← Back to context

Comment by birdsongs

11 hours ago

It's not Linux phones that we need. We already have alternatives, like graphene and other AOSP forks.

We need corporations and governments to stop locking down and gatekeeping vital software to closed ecosystems.

A Linux phone doesn't help me when my government's 2FA system (BankID) only runs on Android and IOS phones and can only be acquired with an app store account.

> We need corporations and governments to stop locking down and gatekeeping vital software to closed ecosystems.

If you can't get the government to do this for you in Norway the US has very little hope currently.

We need some standard of minimal digital accessibility. Too much of our lives mediated by digital interactions with capricious systems.

  • The irony is none of this is a problem in the US. We still have a ton of banks that you can use without a smartphone. Even my bank's app works fine on a rooted Android or GrapheneOS.

    Europeans are doing this to themselves.

    • I just recently, in the US, got bounced through a bank authentication system (Wells Fargo's) when trying to order something from Amazon that required me to use their mobile app. I don't use an Android or iOS phone; as best I can tell there is no way to successfully complete that authentication. I even have a hardware TOTP token from the bank now, but even that they won't accept.

      Now, my card info did in fact get compromised recently, and that's probably why I ended up needing that stronger auth flow. But the fact that I literally can't complete that stronger bank authentication without Google or Apple is... yeah. No.

      I have since signed up for a different credit card that I plan to use from here on out.

    • > Europeans are doing this to themselves.

      I mean, tbf the situation was fine until the US transitioned to an autocracy, and the companies went full surveillance state evil, completely supporting the autocracy. Which is a relatively recent development.

      But sure.

      Most places here are working as fast as possible to decouple from any reliance on the US, and I would expect Norway to switch to the new EU digital ID system currently in development.

      5 replies →

  • You say that as if Norway is somehow super civilized and enlightened when it comes to these things, that's not the case. Norway is best in class when it comes to compliance.

    The new base agreement with the US, for instance, for practical purposes declares several areas in Norway to be US territory. It's rampantly against the Norwegian constitution of course, but that doesn't matter because the parliament seems to have agreed to just unanimously consent and not talk about it further.

    Sea bed mining was a farce. Everyone said it was a terrible idea, including Equinor itself. Approved anyway. My assumption is that someone from US/NATO whispered "strategic minerals" into some party leader ears, and they suddenly decided to fast-track it without further discussion.

    It would surprise me a lot if there weren't similar fast-tracked, no discussion, "it has been decided" deals about digital sovereignty. Norwegian politicians may not like the guy currently in charge over the Atlantic, but they view him as a temporary aberration and an occasion to prove their loyalty (to the crown, rather than the guy currently wearing it).

Speaking from experience, it's not only ID systems but if you run non-Android (some AOSP) they might still require you to install an App only available with Play Services or on iOS to do business with government agencies or even apply for funds in some European states. In other words if you are using GrapheneOS, from gov. agencies point of view you might as well be a criminal. Actually given how frequent ID-theft is nowadays, it's actually easier for criminals to launder their money than privacy preserving individuals or companies to pay taxes in EEA.

I'm not familiar with that system. Here in the US I can go to the bank and do anything I need personally with an ID. Is that not doable where you are?

  • My bank doesn't have any physical locations. Those that do have worse rates, and I've had bad experiences with several of them anyway.

  • One of the most popular banks in Brazil doesn't have physical branches. It doesn't even have a functional website. App only.

[flagged]

  • > Read their terms.

    There are no such terms. In a comment further in this thread, you linked to inaccurate posts from an anonymous user on the Privacy Guides forum as your sources.

    > They still run everything through Google services.

    No, this is completely untrue. GrapheneOS doesn't have any mandatory connections in the first place.

    > They are essentially a man in the middle to Google services.

    No, GrapheneOS is a privacy and security hardened mobile OS. It isn't a proxy service and doesn't have any mandatory services. It does not come with Google Play services.

    > I read their terms to mean that they could snarf everything that every graphene device would normally send to Google because they are "anonymizing it" before sending it to Google.

    There are no such terms despite what's claimed in the incorrect anonymous posts you read.

    > What we need is Android like Lineage that works on more devices than Pixels and simply have it without Google services at all.

    GrapheneOS doesn't add a single Google service compared to the Android Open Source Project (AOSP). It replaces all of the standard AOSP default connections with our own servers by default. It also adds settings to control each of the connections. These settings mostly have a choice between GrapheneOS server, Standard (Google) server or Off.

    LineageOS doesn't provide replacements for the Google services pr toggles for user control. This is covered in the third party comparison at https://eylenburg.github.io/android_comparison.htm which provides an overview of what's done with most of the default AOSP connections. The table doesn't cover all the standard connections, but GrapheneOS does deal with all of them by replacing the standard servers and provides settings to control the connections.

    We add opt-in services for geocoding and network-based location as an alternative to the Google service. We host geocoding ourselves with Nominatim using the standard OpenStreetMap, Wikipedia and other supplementary data. Our network-based location service has a choice between Apple or our proxy to Apple but we plan to build our own database to host it directly.

    SUPL which is a limited form of network-based location has a choice between our proxy to Google, Google or Off. SUPL can be fully replaced by enabling network-based location and leaving the default enabled static global PSDS database downloads enabled. We'll be hosting our own SUPL server using our network-based location database once the much easier to build subset of the database for cellular towers is ready for use.

    Google certified devices use Google's hardware key attestation root and service so supporting that inherently has to use either a proxy (our default) or their server including for a non-Android-based OS running on the same hardware which wants hardware attestation support to be functional. That's tied to the hardware ecosystem based on certification, not software. Non-Google-certified devices will use a different service for attestation key provisioning, either hosted by GrapheneOS or a proxy to the service by the hardware provider or certification authority.