- Think how bad the market got. Today we have preinstalled garbage apps like LinkedIn, garbage apps mandated to be preinstalled by the government, ads, cloud accounts, notifications spam, telemetry. This is not only Chinese smartphones, for example Samsung also plays this game. I assume there are Chinese backdoors, American backdoors and national government backdoors on almost every phone.
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
- Not sure what timescale you're referring to when you're talking about "how bad the market got" and "today", but back around 2012 I got my first and last Samsung smartphone, must have been a Galaxy 3 or something, that had all of those problematic things too.
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
- And operators preloading questionable stuff is a much older practice than post-iPhone smartphones. If you had a feature phone in the 2000's, the operator would have customised it one way or another. The iPhone was revolutionary in how much Apple forced the network operators to relinquish control.
- > The iPhone was revolutionary in how much Apple forced the network operators to relinquish control
And if AT&T wasn't as desperate to gain market share, we could have had a different story. Both Verizon and Sprint refused the iPhone because they didn't want to give up control. The bloatware was an important piece, but Apple also mandated control over OTA updates which the carriers did not want to relinquish either. The carriers were also opposed to the phone being sold in Apple stores.
- I can remember Verizon being sued for forcing device makers to disable the ability to transfer files from feature phones to computers over Bluetooth, because they charged a per file fee to transfer files with their own proprietary software.
- My OG moto droid was pretty clean back in ~2009 or so, but even then there was plenty of sketchy carrier installed bloatware. Even my blackberry before that, feature phones even before that, had the carrier crap on it.
Part of why iPhone was such a breath of fresh air at the time it released. There was no carrier bloatware. Apple didn't allow it. Verizon turned down the iPhone because they would not agree to the no carrier branding and did not want to give Apple control over updates.
It's only gotten worse since then, but yeah its always been a thing.
At least with iPhone, there's still no carrier bloat, no facebook/meta, no linkedin, etc.
I'm not sure why Samsung continues to allow it either, they are also big enough to bully the carriers they could just as easily pull an Apple and kick all the spam off their phones, at least for the flagship models.
- You can delete almost all apps on iOS except the obviously core apps that are necessary for it to function.
- Thanks to the EU! They really fixed a lot of things about the iPhone, a shame not every fix went everywhere like core app removals did though.
- You can now. You couldn't do this in the early versions of iOS.
- On early versions of Android, you had to give an application every permission it wanted, or you couldn't install it at all.
- You can. I’ve removed Apple Music and Apple Maps (seriously, who uses that?) but apple makes extra sure most things are more annoying to use without maps. Calendar app with an address? Default to opening in Apple Maps which is missing so error message (twice). Find my? Also open in apple maps with missing app error message. Even with Google Maps set as default systemwide.
- > even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them
You see, the user you replied to spoke in the present tense, and is addressing the “(and still comes with)” portion of the original comment.
- And they added this ability a DECADE ago.
- I can't remember if it was Samsung or something, but one of the providers shipped Android tablets with a custom-but-default keyboard which sent ALL your keystrokes back to the provider. That was a big nail in the Android coffin for me.
- Remember the days of Facebook being preinstalled on Android devices with root permissions and being non removable?
You couldn't even revoke permission to access the camera and Mic. It had permission to do literally anything, and you couldn't change it or remove it.
- Apple changed that years ago, what apps can’t you remove from an iPhone?
- You can't remove the Phone app from an iPad in iPadOS 26. Even when the iPad in question has no cellular functionality. The best you can do is remove the icon, but you get a dialog telling you it won't be removed.
Which is stupid as I don't want my iPad to be getting every voice mail and imessage and so on that my phone does. They are different devices and serve different purposes. My iPad is totally a media consumption device and I have no interest in it being integrated into my phone's communication functions.
- I own both devices, and I turn phone call and text forwarding off in settings on my phone, and shut down iMessage on the iPad. Pretty easy.
- You're not my tech support person so I'm not going to get into it deeply, but I don't mean the phone option of "Calls on Other Devices" (which is off on my phone) or the Messages option of "Text Message Forwarding" (which only has my Macs listed.) I mean that whenever I get a voice mail on a call it shows up as an alert on my iPad and Messages receives copies of various text messages, I think via iCloud as this happens when my iPad is at home and I am miles away with my phone at the office.
- You should all be aware that Lenovo (the owner of Motorola Mobility) has some dark moments in its past.
https://www.theregister.com/2015/08/12/lenovo_firmware_nasty...
- Asus does this on many of their consumer motherboards now, too.
- Although you will have to buy a used phone in order to pay less than 250$, it seems like GrapheneOS is the best solution for that problem. Not optimal, but the best among what we have.
- I was thinking the same. But it worries me that these news about Motorola in particular doing shady shit. I was looking forward to the upcoming GrapheneOS/Motorola partnership :(
- On that last point, GNOME/Gtk/Adwaita apps generally function really well on small screen sizes. The design language naturally suits it, and in my experience most apps will even make some layout adjustments where they're needed when resized to ~phone screen dimensions.
Anecdotally, out of the ~50 or so I have installed right now on my laptop, which covers the basic calculator/calendar/contacts/etc., and also things like file compression, torrenting, a Mastodon client, RSS reader, and so on, all of them are ready to use on a phone.
Alas, if only there was a (reasonably priced + fully functional) phone that could use them.
- Cheap smartphone path is harder and harder. Unfortunately the pixel series is easiest but comes in double they number for unlocking the bootloader and flashing lineage, etc.
Xiaomi has been ironically the pioneer in this field, but their phones are inaccessible in the USA assuming you’re USA based. The mediatek chipset also is more fun for this over Qualcomm.
Besides suid binaries, the radio firmware and subsequent radios for WiFi and Bluetooth do give out a lot of information and are open to exploitation.
The most opaque and privileged attack surface is often the modem/baseband and vendor diagnostic stack and allow carriers to process local side AT commands.
Qualcomm is more documented, though there are fun discoveries on mediatek I’ve made just using binwalk.
- The paranoia is completely warranted, but there is a solution.
Just root your Android phone and put a custom ROM like LineageOS etc
If you want a stretch goal try and de-Google yourself, I have tried but failed twice now.
- I recently spent twenty minutes sitting outside of an MLB stadium because MLB decided they needed the same level of play protection as a foreign banking app and it refused to work on my friend's LineageOS phone.
We only got in by installing the app on my Sony and him signing into his account. They charge a fee now to get paper tickets from the box office.
- Brutal. I had a similarly annoying experience recently, where in order to enter my local big arena for a concert, the TicketMaster app was not enough. I had to step out of the entrance line to download the _arena-specific_ TicketMaster app to access my tickets. I hate the ticket systems that dominate the market, we deserve better.
- ... and you continue to let them abuse you.
- Give a solution
- Don't give your money to these places? HSBC won't let me use my rooted phone either, so guess who lost my business?
- Next time we will go to the professional baseball stadium across the street instead.
- You can’t have your cake and eat it too. If you want this stop, you gotta stop using these services, even if it means sacrificing a hobby.
If, on the other hand, you care more about your hobby than these quirks annoy you, than by all means, go right ahead.
- I'd rather try and get the executives, product managers, and engineers who implemented it fired and elect politicians that will make policies like that illegal.
I could go to a baseball game last year and have been able to for decades. The march to enshittification isn't inevitable. Otherwise there will be no hobbies in the future, and I'll be hoarding my money to just sit in my house doing nothing.
- The solution is to not buy the tickets
- The solution is to quit frequenting places that abuse you like this.
But it seems you LIKE being abused.
- It's not necessarily enjoying it. OP evidently just thinks the trade-off is worth it. Some people like baseball more than researching which phone they can buy, which one has an unlockable bootloader, and which is supported (even unofficially) by LineageOS.
That's fine. They don't have to. Their solution can be calling their local representative and complaining that the stadium their city is paying for, is locking them out.
- 1) My phone is not officially supported by LineageOS so I will have to port it first.
2) I did not analyze LineageOS yet and how it is different from stock Android, so I need to go through complete diff.
> If you want a stretch goal try and de-Google yourself
My goal is to have an open source system that is under my full control and doesn't play tricks on my by sending telemetry or collecting forensic databases. Because now I cannot even connect the phone to Internet and it is not as useful as it could be.
- I’d assume that with such a level of required inspection, you also have quite some security requirements. I’d say at that level nothing works as well as GrapheneOS (though you have to either delay security updates or accept temporarily closed source (they get access to the code only in exchange for not publishing it until X days or something) updates, thanks Google). As that currently requires a Google phone, the only way to get close to your price target would be buying it used.
- Easier said than done in the US. Even of the phones that allow for rooting (which is few and far between these days) you're at the complete mercy of the carrier for whether or not that ability is actually available to you. Even if the gracious lords may allow it, you have to engage in a long and drawn out Byzantine rite just for the privilege. Currently sitting on a Pixel 10 that will not let me have root.
Give me a Linux phone with halfway decent modem drivers, or give me death.
- If you do not update the phone, chances are high that there is some Linux vulnerability you could expoloit. The privileged vendor software also can have vulnerabilities. For example, here [1] researches hacked the phone with Verified Boot using a boot logo parsing error.
My impression that you should treat your phone as something that can be hacked any moment and not store anything important there.
[1] https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendo...
- Do the support the razr?
- My biggest obstacle to de-Googling is the GBoard keyboard of all things. There's really no good open source alternative that even comes close.
- I was in the same boat until a year ago or so. FUTO^[1] finally provided a good text prediction/correction pair + that simply better feeling the Gboard has^[2].
[1]: https://keyboard.futo.org/
[2]: I never investigated this, so I always assumed that GBoard predicted what key I wanted to press when close to two letters. With FOSS keyboards, with a physically identical layout, I tended to make way more mistakes.
- I find GBoard to remain superior in multilingual typing, futo just can't seem to be able to switch to other languages consistently, even with the multilingual option enabled,
it's also not as good at "recovering" from typing too many letters (Gboard sometimes adequately completes with likely shorter words)
- Have you tried the FUTO keyboard? I actually find I prefer it to gboard now.
- I don't think I ever tried this one. I think I tried every keyboard on F-Droid but apparently FUTO isn't in the main F-Droid repo. I'm liking it so far. I'm a swipe typer and on most keyboards the swipe functionality is much worse than GBoard but this one seems to work pretty well. I'm going to try it for a while, thanks for the suggestion!
- Heliboard is an option. No gesture typing out of the box but you can install an external library for that and it works good.
- Evidently some disagree, but I'm on your side. Biggest reason I didn't immediately think of "But what would I use for a keyboard" is my Q25 has on built-in.
UnifiedPush, F-Droid, a GMaps webview (arguably cheating, but I'm not RMS), NewPipe or Invidious are all good-enough alternatives, but I remember struggling to find a keyboard that felt right when I was using a Pixel 2 for a fortnight.
I think I went with the oldest Fleksy or Minuum APK I could find (from a reputable source), as they were fine without GApps.
Though I'd also like to call out the fact that AOSP has talkback, the accessibility service built-in, but there's no AOSP TTS engine to use it with. This is especially noticable when trying to use any spoken directions in OSMAnd, as it requires a TTS engine to use that function.
The only reason it's not the dumbest thing about Google's stewardship of AOSP is that I'm not sight impaired - as it stands, the multi-trillion-dollar corporation ripping out the built-in SIP client in their phone OS takes that prize
- I do not type a lot on the phone (I own a laptop), so no worries.
- Re: de-Googling yourself:
Goldman Sachs paid $6 million to try to get its [soon-to-be] former chief counsel Kathryn Ruemmler's Google search results highlighting her close friendship and many-years-long association with Jeffrey Epstein off the first few pages of results.
Today, the first result on the first page of a Google search for her is the opening paragraph of her Wikipedia biography:
>Kathryn H. Ruemmler (born April 19, 1971) is an American attorney who was principal deputy White House counsel and then White House Counsel to President Barack Obama.[1] Previously a partner at Latham and Watkins co-chairing its white-collar defense group,[2] Ruemmler joined Goldman Sachs in 2020 and was Chief Legal Officer and General Counsel.[3] She announced her resignation from this position in February 2026, effective at the end of June, over her links to child sex offender Jeffrey Epstein.[4][5][6]
https://en.wikipedia.org/wiki/Kathryn_Ruemmler
>How a Secretive Firm Tried (and Failed) to Fix an Epstein Friend’s Tattered Image
- I'm not sure what your point is.
- Wrote tomaytotomato 3 hours ago:
>If you want a stretch goal try and de-Google yourself, I have tried but failed twice now.
My point is that even with unlimited resources it's impossible to de-Google yourself.
- De-Googling (in this context at least) means not running Google software on your phone. No Google Play Services always running in the background, plus not using Google apps.
- > Think how bad the market got.
How bad it's always been? Go find a Windows Recovery image for a Sony Vaio from the 2000s. Prepackaged shitware has always been a thing. I read this article and thought "wow someone finally matched an old Vaio."
That said, I want to hear a statement from Motorola on this. The GrapheneOS phones they announced a few months ago were going to be my "out" from this kind of nonsense. I want confirmation that I'll be able to trust them when it finally gets released.
- > In further digging, we noticed that the URL the phone opens up is “kira-abboud.com,” a website that references fashion influencer “@kirasfashionfinds.” Notably, this exact URL isn’t listed anywhere on Abboud’s social media, and the affiliate codes don’t match up either. The redirect coming from Motorola phones is using Amazona affiliate code “sramz-kff-008-20” which is completely different from any of the codes we saw from links shared by Abboud’s accounts and linked websites.
Something funny is up; this doesn't seem deliberate.
- My guess is a rogue employee who hopes they can get away with this stuff for years till caught...
That employees cousin probably does social media for Abboud...
- No matter how you turn it, that doesn't build trust in the Motorola brand, if a single employee can push that (hypothetical) code.
- I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
- I can understand it's hard to defend against plausibly deniable errors that create backdoors, etc. But this would show a complete lack of code review, no?
- Code review just means you need an accomplice. It makes it harder, not impossible.
- Not even that. Bury it in a sufficiently-large PR and there’s a very good chance it’ll be rubber-stamped because no one wants to take the time to carefully review the entire set of changes.
- Or be convincing to a LLM.
Humans reading code is so "legacy"...
- > But this would show a complete lack of code review, no?
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
- If I'm not guilty until proven innocent, then neither is Motorola.
- How about a rogue AI agent banking some cash for the uprising? Are we there yet?!
- Yup. Let's see Kiras LinkedIN.
- right, they should start reviewing their PRs
- An affiliate can create multiple codes
- Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.
[0] https://www.reddit.com/r/motorola/comments/1s61usi/edge_60_p...
- The point where they trashed the brand has long since passed, tried the phones when they bought the brand and it was OK for a while but went downhill quickly.
- Until now I waited for their GrapheneOS-based phones. If there isn't a plausible follow up to this injection I don't think I will buy I device from them.
- I had the same reaction.
- Who outside Apple/Google/Fairphone isn't? Samsung has been shipping the Israeli (IronSource) AppCloud on A series for a while now and people in some regions even spotted it on S-series phones (it'll spy on your usage and install apps). Nothing, which uses clean Android as one of their selling points, started installing something similar (AppServices, presumably also from IronSource given the Aura branding) on various devices.
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
- OneDrive on some Samsung phones recently started uploading user photos on their own, despite user never granting apps the permission to do so:
https://www.reddit.com/r/samsunggalaxy/comments/1t7vqr8/why_...
I am getting tired of all these nonsense.
At this point, Samsung may be shipping more malware than anyone else on phones
- Some 7 months ago there was this submission: https://news.ycombinator.com/item?id=45551504 (Microsoft's OneDrive Begins Testing Face-Recognizing AI for Photos (for Some Preview Users)).
I haven't noticed any further links regarding this topic. Thus I have no idea if setting was fully implemented or abandoned but with this thread here you linked, but I'd rather guess they're full after user's data. And from what users wrote there, MS is not even doing this with some elaborated darkpatterns scenarios but just ordinary stealing these photos. This should be announced louder.
- It's sad. Samsung phones with just One UI + Good Lock and without all the crapware would actually be a pretty good phone.
But as long as consumers continue buying, nothing will ever change.
- Sony as far as I know is not shipping additional adware on their phones.
- I recently got a Samsung A07 to run some tests on. It's stunningly cheap at <£100, and will supposedly get 5 years of software/security updates.
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
- On my Motorola G Stylus 2025 ($400 MSRP) I have to disable Glance after every reboot (search Glance in Settings then click Disable and Force Stop). Archive/Delete is disabled.
Fuck Glance with all possible fuckery.
- I only had to disable it once on mine, after going crazy for a while trying to figure out what had messed up my lock screen. Haven't had it try to come back once.
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
- Maybe you can disable it with ADB?
- I used to choose Motorola devices for a long time but since 2 years when I bought Edge 30 Fusion I started to notice they automatically (without my knowledge) add 3 stupid apps or games about two times a month :/ There is no way to stop it. My kids phones are stuffed with this sh*t.
- On some phones this is done by something like AppCloud, which you can usually uninstall from the user partition using ADB/Universal Android Debloater.
- Motorola put the malware apps into the “nondisable” list. You can’t remove them even with ADB PM commands. I was fucking mad that my RAZR couldn't be fully debloated.
See also: various firmware builds for Moto phones like https://dumps.tadiphone.dev/dumps/motorola/aito/-/tree/user-...
- Or: buy another brand and not jump hoops.
- Definitely, it's more that is worth trying for people who have a phone already. E.g. on Samsung, you can remove most of the bloatware.
- A chinese one? My xiaomi required debloating, which left me without the "apps" menu in settings. I am not happy about having to do that. Side note: I have to use either intents or adb to administrate the apps.
All the "best phones" for most of us are bloated tracking devices.
- Motorola's history is so unfortunate.
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
- FWIW, the worst thing I can say about the Moto Edge 50 Neo (a midrange phone) from a year ago is that it had "sponsored" apps pre-installed. They could be uninstalled (not just deactivated) the usual way and never came back.
- I have exactly the same feelings.
- > Moto 360
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
- I got a prompt about trying new apps every week or something similar. The wording, the moment it prompted me were clearly designed for people to just say "ok" and then wonder how apps were installing regularly without any action. I got caught myself, disabled it but still got new app installs later. I killed the whole thing and have been free since. But definitely felt like a scam. And the apps suck.
- They even force you to select a bunch of apps during out-of-box setup on some Motorola phones and it mandates they automatically download post-setup. You can't say "no", you straight up have to let the phone queue up and let it pull all the APKs down for a bunch of shitty preloaded games and Netflix and crap, load them in, then get to waste fifteen minutes removing them again. :\
- This is exactly what I noticed and was disappointed about
- > There is no way to stop it.
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
- I tried to disable some of them but then, (not even) after OS update (sometimes after reboot) I noticed that they are active again.
- Strange, I've never gotten any moto apps on my cheap Moto G. I don't sign into any of their crap, but I don't recall doing anything else....
- How old is your Moto G?
Anything in the last few years has the moto app manager that force loads LinkedIn etc.
Due to cheap and cheerful with long lasting battery - I still buy Moto G - but setup offline and disable all these apps using https://github.com/Universal-Debloater-Alliance/universal-an...
- You are in luck: LineageOS supports many Motorola devices, including the Edge 30.
- In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
- How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
- Financial apps like banking ones sometimes refuse to work on rooted phones and you have to follow if you want to run them.
I just have no time and knowledge to build ROM myself. 100% open projects also suffer supply chain attacks.
- Well then you're in luck because many of the ROM projects provide step by step build instructions. It's almost entirely automated thus quite straightforward; the primary hurdle is having a capable enough system. Unfortunately given current RAM prices you'll need a system worth as much as a cheap car to properly optimize some of the components.
I'd suggest not using apps that fail to respect your autonomy.
- For Samsung phones, depending when the phone was released, you may be getting security updates months after they are provided by Google.
- Honestly LineageOS is probably a more secure root than the typical random android OEM; unless you're dealing with Samsung or Google.
- Luckily there is a mobile phone OS and hardware that isn't produced by the world's largest advertising company, and furthermore doesn't allow two different corporations to be involved in the core OS of the device.
- You're right but we can't easily get Huawei devices in North America.
- I thought we were talking about non-adversarial-tracking devices.
- I hope you are not referring to the company that is pushing AI ads through their system settings, pushing Creator Studio subscription ads through the formerly non-shareware productivity tools, and pushing movie ads through their wallet?
Seriously, get a Pixel and install GrapheneOS, or maybe a Fairphone with LineageOS.
- "Seriously, get a Pixel and install..."
Ah, the Google tax. They can turn the lock of that door (bootloader) when they choose to do so.
- But they haven't yet, and if you refuse to give Google money directly there's always the secondhand market.
- You'd still be walking around as a free advertiser for their stuff, simply by owning Google-branded hardware. And of course the hypocrisy of having a Google phone to avoid Google spying is palpable.
- I doubt people notice that sort of thing. Maybe whether you have an iPhone or an Android at most. Avoiding Google spying isn't the point of GrapheneOS anyway
- Apple isn't the largest advertising company, but it's a pretty big one. The only other candidates I know of are aftermarket Linux distros, but they have their own problems.
- Unfortunately, that company also polices what kinds of apps you’re allowed to install on your hardware.
- No, they only allow one corporation to be involved, which is not necessarily an improvement.
- Hmm, this thread and the reports of shady practices make me wonder if this will affect the partnership with GrapheneOS[1]. It seems that such things shouldn't really happen on a device where security is a top priority, whether intentional or not.
- Why does it matter? The GrapheneOS team will make the OS images. So as long as the phone is unlockable, has up-to-date firmware bundles, etc. who cares?
- GrapheneOS may be de-googled but it is not de-blobbed, they rely on the vendor to maintain certain drivers etc. Hopefully the driver maintenance team is very separate from the bloatware installation team, but someone could reasonably worry that they're tarred with the same brush.
- I would guess that most of the driver development is done by Qualcomm for phones with Qualcomm SoCs. At least that is what I've seen looking at the firmware/driver bundles some Qualcomm-based phones.
(Of course, there is more, like camera firmware, etc. but they are typically provided through the hardware providers.)
- I was just wondering that... GrapheneOS team consider Fairphone to be infosec plebs, but instead partner with a company that intentionally harms users' privacy for profit?
- It may be worth noting that GrapheneOS in most cases to date are not the initiators for conversations around extra device support. They do not control which mobile divisions and engineering teams can come to them and back genuine interest with the resources needed to reach an acceptable privacy/security standard for support.
The question is really why are Motorola the only ones that have gone that extra mile so far and what does it say about the rest of the Android OEMs (including Fairphone, which unlike most is actually a younger project than GrapheneOS).
- I don't see how the former has anything to do with the latter.
- You don't see how it doesn't make sense for Graphene to reject a company because it doesn't handle security according to their standards, but be OK with a company that is actively malicious?
- What matters is whether or not a particular device meets the GOS hardware requirements, anything else is secondary. It's not that complicated
- They announced a partnership with Motorola. They are not just making an OS for their devices, they are partnering with them. There is a fundamental difference between taking a device and making an OS for it, and partnering with its manufacturer. The latter leads to the assumption that Graphene condones Motorola's security practices, and Motorola condones Graphene producing an OS for their devices. The former does not.
- The details of the partnership are mostly disclosed in the joint announcements but GrapheneOS has no say or influence on Motorola's stock Android image and policy.
The main objective of the partnership is to do what you described in the former case, get Motorola up to a standard where GraphenOS could support the phone. They could not previously take a Motorola phone and build GrapheneOS for it because of numerous basic requirements they did not yet meet. I can guess that GrapheneOS only really condone the efforts Motorola will put in to meet their support requirements as a platform.
Motorola also gets to incorporate a subset of GrapheneOS's features and improvements as enterprise targeted Motorola features. GrapheneOS do not have any direct influence over the apps and policies for the stock GMS Android image Motorola ship with their phones. Motorola have no significant say in what GrapheneOS does with their OS. GrapheneOS can assist Motorola in hardening efforts at the OS and firmware layer etc.
- Motorola supplies hardware. GrapheneOS supplies software.
The entire premise of GrapheneOS is total control of the device. There is no way they would release a Motorola phone with GrapheneOS installed, but with unremovable bloatware.
- I've a Xiaomi phone on which twice appeared obviously debug/hello-world notifications (something like "testtest111") from apps I've never seen or installed. Then another time all Xiaomi phones of close relatives started getting these cheap, spammy ads for Android games in the notifications, this time from some obscure system app: had to look up on reddit that there are settings that disable this specific behavior.
The degree to which I don't own my own device is insane.
- I gifted my mom a Xiaomi phone a few years ago. Even after removing all the unnecessary apps and permissions, disabling all the privacy invasive settings and replacing the launcher with the stock Android, I was shocked when I checked the PiHole dashboard. The phone was constantly trying to communicate with dozens of different domains and endpoints, even when idle. None of these attempts had any sort of backoff, so they kept retrying every 30 seconds, draining the battery. Ultimately it generated several times more blocked requests than every other device on my network combined.
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
- And it's about to change soon. https://keepandroidopen.org/
- Isn't this cookie stuffing? Same modus operandi using by Geo-something widget back in 2000s with hidden ebay affiliate links that got caught by FBI. Someone should go in jail for this.
- This bodes well for the up-coming GrapheneOS cooperation..
Nothing screams "secure" better than app hijacking and url injections.
- With the digital wellbeing app feature it is possible to set a timer of 0 minutes on all auto-installed and auto-reenabling apps to effectively disabling it for good.
Edit: the timer stays even after updates so the app is not enabled again
- Isnt Motorola basically a ‘Shanzhai’ (copy cat) brand now? Some dude putting the logo on some OEM parts? I am thinking of that Commodore phone from a while back and others. While completely speculative, it is interesting to see legit brands go Shanzhai or get Shanzhaied and Shanzhai brands go legit (xiaomi, huawei)
- I like the Stylus G better than most phones I've owned, but Motorola really needs to end its partnership with the offensive "Glance" ad platform. There should not be a third party app like that which keeps re-enabling and reinstalling on every update. I don't understand what Motorola would get out of a partnership with a scammy third rate ad market that would be worth pissing off so many of their customers, but maybe they have some high level corruption in the company.
- Why would Amazon pay out on scam affiliate links? That’s the thing I don’t really understand from the honey scam.
- As long as real customers are buying stuff, what incentive does Amazon have to question the source?
- Because they are forking over some of their revenue to affiliates. If there is no affiliate, Amazon keeps that money for itself. Paying the affiliate only makes sense if it's driving purchases that wouldn't have happened otherwise.
- If they're paying out on purchases that otherwise would have been organic, they're losing money.
- Notice that this will pass Play Integrity while your clean rom won't.
- I have a Motorola G70, so this is concerning. But its hard to believe that this is a deliberate action by Motorola. To me it seems more likely that an update was compromised. Still bad though.
- The comments here say that all Android phone manufacturers do stuff like this. I have never noticed that kind of things on my Fairphone. But then again, I don't have many apps and certainly not Amazon.
- Fairphone or Pixel with GrapheneOS are currently the best bets if you actually want to own your phone.
- Vertical videos converted to 16:9 are bad for your readers, Mr Senior Editor.
> Ben Schoon is a Senior Editor
Thank you so much for being not able to consume the screencast video in the article.
- That sounds like a violation of affiliate t&c ? Wouldn't that nullify them, and even lead to lawsuits?
- Since Uber, Airbnb and Tesla, now every company thinks they can do borderline illegal stuff to make an extra buck.
What is next? Our banks selling our payment histories to the highest bidder?
- Isn't credit ratings pretty much that? Buy the payment history on debt and then sell some derived value to anyone willing to pay?
- > What is next? Our banks selling our payment histories to the highest bidder?
They do it for your own good, so that you get "more opportunity for consumer experiences in stores and online."
https://en.wikipedia.org/wiki/Card_transaction_data
https://pirg.org/edfund/resources/how-mastercard-sells-data/
- This is really unethical, replacing original app shortcuts breaks trust.
- To think I was worried about buying a Xiaomi tablet while already using a Motorola.
Gonna flash a rom on the Xiaomi anyway, but all oems are doing this type of stuff.
- Note that Xiaomi today is very hostile to bootloader unlocking -- to get unlock code you need to win in daily first come, first served "lottery" (they limit total number of unlocked devices per day). After a second or two passes you're already too late for the day.
- Thank you for letting me know, the plan right now is to try for about a week or 2 and then give up and return the tablet if I can't.
Which is a damn shame because not too many options exist with a headphone jack and a Snapdragon processor. I'm in an environment where Bluetooth is unreliable for a good chunk of my day.
The only other tablet that fits my needs is a gosh darn Surface which is like 1000$.
- And the only way to win this lottery is by using an automated script that starts sending automated requests as soon as the new day starts at Beijing time.
- No wonder there are numerous dubious sites doing it for you ... this breeds abuse.
- All Android OEMs are "doing this type of stuff."
- How low can you go?
- Yeah, I miss the days of multiple choices on mobile phone OSes.
- If we're going to imprison people for things like guessing user IDs, this surely ought to count as criminal unauthorized access to a computer system.
- Its a source of revenue that doesn't harm the user and cannot be disabled by the user. It's the gold standard.
- Your phone is now a vending machine that charges you for the privilege of inserting coins. The product was never the phone.
- Chinese brands always pull this stuff
- Around 10-15 years ago you could get a completely stock Android from China with basically zero branding, fully unlocked and easily rootable, removable battery, expandable storage, dual DIMs, etc. at a great price. I have a few. Unfortunately many of those small honest OEMs appear to have disappeared, and the bigger ones left have turned scummy.
- Especially Xiaomi did a huge ugly U-turn like this. Use to be the best hardware for low price with the selling point of no-crap fully customable phones.
And then, once they become dominant enough starting to play it like the others but stuffing as many unremovable crap as possible.
- Microsoft does similar and worse on Windows. This is capitalism being capitalism. Nothing chinese about it.
- Most non-triumphant.
- This is why we need to fight for the right to unlock the bootloader, not only on flagships.
- That begs the question! Did they use a Sony rootkit ? XD
- It is laborious to go through all the apps on a phone and dissable the default unessesary "open web link" feature on ALL the apps, but apparently it has some effect in reducing the "draft" from all the back doors
- I was possibly thinking of getting a Motorola with G.ràphenéOS when released.
Yeah, not now.
- The described behavior would not happen when you use a custom OS.
I understand not wanting to give Motorola any money because of this, though.
- True. Google does much worse things overall, but they aren't as surface-level scammy as this.
- The tail never wags the dog.
Initially the project won't change, but it likely will over time.
- But AFAIK it doesn't work like that. Motorola makes a phone that has an unlockable bootloader, provides firmware bundles, etc., but the OS images will be made by the GrapheneOS team and they would never do anything like that.
(I think the misunderstanding is that Motorola would make the GrapheneOS builds.)
- I'm misunderstanding nothing
You're probably just not willing to believe that a 'partnership' with a massive company will change things, like I do. I am disagreeing, not misunderstanding. There's a difference
- Have you ever observed the GrapheneOS team? I have rarely seen any team more principled than them, outside maybe RMS.
Time will tell, but my bet is on the GrapheneOS team doing the right thing, they have always done so in the past.
- > Have you ever observed the GrpheneOS team
I certainly have
> I have rarely seen any team more principled than them
Totally agree with you there.
I'll say no more because you pay a heavy penalty on HN for criticising the project.
I'll just say I hope the collaboration brings some needed maturity, level heads, and stewardship, and that the devs can continue just to focus on the tech.
- [dead]
- Calling this "hijacking the Amazon app" is hyperbolic in my opinion. They replaced the shortcut in the app drawer. To me this looks like normal scummy OEM behaviour, like pre-installing spyware, "anti-" malware, adware etc. which sadly pretty much every mobile/computer manufacturer does.
Replacing the OS is one of the first things I do with every laptop, PC and mobile device to get rid of (most) crap that was installed without my consent.
- and mobile device
Very little ability to do that with most devices these days, unfortunately.
- If an anti-worker company is getting fleeced, nothing wrong with that.
I hope motorola collaborates with Pine and brings linux to phones. In the age of LLM apps are obviously not a problem. (Hopefully windows Phone 7, not 8 also comes back)
- I agree with your overall opinion, but not sure why you had to bring LLMs into a topic that has nothing to do with them.
- I would agree, but I just looked on my phone and there was a Moto AI services app I don't remember being there before
- I think they mean you don't need to worry about a tiny app ecosystem these days because LLMs make it easy to create your own.
338 points by Cider9986 14 hours ago | 190 comments