Is there any way we can fight this? Feels like there must be some EU/US consumer rights or digital market legislation somewhere that could be used to more directly object to organizations like banks saying "your phone works just fine but we actively block you from using it" especially as mobile apps become more and more obligatory for banking. It's a huge problem just in e-waste of old devices that work fine but can't be used because of the lack of updates.
Just one legal case upholding this somewhere would put a huge red flag over it and significantly discourage the whole trend.
The app won't work natively due to a lack of attestation, so I have to fire up the browser and user the service.... Exactly how is that more anti-abuse than just using an app without attestation? It's security theater and has no basis in reality.
[1] https://grapheneos.org/articles/attestation-compatibility-gu...
The second reason though I can think a bank would want attestation is as an anti-piracy measure. With a website, you have HTTPS verifying the identity of the domain. With an app, a pirated app or a 3rd party app from any source could hypothetically intercept user's banking information, their scanned checks, or even attempt to cash their scanned checks itself. It's not about making sure the device is secure, as it is killing attempts at 3rd party, modified, or malicious clients. The last thing I want, or the bank wants, is some grandmother downloading the "Wells Fargo Bank Plus with Giant Legible Accessible Text" app she saw in an ad as an APK, installing it, and being a victim of silent fraud for years.
The third reason a bank might want it, is also just simple stupid litigant America. If such a scheme similar to the above were to occur, the bank would likely be sued by victims arguing that the above circumstance was preventable. The victims would also be correct, it was preventable. The bank is then in the unenviable position of telling the jury that supporting the rights of 0.1% of phone modders was more important than victimized grandmothers.
Or, as a bank lawyer would say, just turn on attestation, it costs basically nothing, and then none of the above could happen. Better safe than sorry. After all, is the grandmother not also a customer, and preventing malicious clients in her best interest? Sure, some customers will be inconvenienced, but this is America, where anyone depositing more than $10K is subject to an interrogation.
Back in 2009 during the Cyanogenmod days, Google issued a C&D to the developers to keep them from distributing Google Apps alongside the main ROM. IMO it was less about the app distribution and more to force Cyanogemod to come to the table and work with Google to develop ground rules on how 3rd party ROMs would interact with Google more broadly. Cyanogemod (now LineageOS) basically agreed not to step on Google's toes. At the time it was not to distribute Google's Apps inside of the ROM. Now it's to not bypass OS level protections like Play Integrity (formerly Safety Net)
Their stance now can be found here: https://lineageos.org/PlayIntegrity/ . Note the part that says:
> Any action taken to bypass Play Integrity risks a backlash against all custom OSes, and could cause Google to block them entirely from the Play Store.
So long as the main players follow this advice, Google tends to also ignore smaller players that _are_ working around this via Magisk or other means. It's also possible that this simply becomes non-viable after some time.
It's also worth noting, Google has ways to allow third parties to certify their devices on https://www.google.com/android/uncertified/ . This doesn't grant fully Safety Net, but it's definitely another way Google is working with custom ROMs to ensure you have access to the Play Store
Imagine, if inside your phone, there's your main processor named Bob. Bob runs all of your apps, Bob is occasionally stupid and gets hacked, but he means well.
Also inside your phone, is another processor named Alice. Bob can't see her even if he can send messages to her, but Alice can see Bob through a one-way mirror. Alice is also located inside of a concrete steel bunker with no entry, no exit, and UV sterilization of all single-page letters coming in or out after examination by an officer. Alice has a special ID card given to her by Google, which was only given her after Google was satisfied in the security of the bunker.
Google sends super high-secure work for Bob to do. Bob isn't the most trustworthy of fellows; so Google also sends a message asking Alice to report back on whether Bob is doing what he's supposed to. Alice sends her report back to Google with her signature on it. Google trusts that signature, because it previously inspected Alice and the security of her bunker, and knows that as long as Alice is safe and Bob can't harm her, Bob is doing the work intended.
Now, you might say, why not just make sure Bob is stronger? Well, Google tried that, but with people wanting to sideload apps, the needs of developers, security bugs, that's all extremely difficult. Having Alice do nothing but verify and sign in a super secure bunker while accepting various requests for oversight - that's easy, auditable, much easier to secure, and rarely needs change.
Where it gets even stronger is what I would call, for lack of a better word, "progressive lockdown." For example, when Bob is just starting up, Alice can check that he started up from an approved OS (Secure Boot). Once that's happened, the Secure OS might hand Alice a piece of code for the OS that is never allowed to change in the future while the device is booted (Secure Monitor / TEE). Alice doesn't have to run the code herself; just panic if that code ever changes. By doing so, the OS now has super-high-security functions for itself, that can always be changed out through any update, without Alice needing any updates, changes, or expanded attack surface herself. By that point, Alice can be OS-agnostic so it doesn't matter whether it's Bob or Kevin, and could even be a permanent hardware feature that never needs updates... oops, you've just invented TPM / Verified Boot / Titan M.
I'm curious though, what are the more nefarious uses you're concerned about?
Buying a separate device and carrying it all the time just for banking is a big ask for most people, even for geeks who hack their Android phones.
It's definitely not a non issue for me.
> Android’s move to trunk-based development, and the subsequent growth in size of Android’s QPRs (Quarterly Platform Releases) have made our job magnitudes harder! As a byproduct we must rebase our entire code-base every 3 months.
> Sadly, Google also has a habit of introducing deprecations or outright removing code that older devices rely on with little advanced notice...
Google trying new tactics to move Android from open-source to "source available, lol"?
It seems to be the opposite - more of AOSP internal development moving out into the open. QPR's are getting more frequent releases than the old AOSP code-drops.
(Tbh I do think that AOSP has always had way too much churn for a sensible system. A Linux phone should just work, and share as much of its codebase as possible with Linux systems running on other device classes; distributions like pmOS and Mobian - and quite possibly Debian Mobile in the future - are working towards this goal.)
The latter has sane sandboxing, proper IPC, an app lifecycle that makes sense for embedded devices (an app in the background should only ever take CPU time if it has an explicit service with permission for that) etc.
GrapheneOS claims that this made their rebasing much more efficient: instead of receiving a massive dump of all Android 15 at the end, developers receive incremental changes (the QPRs) to help them anticipate major changes in the code.
On the other hand, LineageOS runs a lot of devices at the very (lower) edge of compatibility, which means that (with Google pushing large changes quarterly instead of yearly) the build roster has to be reevaluated quarterly instead of yearly as well. This was not anticipated properly for the Android 14 (LineageOS 21) cycle, which resulted in 19 devices not being able to be built on a previously supported major version (and therefore dropping from the roster completely).
In addition, the components that have been causing rebase conflicts each year now have the opportunity to cause rebase conflicts multiple times a year.
Couple things to note is it doesn’t have a headphone jack (it is legitimately that thin though) and you are required to use Windows to flash the device.
I wish I had known this device was going to see long-term support like it received. I would have bought one at the time.
The only modern tablet officially supported is the Pixel Tablet (tangopro). It's good enough but the screen quality isn't as nice as I would like. It should be supported for many years to come due to it's SoC being common to the Pixel 6-9 phones.
GrapheneOS installs easily via your desktop web browser with the Pixel device connected via USB.
There’s an alternative flasher for Samsung’s bootloader that works on Linux/macOS: https://github.com/Benjamin-Dobell/Heimdall
It might not work with this particular tablet, though.
Started with Android 4 KitKat, stuck with Linux kernel 3.4 :)
5.4mm thickness, 3GB RAM (enough for 32-bit), 2TB SD card works, watching movies/shows with the AMOLED look as good as a recent OLED TV. Truly ahead of their time.
SDR content with mDNIe dynamic enabled comes surprisingly close to HDR content on an HDR display, colors can be a bit too staturated though.
After a decade, the battery lasts a week for daily hour e-book with black background. 3 hours of video playback. However, it restarts at 30% battery when running at full brightness with a white background. Disabling Wi-Fi significantly extends standby time compared to modern hardware.
Caveats: Slow web browsing and no H.265 hardware decoder. 1440p H.264 60Mbit is the max (Display is 1600p). Most content providers and streaming services are slowly moving away from AVC, so it's stuck at 720p H.265 on CPU.
Back in 2014, I couldn't have imagined using hardware that was over a decade old.
In a perfect world, you would be able to bring your old device forward to multiple new major android releases beyond the support lifetime of the manufacturer, like you can with a Linux distro on a PC. But I guess android doesn't work that way, even with third parties willing to make new builds.
The practice makes ewaste of otherwise perfectly usable devices, and should be illegal.
I had Xiaomi last and bought another one recently and they have made it pretty much impossible to unlock the bootloader.
Apparently limited number of unlocks at 12am Beijing time. I have tried a few times, read through all the complaints and the community forums, and Xiaomi can very kindly just fuck off.
It used to be really good value for money as the hardware is great. But without flashing it is terrible. Crypto spam ads in system apps and things like that. Am going to sell it again but part of me can't give it to anyone in good conscience.
This is a list of support devices
https://wiki.lineageos.org/devices/
I installed LineageOS on a Motorola Edge a bit back.
One problem is it takes a bit of time for a device to get officially supported by LineageOS. By the time it is, stores are often selling the next generation of devices.
That was not the case when I bought an Edge and put LineageOS on it in 2021.
But this is really a brand to avoid at all cost anyway. Also these smartphones come super bloated out of the box with apps phoning home constantly, and super unreliables. 2 members of my houshold owned one and on both of them the screen started not accepting touch input randomly. These was on 2 different models.
Pixels are the reference. Whatever you buy, verify VoLTE.
I got a OnePlus and a Pixel. Before that it was a ZTE, but they aren't unlock-friendly these days.
I am not a LineageOS user, but I own a 5 year old Xiaomi phone. The latest Android version for that phone from Xiaomi is stuck at Android 9. It now runs Android 13 on /e/OS, a fork of LineageOS, and I have a good experience with it.
But their sandboxed GApps service is truly how a mobile OS should work!
Hope they keep going strong.
Just to emphasize this for anyone else who is reading this: Please do not feel obligated to donate.
Yes, it is greatly appreciated, since it keeps the lights on a little while longer and allows us to provide builds and host continued development. However, we regard donations as having no strings attached, and the same applies for using the builds that we provide.
We will be fine, at the very least for a while. Please think of yourself first.
Anyway ... I'd totally encourage everybody to donate to opensource projects and/or its maintainers. Whatever the effect may be, but I think that's just simply appropriate.
What do folks use for backups that's actually useful (full app data + secondary stuff like KeyStore entries) nowadays?
[1]: https://github.com/seedvault-app/seedvault/wiki/FAQ#why-do-s...
Or let me put it another way: anyone running LineageOS but struggled to run any essential apps? (I don't care about games or whatever, I mean the apps you need to get around in life).
They use Google SafetyNet as a security guarantee and some outright ban access while letting you use a completely custom Linux PC. There are ways to hack those API calls with various system level interceptors like Magisk. I keep a custom made 2FA code generator from my bank as a backup though.
Amusingly, my health insurance app (Tk) does not.
My original motivation for deploying this particular phone was for Cisco Duo, which also runs on it.
As for banking apps, it depends. Some work, some don't. One way to test it would be to use Waydroid emulator on Linux, which uses Lineage OS image.
It's completely absurd, but it's how it works today.
The only trouble I run into is when (pseudo-)public institutions such as airlines or municipal parking authorities arbitrarily require apps that only Apple or Google distribute through their DRM-infested frameworks.
What I do instead is have a separate device that I customize to my liking with Lineage, than an iPhone that I keep normal; I have the phone that I actually like to use, then a "normie phone" that's identical to everyone else's so I don't get arbitrarily excluded from things.
Having said that, most bank apps still work on custom android images. Mine works on grapheneOS.
Having the second device just opens up more chances that you have something that works.
My old oneplus 5T battery has just failed and I have bought a second hand Motorola edge 20 pro, which is supported for lineage 22.
Installing lineage has not got harder.
Only three extra adb commands:
fastboot flash dtbo dtbo.img
fastboot flash vendor_boot vendor_boot.img
and to populate the A-B slots:
adb -d sideload copy-partitions-20220613-signed.zip
Installation has remained pretty much the same process for years since I first installed it on my old Samsung S4 and motorola G3 and more recently my old pixel 4A and pixel 6A.
Long live Lineage
I dont like the /e/OS launcher (Bliss) either.
Lawnchair is in Droid-ify - izzyondroid repo
