Comment by teekert
19 days ago
Why is it so complex to have a foss mobile OS.
I only have Linux PCs (laptops) and servers, 100% of my work and personal stuff is done there (though for work I do need to hop into MS365, Google Workspace, Zoom, etc, hooray for browsers, my final firewall between me and the walled gardens, though we can have a whole discussion on that).
For mobile, we have PostmarketOS, Phosh, Ubuntu Touch. I really must try living in them, is it on me? IDK, our government even has an identity app for iOS and Android. I should not be using it, I should stick to web. But its so much more convenient. I'm just weak, aren't I?
Maybe I should go for Ubuntu touch, with an iPad on the side or something. At least my most personal device is something I control then. Or just keep my Linux laptop handy (or make a cyberdeck!). But I want a computing platform that does not require carrying a bag. It's kinda sad. Even GrapheneOS (one of the most personal and secure mobile computing experiences out there)'s future is in the hands of its greatest adversary, the one that does not want you to have a personal computing experience.
I could be one of the people running an ungoogled phone, but my bank refuses to have an app that runs on an ungoogled OS for "security"
My bank used to block VPNs “for security reasons.”
Now they very kindly just display a warning.
Gas station app I use asks to turn VPN off every launch (even when it is disabled)
8 replies →
Write them. My bank's app had safetynet, but they disabled it and now it is usable over GrapheneOS.
Unfortunately no NFC Payments though, since they are only available for Google Wallet (which uses safetynet)
> Unfortunately no NFC Payments though, since they are only available for Google Wallet (which uses safetynet)
A workaround for NFC payments I've heard about for folks running OSes on their Androids that don't support that feature is a smartwatch with NFC.
5 replies →
My bank blocks my mobile with Lineage OS, and it's not even possible to login to the web site without the mobile app. Absolutely pathetic.
Now I have to keep my 4 year old phone with 2 year outdated Android to access the bank application. Which deemed more safe then my mobile with latest security updates. Haha
It's even better than that. Banks (for example Revolut) consider several years old phones, running ancient OS (last I checked they allowed A10) without security updates for some 7 years, so riddled with zero-click/RCE vulnerabilities, but they do not allow GrapheneOS, which is currently the safest OS in mobiles (on par/beating iOS, depending whom you ask).
Yes, banks* claim phones riddled with maximum severity security issues are secure. Also phones that are rooted but using magisk modules to conceal this fact, and use spoofed signatures from ancient hardware, but the most safe platform is not secure enough for them.
Go figure.
*not all, there are notable exceptions explicitly supporting secure platforms through the modern Hardware Attestation model.
1 reply →
last time I walked into the bank to do something, they tried to peddle their app. I giggled and said no, their developers don't understand security.
my phone is rooted and their app won't work.
7 replies →
If you're going so far as to install Lineage, couldn't you take the small step further and download alternate browsers to change the user agent? (Unless the default Lineage browser can do this already.)
I run a Google'd OS for now but I haven't used my bank's terrible app in years and years. I use their terrible website via desktop mode instead.
1 reply →
You do have the option to change your bank when they consistently do dumb stuff you don't approve of. Shopping around will probably get you a better savings rate anyway.
2 replies →
I have never heard of a bank that has a hard requirement of a mobile app. Certainly none of the major banks like Wells Fargo or Chase require one. I do not own a phone and managers at times have to come up with undocumented fallback methods, but there is always a way.
I cannot imagine a legal defense for forcing someone to accept the terms of service of Apple or Google to use their bank account.
> I have never heard of a bank that has a hard requirement of a mobile app.
It shouldn't be a thing, but it is. In the Netherlands the newer digital-only banks are allowed to do this. No smartphone, no service.
The more established banks (systeembanken) do have alternatives, but realistically not using their app for login auth and transaction approval is a huge pain in the ass.
(My bank, ABN AMRO, has an app which thankfully works fine on GrapheneOS.)
4 replies →
In Sweden we use BankID (there is a similar service with the same name in each Scandinavian country).
It's impossibly convenient to be perfectly fair with you, however I know that my bank has stopped issuing the "BankID Card" (which was a card and pin device that allowed you to generate challenge numbers)- and now forces you to use the BankID app -- which will not run on rooted phones of course.
It's even slightly worse as the App requires NFC; so I can't keep a backup on my iPad (which is what I was doing before).
7 replies →
In Europe there are, e.g. at least some subsidiaries of Societe Generale, which have closed their Web sites on which their online banking services were previously available, and which refuse to provide their mobile apps otherwise than through the Google Store.
I doubt very much that it is possible for this practice to be legal, i.e. to condition the services of an European bank of the existence of a contractual relationship with a third party, which is non-European.
Nevertheless, nobody has enough spare time and money to challenge legally such banks.
Now I do my operations mostly through other banks that still have browser-based online banking, but I have not closed yet my last account at such a Societe Generale subsidiary, because I have regressed to use an antique SMS-based substitute for online banking, which is good enough for that account, which I keep only for a credit card used mostly for shopping in supermarkets or the like.
> I have never heard of a bank that has a hard requirement of a mobile app
My bank's app recently started warning me that I should "Turn off developer mode" for """security""" on every sign-in. This warning doesn't stop me from using the app yet, but I'm sure it'll get there.
> I have never heard of a bank that has a hard requirement of a mobile app
My banks all require their own individual apps for authentication and authorization. I can use the website but to log in and authorize any transactions I need their app. Ironically this runs on my 8 year old Android 10 phone (used as a backup) so security can't be part of it.
Bunq comes to mind, I'm guess N26 and Revolut are similar, app first "fin-tech" banks.
Mostly because the "web" was sabotaged. I use archlinux and my only GUI application is a web browser. On mobile, I need an email app, maps app, food delivery app and a communication app. Even whatsapp doesn't work on the web (on purpose).
If the web was enabled, app stores wouldn't be possible and you could run anything without an installation. But somewhere along the line both Google and Apple realized that this isn't really to their benefit and "walled ecosystems" are an advantage.
> I use archlinux and my only GUI application is a web browser.
Debian here, and... yup. It's so weird to realize this. I have lots of browser windows open with lots and lots and lots of tabs open, but the only other app I have open is a Matrix client (which honestly is not that great; Element's web version has more features and better polish), and a terminal. If you can call a terminal a GUI app.
Sure, I do use native apps sometimes. A calculator app, GnuCash, VLC, some others. But they're not open all the time; they're infrequent-use apps. And a lot of my VLC use has been replaced by streaming on the web.
It's incredibly sad.
I mean, that's a choice. Most of my activity is still native apps, because I hate web apps and avoid them like the plague. I don't doubt you could do the same, but you have chosen to use web based options - which, to be clear, is totally fine! But it's not the way it has to be.
Because the baseband chipset protocols and drivers are extremely patent encumbered. Any FOSS project will have to rely on on proprietary blobs for this part, and licensing deals from the existing patent holders, Quallcom. Nokia, Ericsson etc. .
You can see this is sort of adverserial to the FOSS way of doing things.
The licensing should (in theory) have FRAND terms and so might not be impossible. Couldn't someone just create their own chips? In the worst case, could someone be able to come up with a new protocol and start a new network (assuming they had the money?)
You can create your own chips but you will have issues obtaining a license to use spectrum in some countries. Often, licenses for spectrum where the device is licensed instead of the end user, require the device itself to comply with spectrum use requirements....since the user isn't licensed.
> You can see this is sort of adverserial to the FOSS way of doing things.
Example of the real-word problems with creating a FLOSS phone: https://puri.sm/posts/breaking-ground/
> Why is it so complex to have a foss mobile OS.
This is not too hard. What is hard is to trust it enough. A FOSS OS, by definition, allows to install whatever software, and allows for modification of itself. It is built to overcome limitations, not impose them. In this regard, it's a perfect tool for a criminal who wants to circumvent security measures, because these are limitations. It's the same problem as with cheaters in online games, only with more than games on stake. Banks and payment systems want guarantees of integrity and protection, including protection from user's actions.
A FOSS OS also assumes that the user values the freedom, and is competent in its technical aspects. This is emphatically not true about many users. They choose iOS because it's locked down and thus they cannot inadvertently do something they don't understand, and can't be bothered to learn. More importantly, their grandmother cannot do something she doesn't understand but scammers persuade her to do.
It's a bit like driving on public roads. If you want to drive yourself, you have to reveal your identity and obtain a license. If you want the hassle, take a bus, but buses only go along their routes. Letting unlicensed people drive cars where they see fit was found unacceptably dangerous for everyone eround. Maybe mainstream mobile software development will follow this model, too :(
> It is built to overcome limitations, not impose them. In this regard, it's a perfect tool for a criminal who wants to circumvent security measures, because these are limitations.
None of those limitations actually provide any security.
In order to use your bank's mobile app, you need your bank login credentials. It does not matter how secure a bank app on your phone is or whether it requires some kind of attestation because the attacker is going to get the victim to type them into a fake app or the attacker's web page which don't require any such thing and aren't even necessarily on the same device. And then it does not matter what kind of device you require the bank app to be installed on, because the attacker will get one of those and use the phished credentials in it.
There is no security value in requiring things that are useless.
> A FOSS OS also assumes that the user values the freedom, and is competent in its technical aspects.
This is not an assumption at all. The user is not required to write their own software or install anything from outside of a trusted repository. The value of the OS to such people is that someone else can write that software, and then as it matures it makes its way into the trusted repository.
But if mere mortals can't do that, if kids need an ID and a credit card in order to learn and experiment and hobbyists hit friction and spend their time on something else, then those things are killed in the cradle and never exist to begin with. And then instead of free software made by the people who wanted to use it, you're left with only apps made by predatory for-profit corporations and scammers that make it into the official store because their scams are profitable.
> It's a bit like driving on public roads. If you want to drive yourself, you have to reveal your identity and obtain a license.
It isn't a public road, it's your own phone.
> They choose iOS because it's locked down and thus they cannot inadvertently do something they don't understand, and can't be bothered to learn. More importantly, their grandmother cannot do something she doesn't understand but scammers persuade her to do.
For what it's worth scammers have zero problems scamming grandmothers with Apple computers and iphones.
Yeah, the idea that people using iOS can't do something dangerous that they don't understand is absurd. They get scammed all the time.
All this is true about Linux on desktop, though my bank still allows me to log in to online banking.
At least for now.
I'm not aware of any major issues this has caused.
The trust isn't the issue. Google and Apple has made DRM easy for these companies to integrate, and therefore they do it. There isn't more to it than that.
>I'm not aware of any major issues this has caused
Decades of desktop malware used to drain bank accounts are not a major issue?
2 replies →
It's pretty obvious, it's costly to make one that is up to the level of quality of commercial ones. It's not a mistake that the 2 mobile oses are owned and created by some of the largest and most profitable companies in the world.
It’s costly, but those two companies also operate in a hierarchical manner (like the military or a feudal kingdom) which makes decision-making and accountability much easier. The FOSS world has been rife with petty agree-or-fork squabbles, often over relatively abstract philosophical concerns about license language.
Look inside the kitchen of Microsoft or Google. It is comparable to all the FOSS world petty squables and pfiefdom wars.
You can even see this into the abominal products they release, rife with frankesteinian cobbled together bits and pieces from different 'orgs' trying to grab a piece of the (tr)action and the wild inconsistencies in the UX.
> The FOSS world has been rife with petty agree-or-fork squabbles, often over relatively abstract philosophical concerns about license language.
You cannot say that. This means we have thousand half-baked projects to choose from, and choice is good. At least this is what I was told.
The hardware and boot process for every phone is different, and some vendors block users from installing other OSes. Then most mobile apps are proprietary, and some of the apps only allow you to run them on official Google builds of Android, via attestation.
https://grapheneos.org/articles/attestation-compatibility-gu...
Because it's actually your telco's phone. They're the one that has the license to run the baseband computer and RF transceiver. The 'pad' computer device is sort of yours. But there's no legal way to have ownership of a cell phone unless you yourself bid for and get the RF spectrum and set up your network in a way that accomplishes the FCC coverage and timing requirements. Then run your own telco for your phone. Basically, impossible.
Smart phones try to limit and firewall the interface between the two but tight integration is required for energy efficiency. So a smart phone, or a cell phone, can never be yours. They aren't good choices for doing computing and this legal reality is becoming more and more obvious with time.
Mobile OSs are very consumer focused. I have criticized the FSF for, in there lengthily argued ways, abandoning the consumer.
You have to commercialize openness if you want the muscle of the consumer to be able to produce it.
Short presentation of the basic concept: https://youtu.be/SO46oEdlkY8
Some things with massive value in excess of the cost of production cannot be pursued by capital nor bought by the individual. Your choices are government, non-profit, or something in between all three. PrizeForge aims to be between all three and to completely change how we do consumer open source, incidentally bringing billions of dollars into making it.
That's a very clear vision on how to solve this kind of funding/cooperation problem outside of government and mission-focused nonprofits. And incidentally would be an existential threat to surveillance capitalism should it reach critical mass.
BTW your password-based signup flow isn't working (on iOS Safari at least).
:-) Yeah. Only SSO was working because while email would double my users, I was doing an experiment and looking for at least some signs of life. Doubling nothing would be useless.
Turns out, some new enrollments topped up their accounts and dropped off before the final step that makes it show up on the home page, so now I know it's something, and something is worth doubling.
> existential threat to surveillance capitalism
Should I buy a gun? I'm an American.
5 replies →
It's the ecosystem. Without an ecosystem there will be less adoption and consequently less investment in the OS. Where I stay, so many services offered exclusively through Android/iOS apps with no alternative. Even government services are slowly excluding the web and becoming app only. There is an implicit expectation from everyone that one will have either an Android/iOS device and this only becomes stronger with time.
I don't know how many people realize but what can result from this can be very dystopian and is scary. But the best possible outcome from this I hope is that some day a wise government realizes how much of daily life is dependent on two corporations and passes regulations to standardize app runtimes. You should be able to publish applications that can run on any OS. Only then we'll see competition in the OS market.
Interestingly, we are, and have been, at a point were you can publish applications that run on any OS for a while, with PWAs.
There are very few software examples, that couldn't be distributed as PWAs, including secure things like banking, etc. With WASM in the mix as well, theoretically the sky should be the limit.
Even more interestingly it hasn't happened - mainly because Apple and Google haven't got behind PWAs for obvious reasons, so the app ecosystem just doesn't exist. It's hard to see how this will changes, when mobile operating systems are dominated by two players, with very obvious incentives to make things worse for consumers but better for themselves, by grabbing as much control of the apps on their system as possible.
If banks were to offer PWAs, they would probably demand something like Google's Web Environment Integrity proposal - or would be convinced by Google that they need it.
1 reply →
> Why is it so complex to have a foss mobile OS.
In a way it's not. As you mention, we have several of them. But they won't have mass-market appeal until they can run the same sorts of apps that Android and iOS can run. And no, "just use the mobile website" is not an answer.
How do I deposit a check with my bank on my phone without the app? I can't; the mobile website doesn't have that functionality. How do I send someone money via Zelle without the app? I can't; the mobile website doesn't have that functionality.
How do I use contactless payments? I can't; the ability to build an app like Google Wallet or Apple Pay requires deep pockets and trusted payments industry connections that open source mobile OS developers will likely never have.
How do I use Google's productivity suite? I can't; the mobile websites aren't functional enough. How do I use Microsoft's? Ditto.
How do I use the remote-lock functionality of my car? I can't; that's only available through the Android and iOS apps.
I could go on, and on, and on, but I think you see the point. Many people who advocate for these alternative OSes don't get it. "Do you really need that functionality?", they ask. "Why can't you just do that stuff in a web browser on your laptop instead of on your phone?", they ask. "Just use a physical credit card like I do!" And then they wonder why their alternative mobile OS will never go mainstream.
People actually really care about those features and capabilities. It doesn't matter if the people who build these alternative mobile OSes don't care, or think they're stupid, or unsafe, or bad for privacy, or whatever. If you don't build what people want, they won't use your stuff.
Emulating Android sufficiently well enough to run Android apps is a decent start, but so many apps rely on Play Services and Play Integrity that it's a losing battle, or at best a cat-and-mouse game to keep things working.
On top of that, mobile chipset BSPs require financial commitments and being a Real Company. Most open source outfits can't cross that bar, and the likes of Qualcomm will be wary dealing with an organization that wants to do open source.
> Emulating Android sufficiently well enough to run Android apps is a decent start, but so many apps rely on Play Services and Play Integrity that it's a losing battle, or at best a cat-and-mouse game to keep things working.
This is where antitrust laws are supposed to come into play. Play Services are a pain but in principle you can implement alternatives to them. It's the attestation stuff which is aggressively anti-competitive -- literally setting up a system with the primary function of excluding competing implementations from compatibility.
We can't let corporations get away with the fraud that competing with them is a security vulnerability.
> But they won't have mass-market appeal until they can run the same sorts of apps that Android and iOS can run
Waydroid allows me to run Android apps on my Librem 5.
> How do I deposit a check with my bank on my phone without the app? I can't; the mobile website doesn't have that functionality
So switch the bank to one not forcing you into the duopoly?
On the cyberdeck note, I think the dawn of mobile computing is superseding smart phones and I rather move to flip phone + mobile Linux and keep them distinctly separated
> For mobile, we have PostmarketOS, Phosh, Ubuntu Touch.
Why are you only listing DEs and not operating systems? (You also missed SXMo and more.) There are many more operating systems [0] and two working GNU/Linux phones, Librem 5 and Pinephone. Why people are ignoring them on HN?
[0] https://pine64.org/documentation/PinePhone/Software/
PostmarketOS is, as the name implies, an OS. And I don't think OP was trying to make an exhaustive list.
The point is, there's plenty of "competing" options, but hardly anyone uses them.
The parent started their message with "Why is it so complex to have a foss mobile OS", which is not wrong but pretty misleading, as there are many existing mobile OSes that work quite well.
Yep. My thoughts exactly. Seems like everyone here is forgetting about those two.
As Microsoft how is it so difficult to have a mobile os
Microsoft has the problem that nobody likes them or trusts them, which makes it hard to get people to use their platform in a context where they're not the default.
Windows Mobile was great and people loved it at the time. Most people I knew in 2007/2008 were laughing at how the iPhone was an expensive toy phone because you couldn't even install apps or use MS Exchange.
Of course, the problem for MS was that Apple (and Google) quickly closed those gaps, and they just simply had better overall products.
2 replies →
> For mobile, we have PostmarketOS, Phosh, Ubuntu Touch. I really must try living in them, is it on me? IDK, our government even has an identity app for iOS and Android. I should not be using it, I should stick to web. But its so much more convenient. I'm just weak, aren't I?
Don't forget GrapheneOS, LineageOS and other de-googled FOSS Android Versions
These aren't GNU/Linux, they have to follow Google's development strategy. It's like fighting with Chrome by using Chromium.
Nobody was talking about GNU. Most don't care if the userspace utilties are gnu coreutils/libc or musl/busybox for example.
AOSP is free and open source software.
3 replies →
Because PC is an American thing but phones are not. Obsession for standardization, modularity, and cross-compatibility are rather unique American cultural traits that aren't nearly as strongly manifesting elsewhere. "Fits right in" is quintessentially American thing.
The entire unitized jet engines on Boeing aircraft drops right off and swaps right into another host, sometimes even to different types of aircraft. PCI soundcards come off a i386 PC and go straight into PPC Macs. AR15 pressure bearing parts don't merely interchange between examples from different time and place but its grip and stock mounting patterns are becoming a industry standard of its own. Early Tesla battery packs come apart into bunch of 18650s and could reassemble into new packs(though it's a big no-no due to RUD risks). Meanwhile, Prius power units or front seats are for Prius only; it won't go into dozen different Toyota models, at least without substantial parts changes, modifications, and reconfiguration. Bugatti Veyron uses its own custom tires that aren't even forward or backward compatible with their own successor.
Same for phones: .apk runs everywhere, Linux do not, cameras don't interchange, internal connectors don't fit together, LCDs specific to anything are default unobtainium. microSD cards works on everything, but the moment you look away, Huawei invents a new incompatible format for absolutely no reason. Apple "reinvents everything" every time but internal organizations of components are stable at macroscopic levels for few generations unlike most other manufacturers.
It's openness of PC that is unique and precious, not closed nature of everything else being odd and inconvenient.
> Because PC is an American thing but phones are not.
I don't really understand what you're talking about here. Android and iOS are American companies. American culture is John Deere locking down their equipment. Anti-consumer laws, pushing IP laws onto the rest of the world by treaty, being overly litigious, these are all American culture. I think the culture you're thinking of is nearly dead in a shell of corporatism.
The PC was a pretty unique event due to a confluence of historical factors that all came together in a certain way. It wasn't the way of things before, and it's been slowly moving away from how it was, and it's not really got anything to do with being American or not.
OSI layer 4 and up of Android/iOS are pretty well standardized, below pioneered by Nokia-Siemens are complete mess. Phones before iPhone sometimes had apps. Most of them used Java and lots of them needed model-specific ports due to model-specific bugs and quirks in JVMs. Compatibility of Linux is entirely dependent on stability of PC platform, and Linux itself offers little compatibility or modularity, just source level consistency with past self, unlike predominantly American platforms such as Windows.
When Google does it, of course, same apk files and NDK binaries just run on every models of every make as if always worked that way.
American companies appear to be the worst offenders in the world when it comes to breaking compatibility and right to repair, and this isn't to say those anti-consumer changes are okay at all, but I do think the reality is that, you can't break something that never existed, and it exists a lot more commonly in American things than in things from elsewhere.
Nothing says "obsession with standardization" like being one of only three countries on Earth that can't figure out that water freezes at 0 and boils at 100.
As far as I am concerned a Raspberry Pi 4G/5G/LTE-edition would be 50% of getting there.
"Why is it so complex to have a foss mobile OS."
What does "foss mobile OS" mean
(a) installed on a portable form factor,
(b) integrates with a cellular modem. or
(c) all of the above
For discussion purposes, assume "portable" means pocket-sized and battery-powered
When the RPi first came out I remember a blog where someone had rigged up a makeshift battery making RPi portable. At the time, HN commenters seemed impressed. Today, I connect a "phone" to an RPi running NetBSD^1 and use the phone as a battery
1. Linux provides wider assortment of drivers NB. I'm not using NetBSD to make phone calls
Today there are
non-portable VoIP phones with PoE, and
portable cellular modems running OpenWRT
Tomorrow, who knows
Convenience and control are mutually exclusive; this seems unlikely to change. Choosing the later over the former is personal preference. Every user is different
Trying to control a "phone" might be a waste of time, an exercise in futility, especially when it is running a corporate OS. Whereas controlling a gateway running an OS of the user's choice might prove to be relatively easy. Phones provide convenience, not control
Do not forget Android is also a FOSS mobile OS.
That "F" (as in freedom) is certainly eroding. Perhaps not by its source availability directly (although without any drivers, what is the use?), but very much by a company trying to lock you out of all the goodies that once came with it.
Even if Google would stop open sourcing AOSP, I think it would be much easier to fork AOSP than to start a new Linux-based FOSS mobile operating system from scratch
Obviously even maintaining AOSP yourself requires a huge effort and a lot of people would need to donate development time/money.
Android is not FOSS in any sense of the word and doesn't produce any user benefits that FOSS is meant to produce.
Most of AOSP is licensed under the Apache 2.0 license and GPLv2 for the Linux kernel. These are FOSS licenses recognized by the FSF.
https://www.gnu.org/licenses/license-list.html#apache2
https://www.gnu.org/licenses/license-list.html#GPLv2
15 replies →
Money
Linux is 30 years old, and still it has a laughable percentage of desktop usage. Plus, the only reason it's even usable is because of the relentless work by thankless developers for reverse engineering device drivers. On smartphones this is orders of magnitude more difficult. How do you properly profile and debug a random modem in a phone? What about the cameras?
So, how can anyone expect FOSS mobile OSs to ever exist unless forced by law by the US or something?
This is 'easily' solved by following the Apple road - focus on one or two devices. I think many FOSS enthusiasts would be happy to buy such devices.
(I am holding out hope for the phone that the GrapheneOS project is planning to make.)
Are you aware of the PinePhone and Librem 5? As others have said, it's already been tried.
I bought a PinePhone, and after a few too many show-stopping issues (not being able to receive a call for a scheduled job interview was the last straw), I went back to using LineageOS without gapps. I'm not a developer either, just a fairly technical user, so when the device wasn't working, all I could do was report bugs, and things weren't improving fast enough. I haven't checked on progress in a while now. postmarketOS seemed like the one to follow, and they do also support some beefier devices like the OnePlus 6T, but then you'd miss out on the PinePhone's ability to easily remove the battery and to boot off the SD card in addition to eMMC.
I also felt a bit bait-and-switched that the PinePhone Pro came out not too long after the original and then everyone seemed to switch to that one. It reminded me of the awful Gemini PDA and how quickly they rushed out a successor without fixing any problems.
3 replies →
This has been attempted multiple times, and always fails because followoing FOSS to the letter doesn't play with how hardware industry works, and when people aren't willing to make concensions they cannot ever deliver a product the general public would replace their Android/iOS phones with.
2 replies →
> How do you properly profile and debug a random modem in a phone? What about the cameras?
This is a huge factor. Mobile chip sets (CPU/SoC, crypto enclaves, GPU modems/basebands) are buried under NDAs a mile thick, and you can't just whack an oscilloscope on the bus like its 1979. Those companies treat their opaque hardware as their defense against IP theft, they'll never, ever give it up in the current environment.
And the cameras are super complex and require a bunch of DSP and AI to even vaguely work let alone do all the headline features.
I know this isn’t what you meant but it’s important to remember there is some hope. Thirty years ago I was required by my CTOs to use Windows, Borland, AIX, and Solaris. Linux, FreeBSD, and Free dev environments were viewed with deep suspicion.
In 2025 you’d be viewed just as much suspicion for not building your stack on Freedom. I still have hope that we’ll get there with phones, too, some day.
In 2025, we all use Windows and macOS laptops around here, Linux is something we run on cloud environments, mostly the distributions of the cloud vendors themselves, which certainly don't upstream everything.
The use of managed language runtimes, and SaaS products with low code/no code, makes the OS kind of irrelevant, and many times we don't even consider Linux on the cloud vendor, it is seen as an implementation detail, as many workloads are done via managed deployments like Vercel, Netlify, Azure Web App Service, and similar services.
> In 2025 you’d be viewed just as much suspicion for not building your stack on Freedom.
Tell me you live in the web bubble without telling it.
Because of hardware standardization Linux has become a pre-competitive layer, a commodity we have decided not to compete on. And it turns out that such a commodity by definition is private, because we don't want any one party to reap all the benefits of a commodity project (we'd rip it out before using it anyway), in the same sense that we don't want want 1 company sitting on all our water consumption data for example.
So, how do we get to a commodity layer for Mobile devices? It looked like it was going to be Linux (Android), and that was Google's intention. But now they are just using their significant resources to corrupt that original idea, using their trojan horse called "play services".
The public at large only cares about convenience, not about privacy. Why don't we? How much enshitification is enough to draw that line in the sand?
The Android stack, right back to the pre-aquisition "Danger" stack, ripped out everything GPL'd above the kernel, and Google has been investing in their "fuschia" project to make a non-GPL'dv kernel as well. Gradually making more and more of it proprietary was the plan.
Google is a big company and there may have been some factions pushing to make android an open ecosystem, but I don't see that that was ever the companies intent overall.
3 replies →
Law is no longer interested in giving freedom to people
Foss people are on the spectrum and so never understand the common man. Simple as that I guess.
Well the nice thing about the spectrum is that we are all on it and that we draw imaginary lines ourselves.
All wisdom aside... I think you're right. I takes a certain grit to start to appreciate the ultimate effect of software freedom culture and licensing. Never mind the the whole philosophy.
It's like explaining CRISPR (yeah I'm a biologist) to a normie... Ok, so lets start with what DNA is... proceeds to guide someone through a lifetime in the molecular biology field....
This is irremovable tension - FOSS in its ideals is democratic, yet it can never succeed in democratization. This is why I think preaching freedom and agency is a bad strategy for the FOSS, even if its members believe them.