279
submitted 2 months ago by neme@lemm.ee to c/android@lemdro.id
all 41 comments
sorted by: hot top controversial new old
[-] cron@feddit.org 121 points 2 months ago

The site provides a nice TL,DR:

  • Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
  • The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
  • Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
[-] possiblylinux127@lemmy.zip 8 points 2 months ago
[-] ReversalHatchery@beehaw.org 5 points 2 months ago

The whole idea of device attestation is flawed. Majority of apps shouldn't be dealing with it at all, but minding their own business.

[-] EpicFailGuy@lemmy.world 2 points 2 months ago

The hero we don't deserve

[-] cron@feddit.org 62 points 2 months ago* (last edited 2 months ago)

On a personal note, I'm annoyed that our national ID app doesn't work with graphene OS.

There are workarounds by patching out the security check from the app and sideloading the newly created app, but that is just annoying and has to be repeated for every update.

I just don't see how rigorose device checks that lock out graphene users, but allow any Android 8.0+ device (where security support ended more than 3 years ago) make ANY sense.

Edit: I tried it again today, it now lets me skip with a warning about the bootloader.

[-] vorpuni@jlai.lu 32 points 2 months ago

It isn't a security feature, more like a backdoor checkbox.

[-] TheEntity@lemmy.world 23 points 2 months ago

Or frontdoor checkbox for that matter, given that it's the literal device owner that takes the action tripping their "security" tripwire.

[-] JustEnoughDucks@feddit.nl 1 points 2 months ago

What national ID is it? I hope it isn't the Belgian ItsMe app because I want to try putting lineage on my xperia 5 ii since it has a flaky fingerprint scanner now (software problem it seems)

[-] cron@feddit.org 2 points 2 months ago
[-] possiblylinux127@lemmy.zip 0 points 2 months ago

"National ID app" sounds like something from 1984. I personally would never agree to something like that.

[-] cron@feddit.org 9 points 2 months ago

I understand that even the concept is scary to some, especially to our friends on the other side of the atlantic.

However, it isn't really anything else than a 2FA app, similar to most banking apps. When you interact with a government service (like taxes, social security), you have to approve the login on your phone.

[-] possiblylinux127@lemmy.zip -4 points 2 months ago

Is it libre? Can I opt out and use physical ID? If the answer is no to any of those you shouldn't use it.

[-] cron@feddit.org 8 points 2 months ago

The app is not Libre, sadly. But it is possible to use a yubikey instead, then you need noting else than a web browser.

Using physical ID is possible, but this would mean that I would need to walk to some office.

[-] limerod@reddthat.com 52 points 2 months ago

It's high time Custom ROMs and users alike did this. I cannot run a custom ROM on my primary device due to play integrity shenanigans some apps may have.

[-] lemann@lemmy.dbzer0.com 30 points 2 months ago

Looking forward to this. I don't run a custom ROM myself but I am rooted, primarily to revoke permissions from Google apps and to back up my OS and app data as I desire.

However I'd much prefer to be able to run something like GrapheneOS on a Pixel if it meant I could run apps that are picky about Safetynet/Play Integrity, such as banking apps and the like

[-] RubberElectrons@lemmy.world 7 points 2 months ago

CalyxOS lets me run most safety net stuff, though notably Pokemon go stopped working all of a sudden.

[-] FutileRecipe@lemmy.world 8 points 2 months ago

CalyxOS lets me run most safety net stuff...

SafetyNet is deprecated.

https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline

[-] Lawn_and_disorder@hexbear.net 4 points 2 months ago* (last edited 2 months ago)

Most things works fine, if they don't there are ways around it, like installing the neutered play version. Only hard NO currently is Gpay.

Not missing root functionality things at all

[-] sabreW4K3@lazysoci.al 19 points 2 months ago

Not gonna like. This is interesting. Who knew that messing with the ROM community could put Google in trouble.

[-] possiblylinux127@lemmy.zip 2 points 2 months ago

"Trouble"

I think they will be fine as they have a huge market share in Android

[-] sabreW4K3@lazysoci.al 2 points 2 months ago

I think you'd be surprised. CalyxOS are making massive claims. If the US or the EU investigate, Google could be fined or worse.

[-] cron@feddit.org 2 points 2 months ago

Seems at least plausible, given the whole "gatekeeper" regulations (EU).

[-] rem26_art@fedia.io 18 points 2 months ago

Device attestation is pretty annoying fr. It's a constant game of cat and mouse to get it to work on a Custom ROM, whether its on the devs of the ROM, or whoever maintains the magisk modules if you're rooted. I do hope things change about this

[-] dosse91@lemmy.trippy.pizza 15 points 2 months ago

Wow, I never thought I'd agree with the devs of GrapheneOS on something

[-] possiblylinux127@lemmy.zip 8 points 2 months ago

Honestly Lineage OS deserves some love. It can serve as both a daily driver and as a base for other systems. It could even been used by companies.

[-] dosse91@lemmy.trippy.pizza 10 points 2 months ago

I know, I've been using it since 2010, when it was still called CyanogenMod :)

[-] possiblylinux127@lemmy.zip 14 points 2 months ago

It would be interesting to see if Graphene OS actually takes legal action. I hope if they do they get other projects involved including Lineage OS and maybe F-droid.

[-] Azzu@lemm.ee 12 points 2 months ago

According to Graphene OS, the Compatibility Test Suite and Compatibility Definition Document requirements Google says are key to Play Integrity compliance are in practice routinely ignored, and the system easily bypassed.

Just wanted to say, I use a custom ROM with software on it to circumvent the Play integrity stuff.

Oh no, my device is insecure, there could be malware on it. But people use Windows PCs to access their banking website. I'm sure there can't be any malware on PCs!

[-] moonburster@lemmy.world 3 points 2 months ago

I would love to hear about this bypass. My old routes don't work no more

[-] Azzu@lemm.ee 5 points 2 months ago
[-] moonburster@lemmy.world 1 points 2 months ago

Ah damn. Still possible, but not as straight forward as before.

[-] grandma@sh.itjust.works 2 points 2 months ago

Out of curiosity, have you ever had an update break your bypass?

[-] Azzu@lemm.ee 2 points 2 months ago

Most of the time you gotta install the bypass/Magisk again after update, so yes, basically every update.

[-] ArgentRaven@lemmy.world 10 points 2 months ago

I rooted my phone years ago and it was a chore. Once it finally worked, hardly any of my apps would run and nothing important worked because suddenly a rooted phone isn't "safe". It was such a pain in the ass to do updates and fight programs to run that I stopped. I didn't want to spend hours fixing a device that I really didn't want to think about.

I would love to install GrapheneOS and have it mostly just work. I hate having my phone locked down like it's not mine, and it's one of the reasons I won't use it for anything important over my desktop.

[-] GeneralDingus@lemmy.cafe 2 points 2 months ago

Most of my apps seems to work, surprisingly I don't have an issue with my banking apps. However, I have run into issues with uhaul and ticketmaster apps.

[-] possiblylinux127@lemmy.zip 0 points 2 months ago

You don't need Graphene OS (I had a different post about this)

Any custom ROM without Google and with F-droid apps will be much better.

[-] ArgentRaven@lemmy.world 3 points 2 months ago

Well, right, it doesn't have to be a specific OS. I haven't done much research because I'm my current situation, it's not a good option for me as (for instance) some of my required 2FA apps won't validate on a rooted phone.

If that changes, I'd do more research, obviously.

[-] null@slrpnk.net 2 points 2 months ago

Why would you need root?

[-] Ilandar@aussie.zone 1 points 2 months ago

It's hard not to feel a tiny bit of schadenfreude, given this project has shilled extremely hard for Google from day one. I will wait to see if the threats of legal action actually amount to anything. GrapheneOS has a history of putting out very aggressive and threatening public statements and never actually backing them up with action. How much of that was down to the founder being a completely unhinged individual is yet to be seen.

[-] shekau@lemmy.today 1 points 2 months ago

Does anyone have experience with Fairphone? Im gonna buy new phone and need recommendation

this post was submitted on 11 Aug 2024
279 points (98.6% liked)

Android

17621 readers
289 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: !android@lemdro.id


💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.


Support, technical, or app related questions belong in: !askandroid@lemdro.id

For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below


Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More


founded 1 year ago
MODERATORS