234
Can't we do anything as google is killing AOSP and custom ROMS
(programming.dev)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 14 Aug 2025
234 points (98.8% liked)
Privacy
40868 readers
1373 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
Yeah, this is a problem. I attempted to switch to GrapheneOS just a month ago and had to roll back to stock Android. One of my banking apps worked, but 3 others didn't. My 2FA app didn't work. I stopped receiving important texts as they were previously RCS and that refused to validate no matter what I did.
Google has made it extremely hard to degoogle.
Same issue, I just did web browser instead
I suggest just exporting and using a different 2FA app, especially an open source one like Aegis
RCS on GrapheneOS is very finicky and requires using AppOps to enable
READ_DEVICE_IDENTIFIERS, and you have to let carrier services and google messages have more permissions to work. You also might have to deregister your previous phone to use the number (i.e. my old iPhone still had my number in the settings, had to remove it). There's a very long GrapheneOS thread about it, but the link should be the solution.Authy dropped their desktop app and killed the ability to export. I will have to start from scratch, but I definitely plan to.
I spent a week with that discussion your linked plus several other posts, I just couldn't get it working. I might have better luck next time I try it though.
Why not just access your financial institutions in a web browser?
That was an inconvenience, but one I could make if it was the only issue. It was more the total accumulation of things. My 2FA app pulling support for "unsigned" operating systems coupled with missing work texts due to RCS failure were the main straws to break the camel's back. Having to find an alternative and then manually change all 2FA was almost a deal breaker in itself. That played into using a web browser for my financial institution access.
Work texts go to the work phone. Work 2FA also on work phone. I use a hardware TAN generator for web banking.
My work 2FA is physical token based, it is my personal 2FA that causing me problems. Email and text authentication is insecure enough that I try and use a software authenticator whenever possible.
Great point about the work phone. I don't want a work phone as I don't have any desire to be reachable 24/7 outside of the rotating week I'm on call, but if I was expected to have email and Teams and everything on my phone I would definitely require one. Thankfully my work texts are all for team updates, heads up about issues, scheduling matters, etc, but I still consider those to be important while not riding to a separate work phone
There is always a trade-off with privacy and security. It's totally okay to decide you prefer convenience over privacy.
If you wanted to give it another shot:
That was why I wanted to move to GrapheneOS, I could selectively use Google services or apps for convenience while still being more secure than stock Android. I'll have to plan my next attempt out instead of Yolo and adapt, lol.
I do plan to migrate to a new 2FA, but Authy made that hard by getting rid of their desktop app so you can't port and have to go to each service and manually sign up a new app one by one. I tend to boycott services when they get that anticonsumer/anticompetitive out of principle.
Missing texts is definitely a deal breaker. I hate how RCS was championed as the "open" protocol and yet only google and samsung are able to implement it.. we were lied to.
Convenience and security probably.
The website version of a lot of banks require you login (each time) with a customer numer and then random letters from your password and or pin, which takes forever so I never bother unless I need the website.
Im (more) paranoid whenever I use a sensitive website. Quadruple checking the domain name, am i on https (even tho i use no-http and have a password manager). It's a bit more relaxing using an app.
Theres probably some security downsides (other than user error), but a modern banking site shouldn't suffer much since they invest heavily in locking down their shtuff.
With respect to 2FA, if you want to be more ready for any future next time, you could migrate to an open-source TOTP app. E.g. andOTP. I use this one, it's fine. The underlying standards don't change in decades, so you can choose any compatible client and be without trouble for years and years. And it may be good to do in any case, googlified phone or not. Good apps also tend to provide password-protected backups.
I have no knowledge about RCS though, never used it so can't tell. Otherwise GrapheneOS user for ~2 years, before that LineageOS, before that CopperheadOS for another few years.
Your absolutely right and I will be moving to an open source TOTP solution going forward, it just sucks that great services keep getting enshitified and we have to keep moving to better pastures. LastPass to Bitwarden, now Authy to something else.
Just remember that there are no nice reasons why they are working this hard to keep your phone captive.
We can argue about how bad it will get, but there's only worse things coming from this effort.
Oh, totally, which is why I am working towards as much decoupling as possible. I plan to replace my Nest gear with Ubiquity for cameras and stuff as I can afford it, and eventually set up my own offline automation server. This can only end badly for consumers.
The collusion between services like Authy and Google indicates this to me, but it's also effective and means I have to pivot in slower degrees. I am encountering similar issues moving to Linux from Windows, so this is a full Silicone Valley issue.