I've grown increasingly hateful towards both my Android and iOS devices over the last decade. The platforms themselves are increasingly user-hostile, and their appstores are crammed full of shitty, privacy-invading, telemetry-hoovering, dopamine-triggering, ad-filled, lipstick-covered apps that are often garbage compared to the pioneering days of mobile. I miss the days of my old Palm Pilot.
Is anyone working on fixing this? We can do so much better.
If an alternative, privacy-focused OS like Graphene can support contactless payments (universal, like Google Wallet does it, not having to install an app per bank or card), and can 100% reliably get around apps requiring SafetyNet (or whatever they call it now) attestation, then I'd start using it.
I'd also need an alternate, safe source for common apps like Uber, Lyft, Slack, Kindle, Doordash, my banking/credit card apps, and a host of others that I use regularly. (And, no, "just use their website" is not acceptable; their website experiences are mostly crap.)
Way long ago I used to run CyanogenMod on my Android phones, and it was trivially easy to get every single app I needed working. Now it's a huge slog to get everything working on a non-Google-blessed OS, and I expect some things I use regularly just won't work. I hate hate hate this state of affairs. It makes me feel like I don't actually own my phone. But I've gotten so used to using these apps and features that it would reduce my quality of life (I know that sounds dramatic, but I'm lacking a better way to put it) to do without.
For those watching this stuff, there are two other promising paths using ZK-proofs which might disarm the tradeoff situation we've been stuck in. Banking apps etc aren't willing to eat the liability of devices that are rooted or running alternate OSes, and Google's been banking on the exclusivity that brings from being both hardware and security provider.
Path 1: a ZK-proof attestation certificate marketplace implemented by GrapheneOS (or similar) to prove safety in a privacy-securing way enough for 3rd party liability insurance markets to buy in. Banks etc can be indifferent, and wouldn't ignore the market if it got big enough. This would mean we could root any device with aggressive hacking and then apologize for it with ZK-proof certs that prove it's still in good hands - and banking apps don't need to care. No need for hard chains of custody like the Google security model.
Path 2: Don't even worry too hard about 3rd party devices or full OSes, we just need to make the option viable enough to shame Google into adopting the same ZK certificate schemes defensively. If they're reading all user data through ZK-proof certs instead of just downloading EVERYTHING then they're significantly neutered as a Big Brother force and for once we're able to actually trust them. They'd still have app marketplace centrality, but if and when phones are being subdivided with ZK-proof security it would make 3rd party monitoring of the dynamics of how those decisions get made very public (we'd see the same things google sees), so we could similarly shame them via alternatives into adopting reasonable default behaviors. Similar to Linux/Windows - Windows woulda been a lot more evil without the alternative next door.
All of my bank apps work fine on graphene. I'd switch banks if their app stopped working, not stop using graphene. I stopped using Google wallet, I don't miss it enough to justify using stock android. For other apps, I just put them in a separate profile that has good play installed/configured. It really wasn't bad. The worst part is wiping your phone to install graphene the first time, I prefer just to get a new device for it so I can move stuff over
How do you access banking and other sensitive apps? If the answer is, you don't, well, you can see how that's a non starter for the vast majority of people.
This is a good start! I think we need something like a ProtonDB for this sort of thing, but that covers all apps, not just banking apps.
I do see five banking apps I use listed there as working, which is great. But -- and maybe I'm being unnecessarily overly worried about this -- what about the future? What if I've been using Graphene for a year or two, and one of the ones that's critical for me changes how they operate, and Graphene no longer passes muster as a platform it will run on. I'm not afraid of this happening at all running Google's stock OS image, but once I do my own thing, I get to keep the pieces when it breaks.
I love how so many of the responses in this thread are "it works for my particular bank" or "my bank's website is good enough" or "I'd only need it to deposit checks, but I never need to do that"... as if those are actually helpful responses to this general problem.
Many many people have banking apps that will not work on non-Google-blessed devices, use banks that have mobile websites that are terrible, and need to do mobile check deposits (which is usually only available in the app, and not the mobile website, if the bank even has one). And no, we're not going to "change our bank".
The reality is that there are so many things that break, sometimes in subtle ways, when you try to use an alternative Android OS. Some people may not have any problems, and that's great! But many -- I would dare to say most -- will.
And there's also a ton of uncertainty: I don't really want to wipe my phone, install GrapheneOS, spend hours messing with it and setting it up, only to find that something critical doesn't work, and now I have to flash back to the stock OS, and hope I can restore everything the way it was.
There's bound to be tradeoffs between scrappy open source communities and trillion dollar industry behemoths. The fact that it's this close of a call is pretty amazing. And really you can blame your bank for not making a usable mobile site. A lot of businesses like to force users into apps because it helps with engagement metrics, not because there's any functional benefit.
Its not even a matter of tradeoffs - banks just suck major ass so, of course, their piece of shit apps are extremely fragile and only work under just the right conditions.
That's not any OS' fault, that's banks fault. That's been my experience with every bank I've used so far and yes - they often break on certified OS' too! I've been on the phone with support!
Because they make bad software, period, and we're all just forced to use their bad software.
This is probably the only real solution. It also makes sense from a getting mugged or breaking your phone perspective. At this point, my phone is probably more important than my IDs and passports.
This is quickly disappearing as an option as well. I need my bank app to authenticate even when using a web browser on desktop. Luckily my banks app still works on GrapheneOS, but I suspect it's only a matter of time before they disable that because of "security" reasons.
What bank is this? No bank I know /requires/ you to use a mobile app for anything; the web is enough. 2FA can usually be done via email, SMS, or a google-authenticator-compatible app.
They have a nice web app, but you must use their mobile app to login on the web version. The app takes a video of a QR code on the web page during login. Web login completes as soon as the mobile app notifies the server. There's no 2FA code to enter, and no alternative.
I asked them about this, by phone call, when my phone screen broke and I urgently needed to make a transaction. Surely there as an alternative? Or could I do the transaction by phone call?
They told me that indeed there is no other option. Despite having phone customer support, they had no phone or web banking service at all which could be used without a registered mobile device. The only phone service they could perform was to register a new mobile device, which I didn't have. I had a tablet, but it was too old.
So I had no good choice. The Android phone I'm using right now was bought in a hurry just so I could be allowed to make a bank transaction.
It wasn't my first choice of phone. I didn't have time to investigate alternative devices, let alone weigh up open alternatives. I ended up buying a mid-range device under pressure that seemed ok and was available in a store without waiting. (It was a brand new Samsung, and despite the IP rating it got water damaged and stopped working entirely after a few splashes a year or so later, but I was able to get it repaired.)
I should say that I'm not from the US, so that might be why you haven't heard of it.
There is also an alternative for now, but nothing as simple as SMS or authenticator app. They give you a special credit card shaped card with a card reader that you can use to authenticate with using your PIN, which is mostly considered legacy now with the bank app. It's also not realistic to be carrying this thing around everywhere either as it's bigger than my phone.
There is also a national ID app that is used everywhere that I'm worried will stop working on GrapheneOS... Because without it I won't even be able to access online government services like healthcare, taxes, etc.
I don't know the bank they are referring to, but I can cite an example for me: RBC Royal Bank of Canada requires the mobile app. There is nothing you can do on their website without first 2FA via their specific mobile app, and even then only in limited transaction sizes. If you want "full access" (e.g. up to $10k daily transfer via e-transfer) then you MUST use biometrics and the mobile app.
Is that a jab at grapheneOS ? Because thats just another thing that google is borking up. And a little bit more so the banks themselves.
GrapheneOS is the way that all phone operating systems SHOULD be made. Layers and segregation between your banking apps and all the privacy breaking trash and malware you can get off the app store.
It is the banks and google making weird rootkit shit to try and lock down things that is the problem here.
Unfortunately I have checks to deposit every couple months. And my bank has no physical presence, so the only way I can do it is through the mobile app. (They also accept deposits by mail, but I'm a little wary of that; a lost check would be a huge hassle.)
They don't all work, though: too many crank up the settings on google's various 'integrity' checks and will fail on anything that isn't 100% google-blessed. (Which is insane, because that's all that's required: on a previous phone of mine, it worked fine with a stock ROM with a bluetooth-based RCE, but upgrading to a custom ROM would have meant it was 'insecure')
My credit union app already wants 24x7 GPS tracking of my location and full access to my camera at all times and full access to my collection of photos, so the app is already dead to me anyway. Demanding that I use it on a locked down device isn't going to change anything for me, I'm already actively not using it. I use the website on a desktop, I rarely need to access my CU at all much less access it remotely.
Given the large amount of battery and bandwidth already used to track my every move, I wish there was something like "Docker for phones" where I could enable and disable 24x7 full access to my every action IRL.
"Many other devices are supported by GrapheneOS at a source level, and it can be built for them without modifications to the existing GrapheneOS source tree."
How is GrapheneOS / SeedVault looking these days in terms of being able to capture reliable backups and restore them to another device (without using the cloud)?
I gather the introduction of the android:allowBackup="false" manifest flag complicated things somewhat... I thought I read since then that a Device-to-Device (D2D) impersonation mode was implemented, and would love to hear if that helped?
Side note, I read that GrapheneOS project is having some challenges recently.. between [0]the Android kernel drivers no longer having their Git history of changes being released (only a code dump with no history) - and [1]one of Graphene's two core contributors being detained/conscripted into a war.
it doesn't matter who the war is with/against, if the lead developer of a software project gets drafted that will likely affect the users by virtue of them having less time to work on it (or none, if they get killed, which is not, y'know, unheard of in wars)
Vollo from German is one https://volla.online/. They sell a nice set of devices that run either a custom Android or Ubuntu Touch. Their custom Android has a nice bunch of UI and privacy features.
Another one is https://murena.com/ which (IIRC) is based in France. They don't have their own hardware though, they sell partner phones with their ROM preinstalled.
For once Fairphone never updating their phones will work in our favor! If Google roll sthis out in early 2026, anyone with a Fairphone can rest easy that they won't receive that version of the operating system until mid-2028 at least.
Fairphones are also LineageOS and postmarketOS compatible, both options are without tracking and without Google's mandated policies.
LineageOS without gapps is really usable if you set aside the "big" social media apps. WhatsApp can be sourced from their website as an APK. The social apps like facebook, instagram, snap, tiktok and others all require Google Play's tracking services (aka gapps).
For YouTube there's multiple better alternative open source apps available, and mastodon, amethyst and the fediverse apps on f-droid are far superior in terms of performance to the Google Store alternatives.
I have Android 15 on my work phone and 10 in private. I don't really see the difference besides that they've made it more annoying to turn wifi off (requires an extra tap now, first the general internet menu and then a small slider for wifi or mobile data). Genuinely not seeing any significant changes from a user point of view (I'm sure there's lots of new SDKs for the developers, but while I've made apps before, I'm not a mobile dev keeping up with the latest things)
That Fairphone has 13 just tells me they don't waste employee time in their small business on useless upgrades just for the sake of it. Their point is fair wages and ethical mineral mining: better that they have a workable phone without even more fluff, it seems to be tricky enough already in this world :(
Right, that is nice to have, though in this case the hardware would also have to support it which an older phone that didn't ship with Android 15 won't have
I'm talking about things like T-mobile's starlink texting. The only hardware requirement is supporting eSIM, which Fairphones 4 and later do. It uses standard LTE.
The sole blocker preventing someone with a Fairphone 4, 5, or 6 from sending text messages via satellite is that they are not on Android 15.
The crazy thing is this is all under the pretense of preventing malware. And I constantly hear this argument that the app stores protect people, even from developers.
I truly don't get it. Are these people from 2009? Have they seen the apps on the current app stores? If you're lucky your highest rated flashlight app will only have a few Fullscreen ads and a subscription less than $10/mo. The recipe sites from content farms are less bloated and way less scammy.
It's certainly not about preventing scams. It's about preventing competition in the scamming business.
... and that pales in comparison to the billions stolen via malicious actors on certified software. Lol.
I don't need to sideload a fucking fake bank app to steal your money. Get real. This isn't how most fraud or scams are done. Grandma isn't gonna install a fucking unsigned binary on her android phone. But she IS going to give out her password.
> According to its own survey, Google says that more than 50 times more malware came through internet-sideloaded sources compared with Google Play, where it has required developer verification since 2023.
50:1 is not preventing. It is just "well, we are better than nothing"
I'm pretty sure there can be other curated stores that can serve the customer¹
[1] customer: owner of phone, not advertisers, data merchants, etc
I regard Google highly in many domains, but this needs independent research. There is just waay too much opportunity to misuse data to paint a picture of themselves as the protectors. Especially curious about their definition of malware, because to me the app stores seem worse than browser toolbars from the 2000s.
It also shows how bad Google is at preventing malware in the Play store. There are far more than 50x more installs from the Play store than from side loading, which means that most malware is installed through the Play store, despite the much lower barrier to entry for side loading.
I tried to screenshot some app on my android the other day and got an error toast reading some bullshit like "this action has been blocked by the admin." Uh I'm the admin and this is my hardware... The sketchy app was trying to prevent screenshots.
It's also super nice to take notes on the fly for OpenStreetMap with StreetComplete, for holding the device up to the sky and it tells you what planet is so bright in the sky, for navigation... These things don't work on a laptop. Even if you want to carry a full-sized system in place of a smartphone, or use Ubuntu Touch, I'm not aware of software to do these things in the convenient way that Android apps let you
Of course, that's a software support issue and not a constraint imposed by the OS. Someone could make Stellarium desktop work with an orientation sensor. It's just that nobody has done that particular thing, as well as a million other things that work super well on mobile
So is it second-class, or is it just a way that is optimised for output rather than input? You get the turn instructions presented to you, you can watch videos and listen to music, note-taking is optimised to work with a few taps and is reduced to the essentials you need. You can work them out later on computer if you have time at home over of course, but at least you can contribute that way with ease
Heh, I've always done this. Maybe if every mobile dev made sure I could find text like I can in a browser I'd be less strident. But really, I need a very good reason to install stuff.
I'm right there with you. These platforms are cancer. There's a small but growing movement away from smart phones. It'll probably never go mainstream, though.
I think before we can fix all that we need to revert the renting of software via subscriptions and go back to one-time-payment. But people are too greedy for that.
The entire developer experience was fantastic and the thing that killed it was a lack of desire from the upper leadership when it felt like they couldn't compete with the duopoly.
Did you have a wince app? Too bad, throw away all that and rebuild for wp7.
Do you want do anything useful? Actually, you better wait for wp7.5.
Oh look, we have a totally new thing with WP8. Upgrade to the newest framework so you can use the WP8 features... Oh, but you still need to build for the old framework for WP7. Hey, how about WP8.1, kind of the same deal.
My personal favorite though was WM10; you now need to build a Universal app that only runs on the very small number of WM10 phones... If you want to run on WP7 and WP8 which still have more sales, a universal app doesn't run there. Also, even though we said WP8 phones would be able to upgrade, either we changed our mind, or the experience is so bad most people won't. And the cherry on top... Users who upgrade from 8 to 10 might need to delete and reinstall the app, otherwise it will just show the loading dots.
Did we mention, we decided we didn't need engineers in Test in the run up to WM10? Couldn't possibly be why the release was terrible.
It's incredible that by the end of it, the WM rollercoaster made us actually miss WinCE. If you had have told us that initially none of us would have believed you. WM had so much potential and was just totally botched.
Start complaining to your government about every shitty thing the apps and OSes do, and tell your friends to do it too, eventually we may get some action on it.
We are all mildly annoyed and therefore mildly motivated to fix the problem. Apple and Google are extremely highly motivated to retain the status quo. I still try to vote with my wallet but it's going to be hard to counter their well-funded lobbyists.
I cut my teeth on commercial b2c & b2b app dev/sales on Palm OS from the age of 14. It was sad but now I'm a full-time bootstrapped iOS dev thanks to that experience.
Is anyone working on fixing this? We can do so much better.