Login
You're viewing the phpc.social public feed.
  • Daniel Kochmańskijackdaniel@functional.cafe
    Dec 15, 2025, 8:07 PM

    I've been configuring a new android phone for my aunt and boy, it is horrific:

    - tons of preinstalled applications including wtf games, linkedin, netflix, spyonme-soft, duplicate-this-stock-functionality-but-worse, spyonme-hard and much more

    - more apps that can't be uninstalled yet are clearly spyware (xiaomi cloud? mimusic?) plus standard google spyware

    - gemini this gemini that, "yes please" vs "ask me later", "make your phone your wallet" with "yes please" vs "ask me later" and much more (again!)

    Then I proceed to install the only application of her choosing -- whatsapp, but whatever, so I open play store (there is also a mistore:) and type 'whatsapp'

    The first result is a green icon similar to 'whatsapp's, I install it, but no! it is actually "telephone" with overreaching permissions that wants to replace the standard application for calling.

    Only the second result is the application with the name that exactly matches the query. Apparently 'telephone' is sponsored, but it is only very subtly hinted.

    I wouldn't call it a circus - it is an animal experiment facility.

    💬 14🔄 53⭐ 62

Replies

  • 💬 3🔄 0⭐ 0
  • Daniel Kochmańskijackdaniel@functional.cafe
    Dec 15, 2025, 9:06 PM

    @leanderlindahl

    I don't mind e/os, but the phone was not bought by me nor it has unlocked bootloader, nor I want to install to my aunt something she clearly wouldn't want to -- I've already got burned by installing Linux to my family members; constant support requests and breaking printers hunt me till today in my nightmares 🙂

    Thanks for the advice though!

    💬 0🔄 0⭐ 3
  • 💬 0🔄 0⭐ 2
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 15, 2025, 9:33 PM

    @leanderlindahl @jackdaniel /e/ is not a remotely safe option and has a bunch of invasive services:

    grapheneos.social/deck/@Graphe

    SailfishOS user interface, application layer and many other components are closed source, unlike Android. It has no equivalent to the Android Open Source Project. iPhones are a far more private and secure option for the hardware, OS and services. If it's not going to be an open source OS anyway, what's the reason to use it over an easy to use iPhone for a regular user?

    💬 2🔄 0⭐ 2
  • 💬 0🔄 0⭐ 0
  • 💬 2🔄 0⭐ 0
  • Daniel Kochmańskijackdaniel@functional.cafe
    Dec 16, 2025, 8:45 AM

    @doragasu @GrapheneOS @leanderlindahl

    If I had to pick a new phone today, I'd consider (in no particular order) lineage,
    grapheneos, jolla and pinephone[*], and after educating myself further I'd make a choice that best suits me.

    [*] I know that it is a device with some compatible distributions, not OS itself

    💬 0🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • 💬 1🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 16, 2025, 8:47 AM

    @doragasu @leanderlindahl @jackdaniel

    > Sailfish are working on open sourcing that.

    They could open source all of it today if that's what they wanted to it. The majority of the code specific to it including most of the user interface and application layer is closed source. There's no usable open source form of the OS comparable to the Android Open Source Project. If they had the intention to open source it, why is it still largely closed source code for the code specific to it after so long?

    💬 1🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • 💬 1🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 16, 2025, 6:10 PM

    @piero @doragasu @leanderlindahl @jackdaniel Our apps are primarily published in our own App Store, not the Play Store. We only publish 3 of our apps on the Play Store for people on stock Google Mobile Services.operating systems. On those operating systems, Google Mobile Services provides a huge portion of the OS including the Android Runtime (ART) used to run apps via the mainline ART APEX. Our App Store is what's recommended for use on other devices. We aren't going to use a third party one.

    💬 1🔄 0⭐ 0
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 16, 2025, 6:12 PM

    @piero @doragasu @leanderlindahl @jackdaniel Google Play Store is not a third party app store for users on GMS devices. It's a core part of their operating system and GMS provides a huge portion of their OS. It's the same thing as putting an app on the iOS app store for iOS users. If you want our apps then why don't you use our App Store where you get the releases on time when they reach each release channel? Why do you want a third party in between delaying the updates and causing issues?

    💬 1🔄 0⭐ 0
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 16, 2025, 6:19 PM

    @piero @doragasu @leanderlindahl @jackdaniel We only have 3 of our apps in the Play Store and they're special variants with a ".play" suffix added to the package name.

    Auditor being there is important for GrapheneOS users to securely install it on a stock GMS OS to verify a GrapheneOS device running the regular variant of Auditor.

    The other 2 apps get extra testing and feedback from being there but it's not really worth the trouble and we don''t currently plan to publish more apps there.

    💬 0🔄 0⭐ 0
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 15, 2025, 9:25 PM

    @leanderlindahl @jackdaniel /e/ doesn't provide users with basic Android privacy/security patches or protections along with having invasive services including sending user data to OpenAI without consent:

    discuss.grapheneos.org/d/24134

    It's not safe to be going many months and even years without receiving important privacy/security patches for the Linux kernel, OS, drivers, firmware and the main browser engine used within the OS and apps. It definitely doesn't avoid sketchy bundled software either.

    💬 1🔄 0⭐ 3
  • 💬 1🔄 0⭐ 0
  • GrapheneOSGrapheneOS@grapheneos.social
    Dec 15, 2025, 9:35 PM

    @leanderlindahl @jackdaniel There are third party sources included in the post.

    There's a link to their forum thread about sending data to OpenAI without consent where their response includes claiming the data is anonymized when it isn't. User speech data going through a proxy on their own server is not anonymizing it.

    Divested Computing published a fair bit of content about massive privacy and security issues with it which is partially linked. Mike Kuketz has a useful article linked there.

    💬 0🔄 0⭐ 3
  • Ray McCarthyraymaccarthy@mastodon.ie
    Dec 15, 2025, 10:03 PM

    @leanderlindahl @jackdaniel
    e/OS has a bad look!

    Your navigator is not supported.

    WebUSB support is required, you can use the following browsers:
    Microsoft Edge
    Opera
    Chromium

    I guess the browser controls the phone direct like the Website for a NetMD player. But a shockingly bad design not to use a local program download with Linux, Mac and Windows versions like other people do.

    Another red flag
    "We keep your personal data safe on your smartphone and in the cloud"

    Why have it at all?

    💬 0🔄 0⭐ 0
  • 💬 0🔄 0⭐ 1
  • Leander Lindahlleanderlindahl@mastodon.social
    Dec 15, 2025, 9:13 PM

    @jackdaniel also "I feel your pain". I'm glad I didn't have do what you described there. You're a hero to help your relatives like that. Sad that you had to use your "powers" in that way.

    💬 0🔄 0⭐ 0
  • Varxvarx@defcon.social
    Dec 15, 2025, 9:18 PM

    @jackdaniel

    Man remember before app stores when PDAs had just useful apps and didn't force you to run a bunch of spyware? I shouldn't have to enable a secret "developer mode" or root my smart device to remove all the bullshit apps I'll never use.

    I moved to @GrapheneOS recently and I legitimately big haha belly laughed when I saw their "app store" only has like 15 apps in it. It doesn't even need a search! I have a secondary profile with google services turned on, and besides slack and my old defunct gmail account I keep around just in case, I haven't even noticed or cared that my default profile doesn't have google services.

    💬 1🔄 0⭐ 1
  • Daniel Kochmańskijackdaniel@functional.cafe
    Dec 15, 2025, 9:58 PM

    @varx @GrapheneOS

    As lazy as I am last time I've changed my phones I've bought xperia (like I did a few times before with earlier models), unlocked it and installed lineage os without microg. I'm using f-droid.

    There are minor caveats that may be huge for others, i.e banking apps; I'm also aware that @GrapheneOS is considered the most secure, so perhaps I'll pick a pixel phone next time (although picking google phone to avoid google android seems a bit backwards :).

    💬 0🔄 0⭐ 3
  • ../kajer/.kajer@infosec.exchange
    Dec 15, 2025, 9:24 PM

    @jackdaniel

    I got a ATT android phone for work one job... I spent the better part of two days on the train (during my commute) trying to de-bloat that thing. Most carrier installed apps were in the priv-app directory, and not allowed to be uninstalled or even disabled. :(

    Never again will I ever willingly get a carrier branded phone. I have been buying unlocked androids since the G1 and NexusOne and will NEVER go back. Not when de-googled images like lineage and graphine exist.

    💬 0🔄 0⭐ 1
  • Fazal Majidfazalmajid@vivaldi.net
    Dec 15, 2025, 9:27 PM

    @jackdaniel get a Google Pixel 8 or later, and install GrapheneOS. Pixel 8+ because that generation introduced ARM Memory Tagging Extensions (MTE) which provides a higher level of hardware memory protection.

    💬 0🔄 0⭐ 1
  • 💬 0🔄 0⭐ 1
  • 💬 0🔄 0⭐ 1
  • 💬 1🔄 0⭐ 0
  • Daniel Kochmańskijackdaniel@functional.cafe
    Dec 15, 2025, 9:54 PM

    @verbrecher

    that was a figure of speech to mark various seemingly unnecessary applications preinstalled that have a wide range of requested permissions and serve 'personalized' ads. They were not literally called "spyonme" :) sorry for the confusion

    💬 0🔄 0⭐ 2
  • luca0N!luca0N@social.luca0n.com
    Dec 15, 2025, 9:54 PM

    @jackdaniel The current state of smartphones is very saddening and infuriating. Recently, after a system update, Google Gemini was automatically installed on my phone without my consent, and the behavior of holding down the power button (which has historically been to bring up the power menu for) has changed because of it. The list goes on, and on, and on...

    💬 0🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • AndresFreundTecAndresFreundTec@mastodon.social
    Dec 16, 2025, 1:12 AM

    @jackdaniel "I wouldn't call it a circus - it is an animal experiment facility." - an experiment that clearly hasn't gone through the ethics review process.

    💬 0🔄 0⭐ 0
  • 💬 0🔄 0⭐ 0
  • wyngmantasket@infosec.exchange
    Dec 16, 2025, 4:31 AM

    @jackdaniel If this is a Xiaomi phone running HyperOS, then its more like a collection of Android VMs running inside Xiaomi's customized NuttX microkernel. Very interesting, IMO.

    However, it probably has malware from China baked into it. I wish more western techies were exploring this type of new phone OS, maybe replicating its core features, but hard pass on actually using this brand.

    💬 0🔄 0⭐ 0
  • PaulPaul_Harts@mastodon.nl
    Dec 16, 2025, 5:32 AM

    @jackdaniel same experience with HarmonyOS on Huawei. Tons of ‘games’ that have overreaching permissions etc. etc. And the first and easiest to install messaging apps idem dito.

    (apart from that, HarmonyOS is in usability actually quite nice).

    💬 0🔄 0⭐ 1