I am surprised that Google spends so much time tackling custom ROMs via it’s Play Integrity API. If only they paid that much attention to say, curating the Play Store more, it had be much better for everyone

  • DacoTaco@lemmy.world
    link
    fedilink
    English
    arrow-up
    17
    ·
    20 days ago

    This is a very complex topic that is very hard to draw the line on.
    As a technical person who follows hacking and security news i can understand google introduced the api and warnings, as phones are getting hacked and unlocked bootloader or root can be abused to keep your malware going, and has been abused in the past.

    But as a user of fairphone/lineageOS, who tells google, apple, meta, … all of them to fuck off when i can, this scares me. The lockdown of devices can and is going too far. Hell, i even consider samsung’s android ui changes to be going too far, as it changes a shit ton of stuff and really is not a stock android experience. It locks users in their environment…

    • Kusimulkku@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      ·
      20 days ago

      I find it funny that Google and some banks are so worried about security on Android that I have to have up to date system, app and can’t be custom ROM, can’t be rooted and whatnot. And then they’ll allow you to login to their bank from Internet Explorer on XP or some shit.

    • kirk781@discuss.tchncs.deOP
      link
      fedilink
      English
      arrow-up
      3
      ·
      20 days ago

      Stock android experience is the exception, not the norm, sadly. Some manufactures like Motorola or HMD have a light touch and close to stock but other ones don’t. The worst offenders are Chinese brands who twist it so much and without much benefit(Atleast, Samsung’s ONE UI is customizable as heck, can’t say the same for Realme’s).

    • Zak@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      20 days ago

      Can you cite examples of rooted smartphones leading to significant data breaches or financial losses? When the topic comes up, I always see hypotheticals, never examples of it actually happening.

      It seems to me a good middle ground would be to make it reasonably easy (i.e. a magic button combination at boot followed by dire warnings and maybe manually typing in a couple dozen characters from a key signature) for users to add keys so that they can have a verified OS of their choice. Of course, there’s very little profit motive to do such a thing.