirm the transaction.
Ah, I hadn’t thought of that. Several of my credit cards have that same feature and it never shows up until I leave the US and don’t have connectivity and get locked out of my card.
The PinePhone is definitely more open and trustworthy, but it also feels pretty useless for the time being. Its Allwinner A64 processor is antiquated, about like a lower-end Android phone from half a decade ago and with only 2–3GB of RAM, but the Phosh software stack isn’t optimized well for these limitations and the device moves at a crawl. Just opening the screen to turn the wifi on or off takes over five seconds. (Yes, there is also UBports, but that is based on 2014-era Ubuntu-specific software that even Ubuntu moved away from, and the whole thing feels like it is bitrotting now.)
I also worry that there isn’t enough of a development community behind the PinePhone to bring it to a basic level of polish. Instead of being the resurrection of the Nokia N900 as a hackable Linux phone, the PinePhone might actually be a repeat of the ill-fated Openmoko Freerunner.
So far we're struggling with some really basic issues with our recent Pine Phone- including severe echo on calls, slow ui etc. Its a WIP and will undoubedly improve over time, but its definitely not a turnkey daily-driver type of experience.
If you want to stay with Android, maybe have a look at CalyxOS. They integrate microG and flawless system updates while keeping the bootloader locked. Only works on Pixels and the Xiaomin A2 though. Imho it's the one Android distribution that has the right balance of privacy and usability. I flashed it for my mum and my sister and there wasn't one complaint yet.
No? Your link says nothing about "completely," you just made that up. What it does say is that they remove the "nonessential" bits, plus flip the HAP bit. You can do both of these things yourself with me_cleaner, but it's not good enough. Exploitable vulnerabilities have been found in the bits that cannot be removed.
Great stuff. First time I flashed a chip with SPI or started learning and playing with surface mount chips. Old ThinkPad are still very capable and empowering if you like playing with software and hardware.
With regards to changing parts on a phone, ifixit made a comparison of different phones and how easy they are to change parts for. Something to consider taking a look at when buying a new phone. https://www.ifixit.com/smartphone-repairability
Your average desktop/laptop CPU runs a blackbox like Intel AMT or AMD PSP which is basically an always active mini-CPU that runs in the background and is OS-agnostic. If you consider your OS max privilege level as ring 0, this is ring -1.
If/when someone manage to conpromise those, they can basically take over your computer, and Intel/AMD doesn't provide any sort of killswitch or physical way of disabling it.
Alas, it is so. Graphics cards have much the same going on. It's part of why Nvidia will likely never opensource or mainline their drivers... They have a huge need for blobs and hardware backed secrecy in order to enable most systems to be compatible with HDCP. That means they need to be able to attest to their cards having not been compromised since leaving the factory.
As someone could in theory cobble together an HDCP compliant rig and good heavens, might be able to intercept and decode HD content!
So much of what makes the tech giants so lucrative is that they act as centralization points for industry level orchestration of what user behavior to support.
You can bet that if an industry working group is stoked, there's likely hidden in there somewhere an implementation detail intended to curb an undesirable user freedom or general capability.
The biggest difference is that graphics cards don't have network access. Without network access, proprietary code can be an annoyance, but won't be an outright compromise.
(sure the code could still do nasty stuff like facilitate tempest or other sidechannels, but that's leaps and bounds ahead of the built in assumed-RCEs of ME/PSP).
It can be used for 'out of band' management of your system, including firmware/bios rollouts and updates. Allows remote hijacking of attached hardware devices. Basically can puppeteer your entire system.
> why can't we do anything about it?
Because there is no ability to update or modify this code. It is only updatable by the hardware vendor as it is encrypted, signed and checked during update.
I guess they mean the freedom (or lack thereof) of the software license that comes with your OS, ie. 'you should be able to hit the software with a metaphorical hammer', which technically isn't possible with the Windows 10 license.
I also think selecting parts is limited by the fact that there are so few manufacturers. Processors these days mostly come down to AMD or Intel and nothing there is transparent or audit-able. "trusted computing" and backdoors make even your hardware suspect.
I own a 5-years old Moto G4 Play running a de-googled Android 7.1. It works just fine, and I can install apps from either the F-droid or the Aurora stores.
To me it makes more sense to continue with this phone, as I can find all the replacement parts I need on AliExpress, rather than investing in a new Librem 5 or a PinePhone. While I appreciate being able to use an open mobile OS, there's the problem of apps, and there's still the hardware problem - it's both more expensive (in the case of the Librem 5 at least) and has the same problem of eventual obsolescence.
One of the biggest and most overlooked issues with privacy on any cellphone, "open hardware" or otherwise, is the phone part. The baseband processor (BBP) will be a proprietary black box until at least one of the carriers decides to allow an open source BBP to access their network and exchange data. Even once that happens, if it ever does, the second your BBP accesses the network you are vulnerable to snooping, tracking, and spoofing like everyone else on the planet.
At the end of the day you are relying on a suspect network connection, hosted by a profit seeking corporation, regulated by a privacy hostile government, to maintain your connection to the world. No matter how "free" your device is, the network itself will never truly be free.
> since a lot of normal interactions such as banking almost requires you to have such a phone.
I can get by without carrying a microphone-and-camera equipped computer controlled by someone else around, and so I don't; but, if I want to return something I bought on the Internet, I don't get a receipt; and, if I want to go to a bar, there's a risk I won't be allowed to pay. (There is a law against the latter problem, but it is not enforced.)
> and, if I want to go to a bar, there's a risk I won't be allowed to pay.
Are there situations where paying without a smartphone is not practically possible? In the Netherlands people sometimes pay with smartphones, but these use the same infrastructure as the ubiquitous debit cards, so it is not an issue here. (Cash on the other hand…)
In Norway, some businesses use Corona as a pretext and say that credit cards are dirty too. What's the cash situation in the Netherlands? Aren't businesses legally bound to accept cash?
Supermarkets, sure, but plenty of small businesses require one of the so-called contactless payment methods these days — a trend that started pre-corona. This means either a debit card or a smartphone with a virtual debit card on it. It is a point of concern that this excludes people without a bank account, but as this doesn't impact essential services it is tolerated. I don't think we have a law that mandates cash, but of course supermarkets would face criticism if they closed the last cash register (there is always one that accepts both kinds of payment).
These payment terminals and the Dutch debit cards are by now all suitable for this type of contactless payment: you either lay the card on top of the terminal or hover it there, or hold it near the side (depending on the model); it can be done completely without terminal and card touching, and of course only the card carrier touches the card (i.e., you don't hand it over as is sometimes done with credit cards).
Credit cards are rarely used for payments in shops here, and are often frowned upon by merchants (and often refused). It's all debit cards (either as a physical card or virtual in a smartphone) and some cash — although covid may well proof to put cash that much closer to the grave.
This may be an ignorant question, but how do we know what every part in a computer does? Yes, we can choose the OS, but do we all know what every single chip does on a motherboard? Like, EVERY chip, not the CPU or main ones, but the innocuous chips that are strewn across a motherboard. Now, I know some of you will go "yes, I know what they do", but do you inspect every motherboard you own in detail to see what they do?
What am I getting at? Well, I know it's totally paranoid, but what if some agency out there in other countries who build these things are putting things on the boards to send telemetry data back. Perhaps something small and quick now and then while the computer is online. Something that you don't even notice unless you're constantly monitoring the internet traffic in and out. And the traffic itself could be something innocuous also. Something that slips under the radar.
I know I know, I'm totally paranoid here. But does anyone here worry about that at all?
> and even doing simple reparation tasks like replacing a battery is a nightmare these days
I went ahead and bought a SM-T575 tablet a couple weeks ago. The only tablet I could find in the 8-inch range that had a somewhat decent CPU/GPU, a camera with light, NFC and a replaceable battery - while still being waterproof. And it's not made out of hard plastic that will shatter at the first fall. For all that joy however, it was a fucking PITA to root it and I only succeeded because of a helpful soul messaging me on Reddit of all places.
Seems like the only place one can find stuff supposed to live longer lives is in the expensive Enterprise section of manufacturers for a hefty premium - similar to "smart TVs" where the only "dumb TVs" available are "digital signage" type. And that's not good. We need regulation in this space, and fast.
> Owning my computer is still relatively possible. I can build a computer from parts which I can choose
This is insufficient according to conditions of TFA. It is widely assumed in the security industry (based on evidence from the various state-sponsored attacks we can see) that the NSA and/or other government agencies have backdoors and/or zero-day exploits for both the CPU secure execution modes and common networking hardware. It is very likely that there are "magic packets" which you can send to such devices which install a rootkit payload.
If security against even government intrusion is something you care about, it really difficult to buy or make a modern computer that is configured like computers were in the 80's and 90's: just running code we have complete access to, with no hidden interfaces.
"simple reparation tasks like replacing a battery is a nightmare these days"
Had a recent experience with a Motorola phone with this. And there was no obvious technical reason they couldn't have held the battery down with something other than a shite ton of glue.
I'd like to quickly plug Fairphone here. They've made a phone which does everything you'd expect of a smartphone, but is also very easy to disassemble. Replacing the battery is extremely easy, same with the screen itself. The other "modules" tend to have a few different components on them, e.g. USB plug and vibration motor are on the same module AFAIR.
I've been using the Fairphone 2 for a bit over 5 years and while it's not an outstanding phone, it's lasted well enough. The challenge for me in Australia is getting spare parts, as they only ship to Europe sadly.
I just bought a 3+, shipped to Australia via a friend in Austria. I'm glad to hear that your 2 has lasted, albeit the phone I replaced was also about 5 years old (a Samsung, from the days when those had replaceable batteries and uSD slots. And on battery number three, although I am pretty sure battery number two was a fake because it never worked properly)
I'd love to run a more open software stack, but even just Linux on the top layer would mean not running the apps I need to get through daily life... it's why I had to retire my perfectly working Android 3 phone, so many things stopped working (the Covid tracking app FFS). But under linux are the various radio, camera, wifi etc modules and a lot of those have their own firmware. Pinephone has really struggled with that.
There should be just a phone for hackers and hardware/open source enthusiasts. They would have a toy to play with without a need to bash other “walled garden” platforms which isn’t for them apparently. As ordinary consumers don’t want to or do not have a knowledge on how to do those advanced tasks most HN users want.
And, that’s great! They shouldn’t know that, maybe there will be some cultural shift in the future, where everyone will be tech-savvy, and companies like Apple starts changing their approach. Until then HN users need to accept that most of those solutions are made for ordinary consumers, and embrace the niche for them. :-)
I have a PinePhone. It's much fun being around the guys who are making the next evolution of phone. Hackers gonna hack.
I'm still here bashing the walled gardens because no matter what the non-techies want to do, they need protecting from themselves by either the .gov or by being given alternatives.
Every day we get closer to giving them another usable option.
The only thing I will say is that I encourage you to get involved with hardware engineering. You will quickly find that small personal electronics have extreme design constraints that are quite unlike a custom-built PC (it's like complaining that you can't just buy RAM, a CPU, enclosure, etc and build your own ECM for your car).
People don't drop their battery-powered custom-built PC into 6ft of water and expect it to keep working (then dunk it again after two years of abuse, 4 floor drops, etc have worked against the case, seals, and so forth). They don't take it from freezing temperatures into the warm indoors and expect it to keep on trucking. They don't expose it to extreme temperatures on car dashboards in the summertime and expect it to still perform (it would absolutely hard-lock due to overheating if you tried it). Compared to a phone it doesn't matter very much how much a custom-built PC weighs +/- 1kg; phones fight for grams. If a custom-built PC uses an extra 15w who cares? But that might be more than the entire power budget of a phone SoC. People expect a phone not to spew EM that breaks the ability of anyone around them to use data or make calls. People also expect their phone to be able to complete a 911 call in an emergency so long as some kind of signal exists.
Modularity IS NOT FREE. STOP ACTING LIKE IT IS.
Modularity costs space, weight, and complexity (which often translates into user time spent troubleshooting).
If a user-replaceable screen means giving up waterproofing do you expect that to be a popular tradeoff? If making the battery replaceable reduces battery life by 40% is that a good tradeoff?
It is clear to me some people complaining haven't spent any time researching this topic and have no idea just how much engineering goes into modern electronics nor what the tradeoffs are. If they actually had to live with the results of their claimed preferences a lot of them would hate it and switch back immediately. At best I see people hand-waving half the battery life or double the weight as if it such things were trivial for devices people hold or carry on their person for hours a day.
I'm 100% serious when I say if you are working on your own company or product please make sure you approach these things with eyes open. If you are deliberately going to serve a different part of the market know that going in. It's fine to go after a niche - a niche can be profitable - but understand your customers and what they really value (not just what they claim to value). Don't let a bunch of contrarians on HN convince you there's a market for 10 million modular cell phones. You'll lose a lot of money when your "customers" skewer your product for all the compromises necessary to give them what they claimed to want.
I don't think those are the actual trade offs for modularity. If I want waterproofing, I use waterproofed modules and a specific case. If I need more battery life, I use a bigger battery module.
The real tradeoff is size. The ultra thin electronics are the benefit of not having modules. Related to that is performance - the performance you can get is well correlated to how nicely you can put your traces on the PCB connecting the two. Having to go through a connector adds another competing constraint
Source: have done some modular and non modular designs of the same. Not nearly to the same precision and performance requirements as building a phone, but not that far off
Even with unlockable bootloaders, you're still never completely getting rid of what I call predatory code signing. The code you're able to run on an Android phone after unlocking the bootloader runs with EL1 — the privilege level sufficient for an OS kernel. Problem is, there are higher privilege levels aka ARM TrustZone (I think they go up to EL3?), and you're never getting access to those. And there's a "secure OS" that runs in those, and that, among other things, manages DRM and SafetyNet.
Is there a good layman’s guide on how to do this? I’ve heard about things like f droid or cyanogen but really have no idea how those paths compare to “open source” phone operating systems from Mozilla or Ubuntu or other choices like Purism. What’s a reliable route to get a smartphone that can do calls, texts, and browsers without relying on Google or Apple?
My hope is that as smartphone hardware gets commoditized we'll see a meaningful third-party alternative. Linux on desktop, for example, may not have the marketshare that matches commercial offerings (like MacOS, Win, ChromeOS) but it is viable, and it is there for people who want it. I want to see something like that for phones.
> Owning my computer is still relatively possible. I can build a computer from parts which I can choose, and have a choice in which operating system to install on them.
Where can I find, how can I build a computer---that isn't 13 years old---with open firmware of which one doesn't reasonably suspect that the NSA put a backdoor into it?
Don't worry about NSA. If the NSA finds your computer interesting, they can remotely hack it using one of a 100 zero-days exploits, without ME. And if you are running non-ME system, it's even easier for them to hack you unless you are working with the CounterNSA.
Surely this depends on the system being run and the programs running on it. Are you claiming that a basic installation of OpenBSD is wide open to the NSA? Even if that is true, I would think that fewer vulnerabilities are better than more, and that vulnerabilities that cannot be found because their source is secret are worse than those that can be found.
From experience, no matter what you do, your phone will still continue to ping 1e100.net every few minutes. This may just be something innocuous, but there just is no way to get rid of this behavior (or to understand where it's coming from).
You might want to check out https://e.foundation/ - It's a de-googled Android + MicroG, but ships with its own app store and tries to be a generally integrated experience.
The type of programming you need to get your phone to dynamically manage a mesh of access points makes the brain melt. At what level do you want control? After the network connection manager already does its thing or do you want to govern that too?
Some time ago, this topic prompted me to rethink how I used smartphones in general. Once you get more intentional with the way you use your devices, it's often the case that you can discover habitual patterns that took over without you noticing.
I've always dreamed of something like an open-source iOS clone. The benefit would be that developers wouldn't have to change much, and this new system could take advantage of the exiting iOS app eco-system.
I have been lucky with TextNow web-based phone number so far - all my banks (and the IRS) accept it. But it's probably only a matter of time until they force me to use a "real" phone.
Yes. I feel i am not trusted by any OS vendor to be given access to all my system folders. I feel that my computers OS is like the proverbial, pushy "bodyguard" whose job is to stop you seeing too much and going places "they" don't want you to go.
KaiOS is sponsored in part by Google, and includes Google software. I know because I have the yellow banana phone (Nokia clone). I bought that with exactly the expectation that it's free of trackers and so on, but no. Apps on KaiOS cannot be uninstalled.
Owning my computer is still relatively possible. I can build a computer from parts which I can choose, and have a choice in which operating system to install on them. Laptops are slightly more closed, but even on those I can choose the OS myself.
Modern smartphones however, seem like walled gardens in which I have no control at all. I cannot choose any of the parts, and even doing simple reparation tasks like replacing a battery is a nightmare these days. I am locked into a single OS on my smartphone, which either spies on you or is locked down even more. Every iteration a bit more control is taken away from the user. And its increasingly hard to step away from them, since a lot of normal interactions such as banking almost requires you to have such a phone.
Both Android and iOS suck. I've made my own Android phone tolerable with F-Droid and trying to ungoogle it as much as possible. But unfortunately I find myself locked into using google play services since solutions like MicroG just don't cut it. They lock me out of slightly too much of my daily smartphone usage (note that this is definitely not the MicroG's developers fault, they have done amazing work).