TL;DR
- Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
- The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
- Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
Considering the lawsuits, now seems like a good time.
Hell yes.
It’s fucking open source, this is no different from games with intrusive anti-cheat refusing to run on Linux, except in this case it’s not even a different OS.
It’s monopolistic and anti-user.
Ironically, if Graphene would succeed, it would lead to a system that’s every bit as locked down as a manufacturer’s Android. GrapheneOS would also not allow you to have root etc.
IMO Graphene wants a place at the big player table. They’re not in it for user freedoms.
A manufacturer’s Android can have special privileges for their own apps, and almost will certainly have special privileges for Google’s apps.
Graphene by default wouldn’t give special privileges to any app, so that’s at least a plus.
It’s true that it would be locked down, but you at least have a couple more controls over how locked down compared to a manufacturer’s OS.
The only reason I stopped using grapheneOS was because Google contactless payment didn’t work.
Loved everything else about graphene tho
I’ve never used contactless on my phone, I already had a contactless debit card. Why are you, and others, using their phones to pay?
Why carry a contact less card when you can pay with your phone? Have you given it a try? I find myself without a card in lots of situations. Paying by phone is incredibly convenient. Lot harder to lose than a card too.
Yes, it has an upper limit though as I discovered after cycling to the garage to pick up my car with just my phone. Triple cycling joy that day 🙄
A contactless card barely takes up any space. It’s not particularly easier to lose either. I’ve never lost my card; I just keep it in my wallet, in my pocket, just like my phone is in my pocket.
I’d still carry my debit card if I used phone, just in case I lose one while out and about. I think I’d be more likely to notice my phone is missing but more likely to lose the phone in the first place.
I’ve never tried it in part because I don’t trust my phone with it’s proprietary software, and I suspect there may be no open source apps to pay with.
I’ve never used a contactless debit card. I already had a chip and pin debit card. Why are you, and others, using your contactless card to pay?
My Chip+PIN card has an RFID chip. Standard in Germany. Why would I tell, much less trust, google with my banking. Why would I let them skim data and/or a percentage off the transaction. Why would I choose a system with spotty acceptance, whereas I can use my girocard everywhere. It also doubles as 2nd factor for online banking.
There’s no need to carry your cards if you already have your phone.
Also, unlike your wallet, if you lose it you can track it.
Do you not carry cash? My cards go with my cash, which I would carry anyway even if I could pay by phone just in case I’m out and lose one.
Lazy.
Just plain lazy.
I already have my phone in hand in shops - shopping lists, reminders or even plain taking my mind off the shelves so I won’t buy unnecessary shit. Then I get to checkout and…my phone is already in hand. Just boop it and done. No need to dig out wallet from pocket and then dig out card from wallet.
I can create a virtual card before every trip, use it via my phone and then cancel it after the trip, never worrying if my card got skimmed anywhere for one.
when you pay using the virtual wallet it automatically makes a mock id to the POS … at least in my country it does
the app hides the real numbers for the credit card and gives the POS a mock id to make the purchase. it’s harder to clone. also you need to unlock the phone for it to work it’s an extra layer of protection
I’m sure Google contactless payment works really well when the phone is dead. Or you drop your phone in a toilet or off a bridge. It’s far easier to loose a phone than a card in a wallet in your pocket. If you lose your phone, you also lose access to all your money.
More power to them
Wow, I legit just ordered a used pixel yesterday to give graphene a try lol. Uncanny timing!
Anyhow, that’s great news! I can really see the EU sinking its teeth into this if nothing else.
Enjoy! For future reference I’d recommend just getting the latest Pixel as you’ll get the longest software support. E.g. a Pixel 8a is supported till May 2031, which is plenty of time to get a lot of usage out of your phone.
At the price of the Pixel 8a, I would suggest getting the Pixel 8 instead.
All of the 8th are VERY expensive now. Only the 7th Pixels are approaching sane prices.
I got a 7a even though 7 was only a little bit pricier, because it is smaller - already on the edge of what I can use with one hand, 7 would probably cross that invisible boundary. And, just as importantly - has a plastic back instead of glass.
Right, I’d love to spring up for a 8th gen pixel but I live in an unsupported region and my currency is worth fuck all so I’ll have to make do with a secondhand 7 pro lol. Still fantastic longevity all things considered.
I’ll have to make do with a secondhand 7 pro
Ouch, that hits me right in the 7Pro feels lol. Make do, indeed, lolol.
I plan on doing the same thing, any tips on finding cheap recent-ish Pixels?
A brand new Murena Fairphone 4 (North America) is about $600 brand new, IIRC. I’ve been on one for the last 6 months and it’s excellent.
I’m planning on flashing my One Plus 9 Pro with Murena’s ROM. I’m working on getting de-googlefied.
Stay away from both Fairphone and /e/OS/Murena. Fairphone fails hardware security in the most miserable way, and fundamentally breaks Android Verified Boot, while /e/OS is based on the highly insecure LineageOS, and it further rolls back security, while also repeatedly missing important security patches.
Also, 600 dollars is absolutely not cheap for a smartphone, and it’s especially not with it considering that both the hardware and software are highly insecure.
A Pixel can be purchased for much less, while being superior in every way.
I’m in an unsupported region so I’m afraid I can’t help much :(
In my case I just looked around a local eBay-like site and went with a reputable enough seller, fairly standard procedure there.
Where I am, Pixels are not sold officially either. I got a 7a for around $300. I picked a store with a physical office and made an order not through the site, but through said office. And at least could inspect the phone before buying.
I would recommend buying a used phone from the most recent generation. I had my pixel 5 die on me about 7 months after I got it used due to a major Android update. Phone crashed hard and bricked, so don’t get a 5 (even though it was my favorite design of the pixels). I have an 8 right now I bought it refurbished on Amazon. It works great and I know it will last a while being the most recent model. Also check FB marketplace if you have a Facebook account. People in my area are selling phones often.
The Pixel 6a is really cheap on the used market, and it still gets updates for at least 3 years.
The 7a isn’t that expensive either. I recommend staying away from Fairphones, Murena or /e/OS as these are highly insecure, and the companies behind them have repeatedly proven that they don’t give even the slightest fuck about the security of their users. They don’t publish important Android security patches on time, and Fairphone even managed to fully break Android Verified Boot, by signing their ROM with the publicly available (!!!) AOSP test private signing keys. It should have been impossible to pass verification, but the vendor conducting the verification seems to be just as incompetent.
A used Pixel with GrapheneOS is your best option, while still being affordable.
I’ve been using graphene for years at this point and it’s the best operating system I’ve ever had on a phone. Before this my favorite phone was a jail broken iPhone 5c. I even got a pixel tablet to take notes on for college recently and put graphene on it as well.
Only thing Google has right atm is leaving the bootloader on their phones unlockable.
Thankfully there are FOSS alternatives for apps like Authy. I recommend Aegis
For your banking app, you can use this list to check if it’s compatible: https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/
Using the web app might also be an option.
Thanks for the tips, I’m a happy Aegis user already! Thankfully, my main bank explicitly doesn’t care about custom roms and I’m thinking I’ll just cut ties with the ones who do and let them know that was the reason at this point. Worst case scenario, I still have my locked down old phone.
I would totally buy a Pixel too but apparently most Pixels here are black market and the IMEIs are banned so I don’t wanna risk getting one that can’t connect to cell networks
