440
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 24 Oct 2025
440 points (99.5% liked)
Privacy
43392 readers
318 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
Try Graphene today. IT WORKS
Samsung s22 and s25, checking in. Graphene won't be viable for the vast, overwhelming majority of Android users today or in the coming seasons.
I hope people figure out some kind of virtualization/docker-containerization solution to the coming Goo-lag.
I'm still holding some hope that maybe Samsung's flavor of the OS won't have the restriction of requiring Google keys. Specially considering that Samsung has its own "Galaxy Store" with app submissions controlled by them, not Google.
Though it's possible they might simply extend the signatures accepted to include also the ones signed by them ^^U ..still it would give them a competitive edge to remove the restriction so they might be incentivized to do it.
I'm hopeful that the hackers will win. I will never underestimate the power of motivated, scorned engineers.
I mean, you can hack/root most devices, even right now. I expect that's not changing.
Probably by removing some google service or some other gimmick it can be bypassed
If they want a lot of play store banking apps + other things that opt into play protect to work they'll need to add the signature verification requirement.
You think the banking apps would have that restriction in Korea and many other countries where Samsung phones are the most common if they chose to keep unrestricted app install? If a big player like Samsung did this, I doubt it.
That's a really good point, basically throw their weight around a bit eh?
I'm even willing to use the web apps or webpages for banking, if the browsers can make the handshakes. I'll forfeit using the bank first party apps, if their websites are full featured.
100%, my bank thankfully doesn't tick that box, but if it did I wouldn't think twice about dropping the app. Freedom is more important.
Would be nice, but I imagine that Samsung would both need to actually be impacted in an meaningful way with their store, and find some way to prevent Play Services (which they have to meet requirements to be able to load on their devices) from just nope-ing non-registered apps. Both of which I seriously doubt would happen.
They have already been working pretty close with Google on things that removed their actual Tizen OS from stuff like their watches in favor of merging their code into Android Wear OS. Would also guess that they might just work something out to either force apps on their store to be signed by Samsung and cleared by Google. Or that they just require apps on their store to only be listed after registering with Google. Not like Samsung really cares about supporting side-loading if the apps aren't in their (or Google's) store.
Sadly I think only a OEM like Samsung would have the massive levels of hardware sales and money for making a real fight against Google. F-Droid and other alt-stores or projects lack both and are easy to ignore. If Samsung were to be actually concerned about this, then I think we would have already seen them filing lawsuits and pushing posts/news articles condemning Google's plans like F-Droid keeps doing (aside from lawsuits due to money).
You are probably right.. it's just one hope I had, I'm not expecting it to happen, but I'll be hopeful until the end.
Hope for the best, prepare for the worst.
Nothing wrong with finding small hopes here and there where you can. I too had briefly thought about Samsung's store (I have an S24 Ultra, Tab S8+, and my old S20+) maybe being large and known enough by more users than F-Droid. But their lack of press releases pushing back on Google was what told me enough. If Samsung's store was actively used more than the Play Store on their phones (and had enough really popular apps that weren't also on the Play Store), then it would at least be something.
Sadly even if Samsung's store is able to somehow get a pass by Google, I highly doubt that the devs of apps that are only on F-Droid would list them on there. And would still only help Samsung devices (though I know I would start using Samsung's store a lot more if those devs did list them on there). Though I might find reasons to use my S20+ for some apps that I like having but don't use daily, and my tablet is on Android 15 so it will be used for stuff I use more often (never thought I would be excited for it to not get major updates).
The main actively used daily app that I am dreading losing (due to the current dev not planning to ever list their active fork on Play Store) is SyncThing-Fork on my Android devices (use different SyncThing apps for PC/Steam Deck). It has been the only multi-platform sync program that actually works correctly for my password vault on my Android devices. Though it is possible that the dev might get it whitelisted, but I am not going to hold my breath. As the main dilemma on a per app level is that the more apps that fall in line ends up supporting Google's actions, but at the same time not getting whitelisted means just going away (at least on fully updated Android 16+ devices).
There are many other "uncertified" ROMs.
And the bootloader is now locked down across Samsung's ecosystem, as of this year. Sucks.
If you move to using an unsecured "chinaphone" as an alternative to the big three handset vendors, then it's unlikely they are target devices for the myriad of uncertified ROM's.
I think we are going to need software solutions that can run on major Androdis distributions across the variety of hardware.
I think we're going to need something like UTM or Docker (virtualization or containerization) for running our unsigned Android apps and services, and I don't know how feasible it will be.
Not following your logic here... With the mainstream devices now locked, "the myriad of uncertified ROMs" will necessarily shift to the remaining unlocked phones, or die out.
I think a viable future is owning two devices, one "certified" to access your banking and work apps, and one running GrapheneOS for your private life.
ROMs rarely work as one-size-fits-all-devices, yeah?
I only know of four smartphone categories of phones that are really available in the markets around the world today, en masse.
The big tentpole phones available from Samsung, Google, Moto, and maybe two other players.
Boutique devices from vendors like Nothing and Fairphone with limited reach to global markets (like, being Euro only, or being only distributed in markets that can buy into they ideology, etc). Nearly all of them prices or is MOST humans' reach.
Chinaphones. A mix of fly-by-night brands with ghost shifts in factories that make many varieties of phones with other people's designs, but have extremely limited first party support and probably zero ROM support from the global community ... And then the handful of tech markings like Xiami, HTC, Huawei, and anyone else that bends the knee to the CCP. Virtually no NA market penetration in this decade, and tremendous barrier for entry, for most of the Western world. Also, security issues galore.
iPhones.
All that to say, I don't think a more featured OS existed it's the way forward, with people all jockeying to make new ROM's for everyone to NOT be able to run on their phones.
I'm hopeful folks smarter than I will be able to come in about the potential for sandboxes in it phones with their own capacity for running unsigned apps, like a virtualization platform.
I don't have time today
Ok, I’ll extend your deadline til Monday then. ;)
Except for stuff you really need like online banking, tap payments and digital ids
All my banking apps and credit card apps have worked flawlessly on Graphene OS. You're correct that tap to pay doesn't work, which is a bummer. But that is just Google spyware as well, honestly.
I heard about this a while ago, but I remember the GrapheneOS team talking about suing Google if they didn't allow them to pass play integrity checks like they should be able to, but Google just doesn't let them. That's the only reason tap to pay doesn't work and some baking apps have issues, its Google purposefully limiting graphene OS so they have a competitive edge somewhere.
Sadly not the case here.
Plenty of bank apps work just fine. None of the ones I've tried had problems, except Santander, which works perfectly after changing a setting.
Not here in Norway. You need BankID which is an app that well, requires a lot of stuff.
get the physical button-device sent to you by ypur bank
Personally I don't need or want any of those things on my phone.
You can do online banking via a browser, it's clunky but you generally just need to be more prepared
Yeah, but over here you pretty much forced to use aome sort of mobile 2fa
No they work. It's not like LineageOS. Both Bank apps I now need, work on GrapheneOS but did not on LineageOS. It is my compromise without being compromised.
Ok what about my tags? What about notifying me if tags are following me what about tsp to pay what about satellite messaging.
Manageable.
Even on GrapheneOS, sure it uses a sandboxed Google Play Store, which is obviously great for users, but the developers of Android apps still have to hand over their personal data to Google specifically as this new decree from the Lords of the Google fiefdom entails.
Because FOSS developers rightly value their personal privacy, this decree effectively kills incentive for FOSS developers to continue making and maintaining apps for Android. Running GrapheneOS doesn't circumvent this.
It's like I'm saying "I'm hungry" and you say "Go for a run, it's healthy for you." I mean... it's true that running is healthy... but the act of running doesn't solve the problem of me being hungry...
As I understand it the sandboxed google apps are entirely optional. You can go completely free with GrapheneOS just like with LineageOS.
Too, you can shove Google into its own separate User from everything else and keep it locked down in an always on VPN or the like. You don't owe it the primary user on your phone. You can even keep that user shutdown such that none of it runs until you explicitly switch over and run it.
GrapheneOS is pretty dang impressive.
I use FOSS apps for everything, I only have one special user profile with google play store for my stupid bank and credit card.
For everything else there are alternatives that don’t need google play.
I think you're missing the point. You say you use FOSS apps for everything. Do you download them from F-Droid?
From the article:
I get my apps through Obtainium. I usually find the developers pages where they publish source code and the apk and then add them to Obtainium and install from there and let it manage the updates.
Most of the apps I use are also available on f-droid and some probably have play store versions as well.
This is how I do it too
F-Droid libre software, self-hostable, unstoppable.
Wrong, sandboxed Google Play is not required.