I have a motorolla edge 2024 that I'll load whatever open source phone OS will work well enough to place calls and browse the web. I'll keep another phone for the rare times some corporate/government overlord requires it. Many folks who refuse to use smartphones, similarly own a smartphone they rarely use for systems that require them.
My recommendation is to put as little time and energy into closed, locked down platforms as you can. Feel free to complain, but don't forget you can make choices.
You can still run a version of Word from 2004. It's fine, if all you need is to write some thoughts down for yourself. But the moment you need to collaborate with other people via a Word document, you'll find it difficult without the modern version with all its user-hostile aspects - and more importantly, other people will find you difficult to work with.
Same applies to other software, web and smartphones, and to everything else in life - the further you deviate from the mainstream, the costlier it is for you. Deviate too much, and you just become a social outcast.
I've used it in the last three years to automate document generation in an enterprise because the latest versions of word:
1). Randomly break during automatic updates you can't really turn off.
2). Automatically upload everything to the cloud even when you tell them no.
This isn't the 90s when closed software was better. We are firmly in the enshitification stage of windows and office. Open source is better and is the only sane choice for enterprise.
Those are not words I thought I'd ever write in 2005 or 2015, but here we are.
Even the healthcare, which everyone thinks as a "benefit" of the progress, only resulted in having lopsided demographic pyramid with countries full of old people. I can't think of single scientific result benefiting the human race in its evolutionary goals.
It's a lot harder to make an insular society which is self sufficient just to the degree necessary to create an open source smartphone :-p
Technology brings tradeoffs. Conformity in some regards, but it also opens up many new and varied ways of living.
I personally find that hard to believe and they don't explain their methodology to arrive at that number (presumably they looked at the downloads and picked a number of users based on feelings).
But, if that number is true, then I suppose you're not only right, but LibreOffice is already near 5% market share.
This is the Hacker News bubble in action. Most of the world, most of America, most of China, India, etc. haven't even heard of it. They ignore it and they thrive. Maybe you need to pay attention if you're dealing with certain European governments these days - I'm not sure because I completely ignore it and haven't paid attention since there was just OpenOffice and LibreOffice didn't even exist yet.
Open document formats have been the UK standard for things like .gov.uk for many years. About a decade IIRC. Ignored by some people (notably the Office of National Statistics, of whatever its called these days).
> Most of the world, most of America, most of China, India, etc. haven't even heard of it.
I have come across quite a few non-tech people who use Libre Office.
It has great (some people say better than MS Word with itself between version) compatibility with MS office formats.
Of course. I can make a choice. When the choice is between being able to login to secure services with my SIM embedded e-signature, use mobile banking and conduct official business and not being able to do any of these things, making choices are easy.
Running Linux on desktop is easy mode when compared to phones, and yes, I started using Linux on desktop in 1999 too with SuSE 6.0. Phones are way more interconnected and central to our lives now when compared to a general purpose computer running your $FAVORITE_OS.
Look I get it, even back then, most folks felt Windows was the obvious choice (and still do) for their jobs and so on. Sometimes you have to make do with with the unappealing choice in front of you.
For a little more context, my cracked screen iPhone can still do banking or whatever, but I chose not to pony up $800-$1200 for a new iPhone and bought the cheaper $350 Motorolla. It works for me and I think I'm not entirely alone. There are probably some cracked phones, some handme down phones that folks could use for those situations where you really need to use the closed platform, but otherwise are free to use something more open.
I support FOSS wholeheartedly, and believe that it's possible to have a device which is completely Free (not Open but, Free) from hardware design to firmware and software.
On the other hand, there are some nasty realities which bring hard questions.
For example, radios. Radio firmware is something nasty. Give people freedom and you can't believe what you can do with it (Flipper Zero is revolutionary, but even that's a tongue in cheek device). Muck with your airspace and you create a lot of problems. The problem is not technology, but physics. So, unless you prevent things from happening, you can't keep that airspace fair to everybody.
Similar problems are present in pipelines where you need to carry information in a trusted way. In some cases open technology can guarantee this upto a certain point. To cross that point, you need to give your back to hardware. I don't believe there are many hardware security devices with open firmware.
I use MacBooks and iPhones mostly because of the hardware they bring in to the table. I got in these ecosystems knowing what I'm buying into, but I have my personal fleet of Linux desktops and servers, and all the things I develop and publish are Free Software.
I also use Apple devices because I don't want to manage another server esp. in my pocket (because I also manage lots of servers at work, so I want some piece of mind), yet using these devices doesn't change my mind into not supporting Free Software.
At the end, as I commented down there the problem is not the technology itself, but the mindset behind these. We need to change the minds and requirements. The technical changes will follow.
It seems like a hardware security device could act similarly to the radio in that the general OS can ask for service (e.g. a signature), but not have access to the internals of the MCU. I don't see why these systems need to be opaque either, in fact it'd be nice to know what is running on the security enclave or LTE radio, even if folks aren't generally meant to access/modify the internals.
It'll be interesting to see how things develop. In my case, I am looking for more experimentation with the smartphone form factor. I'd like to see better options in the market.
IMO, if the radio chip just acts as a radio, and passes packets as requested, and any needed firmware blobs are freely distributable, it's fine. It's not ideal, but it's good enough to make a libre-phone.
We all know the network is spying on us anyway, and the radio should be treated as being part of the network, on the other side of the security boundary from the main processor - and since we don't trust it, we don't have to demand that it helps us verify our trust in it!
We're headed down a very slippery slope and the destination is a very dystopian reality where those in power can prevent someone from participating in society on a whim. I believe the destination has previously been described as the beast system or New World Order.
We are all definitely going to have to make a choice. That much is certain.
In some cases, it already is.
We're already far on the path you described, and there is no choice to make on it, not for individuals. To stop this, we need to somehow make these technologies socially unacceptable. We need to walk back on cybersecurity quite a bit, and it starts with population-wide understanding that there is such thing as too much security, especially when the questions of who is being secured and who is the threat remain conveniently unanswered.
That's good to hear.
I'm entirely on F-Droid, with no Google account.
I'm aware of this slippery slope for a very long time, esp. with AI (check my comments if you prefer). On the other hand, I believe that we need to choose our battles wisely.
We believe that technology is the cause of these things, it's not. Remember:
Necessity is the mother of invention.
The same dystopian digital ID allows me to verify my identity to my bank while I'm having my breakfast saving everyone time. That e-sig allows me to have a practical PKI based security in my phone for sensitive things.
Nothing prevents these things from turning against me, except the ideas and beliefs of the people managing these things.
We need to change minds. Not the technology.
I totally agree that changing the hivemind's mind is the only way to preserve these freedoms.
Is anyone making any progress on this? Beyond the FSF, noyb, and hn lurkers?
Thinking about that now... That's not great.
I do have one credit card that requires an app if you want to do thing online - otherwise its paper statements only. I use it a lot less as a result.
Except, this not really a choice or a reasonable work around.
Phones are still somewhat expensive, not to mention a time-sink to maintain. Try explaining to your parents or even close relatives that they need to abandon the phone they either spent $$$($) on our spend a $$ monthly on that they should really buy another $$$($) phone and use their "official" device like a company card.
Although the only problem with this strategy is that Linux got that way because of a lot of private companies that actually wanted that. Valve didn’t want to be locked in with Microsoft. Many of Microsoft’s direct competitors also don’t want to be locked in. IBM famously switched to Mac, Google has been using Mac and Linux workstations for a long time as well.
Also, web technologies like Electron made porting applications to small user bases Linux easier. If that never happened, I wouldn’t be able to use my commercial apps on Linux. This concept might be a little more of a challenge for the mobile app ecosystem, which is a mix of native wrappers like react native and native apps, and there is a high amount of dependency on native APIs for the extra sensors and hardware features phones have the laptops and desktops don’t have.
E.g., For Linux on mobile to work react native can’t be an incomplete implementation like the status quo.
If you need a locked down phone that passes remote attestation to authenticate yourself to a remote service, then whatever you use to access the service UI doesn't really matter: the only device that's necessary to have to use the service is the one you don't fully control, and which gets to control your patterns of use.
An intuition pump I like: imagine you want to put a widget on your desktop that always shows you the current balance of your bank account. You want it to just work ~forever after initial authentication (or at least a couple weeks between any reauth), and otherwise not require any manual interaction. See how hard it is (if it's even possible), and you'll know how badly you're being disempowered already.
Most services offer simple SMS two factor, and then if they offer an upgrade to Authenticator or passkey then I have no iOS/Android dependency.
My bank’s website works almost the same as the phone app, I think the only difference is the lack of mobile check deposit (but nobody’s writing checks anymore).
Some services like Venmo are most popular on apps but still have a website.
My remaining hooks are:
- iCloud shared photo libraries with my family. I can use those on iCloud.com but it’s a bit more of a pain. My paid iCloud storage has been migrated to more open alternatives.
- AirTags and Find My. There just isn’t a competitor that’s anywhere near as good. It’s thankfully not a very necessary product.
- Apple Watch. (AirPods actually work great on Linux, btw, even if they are missing some functionality)
- Apple Home. I could migrate this to Home Assistant.
- Apple Wallet. This is mostly convenience. Most things that use it have some kind of alternative, like printed boarding passes. But there’s…
- Ticketmaster. The mobile website tells me I must download the app or add to mobile wallet. Barcodes are dynamic and screenshots don't work. I think the only alternative is to go to the box office before the event which can be very annoying.
Yes, I can come up with scenarios where this gives an attacker exactly what they need to time some scam (or mugging) perfectly. I can just as easily come up with scenarios where the same attacker uses already available (or inferrable) information for the same purpose.
Look, many banks are perfectly fine with letting you opt into showing the account balance on their app before log-in step[0]. So why not let someone opt-in to direct access to that information? Or even opt-in to allow the app to expose this information somehow. Even in a body of a goddamn notification[1] (not disabling screenshots is too much to ask, I know, surely everyone will get hacked if this is enabled).
Paranoid mentality about cybersec is a big part of the problem - in itself, but also because it legitimizes the excuses app vendors provide to force users into their monetization funnels.
--
[0] - It's not a very useful feature, since you still need to open the app - and at that point, it's faster to log in via PIN or biometrics than to "swipe down to reveal account balance" or whatever bullshit interaction they gate access through in lieu of just showing the damn thing.
[1] - The increasingly common pattern of "let's notify user that something happened, but do not say what happened in the body of the notification" is getting infuriating. It's another way to force users to "engage" with the app, and it happens to also deny one of the few remaining ways of getting useful data from the app for purposes of end-user automation.
There’s good reasons you can’t do this, and sure, maybe you don’t care about those reasons, but you’d be in the minority.
2FA is either a standard TOTP generator or an SMS.
Now I do have a smart phone, because I'm not a complete luddite, but I can't think of anything other than perhaps some forms of entertainment (apple tv, paramount, disney perhaps) which might not work on my laptop. I shun things like notifications of my bank balance, is that an essential thing? How did people in the 90s cope without a per-minute balance?
> 2FA is either a standard TOTP generator or an SMS.
For now. Be grateful while you have it. Most banks everywhere are moving to 2FA through push notifications to their proprietary app, and are deprecating other channels. TOTP is becoming unusual in a bank; where I live, I haven't seen it in use in banking in over a decade (though I'm not counting SMS here; they're technically kind of like TOTP, but they're generated by the service, not on your end).
Between that and a web-wide push for passkeys, having a locked down smartphone is already becoming a soft requirement for doing anything on the web.
I guess I could automate my browser or write something, but the lack of a published API doesn't mean I don't have theoretical control over my device (in practice I rely on a linux distribution and firefox/mozilla to create/maintain the browser engine)
Sure in the future they could hypothetically enforce non-free methods to access my bank, and hypothetically all banks could do this, but that's certainly not the case now.
Another use case which Linux has a lot of trouble with is operating as a replacement for a pen-and-paper notepad. When I set a computer down for a day, I should be able to turn it on instantly and see the notes that I wrote 3 weeks ago. There are a variety of reasons this doesn't work on Linux. You say "that's an inconvenience" but there are circumstances in which being able to read those notes without needing to wait 30 minutes for the laptop to get enough charge and boot up could be a matter of life or death.
If these kinds of issues are mere inconveniences, that means the computer is a toy rather than a tool.
Not having to do that is the whole point (especially as those are not rare to most of us).
This reminds me of a Woz interview in the early days of the iphone, and his solution to it not supporting multitask was also to run two phones.
One certain thresholds are reached, little can be done even for the committed outcast.
It is a constant trope in technical forums.
We are a minority. Solutions which might be "inconveniences" for you, might be unsolvable issues for the rest of the planet.
It still doesn't btw.
https://www.microsoft.com/en-us/microsoft-365/free-office-on...
It didn't ran on computer of people that wanted Excel/Word/Powerpoint or most games. I don't think the market of people wanting to use their phone only as a server is big enough for a competitive OS to arise, but I may be mistaken
Most of us do not want to carry two phones around. The reality is that there is strong utility for those non-open apps and they will never be replaced by open ones.
In some parts of the world, WhatsApp is as necessary as the phone itself. Official business is conducted via it.
The rest is a personal choice, I'm happy to have a bit higher friction to check my bank's balance for example. Maps is an issue but it can be overcome.
I find this to actually be a great litmus test for the overall problem. Bank account balance is a basic piece of information that's about me, and that I need to keep track of to effectively live in our modern times. I should be able to access that information non-interactively at any time. But I can't.
Ask many banks, you'll get as many reasons for why they can't just allow me to cURL this number off an endpoint with some pre-shared credentials. Most of those reasons are bogus[0]. Now, it's not hard to identify several points where I could observe that information in-flight. There's an API that powers the app. The app itself has UI that could be queried or scrapped; some apps will even communicate this data to other apps when requested.
But good luck getting access to any of that non-interactively.
This is what all those technologies add up to. The bank says I can't have this information unless my eyeballs are physically looking at the screen displaying it - and the whole tech stack conspires to make sure I can't get it otherwise.
It's a trivial and non-critical need, but it's also exemplifying the basic user freedoms being denied to us: the ability to freely process information on my own device.
EDIT: Accessibility tools are often the only remaining workaround here, because those are uniquely hard for services to close. And as expected, accessibility became its special privilege category on modern devices, and is increasingly heavily scrutinized and limited by device vendors.
--
[0] - They're usually some kind of security or stability point, that's just a fig leaf to cover the actual reason: this is the way they can force you to interact with their app or website daily, creating an extremely valuable marketing channel for their financial products.
I hate to risk sounding like I'm beating a dead horse, but when I hear this I flash back to Attack Surface by Cory Doctorow. I interpreted his message in that book as something approximately like "you can't out-tech the bad guys", where "bad guys" can mean government surveillance agencies (probably more what he had in mind) OR "big corporations trying to control your life" (this may be me extrapolating). But even if I'm over-generalizing a bit, I think the point still stands.
"We" (open source advocates / hackers / hobbyists / makers / whatever) can't win on just tech alone. We have to use the legislative process, political pressure, social pressure, whatever, to achieve our goals. And so we should use our superior knowledge of technology to support doing that. So don't just think "how can I hack my phone to use an open source OS" but think "How can I help use technology to influence the outcome of the next election, and elect candidates who really represent the things I care about?" or "How can I help use technology to stir up enough activists making enough noise to persuade my bank to let me access my account using a non-proprietary OS", etc.
Now I'm not saying any of this is easy. By no means. Just suggesting that we need to at least approach things with that mindset in view to some extent.
Companies are moved by money, if your tech is popular enough companies will dance to your tune.
Say that you get to a point where 90% of desktop users are on linux. Is there any doubt that banks, messaging platforms and the like would have their own linux apps? no matter how many hoops you make them pass through, they won't let that piece of the cake go.
The problem is that the current way of doing things will never reach those numbers, because we give up on the tools that companies use. UX, user research, graphic design, marketing and similar roles are pretty absent from these communities; I think changing that is the mising piece.
Linux based phone, running Anbox to support Android apps running within containers. Effort would then have to put into support Play APIs within Anbox. Not a small amount of work, but I compare it to the state of Linux 20 years ago and how well Linux is doing today.
The integration isn't perfect (some important things like forwarding notifications to the host system are still missing) but it's already further along than you might have imagined.
The bottom line is, the only way to ensure user freedom here is by regulation/legislation.
I've used Linux for a loong time before some business-critical software ran on it. I had to have a Windows VM for years for netbanking, or before that, dual-boot for gaming.
If we're all too spoiled to give a free alternative a chance because it might be slightly inconvenient, we don't deserve the free alternative.
Not nearly enough. Not by three orders of magnitude for the market to care.
This isn't the 1990s. Computers are now mainstream.
The parties I accuse of driving this problem didn't suddenly go rogue when smartphones happened. They always wanted this level of control (and much more) - they just couldn't get it until relevant technologies matured enough.
I'm not speculating here - we have actual empirical evidence to confirm this. A clear example is that there are several countries that, unlike the US and most of Europe, went all-in on Internet banking back before smartphones. Web limitations and conventions didn't stop them from doing the same thing everyone is doing with the phones now - the banks there just force customers to install malware on their computers, so they can do some remote attestation and KYC (and totally no marketing data collection) on their PCs.
Most of the West never had this because of the inverse of leapfrogging phenomenon - big, developed economies had too fast progress and at the same time too much inertia to fully adopt a pre-smartphone solution nation-wide.
Be grateful while it lasts.
> several countries
Doesn't name a single one
...
Brazil is another example - ironically, the software suite that's commonly required for banking is named after the capital of the country I live in :).
Some quick searching now also flags Slovenia and Serbia as places where some banks require custom desktop (or even Windows-specific) software to access banking services.
Two phones is such an unsatisfactory solution because it will be too impractical, too expensive, or both, for the vast majority of people.
I'm not sure if physical tokens are being used anywhere but if they are, that's rather rare nowadays. It may be an option reserved in bigger banks or for business customers - I can see one of banks in my country offers it for a request and not by default.
Edit: it seems it's a feature for business indeed and banks opted for Cronto system - https://www.onespan.com/products/transaction-signing/cronto
On the flip side of the coin, some places are locked to web apps because Google & Apple won't allow them to exist. e.g. OnlyFans and Playboy can't get in the app stores, but OnlyFans still manages to make several billion dollars a year, most of which is almost certainly mobile.
There’s no financial, political, or mass market incentive for browser APIs to have feature parity with mobile OS APIs. Approximately nobody wants to do what you’re asking for. If anything, there are incentives against doing this.
I can choose to use a bank that allows me to access all of their online banking features via the browser. I can choose to work for a company that doesn't want to surveil my personal device. I can deal with the government via snail mail, or in the browser. I can use third-party YouTube clients and torrent movies and games, or simply don't engage with DRM'd media because there's plenty of entertainment out there.
Count the percentage of software you use that are open-source compared to 10 years ago. I bet it's more. It's only a matter of time before we make hardware open-source, too.
When the mainstream is evil, being an outcast is the right thing to do. Every big change begins as a small movement.
Lucky you. There are fewer and fewer such banks out there. The trend is to route login and consequential interactions on the web through 2FA on a phone - and not TOTP, but push notifications sent to the bank's app, that only runs on devices that pass remote attestation checks.
> I can choose to work for a company that doesn't want to surveil my personal device.
Again, lucky you. Most people don't really get many options for employment at any given moment, and the issue of corporate phones is usually at the bottom of the list of criteria when one is looking for a job. I.e. not a real choice for most people.
> I can deal with the government via snail mail
At a snail pace.
> or in the browser.
Modern government systems around the world tend to require some sort of identification that usually gets tied to your smartphone, either directly or via your bank.
> I can use third-party YouTube clients and torrent movies and games, or simply don't engage with DRM'd media because there's plenty of entertainment out there.
Torrents aside, that's not the case. Entertainment isn't fungible. Disney can release all Star Wars media DRM-free for everyone to download, and it means exactly zero to someone who wants to watch Star Trek, but Paramount/CBS decided to go all Ferengi on the franchise. Can't substitute one for the other. This is why the market supports so many streaming services these days - they exploit this very fact.
> Count the percentage of software you use that are open-source compared to 10 years ago. I bet it's more.
Open Source software stopped mattering once the world embraced Software as a Service model. Source code on Github means nothing if the code is actually executed on servers you don't control and have no visibility into.
That covers end-user OSS. The larger space of OSS building blocks are... building blocks. OSS libraries matter to users just as much as standard Phillips screws used inside an appliance, when they're beneath layers of glue and permanently soldered elements and join together elements explicitly labeled as "not end-user servicable".
> It's only a matter of time before we make hardware open-source, too.
That time will come around when we build a Star Trek-style replicator (and then have a successful revolution to seize this new means to production, because no way the first company to build an universal manufacturing device is going to just let people use it). Open Source Software succeeded only because software development has near-zero natural barrier to entry, so there was a large supply of bored high-schoolers and students, hobbyists, academics and other do-gooders with enough time and will to just build stuff and give it away for free. This isn't true for hardware.
Now, circling back to the main point:
> Whether we can move to open platforms depends on the choices people make.
No, it does not. On consumer side, the market is driven by supply, not demand. I.e. you only get to choose from what the vendors decide to make available to you, and they know perfectly well you have to choose something, so your voice doesn't matter.
If it did, we wouldn't be having this whole thread in the first place.
There will be fewer and fewer such banks out there if people choose to not use them, among other short-sighted decisions which produce such trends. You need to give the banks a reason to care.
> Again, lucky you. Most people don't really get many options for employment at any given moment, and the issue of corporate phones is usually at the bottom of the list of criteria when one is looking for a job. I.e. not a real choice for most people.
The first part is not true. You have plenty of options, they're just not equally good. It depends on what you're willing to give up in exchange. And you can push for change within your org.
> Modern government systems around the world tend to require some sort of identification that usually gets tied to your smartphone, either directly or via your bank.
They can have some sort of identification, but it shouldn't involve surveillance spyware on my device. If a government needs that then they're part of the problem. People form governments, you can push back against those people. Don't bend the knee to tyrants.
> Torrents aside, that's not the case. Entertainment isn't fungible. Disney can release all Star Wars media DRM-free for everyone to download, and it means exactly zero to someone who wants to watch Star Trek, but Paramount/CBS decided to go all Ferengi on the franchise. Can't substitute one for the other. This is why the market supports so many streaming services these days - they exploit this very fact.
Entertainment can be fungible if you decide that it is. I can live without watching a DRM-protected show. Watch something else. Do something else. They exploit the people which has decided for themselves that they must be loyal to certain franchises.
> Open Source software stopped mattering once the world embraced Software as a Service model. Source code on Github means nothing if the code is actually executed on servers you don't control and have no visibility into.
You can choose to not use SaaS. Host your own stuff. Give your money to ISPs that allow you to host stuff. Pressure your government to regulate ISPs. And there's plenty of offline software that doesn't need Internet connectivity. Not everything needs to be artificially-scarce cloud-slop, unless we want it to be.
> Open Source Software succeeded only because software development has near-zero natural barrier to entry, so there was a large supply of bored high-schoolers and students, hobbyists, academics and other do-gooders with enough time and will to just build stuff and give it away for free. This isn't true for hardware.
FOSS succeeded because there's a base production rate for software, software (as it gets further from the metal) doesn't need monetary incentives. When I said open-source hardware, I meant the IP. Obviously making the physical thing isn't free. But the IP doesn't need to be as scarce as it is now. Schematics will be harder than firmware will be harder than software to open-source because they're close to the hardware (which is naturally scarce), but it's possible, and will be done, and we don't need to invoke movie magic.
> No, it does not. On consumer side, the market is driven by supply, not demand. I.e. you only get to choose from what the vendors decide to make available to you, and they know perfectly well you have to choose something, so your voice doesn't matter. If it did, we wouldn't be having this whole thread in the first place.
Consumers and suppliers don't exist in perfectly separated vacuums. You can influence suppliers. There are plenty of side channels.
Here's what separates chance and choice:
If we assume that our decisions don't matter, then we're definitely screwed. If we assume that our decisions matter, then we're only probably screwed. It's up to each and every one of us to make the latter assumption.
This isn't solvable through individual choice. It's a coordination problem - and coordination problems are what underlies every actually hard problem that humanity is struggling with. War, poverty, authoritarian regimes, corporate overreach, environmental destruction, climate change - all could be solvable though choices like you describe, but in practice are not, because humans can't coordinate at scale.
Relevant search term: "meditations on Moloch".
My government, Denmark, is one of the most digitized societies in the world. While the government has allocated money to a committee to investigate how the country can become less dependent on American big tech corporations, at the same time they are planning on launching a mandatory age verification solution in 2026 where the only possibly anonymous way of verifying your age to access e.g. social media will be through a smartphone app running on either Google Android or Apple iOS. These nincompoops do not realize that this move will effectively put every open source alternative at a permanent and severe disadvantage, thus handing Apple and Google, which are already duopolies in the smartphone market, a huge moat that will lock out all future competitors form entering the market.
I have written to the relevant government agencies, and while they are nice enough to actually answer questions, their answers reveal that they act as if they are a commercial business and not a government agency that is supposed to act in the interest of the people and preserve their freedom. They argue that they are releasing a solution that will work for the vast majority of platforms and that they are continuously monitoring the market to assess whether they need to add support for other platforms. This is a cost-cutting measure which is maybe okay for a commercial entity targeting a specific market demographic, but it is an absurd way for a government to think.
Before the upcoming age verification we already had a national digital identity solution, MitID, which also comes as an app running on Android and iOS, and which is locked down to require strong integrity using Google Play Integrity. But at least here they also offer hardware tokens so people can use their digital identity without owning a smartphone and running an open source OS like Linux on their desktops. But with age verification this is apparently over, all the while the government is lying about actually making an effort to free us from American big tech - they are instead basically forcing us to be their customers now.
Governments say they want sovereignty but not if they have to pay anything for it. They also like the fact that forcing everyone to do everything through a few big businesses makes surveillance and censorship easy. No need to pass laws, just do deals with a few companies. Governments are all about central control, and its more important to them than what they see as obsolete nonsense about sovereignty.
Instead of mandating google/apple signed applications, they could instead implement some specification for a secure enclave (or whatever fits their needs - I doubt they need control over the entire OS meaning there is plenty of space for pushback for people that want to retain their rights and freedoms for their devices). If you add some sort of certification based on an open standard that would allow any manufacturer interested in the market to be verified that the "attestation" for specific apps or secrets works, then it would no longer enshrine the current winners (apple/google) and instead allow for a healthier market.
This would only be a good thing because it places power with the government and not a third party (something surely the government would prefer), and allows things to be more in the open.
And in an ideal world the specific locked down portion would not need to be active or interfere with the rest of the operating system to some extent, so people would not be reliant on the manufacturers for their applications and would have the freedom of installing whatever they want and using the rest of their device however they wish.
It would also open up for some interesting and innovative competition in personal hardware security devices.
Need security before doing a $1000 transaction because everything so far was $10? Sure, ask for a physical token 2FA, NOT a YubiKey implementation.
Obviously though if I was working at Google or Apple and paid for the success of my company via incentives, e.g. stock, I would fight tooth and nail to let banks know that only MY solution is secure.
The only real issue here is banks that don't offer an equivalent website or require the "app" as authentication factor. I couldn't care less about copyrighted media. It's only fair that I source my media from the high seas when the only options that respect their "rights" infringe my own right to run free software on my devices.
It's not about security. It's about them wanting people to use the apps. Forcing everyone to use an app streamlines the vendors' operations, reduces the state space of possible user interactions down to small number of flows they control directly, and also provides them a direct channel (communications or upsell, where applicable) to the user.
This is not a fluke or a conspiracy of small number of influential players. It's an emergent alignment of incentives across pretty much the whole supply side of digital aspect of human civilization (not "just" the market, because it's also happening in political and social spheres).
In the meantime probably the best that can be done is having a regular phone and a banking phone.
Personally, I have found smartwatches fairly useless (I do enjoy the activity tracking and notifications but that's not much really) so freeing my phone from bullshit by moving some functions to a watch could increase the value/utility of a some sort of smartwatch. Ultimately, it doesn't need to be that "smart" even.
It's not just one tiny use case that's pushing us down the road of increasingly locked down devices. It's most use cases - because no matter the service, it's more profitable for the provider to control what you can and cannot do.
And that's to say nothing of the environmental impact.
Here we are talking about installing PostmarketOS/Linux on a smartphone. The next milestone is not to get everyone on it. First we need a base of early adopters that are willing to use it despite the drawbacks. The more user those alternatives will get, the more they will be developed, the better it will get.
Sure, for the next years, it will be way behind Android or iOS in terms of ease of use, but that's the price to pay to get back control on the device you own that is probably the main computer you use everyday.
For me that's not worse than using Linux in the early 2000s, and like Linux in the early 2000s, it may even be _fun_ to be an early adopter of Linux on the smartphone.
Now we don't need to migrate everyone to PostmarketOS, we _just_ need an alternative OS for at least the ones who are willing to play with it.
That didn't work that well for Linux, though. It's still a very niche OS even on desktop.
Also, please stop with security nihilism, https://www.hackerneue.com/item?id=27897975
It is the best answer at the moment. You can keep an absolute basic phone with all the banking and such apps loaded and nothing else. You treat it like an appliance. Your daily driver will be separate and can be running PostmarketOS or LineageOS etc.
There are several benefits off the top of my head:
1. Since you only install banking/govt type apps on your "important" phone, it stays more secure vs. putting your random game app along with the banking app on the same phone.
2. When you upgrade your daily driver, you don't need to deal with tons of re-auth steps for banking/govt apps.
3. Your daily driver can be customized to the nth degree because the pesky banking app won't be on it to refuse login because, say, you turned on developer options or rooted the phone.
4. You can even leave the basic phone at home for extra safety, if you wish, without affecting your daily driver.
5. You can root your daily driver and put as much adblocking setup as you want to boost your privacy. Your basic phone won't have enough activity outside banking/govt. to build much of a profile.
With this being the trend, you're already more likely to leave what you called "daily driver" phone home, and only take the "important" one with you.
All the Google stuff is disabled, open source Contacts app,^1 no Google Play Services, no access to remote DNS, Netguard for application firewall and port forwarding, with computer I control as gateway. 1. Have yet to find any other app that can access contacts when storing them this way, even the Meta's biggest Trojans
Meanwhile, new phone, "important phone", stays offline. Wifi off. Location off. path?.xtracloud.net blocked. Phone is used for texting and phone calls, no internet access
The "banking app" argument, i.e., either install a custom ROM or give up or submit to surveillance, is a false dichotomy. There are other options
I don't use a phone for internet banking, I use a computer I can control; there is no "banking app" (talk about high risk, geez)
The "banking app" problem is a common refrain on HN but in the real world I know many people who do not use a phone for internet banking
Mobile OS just suck. It's like being forced to use MS Windows
And for the rest, well, "just works" for what? With a little time and effort, it may even get to the case of the "just works" part is a siloed unit like a SIM card that is just installed to the device, making it opt-in and user owned...
Not That i want to kick the can down the road, but the ultimate solution (barring actually fighting for our privileges over the systems we buy) is to have that second phone, and control it either via vnc, or via a kvm which presents vnc. I know, its really absurd, complexity wise, what with tunneling and figuring out where to house said setup. However, the latter is ultimately transparent to the phone, outside of allowing a second monitor/hid to be connected to it. You could, given a VNC client then go ahead and control it via laptop or another phone.
Providers of all the service types aren't driving this because they believe locked down phones are a Good Thing. They're driving this because they explicitly don't want you to do the very things you'd want to do with your VNC idea.
Also: both banks and governments are pushing for 2FA with a mobile device being the primary, and in some cases the only, accepted second factor source.
Hopefully I'll never have to buy another closed phone.
It's important to have computing freedoms so that people who actually care end-to-end, and don't have financial incentives directed against patients' well-being, are able to build on top of products on the market, fix the enshittification, and improve functionality.
(We also need that to close the loop. It's a common story that meh products of today, which improve on bad products of yesterday, are just commercializing the fixes developed by people fed up with said bad products.)
But then, it became more and more annoying with apps blocking root access, features being unavailable to custom ROMs, etc... There are workarounds (is Magisk still a thing?), but I got tired of them.
So now, I just buy an entry level Samsung, which is well supported, runs all the apps I need (browser, financial, maps, chat, ...) and takes recognizable pictures. It is just a boring tool, like a credit card, I need one because that's the world we live in, but the object itself is of no importance.
If I want to play with a computer, I have a "real" computer. If, at some point, I get interested in smartphones as a platform, I will buy one just for this, in the same way that I have no intention of using the credit card I buy stuff with should I want to play with smartcards.
It has also killed my desire to spend money on a smartphone. What's the point of a $1000 device? What's to point of upgrading unless forced to by planned obsolescence? Why should I pay more than $200 every 5 year or so? They are all the same to me. They even all have the same form factor, besides overpriced and fragile foldables.
We should demand that they support every platform. Or at least every platform that adopts some sandboxing model.
But they don't demand the same control over laptops and desktops. Only phones. Why is that? Granted I can't deposit a check with my laptop but I can do any other banking I wish to do.
So to me it's more that they see the chance to gain this control where they didn't see it before. Phone providers are only too happy to get on that bandwagon because they get to deploy all kinds of surveillance capitalism in the name of security ("hey the banks want it!").
Granted these freedoms are slowly leaching away from laptops and desktop too with stuff like TPM, so I don't know. I've about had it though.
Oh, but they do. PCs (and Macbooks) are products of an earlier era, and the solutions of control evolved along; it looks chaotic, but that's because it's where the R&D happened over the past decades, which ultimately produced a cleaner - and more easily identifiable - mobile control ecosystem. But it's all there, if you look closely. To name few major groups:
- Many generations of DRM plugins for games, then for streaming media
- Trusted computing hardware
- Intel Management Engine and other firmware backdoors routinely inserted into hardware
- Endpoint security software, deployed widely on corporate-owned machines
Mobile solutions are just version 2.0, built on top of all that R&D.
> Granted I can't deposit a check with my laptop but I can do any other banking I wish to do.
This is the insidious part: for many banks, this is only tolerated because they force you to use their proprietary app on a trusted mobile device as a second factor! At this point, it doesn't really matter how well-controlled your main browsing platform is, because you have to use your phone anyway, and there the control happens. And, "for your convenience", the mobile app isn't just a physical security token, but lets you do banking too, which allows them to gradually deprecate the web experience.
Hint: When Windows 12 comes out, everyone, or at least everyone with a newish PC, will have a TPM module that's capable of enforcing and attesting a signed-code boot path from power on all the way down to application-level code. Windows 12 will turn these machines into Xboxes that run Excel. Many computers will also have Pluton technology, which is an on-chip TPM implementation that cannot be tampered with or removed from the CPU, and which literally came from Microsoft's Xbox division.
General purpose computing isn't quite dead yet, but there's really nothing we can do for the patient. We're just waiting for it to flatline.
In large parts of the world, the answer is usually "my uprooted, remotely attested smartphone". Increasingly, it's becoming the only supported method. When that's the case, what you use to load the banking UI doesn't matter anymore - the mobile device is the only actual requirement.
Aside from music/video there are no obstacles for other apps to exist in open system.
Those work perfectly via a browser, on any platform where the browser can run. As long as a hypothetical open OS has a browser capable with bog standard modern capabilities, it will be fine
It required me to install the application to sign in via web browser. There was no way, the web app wouldn't bulge.
I did it, checked my $5 dollars balance and deleted the app again.
Totally disgusting behaviour.
People have genuine reasons to stay with the provider / platform and usually browser doesn't cover half of their use cases.
For example I have to use Revolut because it's one of the very few banks that allow me to use Garmin Pay and work (reluctantly) on my phone without Google rootkit. Can't use, say, Curve because their privacy policy is alarming (and I had a very very weird/disappointing interaction with their compliance team).
And you've already got a good example with Netflix.
You are technically right, we still have access to these services via a web browser today. It doesn't mean we'll have it forever.
With the advent of AI browsers and AI agents, it's not hard to think of a future where LLM chat interfaces and mobile apps are the future, and web apps start getting disregarded as legacy and eventually, discontinued.
Try ordering some food via mobile application and then again via web app. You'll instantly feel the downgrade on the web app. Bugs, glitches, slow experience.
The desktop web is already the 2nd-class citizen for modern startups.
And I guess people who downvoted my counterpoint thought that it means that all services on the planet have very well functioning browser version, judging by their comments. Some don't, some do. But no one of them "requires" excessive access a native app can provide.
Some may want to have it, for some browser version is simply not a priority. But nobody needs to have additional info for those services to function.
Those are the players that demand excessive control over end-user devices, and thus the ultimate driver behind the problem we're discussing.
It's not that a new mobile platform couldn't possibly succeed. It's an open platform that cannot, because aforementioned players don't want it, and without them, mobile devices lose 90%+ of their usefulness, dooming them to become mere gadgets instead of (crappy, toylike) tools for everyday use.