I am surprised that Google spends so much time tackling custom ROMs via it’s Play Integrity API. If only they paid that much attention to say, curating the Play Store more, it had be much better for everyone
“This is why I <lukewarm take> in <current year>”
Didn’t read the article, but I hate this style of headlines with a passion. Using custom ROMs isn’t even something controversial, yet they go out of their way to make it sound like they’re breaking some social taboo or something. Why not a simple and concise title like “Advantages of custom ROMs” or “Consider installing a custom ROM”. It sounds like a meme speech pattern straight out of 4chan, except they’re using it with zero self awareness or irony. How about an actual hot take: journos who write like this are pretentious pricks that deserve to get replaced by chatgpt.
This is why I brush my teeth in 2024. This is why I still wear jeans in 2024.
So radical, man
The Play Integrity API is less about security and more about Google asserting their monopoly.
They do not want truly open source Android platforms to gain popularity, because there would be a high chance people would want ad blocking, which is a direct threat to their profit margins.
I hope EU takes regulative action to force Google to allow GrapheneOS, LineageOS etc. to be able to run the same apps without issues.
Magisk can bypass most of those issues. Might as well root if you’re using a custom rom.
Magisk is a godsend. I just wish you could add a password protection to the bootloader and the recovery rom (like the TWRP). That is the one downside to unlock your bootloader. And you can’t like unlock when you need and relock it because to unlock it erases everything. I know that is one more dark pattern from Google to make you keep your phone locked. If they cared about security they would enable a way to put a password to the bootloader
extremely pedantic whining over the term “ROM”, but when has a custom android distribution ever dealt with “read-only memory”? is or was there some immutable component of Android that could be interpreted as read-only?
also I switched from iPhones to Google Pixels running GrapheneOS four years ago and I’ve never looked back, it’s really solid and gives me the amount of control I expect and demand over hardware I’ve purchased upfront. Pedantry aside, I strongly recommend GrapheneOS
It’s firmware, hence why the word ROM stuck. Once you flash the firmware to specific partitions, after the boot you can no longer modify it, unless you have root too. Technically nothing is ROM, there is always a way :).
Do you use it on a Pixel? Last I read, that’s the only officially supported phone. It feels ironic giving Google money for a phone so you can use deGoogle more.
Don’t get me wrong, I’m all for it, I just wish it supported more devices.
I do, yes. First on a Pixel 5 and then (and currently) on a Pixel 8 Pro.
The purely emotional icky feeling of giving Google money is far less important than the tangible security, privacy, and usability upsides of GrapheneOS on a supported device. But if that’s important to you, just buy a Pixel secondhand, Google gets no money from that.
I wish more devices were supported too, but my understanding is that only Google makes devices that are both secure and open enough.
Article in German, but the relevant points from the GrapheneOS lead are all in english: https://www.kuketz-blog.de/weshalb-grapheneos-aktuell-nur-google-pixel-geraete-unterstuetzt/
One point about Samsung:
Samsung takes security almost as seriously as Google, but they deliberately cripple their devices when you unlock them to install another OS and don’t allow an alternate OS to use important security features
Samsung takes security almost as seriously as Google, but they deliberately cripple their devices when you unlock them to install another OS and don’t allow an alternate OS to use important security features
What does the crippling and security features refer to?
Does anything related to money work on GOS? Bank apps, check deposits, credit card apps, nfc payments? Any other apps/features disabled by Google?
Seems like a huge sacrifice for perceived privacy improvement.
How is this significantly different from using vanilla Android without signing into any Google accounts?
Payments don’t work, because of the play integrity api. But the bank apps that I use do work, even though they didn’t in my previous phone that was running a custom ROM with magisk to hide the tampering. GrapheneOs supplies their signatures so that app developers can support it, but I imagine not all will.
For me it has been a great experience so far. Installation was easy and fast, the privacy settings are great and almost everything works for me just fine. I had a couple of issues that was able to fix by searching for it on their forums, which is quite active
Two credit union apps work fine, venmo and paypal work fine. YMMV with other financial institutions but it’s not been a problem for me so far.
To answer your last question, there’s way too many differences for a lemmy comment, so I suggest reading their features page for a broad overview: https://grapheneos.org/features
One feature that’s closest yo your question, though:
Google Play receives absolutely no special access or privileges on GrapheneOS as opposed to bypassing the app sandbox and receiving a massive amount of highly privileged access.
I read it and I think I understand why people are using it, but just to clarify your Google play example: you still can’t use it without being signed into Google account, right? Is your concern what the app does while it’s not running? Because it feels like they’ll still collect the same amount of info once your sign in to install the apps.
Do you you try to use F-droid for most things?
via its* Play Integrity API
If the day comes when LineageOS (with microG) becomes unusable for me, I will just switch to iPhone. I hate Apple, and I’ve been using custom ROMs since Cyanogen in 2010, but there’s no way I would raw-dog a Google device.
I would probably switch to Huawei os device. No Google by design.
In fact - I might in either case, there is just too much shitty things Google does to android.
