Not for long if Google has any say about it. Hardware remote attestation is here, and it's the number one threat to mobile computing freedom.
The future is one where everyone can, theoretically, install anything they want, but they get banned from everything should they actually do so. Rooted system? Attestation fails. "Oh no, looks like someone tampered with the system". Can't access your bank account. Can't communicate via WhatsApp. Can't watch something on the streaming services. Can't even play video games.
Discrimination against "untrustworthy" devices, where "untrustworthy" means not corporate owned. Leading to complete ostracization.
GrapheneOS already has their own attestation API that verifies the app is running on GrapheneOS. Since GrapheneOS is more secure than stock Android, security conscious apps like banking apps have a solid technical reason to use the API and support Graphene.
We just need to raise the profile of GrapheneOS and convince more banking apps to use this API, if they are already using Google's attestation API.
GrapheneOS's strategy for raising their profile and being seen as more legitimate is that they've formed a partnership with Motorola Mobility, who will be manufacturing Graphene compatible phones. <https://motorolanews.com/motorola-three-new-b2b-solutions-at...>
> Since GrapheneOS is more secure than stock Android, security conscious apps like banking apps have a solid technical reason to use the API and support Graphene.
Corporations don't use such things for technical reasons. Their reasons are political. They want control. The "security" they talk about isn't the user's security, it's their own security from the user.
> We just need to raise the profile of GrapheneOS and convince more banking apps to use this API
And until they do, GrapheneOS is permanently at risk of being shut out of the market.
And even if they do, it just means we've become dependent on GrapheneOS. They won't trust our keys, only those of corporations. Our freedom is still compromised.
That would immediately exclude 124 million Americans. Freedom of choice would be giving us the same choice we already have on PCs. We shouldn't keep allowing the mobile duopoly to control this vital and ubiquitous resource for their profit at our expense.
"There's a small corner where they're just as bad! Checkmate!"
I totally agree that should be swappable, but what is your point? Apple doesn't even allow installing stuff outside their store in most places, and had to be legally forced to do it in some because of how ridiculous that obviously is (thanks, EU!). And even there they still have some control with their notarization process. Android is wildly more open in major, meaningful ways, despite some failures.
Not for long if Google has any say about it. Hardware remote attestation is here, and it's the number one threat to mobile computing freedom.
The future is one where everyone can, theoretically, install anything they want, but they get banned from everything should they actually do so. Rooted system? Attestation fails. "Oh no, looks like someone tampered with the system". Can't access your bank account. Can't communicate via WhatsApp. Can't watch something on the streaming services. Can't even play video games.
Discrimination against "untrustworthy" devices, where "untrustworthy" means not corporate owned. Leading to complete ostracization.
GrapheneOS already has their own attestation API that verifies the app is running on GrapheneOS. Since GrapheneOS is more secure than stock Android, security conscious apps like banking apps have a solid technical reason to use the API and support Graphene.
We just need to raise the profile of GrapheneOS and convince more banking apps to use this API, if they are already using Google's attestation API.
GrapheneOS's strategy for raising their profile and being seen as more legitimate is that they've formed a partnership with Motorola Mobility, who will be manufacturing Graphene compatible phones. <https://motorolanews.com/motorola-three-new-b2b-solutions-at...>
> Since GrapheneOS is more secure than stock Android, security conscious apps like banking apps have a solid technical reason to use the API and support Graphene.
Corporations don't use such things for technical reasons. Their reasons are political. They want control. The "security" they talk about isn't the user's security, it's their own security from the user.
> We just need to raise the profile of GrapheneOS and convince more banking apps to use this API
And until they do, GrapheneOS is permanently at risk of being shut out of the market.
And even if they do, it just means we've become dependent on GrapheneOS. They won't trust our keys, only those of corporations. Our freedom is still compromised.
That would immediately exclude 124 million Americans. Freedom of choice would be giving us the same choice we already have on PCs. We shouldn't keep allowing the mobile duopoly to control this vital and ubiquitous resource for their profit at our expense.
I can run Android on Apple hardware? I have freedom to purchase. There is no choice.
Unless you want third party WebViews... (on normal Android)
(Technically besides the point, but that is a broad statement)
"There's a small corner where they're just as bad! Checkmate!"
I totally agree that should be swappable, but what is your point? Apple doesn't even allow installing stuff outside their store in most places, and had to be legally forced to do it in some because of how ridiculous that obviously is (thanks, EU!). And even there they still have some control with their notarization process. Android is wildly more open in major, meaningful ways, despite some failures.
Well that's a totally different problem from restricting which apps you are allowed to install