Comment by userbinator
19 days ago
This shouldn't just be "questions"; this should be a full-on opposition. Do not give them even an inch, or they'll take a mile.
"debugger vendors in 2047 distributed numbered copies only, and only to officially licensed and bonded programmers." - Richard Stallman, The Right to Read, 1997
Why is it so complex to have a foss mobile OS.
I only have Linux PCs (laptops) and servers, 100% of my work and personal stuff is done there (though for work I do need to hop into MS365, Google Workspace, Zoom, etc, hooray for browsers, my final firewall between me and the walled gardens, though we can have a whole discussion on that).
For mobile, we have PostmarketOS, Phosh, Ubuntu Touch. I really must try living in them, is it on me? IDK, our government even has an identity app for iOS and Android. I should not be using it, I should stick to web. But its so much more convenient. I'm just weak, aren't I?
Maybe I should go for Ubuntu touch, with an iPad on the side or something. At least my most personal device is something I control then. Or just keep my Linux laptop handy (or make a cyberdeck!). But I want a computing platform that does not require carrying a bag. It's kinda sad. Even GrapheneOS (one of the most personal and secure mobile computing experiences out there)'s future is in the hands of its greatest adversary, the one that does not want you to have a personal computing experience.
I could be one of the people running an ungoogled phone, but my bank refuses to have an app that runs on an ungoogled OS for "security"
My bank used to block VPNs “for security reasons.”
Now they very kindly just display a warning.
9 replies →
Write them. My bank's app had safetynet, but they disabled it and now it is usable over GrapheneOS.
Unfortunately no NFC Payments though, since they are only available for Google Wallet (which uses safetynet)
6 replies →
My bank blocks my mobile with Lineage OS, and it's not even possible to login to the web site without the mobile app. Absolutely pathetic.
Now I have to keep my 4 year old phone with 2 year outdated Android to access the bank application. Which deemed more safe then my mobile with latest security updates. Haha
15 replies →
I have never heard of a bank that has a hard requirement of a mobile app. Certainly none of the major banks like Wells Fargo or Chase require one. I do not own a phone and managers at times have to come up with undocumented fallback methods, but there is always a way.
I cannot imagine a legal defense for forcing someone to accept the terms of service of Apple or Google to use their bank account.
17 replies →
Mostly because the "web" was sabotaged. I use archlinux and my only GUI application is a web browser. On mobile, I need an email app, maps app, food delivery app and a communication app. Even whatsapp doesn't work on the web (on purpose).
If the web was enabled, app stores wouldn't be possible and you could run anything without an installation. But somewhere along the line both Google and Apple realized that this isn't really to their benefit and "walled ecosystems" are an advantage.
> I use archlinux and my only GUI application is a web browser.
Debian here, and... yup. It's so weird to realize this. I have lots of browser windows open with lots and lots and lots of tabs open, but the only other app I have open is a Matrix client (which honestly is not that great; Element's web version has more features and better polish), and a terminal. If you can call a terminal a GUI app.
Sure, I do use native apps sometimes. A calculator app, GnuCash, VLC, some others. But they're not open all the time; they're infrequent-use apps. And a lot of my VLC use has been replaced by streaming on the web.
It's incredibly sad.
1 reply →
Because the baseband chipset protocols and drivers are extremely patent encumbered. Any FOSS project will have to rely on on proprietary blobs for this part, and licensing deals from the existing patent holders, Quallcom. Nokia, Ericsson etc. .
You can see this is sort of adverserial to the FOSS way of doing things.
The licensing should (in theory) have FRAND terms and so might not be impossible. Couldn't someone just create their own chips? In the worst case, could someone be able to come up with a new protocol and start a new network (assuming they had the money?)
1 reply →
> You can see this is sort of adverserial to the FOSS way of doing things.
Example of the real-word problems with creating a FLOSS phone: https://puri.sm/posts/breaking-ground/
> Why is it so complex to have a foss mobile OS.
This is not too hard. What is hard is to trust it enough. A FOSS OS, by definition, allows to install whatever software, and allows for modification of itself. It is built to overcome limitations, not impose them. In this regard, it's a perfect tool for a criminal who wants to circumvent security measures, because these are limitations. It's the same problem as with cheaters in online games, only with more than games on stake. Banks and payment systems want guarantees of integrity and protection, including protection from user's actions.
A FOSS OS also assumes that the user values the freedom, and is competent in its technical aspects. This is emphatically not true about many users. They choose iOS because it's locked down and thus they cannot inadvertently do something they don't understand, and can't be bothered to learn. More importantly, their grandmother cannot do something she doesn't understand but scammers persuade her to do.
It's a bit like driving on public roads. If you want to drive yourself, you have to reveal your identity and obtain a license. If you want the hassle, take a bus, but buses only go along their routes. Letting unlicensed people drive cars where they see fit was found unacceptably dangerous for everyone eround. Maybe mainstream mobile software development will follow this model, too :(
> It is built to overcome limitations, not impose them. In this regard, it's a perfect tool for a criminal who wants to circumvent security measures, because these are limitations.
None of those limitations actually provide any security.
In order to use your bank's mobile app, you need your bank login credentials. It does not matter how secure a bank app on your phone is or whether it requires some kind of attestation because the attacker is going to get the victim to type them into a fake app or the attacker's web page which don't require any such thing and aren't even necessarily on the same device. And then it does not matter what kind of device you require the bank app to be installed on, because the attacker will get one of those and use the phished credentials in it.
There is no security value in requiring things that are useless.
> A FOSS OS also assumes that the user values the freedom, and is competent in its technical aspects.
This is not an assumption at all. The user is not required to write their own software or install anything from outside of a trusted repository. The value of the OS to such people is that someone else can write that software, and then as it matures it makes its way into the trusted repository.
But if mere mortals can't do that, if kids need an ID and a credit card in order to learn and experiment and hobbyists hit friction and spend their time on something else, then those things are killed in the cradle and never exist to begin with. And then instead of free software made by the people who wanted to use it, you're left with only apps made by predatory for-profit corporations and scammers that make it into the official store because their scams are profitable.
> It's a bit like driving on public roads. If you want to drive yourself, you have to reveal your identity and obtain a license.
It isn't a public road, it's your own phone.
> They choose iOS because it's locked down and thus they cannot inadvertently do something they don't understand, and can't be bothered to learn. More importantly, their grandmother cannot do something she doesn't understand but scammers persuade her to do.
For what it's worth scammers have zero problems scamming grandmothers with Apple computers and iphones.
1 reply →
All this is true about Linux on desktop, though my bank still allows me to log in to online banking.
At least for now.
I'm not aware of any major issues this has caused.
The trust isn't the issue. Google and Apple has made DRM easy for these companies to integrate, and therefore they do it. There isn't more to it than that.
3 replies →
It's pretty obvious, it's costly to make one that is up to the level of quality of commercial ones. It's not a mistake that the 2 mobile oses are owned and created by some of the largest and most profitable companies in the world.
It’s costly, but those two companies also operate in a hierarchical manner (like the military or a feudal kingdom) which makes decision-making and accountability much easier. The FOSS world has been rife with petty agree-or-fork squabbles, often over relatively abstract philosophical concerns about license language.
2 replies →
The hardware and boot process for every phone is different, and some vendors block users from installing other OSes. Then most mobile apps are proprietary, and some of the apps only allow you to run them on official Google builds of Android, via attestation.
https://grapheneos.org/articles/attestation-compatibility-gu...
Because it's actually your telco's phone. They're the one that has the license to run the baseband computer and RF transceiver. The 'pad' computer device is sort of yours. But there's no legal way to have ownership of a cell phone unless you yourself bid for and get the RF spectrum and set up your network in a way that accomplishes the FCC coverage and timing requirements. Then run your own telco for your phone. Basically, impossible.
Smart phones try to limit and firewall the interface between the two but tight integration is required for energy efficiency. So a smart phone, or a cell phone, can never be yours. They aren't good choices for doing computing and this legal reality is becoming more and more obvious with time.
Mobile OSs are very consumer focused. I have criticized the FSF for, in there lengthily argued ways, abandoning the consumer.
You have to commercialize openness if you want the muscle of the consumer to be able to produce it.
Short presentation of the basic concept: https://youtu.be/SO46oEdlkY8
Some things with massive value in excess of the cost of production cannot be pursued by capital nor bought by the individual. Your choices are government, non-profit, or something in between all three. PrizeForge aims to be between all three and to completely change how we do consumer open source, incidentally bringing billions of dollars into making it.
That's a very clear vision on how to solve this kind of funding/cooperation problem outside of government and mission-focused nonprofits. And incidentally would be an existential threat to surveillance capitalism should it reach critical mass.
BTW your password-based signup flow isn't working (on iOS Safari at least).
6 replies →
It's the ecosystem. Without an ecosystem there will be less adoption and consequently less investment in the OS. Where I stay, so many services offered exclusively through Android/iOS apps with no alternative. Even government services are slowly excluding the web and becoming app only. There is an implicit expectation from everyone that one will have either an Android/iOS device and this only becomes stronger with time.
I don't know how many people realize but what can result from this can be very dystopian and is scary. But the best possible outcome from this I hope is that some day a wise government realizes how much of daily life is dependent on two corporations and passes regulations to standardize app runtimes. You should be able to publish applications that can run on any OS. Only then we'll see competition in the OS market.
Interestingly, we are, and have been, at a point were you can publish applications that run on any OS for a while, with PWAs.
There are very few software examples, that couldn't be distributed as PWAs, including secure things like banking, etc. With WASM in the mix as well, theoretically the sky should be the limit.
Even more interestingly it hasn't happened - mainly because Apple and Google haven't got behind PWAs for obvious reasons, so the app ecosystem just doesn't exist. It's hard to see how this will changes, when mobile operating systems are dominated by two players, with very obvious incentives to make things worse for consumers but better for themselves, by grabbing as much control of the apps on their system as possible.
2 replies →
> Why is it so complex to have a foss mobile OS.
In a way it's not. As you mention, we have several of them. But they won't have mass-market appeal until they can run the same sorts of apps that Android and iOS can run. And no, "just use the mobile website" is not an answer.
How do I deposit a check with my bank on my phone without the app? I can't; the mobile website doesn't have that functionality. How do I send someone money via Zelle without the app? I can't; the mobile website doesn't have that functionality.
How do I use contactless payments? I can't; the ability to build an app like Google Wallet or Apple Pay requires deep pockets and trusted payments industry connections that open source mobile OS developers will likely never have.
How do I use Google's productivity suite? I can't; the mobile websites aren't functional enough. How do I use Microsoft's? Ditto.
How do I use the remote-lock functionality of my car? I can't; that's only available through the Android and iOS apps.
I could go on, and on, and on, but I think you see the point. Many people who advocate for these alternative OSes don't get it. "Do you really need that functionality?", they ask. "Why can't you just do that stuff in a web browser on your laptop instead of on your phone?", they ask. "Just use a physical credit card like I do!" And then they wonder why their alternative mobile OS will never go mainstream.
People actually really care about those features and capabilities. It doesn't matter if the people who build these alternative mobile OSes don't care, or think they're stupid, or unsafe, or bad for privacy, or whatever. If you don't build what people want, they won't use your stuff.
Emulating Android sufficiently well enough to run Android apps is a decent start, but so many apps rely on Play Services and Play Integrity that it's a losing battle, or at best a cat-and-mouse game to keep things working.
On top of that, mobile chipset BSPs require financial commitments and being a Real Company. Most open source outfits can't cross that bar, and the likes of Qualcomm will be wary dealing with an organization that wants to do open source.
> Emulating Android sufficiently well enough to run Android apps is a decent start, but so many apps rely on Play Services and Play Integrity that it's a losing battle, or at best a cat-and-mouse game to keep things working.
This is where antitrust laws are supposed to come into play. Play Services are a pain but in principle you can implement alternatives to them. It's the attestation stuff which is aggressively anti-competitive -- literally setting up a system with the primary function of excluding competing implementations from compatibility.
We can't let corporations get away with the fraud that competing with them is a security vulnerability.
> But they won't have mass-market appeal until they can run the same sorts of apps that Android and iOS can run
Waydroid allows me to run Android apps on my Librem 5.
> How do I deposit a check with my bank on my phone without the app? I can't; the mobile website doesn't have that functionality
So switch the bank to one not forcing you into the duopoly?
On the cyberdeck note, I think the dawn of mobile computing is superseding smart phones and I rather move to flip phone + mobile Linux and keep them distinctly separated
> For mobile, we have PostmarketOS, Phosh, Ubuntu Touch.
Why are you only listing DEs and not operating systems? (You also missed SXMo and more.) There are many more operating systems [0] and two working GNU/Linux phones, Librem 5 and Pinephone. Why people are ignoring them on HN?
[0] https://pine64.org/documentation/PinePhone/Software/
PostmarketOS is, as the name implies, an OS. And I don't think OP was trying to make an exhaustive list.
The point is, there's plenty of "competing" options, but hardly anyone uses them.
1 reply →
Yep. My thoughts exactly. Seems like everyone here is forgetting about those two.
As Microsoft how is it so difficult to have a mobile os
Microsoft has the problem that nobody likes them or trusts them, which makes it hard to get people to use their platform in a context where they're not the default.
3 replies →
> For mobile, we have PostmarketOS, Phosh, Ubuntu Touch. I really must try living in them, is it on me? IDK, our government even has an identity app for iOS and Android. I should not be using it, I should stick to web. But its so much more convenient. I'm just weak, aren't I?
Don't forget GrapheneOS, LineageOS and other de-googled FOSS Android Versions
These aren't GNU/Linux, they have to follow Google's development strategy. It's like fighting with Chrome by using Chromium.
4 replies →
Because PC is an American thing but phones are not. Obsession for standardization, modularity, and cross-compatibility are rather unique American cultural traits that aren't nearly as strongly manifesting elsewhere. "Fits right in" is quintessentially American thing.
The entire unitized jet engines on Boeing aircraft drops right off and swaps right into another host, sometimes even to different types of aircraft. PCI soundcards come off a i386 PC and go straight into PPC Macs. AR15 pressure bearing parts don't merely interchange between examples from different time and place but its grip and stock mounting patterns are becoming a industry standard of its own. Early Tesla battery packs come apart into bunch of 18650s and could reassemble into new packs(though it's a big no-no due to RUD risks). Meanwhile, Prius power units or front seats are for Prius only; it won't go into dozen different Toyota models, at least without substantial parts changes, modifications, and reconfiguration. Bugatti Veyron uses its own custom tires that aren't even forward or backward compatible with their own successor.
Same for phones: .apk runs everywhere, Linux do not, cameras don't interchange, internal connectors don't fit together, LCDs specific to anything are default unobtainium. microSD cards works on everything, but the moment you look away, Huawei invents a new incompatible format for absolutely no reason. Apple "reinvents everything" every time but internal organizations of components are stable at macroscopic levels for few generations unlike most other manufacturers.
It's openness of PC that is unique and precious, not closed nature of everything else being odd and inconvenient.
> Because PC is an American thing but phones are not.
I don't really understand what you're talking about here. Android and iOS are American companies. American culture is John Deere locking down their equipment. Anti-consumer laws, pushing IP laws onto the rest of the world by treaty, being overly litigious, these are all American culture. I think the culture you're thinking of is nearly dead in a shell of corporatism.
The PC was a pretty unique event due to a confluence of historical factors that all came together in a certain way. It wasn't the way of things before, and it's been slowly moving away from how it was, and it's not really got anything to do with being American or not.
1 reply →
Nothing says "obsession with standardization" like being one of only three countries on Earth that can't figure out that water freezes at 0 and boils at 100.
As far as I am concerned a Raspberry Pi 4G/5G/LTE-edition would be 50% of getting there.
"Why is it so complex to have a foss mobile OS."
What does "foss mobile OS" mean
(a) installed on a portable form factor,
(b) integrates with a cellular modem. or
(c) all of the above
For discussion purposes, assume "portable" means pocket-sized and battery-powered
When the RPi first came out I remember a blog where someone had rigged up a makeshift battery making RPi portable. At the time, HN commenters seemed impressed. Today, I connect a "phone" to an RPi running NetBSD^1 and use the phone as a battery
1. Linux provides wider assortment of drivers NB. I'm not using NetBSD to make phone calls
Today there are
non-portable VoIP phones with PoE, and
portable cellular modems running OpenWRT
Tomorrow, who knows
Convenience and control are mutually exclusive; this seems unlikely to change. Choosing the later over the former is personal preference. Every user is different
Trying to control a "phone" might be a waste of time, an exercise in futility, especially when it is running a corporate OS. Whereas controlling a gateway running an OS of the user's choice might prove to be relatively easy. Phones provide convenience, not control
Do not forget Android is also a FOSS mobile OS.
That "F" (as in freedom) is certainly eroding. Perhaps not by its source availability directly (although without any drivers, what is the use?), but very much by a company trying to lock you out of all the goodies that once came with it.
1 reply →
Android is not FOSS in any sense of the word and doesn't produce any user benefits that FOSS is meant to produce.
16 replies →
Money
Linux is 30 years old, and still it has a laughable percentage of desktop usage. Plus, the only reason it's even usable is because of the relentless work by thankless developers for reverse engineering device drivers. On smartphones this is orders of magnitude more difficult. How do you properly profile and debug a random modem in a phone? What about the cameras?
So, how can anyone expect FOSS mobile OSs to ever exist unless forced by law by the US or something?
This is 'easily' solved by following the Apple road - focus on one or two devices. I think many FOSS enthusiasts would be happy to buy such devices.
(I am holding out hope for the phone that the GrapheneOS project is planning to make.)
7 replies →
> How do you properly profile and debug a random modem in a phone? What about the cameras?
This is a huge factor. Mobile chip sets (CPU/SoC, crypto enclaves, GPU modems/basebands) are buried under NDAs a mile thick, and you can't just whack an oscilloscope on the bus like its 1979. Those companies treat their opaque hardware as their defense against IP theft, they'll never, ever give it up in the current environment.
And the cameras are super complex and require a bunch of DSP and AI to even vaguely work let alone do all the headline features.
I know this isn’t what you meant but it’s important to remember there is some hope. Thirty years ago I was required by my CTOs to use Windows, Borland, AIX, and Solaris. Linux, FreeBSD, and Free dev environments were viewed with deep suspicion.
In 2025 you’d be viewed just as much suspicion for not building your stack on Freedom. I still have hope that we’ll get there with phones, too, some day.
2 replies →
Because of hardware standardization Linux has become a pre-competitive layer, a commodity we have decided not to compete on. And it turns out that such a commodity by definition is private, because we don't want any one party to reap all the benefits of a commodity project (we'd rip it out before using it anyway), in the same sense that we don't want want 1 company sitting on all our water consumption data for example.
So, how do we get to a commodity layer for Mobile devices? It looked like it was going to be Linux (Android), and that was Google's intention. But now they are just using their significant resources to corrupt that original idea, using their trojan horse called "play services".
The public at large only cares about convenience, not about privacy. Why don't we? How much enshitification is enough to draw that line in the sand?
4 replies →
Law is no longer interested in giving freedom to people
Foss people are on the spectrum and so never understand the common man. Simple as that I guess.
Well the nice thing about the spectrum is that we are all on it and that we draw imaginary lines ourselves.
All wisdom aside... I think you're right. I takes a certain grit to start to appreciate the ultimate effect of software freedom culture and licensing. Never mind the the whole philosophy.
It's like explaining CRISPR (yeah I'm a biologist) to a normie... Ok, so lets start with what DNA is... proceeds to guide someone through a lifetime in the molecular biology field....
1 reply →
In near future I’d expect locked down phones and pads become more prevalent than laptops/desktops and most people don’t even own something that is not locked down.
Even laptops can be locked down too.
Great justification for switching to Graphene OS, more secure, more control, and google has to ask permission to install things and the play store is optional.
Unless you're against giving your money to Google and depending on their hardware and software.
You can buy a completely open RISC-V chip and debug to your heart's content. x86 is also completely open, with only special outliers like XBox/PS5 even half-heartedly trying to disable third-party access.
So the "Right to read" is still bonkers.
"You [technically] can" is not good enough to declare the victory here. The downsides are so heavy that nobody can actually do it.
Stallman's fallacy is thinking every system is perfect and unbreakable and that people have a perfect understanding of software and systems (for better or for worse)
People will be running pirated debugger copies if that comes to shove
99.9% of people DNGAF about OSS. They do care about doing what they need on their phone without malware/bloatware/nagware
Also publishing and development are separate activities
I doubt that Stallman, of all people, thinks literally that. But systems which are breakable have ways of improving themselves, closing off the exploitable holes. So it makes sense to regard systems as being eventually unbreakable. Or at least having an unacceptably long "mean time between cracks". The game plan cannot simply be "oppressive software and hardware systems will always have imperfections so the good people will cheerfully get around them", even if is is de facto that way at some point in time w.r.t. certain systems. That's actually a kind of defeatist attitude disguised as optimism; passively accepting crap based on the faith that you will scrape through somehow.
> I doubt that Stallman, of all people, thinks literally that
Yeah I agree his opinion is probably more balanced, however Right to read is a short story displaying characters with too much learned helplessness and too little agency so I'm just going based on what he literally put to paper
What an absurd ask. How is a $2.5 trillion dollar company supposed to make any money if it has to spend a bit of time on security? Did you even think about the economy?
Clearly it wasn't doing fine in 2018 when Apple became the first trillion dollar company. Nor was it when in 2012 when Apple's market cap exceeded oil companies, barely breaking half a trillion dollars. And the economy was definitely in shambles back in 2005 when no company even had a 400bn market cap! Seriously, how could the economy ever survive?!
Where would the wold be without all those innovations. Like the 2005 invention of YouTube, the 2007 release of the iPhone. Where would we be without such world changing technologies that followed with tech's rise in global dominance? Technologies like, Bitcoin, VR, and an even thinner iPhone? Do you even know how many peoples' lives these technologies have saved? Seriously? Because I don't...
Your fallacy is thinking that authoritarian governments care about enforcement or successful enforcement of such laws. The goal is to create a status quo in which all citizens break many laws daily and so are already guilty if they ever rock the boat and disturb those in power.
Stallman's "Right to Read" is an accurate reflection of reality in that sense.
> They do care about doing what they need on their phone without malware/bloatware/nagware
Yeah you're absolutely right, tell that to Facebook/Instagram/Temu/TikTok/Pinduoduo/(any other _spying_ apps) users.
Their spying doesn't prevent anyone from using their bank app, or using other apps on their phone, or consume (too) much battery
I wouldn't bet on hackers saving us from everything. There are 150 million Nintendo Switches in the world, and nobody has figured out how to jailbreak one without getting into the hardware and shorting some wires (and even then only on early unpatched models). I don't think its out of the realm of possibility to make a best-selling phone that stays uncrackable for the general population for its entire lifecycle.
> There are 150 million Nintendo Switches in the world, and nobody has figured out how to jailbreak one without getting into the hardware and shorting some wires (and even then only on early unpatched models).
It's is acceptable for the hack to be difficult so long as it exists. I'm sure later models will eventually be jailbroken too. In the meantime, all of nintendo's best efforts haven't ended the piracy of switch games which is what the vast majority of people care about, not getting their favorite linux distro to run on the hardware itself.
> I don't think its out of the realm of possibility to make a best-selling phone that stays uncrackable for the general population for its entire lifecycle.
It is surely possible if only because the general population is not interested in infosec.
On the gripping hand,firmware writing practices being that they are; it is impossible to produce an uncrackable phone.
Yeah and people had gay sex when it was illegal but it still is a shameful injustice for the government to decide what software I run on my own hardware