I sadly believe we’re fucked
IMO the only reason tech world can be authoritarian is people’s negligence. Otherwise even if all major brands produce unhackable locked down hardware, people could boycott those and buy the one obscure open device (like pine64) and market force will force big names to revert.
Corporations do not have power by themselves. People refusing to think and understand gives them power. Same applies to mainstream politics.
So unless I can convince my mom to install Firefox we’re fucked.
…we’re fucked.
yes. also your friends, not only mom.
(/s aside, most people of younger generations don’t care as well, not only elderly less tech literate folks)
It’s a rat race. You can only win by not playing.
But if you don’t play, your pay with convenience and your time. You lose the freedom of installing a lot of apps. You lose a lot :( - to the point where it would make most people give up
If you can root your phone and use an xposed module, maybe. Or the EU forces them. Otherwise, there’s not much option.
Well the idea of having attestation isn’t the problem. The problem is that apps requiring attestation (banks, insurance providers, ID-systems) use the most convenient solution. Slapping on Googles prebuild attestation. Graphene for example, provides alternative attestation for their OS and offers docs for anyone to implement a more fitting set of checks.
There are two approaches here: If you’re upset that your hacked-to-bits, rooted, unlocked and/or unencrypted device is failing checks: I’d say, tough luck. Until we can create provably untampered app-containers, that level of access genuinely breaks TOS on apps and regulations on handling personal data. Breaking those checks is then breaking those compliances in an unsafe way.
If you believe your setup is actually secure and compliant, just not in a way the allmighty Google intended: Try and get an attestation module for your setup. Fight for these apps to accept non-Google attestation and fight for devices that don’t artificially limit what can pass as secure.
If you’re upset that your hacked-to-bits, rooted, unlocked and/or unencrypted device is failing checks: I’d say, tough luck. Until we can create provably untampered app-containers, that level of access genuinely breaks TOS on apps and regulations on handling personal data.
Hard disagree. If you own the device, you should be in full control of what’s going on. Sure, attestation can give some extra security, but that decision should be up to the user. Everything else is just excuses for user hostile DRM: platforms levaraging technology to secure their own profit margin against the interests of user.
Yyyyyyupp
“Oh no, this device is rooted! :(” Yes because I know what I am doing, now show me my account balance you stupid piece of ahit banking app.
Removed by mod
I switched to a feature phone that has nothing to do with Android for calling (Mocor RTOS) because I’m tired of fighting Android for the moment. I keep an unrooted smartphone at home for online banking. Kinda extreme but that’s one way.
Can relate. I have a phone with stock Android and a removable battery for anything won’t or I’d rather not have on my primary GrapheneOS phone. I only ever plug in the battery as needed and when I’m settled at the safety of my desk.
I personally don’t know how a non-smartphone is better is terms of privacy. Can you explain?
AFAIK, they have the same level of spying, just more restrictions and less features.
Common vulnerabilities: Tracking by carrier, including cell tower triangulation, SMS, and call logs.
Non-smartphone specific vulnerabilities: Lack of security updates. However, the data to be exfiltrated from a non-smartphone is limited. If it’s only call logs and text messages, everything’s already compromised by virtue of the carrier. So the level of concern will vary with your threat model.
Smartphone-specific vulnerabilities: Tracking by apps, manufacturer, OS vendor, or just about anything that can take advantage of the smartphone’s computing power. More data to be exfiltrated if it falls to a security vulnerability.
Smartphone-specific advantages: Can be run Wi-Fi only to avoid tracking by carrier.
Big tech can’t win because you can’t force the internet to do something.
Depends on what your definition of winning is. If we reach a state where it is literally impossible to run your own software without heavy hardware modification, which would exclude 99.9% of users, that would be like big tech winning in my book. That’s why right to repair is important, and we probably also need laws to prevent OEMs from disallowing the use of alternate OS.
They don’t need to make us do anything. They just need to make it too inconvenient not to.
The Net interprets censorship as damage and routes around it.
Gilmore’s quote was true then, it is not the current state of play.
If you need to use banking/government/transit apps, you need to play by the rules now
You can hide root/fake play integrity.
They can make it so much harder to do that, to the point where almost everyone just gives up.
i think we are already at this point.
its not necessarily harder, but its so annoying to do and find comprehensive information on the process.
