There are other things like this too in Android disabled on per-country. Japan has a camera shutter noise that cannot be disabled but this was a request by their carriers, apparently not a law, big discussion under this review: https://review.lineageos.org/c/LineageOS/android_frameworks_...
Anyway, how many times have you been recorded on a phone call by some faceless corporation, then wished you had a copy of the recording after they “reviewed” it then came to the opposite conclusion the recording should support?
(Check applicable state law, but it has been true everywhere I am aware of)
How would the phone detect that you're in a locker room? Even if it is possible, it seems very hard and likely error prone. Disabling call recording is easy.
In some countries, regulation works in a way that the economy gets a chance to fix issues before the legislative needs to intervene. And with the Japanese and their massive issues with rampant sexual abuse... I get where that one came from, in addition to the two major phone brands not wanting to be associated with sexual abuse (which the last comment of the thread also references).
And personally, I do believe that this is the better way when forced with widespread ignorance of difficult to enforce laws - target the "accomplices" or "toolmakers".
But there are things locked out in the US I cannot get to. One of the things I've wanted to do for some years is turn on BeiDou reception, but it has a firmware geofence while inside CONUS. For Qualcomm devices there's no way that I've been able to find a way around this, it's not an opensource component. Just to preempt anyone saying it's because it's Chinese spywhere, Qualcomm/Tomtom engineers don't feel receive-only reception is a security risk (there's a report somewhere where military said the same, it's strictly a political prohibition): https://www.uscc.gov/sites/default/files/Research/Staff%20Re...
I hope GrapheneOS isn't completely banking on their partnership succeeding. If Motorola devices ever became the only devices that GrapheneOS works on, and it's being done with Motorola's blessing, then it could be more easily legislated out of existence.
Having said that, the hardware being restricted to Pixel devices was always a tenuous proposition based on Google's design choices. If Pixels remain supported whilst adding Motorola, that's only a good thing.
Google's Pixels have been one of the most open Smartphone hardware lines though. Only a small handful of vendors support Android Verified Boot with custom keys.
GrapheneOS did not wall off itself or anyone else. The lobbyists who wrote those laws walled themselves off. I think they need to pay for the damage they caused with those laws privately. That way they will stop acting as lobbyists for private entities such as Meta.
https://grapheneos.org/install/web#hardware-based-attestatio...
* Follow instructions to install graphene on their website: https://grapheneos.org/install/
* Set up a private space which will be used for google play services required apps (bank stuff, etc). Install google play and google play services in the private space. Do not install google play services on your main profile. Set the private space to lock after 5 mins of inactivity. Set up google play on a brand new google account. You'll need to provide a phone number during setup. I used my normal phone number, others who are more concerned about deanonymization could use rental phone numbers or other things. Install any apps into the private space.
* Try to install apps on your main profile, ideally open source, privacy respecting stuff. Some recent apps I've found that work great and replace google infested stuff - AntennaPod for podcasts, OrganicMaps for OSM maps, Obsidian for notetaking (google keep), KOReader for ebooks, Molly/Signal for messaging. Vanadium as the default browser works well, except it doesn't have adblock plus for youtube (it does some other ad blocking though and works fine).
Things I still don't have a great solution for:
* Android auto - I don't think it works from a private space due to auto locking. Still figuring this out
* Spotify - since it also needs to run in the background and I haven't found a better music replacement.
Overall graphene has been a far better experience and I like it much more, and feel more in control of my hardware.
newpipe or tubular for youtube. ive also been using freetube lately. its just the desktop ui ported to an android app so its not as good as newpipe, but im using syncthing to sync freetube's settings/subscriptions between desktop and mobile
comaps is better fork of organicmaps and has better people running it
the fossify apps are great for the basics, sms, phone/contacts, gallery, calculator etc
droidify is a nicer front end for the fdroid store imo
keepassdx for passwords
kde connect or localsend for one-off file transfers between devices, or syncthing for things you need to sync all the time
and hacki for hackernews!
but i mainly meant its better just because its more community based now
Or just use Aurora Store to install apps from the Play Store.
If all the apps (including GP+GPS) are sandboxed anyway, what's the point of doing this?
All I want is car GPS that is (not cloud connected) && (not 5 years out of date), OSMand should cover this, tho it takes quite a bit of work to get address search to work.
Music I like Finamp, but I like an iPod even better
btw. Spotify really doesn't work without gapps? what a crap app then, I am using phones without gapps for 10+ years and only very few apps actually don't work without (usual suspects being anyone using gmaps) them despite warning shown
The workaround to drag a shortcut to the New Incognito Tab intent is clunky as it launches a new tab each time
A lot of people use Brave, which has the features "forget me when I close this site" and "clear data on exit"
Just set it so that it doesn't bypass do-not-disturb and it'll have the same result while not disturbing sleep. Those awake will get the notification, and for the others, they can see it in the morning.
I’m sure a ton of people just turned them off. They did ridiculous damage to the system.
I thought about starting an Amber Alert Milita; so any amber alert gets a fully armed response from the kind of people who join militias. That would have probably made the cops think twice about sending stupid alerts for stupid things.
Brenda escaping the memory care center yesterday morning (!) does not mean you should warn us all to watch out for her the next morning at 2am. Unless she’s found an axe and is going door to door chopping people up. That’s the only reason to send that alert.
I bet they killed a few people with heart attacks by setting off sirens in every bedroom in the county.
Condolences for the subjects, but it’s bonkers they’re used to spam people about vulnerable individuals who aren’t posing an active threat.
It's unfortunate because the world would presumably benefit from a properly standardized and above all globalized way of subscribing to geographically local alerts of various sorts. My local government should be able to advertise their servers via the cell towers and I should be able to add and remove subscriptions from anywhere in the world as I see fit. And above all the messages should be properly authenticated. Last I checked the system was so half baked that it was trivially vulnerable to spoofing.
they almost never send them where I live. Probably because the first one was sent at 2am, next morning the news reported the kid was found - safe with the parent who had legal custody the whole time.
36% of missing person cases in the US are black women and children, even though only 13% of the population is black, but those cases get much less media attention and are treated less urgently than missing white people.
Creating a separate alert for those cases is meant to bring more attention to them.
There is a similar issue with Native Americans, who go missing at an even more disproportional rate than black women and children, and receive much less attention and resources than white cases.
The best way to avoid an -ism is to forget about it.
The fighters cannot forget, so they fall into a trap of their own making.
In the same way Trump claimed to be the President of Peace, supposedly "left" or "progressive" politicians will push these measures forward while also pocketing money from businesses/organizations who benefit from various social/fiscal causes being ignored.
These are the legislative equivalent of the Dem leadership doing the kneel with the Kente cloth around their necks.
These politicians would never push to end qualified immunity, audit overtime usage, investigate police unions, etc. That requires actual change your donors might not like.
Same thing here, no work needs to be done determining why black/native women go missing at higher rates. That's hard, that's a deeper societal problem. It might just implicate a Sheriff or two or illuminate rape kits going unprocessed.
That is so bizarre. How embarrassing.
Sometimes they do it even twice in the same week. They're probably worried about a repeat of the Valencia floods and getting blamed. So they're constantly covering their asses. But I'm sick of them crying wolf all the time.
We don't have this amber thing but it works the same way (prioritised cell broadcasting) so it can be blocked.
The app is com.android.cellbroadcastreceiver on Android 13 and above
But yeah I view this in the same vein as the governments wanting to hijack our phones for spying on us (chatcontrol) or forced identification (the topic of this article). I'm sick and tired of my phone taking orders from other people than me.
This made me chuckle.
The author should not have conflated GrapheneOS and Android, it makes it seem like problems are GOS's fault, when it applies to all Android devices. It would be more accurate to call it an iOS to Android migration guide.
You do not need to treat GOS any differently than any other Android variation, you can use all the same apps you would like, there is no rule against using privacy invasive apps on GOS. If you want the best apps, sometimes you have to go with ones made by trillion-dollar companies that vacuum up data. GOS can even let you use these apps in a privacy-preserving way, with the network toggle and sandboxing.
>It is not trivial to synchronize data across machines in a secure and decentralized way. Privacy and decentralization are difficult problems to solve, with ever-changing goal posts. Apple decided to abandon even attempting to do this, and instead went with a band-aid approach that it calls “iCloud”.
I wouldn't underestimate iCloud with advanced data protection, it is arguably the most comprehensive and affordable e2ee cloud plan available.
>No globally-consistent way to “Undo” an action (unlike Shake-to-Undo on iOS).
I don't think this is a good feature, I am glad it is not built into Android.
>Sometimes the screen cannot be turned off when on a call. I've never experienced this.
>OS can’t handle lots of files in folders. Folders with thousands of files are very slow to load and sync. Sometimes music apps fail to load all songs.
I have a 30+ GB music library and I have not had any issues. Android has a plethora of amazing music apps compared to iOS. See Powerampapp.com.
>Poor UI guidelines cause serious problems. For example, many music or video players don’t work well with the timeline playhead because it’s too close to the edge of the phone’s screen. Attempting to scrub near the beginning or end of a song causes Android’s gesture navigation (back button) to be triggered instead, closing the app.
I find the UI on Android to be much more fluid, reactive, and functional. This may have just been the specific app. GOS or Android cannot stop someone from making a buggy app any more than Apple can. There are many more Android apps that are Free and Open Source, which has a huge host of benefits. Material 3 expressive is the newest google design guideline and it looks a lot better than liquid glass imo. Yes, this is more recent against this blog, but it is being recommended now.
>Sometimes toggle swtiches in settings are also menu items that can be clicked to access more settings. Extraordinarily confusing UI/UX.
Apple also does this, see wifi in control center. I don't think it is confusing once you use your phone for a few days.
>Essential features like text-to-speech, speech-to-text, or “look up definition” have to be manually installed and setup. I see less system apps as a pro, although GOS is working on, or added a built in tts or stt functionality recently iirc.
>Doesn’t always recognize wired headphones when they’re plugged in the first time. Sometimes even the second time. Could be related to one of these issues.
This has not been a problem for me. The usb control is a massive security improvement and comes with a sane default. Just works in my experience.
>Max volume is rather low for wired headphones, and there doesn’t seem to be a way to increase it.
Have not had a problem with that.
>Seemingly no way to select text in photos without an Internet connection, unlike the built-in AI-based offline-first feature in iOS Photos.
Ente photos has good device-based OCR.
> the GrapheneOS community also recommend the Aurora store
Aurora store is not recommended because it weakens security with no privacy benefit.
> One of the most annoying aspects of GrapheneOS is how its lock screen works.
This is completely outdated, inaccurate and confuses the way the lockscreen works.
>No privacy-preserving Maps app at the level of quality of Apple Maps or Google Maps.
Again, not a GOS problem. You can use the apps from the companies that spend millions on their Maps apps, or you can use the perfectly functional maps based on OSM.
>App Store madness.
If you don't want to be confused, just use the play store like is stated. It is secure and consistent. You ask for more freedom, you get the more freedom. Again, more complaints about apps specifically, not even the app not working due to GOS hardening, just the app.
>Contacts, Email, Calendars
There is no reason you can't use iCloud mail, proton mail, or Gmail on android. The vast majority of even privacy concious people do not self-host mail.
>Passwords
Even more user friendly, you can use free bitwarden, which is better than Apple Passwords or others that are not cross platform.
I switched from iOS to GOS a few months ago, and I have had nothing but good experiences. Contrary to what you may hear, GOS works absolutely fine out of the box. I have never had an app that doesn't work, you can install polished closed source apps without network permission, and the UI is miles ahead of iOS. I highly recommend anyone to try it out.
And Google maps does not require a Google account. I always use my android phones without any Google account and maps works fine. I think OSMAnd is way way better anyway but they don't have the public transport integration so I still use Google maps for that once in a while. For everything else OSMAnd really rocks and its maps are better than what Google and apple offer especially when you're not a car user.
But really expecting apple level polish from a free outfit it's just not fair.
I care a lot less about the stuff that CAN be fixed than about what can't be.
Even the transport company's own site doesn't show that very accurately. But they're very manipulative. For example if a train is coming soon the signs upstairs don't show it because they don't want people rushing. Google shows the real data though, not their lies.
> Poor UI guidelines cause serious problems
> Doesn’t always recognize wired headphones when they’re plugged in the first time. Sometimes even the second time.
> Max volume is rather low for wired headphones, and there doesn’t seem to be a way to increase it.
> No decent Photos app alternative, except Google Photos but apparently with a lot of issues (I'm paraphrasing this one, it's really long)
> Google Wallet does not support NFC payments due to restrictions that Google imposes
> App Store madness
I recognize that some of those are features and not bugs for some users, like the "App Store madness" and the lack of a Photos app alternative, but overall those seem like huge gaps that make it a non-serious alternative.
Really I'm not sure why anyone who values convenience over security and privacy would even consider GrapheneOS. It's not made for normies. It's not advertised towards normies. It's an OS for schizos and tinkerers like me. It will never be a "serious alternative" to whatever manufacturers ship with their devices.
What really grinds my gears is people installing GrapheneOS and then loading google play services onto it. What's the point? Just stick with the stock OS. It works better and has all the features you want.
To those downvoting, please note that this person did not say that nobody should switch, only that the information provided was a clear indication that it is not the right fit for them.
I, for one, greatly appreciated the detailed pro/con list in the post, as many of these would be genuine annoyances to me, and would have probably taken several months to encounter all of them.
Keep an eye on michaelgeist.ca. If there are petitions to sign to oppose it, you'll probably find out there.
You should preemptively be messaging the Liberal cabinet ministers. And make sure to explicitly demand that anything that could force age verification or age assurance on Canadians is rejected:
> Marc Miller (Heritage Minister, the minister responsible for the upcoming online harms legislation that might implement such a ban): Marc.Miller@parl.gc.ca
> Sean Fraser (Justice Minister): sean.fraser@parl.gc.ca
> Mark Carney (Prime Minister): mark.carney@parl.gc.ca
> Mélanie Joly (Minister of Industry): melanie.joly@parl.gc.ca
It may also be worth messaging:
> Gary Anandasangaree (Minister of Public Safety): gary.anand@parl.gc.ca
> Rechie Valdez (Minister of Women and Gender Equality): rechie.valdez@parl.gc.ca
While I had great success with GrapheneOS in the past, bank apps in Brazil have started blocking it, even when the profile you run it under has Google services installed. So GrapheneOS (again, even with all Google Play Services and all other dependencies installed in a given profile) is still not completely transparent to apps.
This may be a coincidence (as I don't use it every day), but I noticed blocking started just as the recent Felca Law (which introduced mandatory age verification for every software, app and OS in Brazil) came into effect.
I'll rephrase here what I said there:
Well done GrapheneOS.
But It would be nicer if they said "If GrapheneOS devices can't be LEGALLY sold in a region due to their regulations, so be it" keeping the door open for GrapheneOS to ensure it would still try to supply the residents of authoritarian hellholes with a secure OS, the same way that Signal has been quite open about how if they pull out of a country for legal reasons then they'll do all they can to ensure service is still avalable to users in such places.
Also: when they're partnering with manufacturers maybe they could get the manufacturers to guarantee that bootloaders on device sold everywhere (including in regions which ban freedom respecting software) will be unlocked, or if the manufactuer is banend from selling unlocked bootloader devices then make sure any bootloader locking is trivilally vulnerable to some means of easily achievable local bypass (shorting a pin or something which a user in posession of a device can do but which can't pose an atack surface for a remote adversary).
Not using grapheneos though because pixels are expensive in my country. Also, I disagree with them on some points, like rooting. I don't think me having access to root makes my phone less secure. Obviously it should be secured properly so only I can use it, but that can be done. After all even an unrooted phone still has a root account and runs stuff as root, you just can't access it as a user. That means the OS vendor (grapheneos in this case) has more access rights on my phone than me (how else are they going to install updates), to me that's not right.
I just want to be able to inspect what is going on on my phone. What apps are storing about me on their private storage, and to be able to add root CAs so I can MITM their traffic to inspect it.
So far it has only gotten better over time, so risk seems minor if your bank is listed as supported.
I still keep my old phone around with BankID just to be safe, but so far I haven't had any issues.
There's also swish, which is instant payments to both friends and businesses. Swish also uses BankID.
BankID is also used to sign documents, file taxes, etc.etc.
Swedish society is largely built around this one official MFA solution, and having a phone where you cannot run it is a real hassle
There is actually more a second MFA provider that is accepted almost everywhere, including the tax authority. I forget it's name and I've never tried it, so I can't say too much, but presumably it provides similar functionality as BankID
1: https://www.tomshardware.com/software/operating-systems/cali...
It is narrower than that. It only applies to accounts whose user is a child and is the primary user of the device.
See section 1798.500 (i) which says [1]:
(i) “User” means a child that is the primary user of the device.
> (3) (A) Except as provided in subparagraph (B), a developer shall treat a signal received pursuant to this title as the primary indicator of a user’s age range for purposes of determining the user’s age.
> (B) If a developer has internal clear and convincing information that a user’s age is different than the age indicated by a signal received pursuant to this title, the developer shall use that information as the primary indicator of the user’s age.
Turns out the age signal is not enough. Liability-wise, you'll probably be doing face and/or ID scans, too, even if the law doesn't explicitly call for it.
Developers will just implement the strictest state's censorship and age verification schemes for everyone, which has already happened. My state has no age verification laws, yet platforms, and even Android itself, are trying to get me to scan my face and dox myself to use them. I can't even look at spicy tweets online without verifying my age with the X app, they're censored for my own protection.
The real meat of the law is requiring websites and applications to comply with this signal. Which would be one good reason why there are so many categories of seeming little difference. This then gives them the opportunity to fine and harass developers out of business for the most minor of infractions or instances of mislabeling.
But, the state doesn’t actually have an incentive to fine and harass their tax base out of business. I don’t think they made it over-complicated on purpose, I think lawmakers just over-estimate our capacity to understand laws.
They're suing Florida residents with no ties to California for linking to pictures of guns on the internet.
They will likely lose, but the goal is not to win, it's to score points with their political base and maybe bankrupt the defendants with legal fees.
Or the goal might be to lose, but to establish some precedent that will hamper states like Texas that have tried similar things with abortion providers.
https://motorolanews.com/motorola-three-new-b2b-solutions-at...