Need to break up these monopolies. Really the root of all bad about capitalism.
Break up the billionaires while you’re at it. Their sickness will boil the seas away to nothing
I am going to kill myself
Sounds like the other shoe just dropped on all the people who’ve been religiously swearing by GrapheneOS.
If it’s based on Google: They can control it. You won’t ever catch me utilizing “alternative” chromium providers exactly because of shit like this lol
Same. And I think it is even more ridiculous when you have to rely on their hardware too. They control the hardware drivers AND the OS upstream, how do you exist if not by their permission?
This is just ID verification in another guise. The second I see one of these, I’ll stop using the website I see it on.
i havent noticed anything? except youtube being slow as always i supposr (/e/os user)
To anyone not switching because of this-- in my experience this is something I can work around. On most websites my captchas still work. I have had a few that dont work, and I just close the website and move on. It hasn’t happened on any websites that are very important for me to visit. Usually its a store and they really me to install their stupid app. Nope.
I guess many ppl don’t even have an important website
graphene can have the play service, but in a sandbox. anything other than that uses microg so its emulated. probably needs some time to get up to speed. if not, just use the desktop site instead of mobile. i dont really see this as much of a threat to any of us.
Desktop site is going to require QR scan.
I don’t know what they are going to do about “I don’t have a phone” / “I only have a dumb phone” population. I suspect that sometime soon I’ll have to buy a stay-at-home Google certified device, to bridge the locked down features and services.They don’t give a shit about that part of the population, maybe they can even force some of that part of the population to finally cave in and get a smartphone.
Pretty sure their solution would be mandatory carrying of approved devices. It will be the only way to provide identification and payments, essentially all the stuff religious nuts say about the mark of the beast minus the weird parts like demons or the invisible counter mark and shit like that.
It is true that it’s impossible to buy things or identify yourself online right now, so I can see why they’re doing it.
Nice screenshot now what the fuck are you talking about
Choosing not to buy one now isn’t going to help anything at all.
So i just checked back a day later after posting this and it blew up more than i expected. I’ve gotten some comments suggesting its not really preventing GrapheneOS from being usable, so this might need more context. Do your own research and testing on this one for sure, as with most things. Sorry for not answering comments, quite busy right now.
I mean when you’re paying $260 to $300+ for even a used Pixel (8 is the oldest one supported till 2029 I think), that can be a hell of an investment to make if the thing is nerfed from alternate OSs.
Yep. Sunk Cost Fallacy.
Exactly why i posted this, i figured i was probably not the only one wanting to protect my privacy in this age of surveillance nightmare.
Don’t give money to google by buying Pixel phones. Even buying used, creates demand as people are more likely to keep upgrading every year as they know it will be easy to sell their used Pixels for a good price.
There is and there never will be a perfect solution and you shouldn’t let an imperfect solution stop you from using the best one of these just because buying a used pixel MIGHT urge somebody to buy another new one. You may not want to do that, but it is silly and way too idealistic and impractical to demand others not to switch to Graphene because of that.
Buying a used pixel to degoogle and make your phone more secure and less likely to spy on you more than balances out the potential for there being one more new pixel on the future. There will never be a perfect solution and this one is fine enough for most. You may disagree and that’s ok.
There are other ROMs with other hardware that provide a similar level of privacy and more than enough security without giving money to google.
Yes they are also not perfect solutions, but they give you flexibility to support better phone manufacturers
the pixel is a very secure phone from a hardware level, the full list of security features missing from other android manufacturers is in the grapheneos faq
there is no comparable alternatives right now, though something might come out of the graphene and motorola deal
What’s so secure about it versus a basic $100 phone?
From the grapheneos faq section on device support, which details the kinds of hardware and firmware security features required and present on pixels (but may be missing on other devices):
Hardware, firmware and software specific to devices like drivers play a huge role in the overall security of a device. The goal of the project is not to slightly improve some aspects of insecure devices and supporting a broad set of devices would be directly counter to the values of the project. A lot of the low-level work also ends up being fairly tied to the hardware.
Non-exhaustive list of requirements for future devices, which are standards met or exceeded by current Pixel devices:- Support for using alternate operating systems including full hardware security functionality
- Complete monthly Android Security Bulletin patches without any regular delays longer than a week for device support code (firmware, drivers and HALs)
- At least 5 years of updates from launch for device support code with phones (Pixels now have 7) and 7 years with tablets
- Device support code updated to new monthly, quarterly and yearly releases of AOSP within several months to provide new security improvements (Pixels receive these in the month they’re released)
- Linux 6.1, 6.6 or 6.12 Generic Kernel Image (GKI) support
- Hardware accelerated virtualization usable by GrapheneOS (ideally pKVM to match Pixels but another usable implementation may be acceptable)
- Hardware memory tagging (ARM MTE or equivalent)
- Hardware-based coarse grained Control Flow Integrity (CFI) for baseline coverage where type-based CFI isn’t used or can’t be deployed (BTI/PAC, CET IBT or equivalent)
- PXN, SMEP or equivalent
- PAN, SMAP or equivalent
- Isolated radios (cellular, Wi-Fi, Bluetooth, NFC, etc.), GPU, SSD, media encode and decode, image processor and other components
- Support for A/B updates of both the firmware and OS images with automatic rollback if the initial boot fails one or more times
- Verified boot with rollback protection for firmware
- Verified boot with rollback protection for the OS (Android Verified Boot)
- Verified boot key fingerprint for yellow boot state displayed with a secure hash (non-truncated SHA-256 or better)
- StrongBox keystore provided by secure element
- Hardware key attestation support for the StrongBox keystore
- Attest key support for hardware key attestation to provide pinning support
- Weaver disk encryption key derivation throttling provided by secure element
- Insider attack resistance for updates to the secure element (Owner user authentication required before updates are accepted)
- Inline disk encryption acceleration with wrapped key support
- 64-bit-only device support code
- Wi-Fi anonymity support including MAC address randomization, probe sequence number randomization and no other leaked identifiers
- Support for disabling USB data and also USB as a whole at a hardware level in the USB controller
- Reset attack mitigation for firmware-based boot modes such as fastboot mode zeroing memory left over from the OS and delaying opening up attack surface such as USB functionality until that’s completed
- Debugging features such as JTAG or serial debugging must be inaccessible while the device is locked
The question is, are those missing features actually meaningful enough to support an evil company?
For me they are not.
This 1000 times. I can’t understand the logic behind willfully getting a Pixel phone. Isn’t it enough that Google spies on you every chance they get, you want actual hardware from them too? lol
It’s because in the US pixel phones are one of the only ways to get a phone with an unlocked bootloader. Or, in other words, to actually own a phone.
LOTS of phones other than Pixels come with an unlockable bootloader, just check the list of supported phones for Lineage, Postmarket, Ubuntu Touch, crDroid, etc.and you’ll find a multitude of choices - many (most) of which are readily available in the USA as well. (source: me, who has flashed alternative AOSP ROM’s and Ubuntu Touch to around a dozen phones & tablets, none of which were Pixel’s)
What isn’t possible though is relocking the bootloader after flashing an alternative ROM or OS onto nearly all of these, meaning there is minimal security if the phone is stolen, or tampered with while unsupervised. And for those requiring physical security for their devices, that is a big deal.
What’s the alternative?
e/os, lineageOS, iodeOS
Most GOS users would not consider these replacements
They are not as secure, but are private and more than secure enough in my opinion.
And some can be used with more ethical phones like the Fairphone.
GOS sometimes feel like a cult to me. GOS is absolutely the only good ROM and everything else is terrible. There is no nuance.
Nobody’s saying that those other ones are terrible and they are better than stock Android for security and less tracking here. But it is the best one and does things that the other ones don’t.
You can use a fairphone with one of those and if you’re happy with it, it’s absolutely better than what most people do and if it works it works. But people really like GOS for a good reason. The cult comment can be applied to Linux users, so who gives a shit?
First off, that’s software when the user asked for an alternative to the Pixel, which is hardware.
Secondly, I don’t see how those are an alternative. It’s websites locking you out unless you run Google Play Services. LineageOS etc doesn’t run the official PlayServices which is what this requires.
I took the question as an alternative to Grapheme, but perhaps you are correct.
And all those OSes you could install. Google Play Services if you want, even sandbox them like Graphene.
How is that an alternative? You still have to buy Android phones and they’re wayyyy less secure
There are mch more ethical companies than google to buy phones from, like Fairphone.
And “wayyy” less secure is very debatable. There a some security features missing, but still more than secure enough for the vast majority of users.
If you’re serious about it probably worth just using an old phone as an Auth device and only switch it on for that and still use graphene as your daily driver.
I’m not a security guy, what is the problem that this is supposed to be fixing? Like I guess you wouldn’t be able to use a virtuallised os to visit your banking website? Like I understand if you work for a bank you should only be able to access some things from specific computers, but normal people?
They’re claiming it security authentication.
Realistically, it’s keeping people in their walled garden.
You can use a web browser on a Linux computer and get right through, this change is to force people to only run latest generation google products.
This would also block people from using real google phones over a certain age where they cannot upgrade the OS anymore.
Realistically, it’s keeping people in their walled garden.
I felt for a long time, “trusted computing” is such a doublespeak term. It gets avg ppl to think “Oh ofc i want to trust my device! Who wouldn’t want that?”
Ofc what it really does, is gives BigTech the final control over everybody’s dev.
It’s intended to be a successor to the current reCAPTCHA, sold as harder to spoof than current picture-based versions. Now, almost from its start, CAPTCHA existed to train AI vision models. So Google basically painted themselves into a corner using free labor to train models good enough to recognize images, now they are switching to device signals.
That said, they’re going to have to provide a compatibility layer for iOS which AFAIK doesn’t come with Google Play Services right now. So I have some faith in the smart folks who make these de-shittified OSes working something out via microG or the like.
The benefit is for Google to make more profits if people are locked into their “ecosystem” without competition driving the prices down.
There are rumors Graphene is releasing an official phone
A Motorola phone soon shipping with GrapheneOS isn’t just a rumor but it doesn’t help with the problem of Google making their very popular robot detection service classify deGoogled Android users as non-human.
You know what does fix that? boycotting sites that use their protection.
There are alternatives.
i generally agree, although for some reCaptcha-using websites there actually aren’t alternatives. eg many governments, healthcare providers, public utilities, etc are using it :(
That doesn’t really help this issue though
phew, feels like I jumped the ship just in time. Installed PostmarketOS on my Fairphone a couple of months ago, and I’m not looking back.
You do whatever you want, but out of curiosity: how is that helping with this issue in anyway?
pmOS does not have Google Play nor the Apple equivalent. GOS has the option of having a sandboxed Google Play.Sounds like that’s the point.
Which Fairphone, and how’s it working for you?
I have the FP6 with e/os right now. It works pretty well, but I am against some decisions from Murena (like using OpenAI for voice recognition)
I’m looking forward to switching ROMs when there is more support for the FP6
Fairphone 4. It’s working out decently enough for me. To be clear, some features are still broken (most crucially phonecall audio, which only works via headset), speakers altogether started working just a couple of months ago in edge branch. Camera kinda works, but it takes just horrible pictures. Broken if you ask me. I like the “feel” i have with it, it no more feels like I’m carrying a spying device in my pocket, but a computer instead. There are drawbacks, like I have to do my banking old school, visiting the bank site via browser, but they are worth it for me. My phone screen time has definitely shortened. It’s more quiet now.
edit: and you can do cool stuff with it, with root access by default! I have signal-cli running as a systemd service, which connects to my matrix signal bridge :)
edit2: funny story about the mentioned signal-cli. I had to put the phone in the fridge, because otherwise while compiling it (had to be compiled, no packages available) hit the critical temp threshold and shut down. :D Felt kinda funny. 2026, phones compiling in the fridge.
Is there a specific reason you chose PostmarketOS? I’m currently also thinking about ditching Google android.
I feel like it was in the sweet spot for me as I was looking for a “true”(i.e. non-android) linux phone, and I happened to have a FP4, which I bought years ago. I don’t see many other options for this device, other than ubuntu touch. I tried it like a year+ ago, and it was nice, but it lacked userspace drivers for wireguard and while it was officially listed as issue somewhere in github/gitlab/wherever the development was, the development seemed really slow, almost stagnant. And I rely heavily on wireguard in my homelab setup, so that was a deal breaker for me.
How is it working for you so far? Thought about doing that as well.
I’ll paste my other response:
Fairphone 4. It’s working out decently enough for me. To be clear, some features are still broken (most crucially phonecall audio, which only works via headset), speakers altogether started working just a couple of months ago in edge branch. Camera kinda works, but it takes just horrible pictures. Broken if you ask me. I like the “feel” i have with it, it no more feels like I’m carrying a spying device in my pocket, but a computer instead. There are drawbacks, like I have to do my banking old school, visiting the bank site via browser, but they are worth it for me. My phone screen time has definitely shortened. It’s more quiet now.
edit: and you can do cool stuff with it, with root access by default! I have signal-cli running as a systemd service, which connects to my matrix signal bridge :)
edit2: funny story about the mentioned signal-cli. I had to put the phone in the fridge, because otherwise while compiling it (had to be compiled, no packages available) hit the critical temp threshold and shut down. :D Felt kinda funny. 2026, phones compiling in the fridge.
