1042
Google's shocking developer decree struggles to justify the urgent threat to F-Droid
(www.neowin.net)
we need linux phones ASAP
this post was submitted on 29 Sep 2025
1042 points (99.6% liked)
Technology
75625 readers
1731 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
I think Linux phones will gain some real traction within five years. Last I heard, KDE is putting great effort into making apps for Plasma Mobile
We had a few good Linux phones back in the day but Nokia / Microsoft killed them trying to compete with iPhone OS and Android: Maemo / Meego were great but did not get a proper chance.
Jolla continued the legacy and Sailfish OS is still something worth checking out if you can find suitable hardware, or idk how complex it is to port it.
Seems to be new Jolla phone coming up at some point too: https://forum.sailfishos.org/t/next-gen-jolla-phone/23882
Does anyone know if existing linux phones can run 2FA apps such as Duo or Google authenticator?
They can run Keeppass, which does TOTP. It doesn't do push notifs, like Duo does, though.
Why do you need the google Authenticator? Proton has it too. Which (from searching) looks like it’s compatible for the Ubuntu systems. But that’s just from the search. I ‘m personally just using it with a android right now. I am currently eyeing up the fairphone Ubuntu as my next phone
Why do you need the google Authenticator?
Systems at work use google authenticator for 2FA. Prior jobs have used Duo.
they are interchangeable. you can export from google to use in proton. I’ve set all my google logins to proton too. I’ve not experienced this ‘locked in’ situation if you’re using your own phone to run the app.
My work has me using 3 different 2FA apps depending on what service I'm accessing. It's great! Especially with the noticable battery consumption increase after setting up 2 more 2FA apps than I had before
Google Authenticator is merely a generic TOTP token storage app. The person you're replying to was pointing out that Google Authenticator, specifically, isn't necessary. There are alternatives, and unless you're using a company-owned device that restricts the apps you can use there is no way for work to dictate which app you use for TOTP tokens.
Duo, Okta Verify, and other 2FA apps that use push notifications and such, are a different beast altogether.
Google’s developer verification will only run on mainstream Android with play services. It’s not supposed won’t be running in standard AOSP so the easiest solution would be to switch to a custom ROM like GrapheneOS.
They are also working to similarly kill custom ROMs. Just recently the GrapheneOS team mentioned that Google is no longer making their hardware drivers Open Source, and so compatibility with new phones means reverse engineering their own drivers - which is a big reason that custom ROMs support such narrow hardware options already and very often come with limitations and/or features that just don't work. At best, they figure out how to make it work, but it takes time and updates can lag significantly behind.
We have a lot of options on the software side for avoiding google (or android), but very limited options on hardware. We need open source mobile hardware support ASAP.
But remember, unlocking bootloader is harder and harder for many devices. And Google's Play Integrity and API changes makes removing trace of unlocked bootloader harder. Many apps not just banking, ChatGPT, games, some of social media is completely unusable in that scenario.
While true, the pool of unlockable devices are dwindling fast.
True…. I heard GrapheneOS is having trouble porting to the Pixel 10
Also, aren’t some critical apps like banking apps starting to ban unlocked / non-stock systems? Heard someone complaining about this a while ago.
Yes, banking apps, streaming apps, even some shopping apps. This has been a problem for a long time. Sometimes its for “security” reasons and sometimes its simply because the app uses Play Service APIs. Another issue on de-googled systems is push notifications, though that is often fixed through alternates like Unified Push
I don't have that choice in Denmark due to NemID.
Like other people have suggested, maybe get a second phone (one of those really cheap ones with play Services) and use that for that stuff, and keep your main personal phone google-free.
European devs: Our laws will protect us!
Meanwhile, our laws:
Article 30
Traceability of traders
- Providers of online platforms allowing consumers to conclude distance contracts with traders shall ensure that traders can only use those online platforms to promote messages on or to offer products or services to consumers located in the Union if, prior to the use of their services for those purposes, they have obtained the following information, where applicable to the trader:
(a) the name, address, telephone number and email address of the trader;
(b) a copy of the identification document of the trader or any other electronic identification as defined by Article 3 of Regulation (EU) No 910/2014 of the European Parliament and of the Council (40);
I'm starting to think these for-profit companies only care about making money.
gulp You might be right
What pisses me off it that they say they do this for security. It changes absolutely anything.
They really think that malware developers will say "oh no! I need to submit a picture of an id card to sign my malware! It's literally impossible to submit a jpg of a stolen id card, I'm ruined and out of a job!"
What does it change? Waste 20 minutes of some malware developer while they register under a stolen id? They already have a system that scans for known malware and automatically remove it.
Thing is, Play Store is already filled with malware or near-malware from seemingly verified developers. I ran into several scam clone apps just today. It's even snuck in through OEM apps.
Same on iOS, which supposedly verifies devs.
If 'verification' and curation is their idea of security, well... It appears their system is already overloaded, yet they want to expand it?
Both things can be true. It definitely is better for security. It’s pretty much indisputably better for security.
But you know what would be even better for security? Not allowing any third-party code at all (i.e., no apps).
Obviously that’s too shitty and everyone would move off of that platform. There’s a balance that must be struck between user freedom and the general security of a worldwide network of sensitive devices.
Users should be allowed to do insecure things with their devices as long as they are (1) informed of the risks, (2) prevented from doing those things by accident if they are not informed, and (3) as long as their actions do not threaten the rest of the network.
Side-loading is perfectly reasonable under those conditions.
It's always security when someone wants to take our freedom away. Always security...
Not always. It can also be about the children.
About keeping the children safe
Of course they know that. It's about power and money. After all, they already have a security program that filters out malware. If we believe their stated reasoning (which we don't), they're tacitly admitting that their current security program is a complete failure, and also that they will not try to fix it.
I am perfectly ok with android apps being required to be signed by not just a certificate (they always were just it could be self signed and just needed to match to upgrade without removing data) but a list of trusted entities.
As long as:
- I can install my own key on my phone (I'd I am trusted)
- major distributors like fdroid and have a key installed without friction (like web CAs)
- Google let's me mark their key as untrusted (I probably won't but I should be able to refuse things they trust (at install time, not disabling preloaded apps like settings)
Without this it feels too much extending the monopoly despite being forced to allow 3rd party stores.
"Google stands for free and open internet"
https://blog.google/outreach-initiatives/public-policy/keep-internet-free-and-open/
Aged like milk.
load more comments
(3 replies)
view more: next ›