TLDR: while the OS is great (really GREAT), the real-world compatibility is not.
I had Sailfish OS for a daily driver for two years, and OS is great (let me say that again, Sailfish IS GREAT!), but there are "the details".
Jolla is completely ignorant to needs of their users. While they do have an android layer, they are ignoring to things that are of huge importance for daily life, like bluetooth passtrough, and are important due to daily needs, for instance, bluetooth passtrough is really important for using public transport here.
FFS, I was reversing banking application and patching it to be able to use it. And actually became very good at it :D
So at the end you will have a great OS, incompatible with the whole world. After 2 years of suffering, I ditched Sailfish, bought Pixel and installed Graphene OS.
Once Jolla starts to listen to their customers, they are on the path to very real android contender, but unfortunately they just dont understand, that people need some features, they are not providing while the vendors wont support some exotic OS. They need to adapt, not vendors - the whole thread is full of this mentality.
The android "container" was a step into right direction but they just shouldnt abandone it and keep on supporting it, adding additional layers of compatibility.
I really hope they will change their mind at some point and prioritize compatibility, would love to ditch android and its spyware driven ecosystem completely, but sadly, Graphene OS + NetGuard is just a far better alternative until Jolla stops behaving like an infant. They are literally sabotaging themself in a worse possible way.
For a company of their size that has to compete in the tech market of today, I'm surprised they're able to produce updates for the OS as regular as they do.
Blaming they can't keep up with user requests, granted reasonable ones, is a little short sighted in my opinion. If we want to break the Apple/Google duopoly we need to be able to bear a couple of paper cuts. If you wait for perfection before committing they'll just end up going out of business. :(
This is nonsense. They cant force vendors to support them, so the only viable strategy is to support the vendors. And they can, but they decided not to.
I feel like you're focusing on the wrong thing from what I said. Jolla is a small company, they don't have the man power to support everything. They already do a lot by supporting devices from vendors that are sympathetic to being open (the Sony open devices program for example).
They can support passtrough for bluetooth and NFC. It is not something they need to invent themself.
I cant emphasize enought how this feature is of most importance for my daily life. At 48, I am using either the bicycle or public transport for my daily commute (for 30+ years!). I can workaround it by buying a NFC card each month but very typically it is not available without considerate walk time. Not to mention banking app, but I have covered it by reversing and patching it. How many users will do that?
It is not my fault, that the world is as it is. But not supporting real life scenarios is certainly Jollas fault.
As far as I'm aware there's a Patchmanager patch for enabling bluetooth in the Android subsystem. But I don't really understand your vehemence against me, or them for that matter.
I am on Graphene OS now and they will really need to think of something revolutionary to get me back. No, nice GUI is not enough for all the years I have lost, desperately trying to adapt. Now, think of the normal, everyday user, not prepared to even buy a specific phone release for Sailfish. And this is how they will lose users. I consider this as constructive criticism from my side.
Believe me, I am in front row, for wanting the linux to succeed against bastardized OS as android is. But the wrong decisions are just wrong decisions, there is no excuse to it.
The revolutionary part is full linux with root a checkbox in the settings, no need to flash fishy roms, compile graphene yourself etc, it is mostly aimed for linux geeks who like to tinker, if you're fine with android, it's probably not for you (no matter how much they push for it being usable by normal users, there's always fixes/tweaks/workarounds that you'll need to use terminal for, or wait for proper fix, but again full root access is a checkbox in settings that will install terminal for you, for geeks it's the best option out there)
Sure, I am not complaining about that. Again, Sailfish OS is great (!!!!!), no doubt about it. Unfortunately, I need a daily driver instead of carrying 2 phones with me.
Once Jolla will understand that, I am prepared to get back. Until they don't, they will need to find users elsewhere. I can ditch a lot of bloat from my life, but unfortunately, ability to use public transport is not one of them.
How is Bluetooth used in public transport? I don't think I've ever seen that so I'm curious what nifty solution this is. Are you meant to check in via Bluetooth so you can't have multiple people use the same subscription in different trains or so? Does it open station gates? Give you real-time travel information without needing internet or them having to put up fragile displays at rural stops?
I would not sey they are ignorant - rather, some things are unfortunately just not possible with their staffing and budget. Connecting Android bluetooth blobs compiled against bionic libc via glibc Linux distro to a container running Android emulation is one of these things.
Support for vital features needed for normal life is a must. And all available resources should be put into it as it is making their OS viable for usage. No android application support, no users.
Put yourself in their place for a minute. There's a thousand to-dos, including this Bluetooth pass-through feature. If you try to get around to all of them, you need to hire more people, either telling them up front that you won't be able to pay their salary or just not mentioning that until after they've done the work. Or you need to find more paying customers, but you're already trying to do that. Every minute spent on that also is a minute lost on making a better product. How to allocate the available time optimally? It's not as simple as "they're ignoring the community completely".
Saying that this is not a product for you because there's other devices out there without this problem: entirely fair, but that's not the same thing
Good job to the authors. I have been waiting for something like that for years.
I just dislike the scripted languages as they are a mess to handle while docker is a resource waste, not to mention golang single statically compiled binary and speed of execution.
Authors, please think really well about:
- upgrade strategies (owncloud/nextcloud were a huge mess, for long time, currently looks that nextcloud is handling it well - I have upgraded it for 2 versions and it didnt break anything)
- what external dependencies you are using, make additional layer of OS abstraction to avoid incompatibilities between various linux distributions, freebsd and windows. There isn't a lot to handle differently but once you tie yourself to linux only, it is hard to add support afterwards (try to not call external binaries that you havent installed yourself, if you must, put it into compatibility layer). If you do this one right, people will port it to different environments, if you blow it, you will have to - or you wont.
- do not rely on docker "installation", presume that it is installed directly on the system and you wont go far wrong. Treat docker just as another system. Docker is going to make you become "lazy" to not think about vital details while developing.
- do check how to handle reverse proxies gracefully, this is something everyone forgets while for any serious environment, there will be nginx frontend
- dont support all the databases, pick one and stick to it, to support it really well, including backups, upgrades and versions
- sooner or later redis is going to be a must, think upfront
- make a backup system, backup before upgrades and be sure you can restore it if something goes wrong, including binaries, database,...
- make an installation/upgrade layer that doesn't depend on "run this sql script", have a well versioned database revision system that can get database from version "0.1" to "2.0" without breaking anything and migrate the data. There are hardly any database changes where database upgrade cant be handled with sql statements.
- think really well about external dependencies, dont pick it just as it is popular and you need one functionality. An example, recently I did a benchmark of 15 concurrent maps in go and the differences were huge where the fastest one was one that you can hardly find by searching while the author did things like aligning the structures with cpu cache, full of unsafe pointers etc., but beating the first selected "popular" map by 2x, and the worse by 15x+. Dont trust authors self promotion, measure it.
- try to not make it confusingly strange, you have the whole usage/administration well done with nextcloud, stick to it, dont reinvent what works, as for instance, sftpgo did and I hate every second using it.
- if something needs to be documented, think about how to implement it, in a way, that doesnt need to be documented. Over time those documented features become a huge burden for you and for users.
- please, if you dethrone nextcloud, dont become evil, like projects normally do. Get the money from where the money is (smb, corporations), spare the home users. :)
The product seems more 'focused' than Nextcloud, for sure.
But their docker choices are quite opinionated: no longer than yesterday I've tried (once again!) to make it run, and the fact that I have Caddy + Authelia in front of seems to be rather detrimental. I dropped the ball, and will try again in a few weeks or months.
Now, imagine, what you would do, if you never learned to read the code.
As you were always using only AI.
Anyway, coding is much simpler and easier than reading someone else's code.
And I rather code it myself than spend time to actually read and study what AI has outputted.
As at the end, I need to know that code works.
---
At one point, my former boss was explaining to me, how they were hired by some plane making company, to improve their firmware for controlling rear flaps. They have found some float problem and were flying to meeting, to explain what the issue was. (edit:) While flying, they figured out that they are flying with plane having that exact firmware.
Regarding your plane story, I can't help but notice that the fact this plane was in operation, and they were willing to fly on it, implies the problem wasn't that big of an issue.
Are you sure code from another developer (junior or not) works correctly? Or that it is secure? You have the same need to review the code regardless of the source.
This is how non-engineers have always lived! The code is a black box, but Product Managers develop a sense of whether the developer really understood what they meant, the QA team verifies the outputs, etc.
I'm uncertain if MY code works correctly lol. I know many code-illiterate folk; some of them I call "boss" or "client." They get along fine dining on my spaghetti. I do likewise never touching the wheel/pedals on my car's 45-minute commute to work.
Will someone eventually be scraping me off of the highway? Will my bosses stop printing money with my code? Possibly! But that's life -- our world is built upon trust, not correctness.
I completely agree with author on LLMs. I consider AI as stock inflating noise, like nosql databases (...) were. The nosql ended, after all the hype, as sometimes usable.
I am typically buying ebooks. When I read it and figure out that ebook is rare jewel, I also buy hardcover if available.
Shoshana Zuboff’s, The Age of Surveillance Capitalism is one of those hardcovers.
I am still waiting for Fairphone and Graphene OS collaboration. This is match made in heaven.
Any Fairphone/GrapheneOS developer reading this? Just do it, document if something is not secure enough for you, but do it. Nothing to think about, you fit together like hand and a glove and any seconds thoughts are depriving the planet of THE PHONE!
Pick the cash we will throw at you and make second generation with the cpu GrapheneOS wants, that will make the /r/GrapheneOS members eyes shine, drooling and crying of joy at the same time. +throw them in a few hardware switches for camera, mic, connectivity,... disabling. No need to wait to be perfect in first iteration (and due to that craziness and perfectionism will never happen), to gain the possibility to be perfect in second or third.
I would love so much to stop buying Google Pixel phones just to install Graphene OS and protect myself from Google and its ecosystem, it seems so counterproductive.
>Fairphones consistently doesn't support a quarter of what graphene os requires
I expect it's not just a matter of feature support: Fairphone in general seems rather horrible on security, doing things like using test keys for production signatures [1].
This is the whole point, they should stop nitpicking and start to do it (GrapheneOS side), even if it is not going to be THE most secure phone, there is enough of features that are far more useful then just security (like privacy). I don't mind if they make it payable. With money they will get (I suspect there will be quite a bit less pixels sold) they can make a new phone that will have all the bells and whistles GrapheneOS wants and on the other side, Fairphone developers will figure out it is $$$ worthy to do it.
GrapheneOS has bunch of requirements that are expensive while Fairphone has zero chance to figure out, if investing would make any economical sense, while their normal users dont really care about that security but might regarding privacy. This is a stale-mate position.
Found info about GrapheneOS installations, 250k users(1). Lets say 25% are on old pixels. This is 60k sold pixels.
> This is the whole point, they should stop nitpicking and start to do it (GrapheneOS side), even if it is not going to be THE most secure phone, there is enough of features that are far more useful then just security (like privacy). I don't mind if they make it payable.
This feels super entitled to me. GrapheneOS Devs have a mission and they get to make that. You get it for free and if you like it you can give them money. If they don't support the hardware you like you are free to fork it and get it to run yourself.
And if security isn't something you care about but privacy is and you feel like there's a difference here you can still install /e/os or lineageos and similar on the fairphone.
Sure they have a mission. But sometimes mission can be done by taking 1 step back to later make 2 steps forward in fast pace.
At the end all profit. While in current state, the culprit, Google profits.
And please keep fallacies like "do it yourself" for yourself, I am talking about collaboration, feel free to open another thread on top level about forks.
Same goes for /e/ ... they just dont compare.
GrapheneOS has two use-cases that are they excelling with, security and privacy.
While security is not really my threat model (some rubber-hose cryptography aka large wrench, solves this issue for any attacker), privacy violations are everyones issue. Even if they dont care.
This went far enough. I have stated my thoughts, if the view doesn't change, GrapheneOS will continue to sell Pixels (lol, SAMSUNGS! Still rather buy them than Pixel) and I will be forced to buy them.
>Please consider the level of retardation this comment requires, it's impressive.
Yes, thats why I have stopped discussing with you and I dont know why I even started - futileness discussing with GrapheneOS evangelists is well known over the internet.
> Has nothing to do with rudeness. And "deconstruction" was rather narrow mindedness, that is locking GrapheneOS to corporation made phones.
Corporation made phones as opposed to organically grown phones?
Again, no one is locking down GrapheneOS you can literally download the source and try to get it to run on any device you like. You just want someone else to do the work for you because you lack the skills and it's not available for the particular phone you want.
Okay, maybe you are not a native speaker, so you might mean a different thing with fallacy.
Here's the dictionary definition of fallacy
> an idea that a lot of people think is true but is in fact false [0]
> a false belief [0]
My comment was
> Again, no one is locking down GrapheneOS you can literally download the source and try to get it to run on any device you like. You just want someone else to do the work for you because you lack the skills and it's not available for the particular phone you want.
Here's the GrapheneOS FAQ regarding other Devices [1]
> Many other devices are supported by GrapheneOS at a source level, and it can be built for them without modifications to the existing GrapheneOS source tree. Device support repositories for the Android Open Source Project can simply be dropped into the source tree, with at most minor modifications within them to support GrapheneOS. In most cases, substantial work beyond that will be needed to bring the support up to the same standards. For most devices, the hardware and firmware will prevent providing a reasonably secure device, regardless of the work put into device support.
> And while I am searching for a way for GrapheneOS to grow, you are searching for a way to keep it limited to corporation made phones. And it is corporations that have the most interest to make it insecure trough hardware, SOC is just one day to do it. So you are failing even on security perspective.
There are no not-corporation made phones on this planet. Every conceivable part of a phone is made by a corporations from parts extracted from this planet by corporations, shipped and assembled by corporations. Do you think that the Fairphone, made by the fairphone corporation is not made by a corporation? From There Wikipage [2]
> Fairphone B.V.
> Company type Privately held company
> And it is corporations that have the most interest to make it insecure trough hardware, SOC is just one day to do it. So you are failing even on security perspective.
So google, spending literally billions [3] on cybersecurity with a direct interest and industry leading track record in keeping pixel devices secure has an interest to make it insecure?
I stand by judgment: The required retardation for this kind of argument is amazing.
So, i'm dealing with a first grade tech student that learned some cybersecurity words. Here's how you can prove me wrong, answer the following simple questions:
1. Why should the GrapheneOS Developers do the work you want them to do? They seem uninterested and I don't see you paying them the 100s of thousands of dollars to hire someone to do the work for them.
Okay, i have to admit you got me. 10/10 Ragebait until that last edit I was thinking you were serious, but you cannot be. Thank you gave me a good laugh and I haven't been this triggered in a while. Before he edit's let me copy his last edit for posterity, it's amazing.
---
> 1. Why should the GrapheneOS Developers do the work you want them to do? They seem uninterested and I don't see you paying them the 100s of thousands of dollars to hire someone to do the work for them.
They dont do any work regarding security that would matter. As hardly anyone is using GrapheneOS. Most people use it for privacy, I don't know a one single person that would use it for security, I have bootloader unlocked as I don't care, its not something that would be a reasonable threat to me, while government actors are not something, I can defend against as they will break my legs and I will beg them to allow me to enter pin.
> 2. Name a Phone that's not made by a corporation.
So they can immediately stop doing it. It is futile, insecure and worthless even from perspective of privacy unless they give people a chance to use it. And currently they dont with excuse of security.
An OS which focuses on security and privacy with slightly imperfect hardware is much better than an OS which focuses on spyware and tracking from an adtech company on the same hardware.
I recently suggested that GrapheneOS support devices with average security on Mastodon. Much like yourself, I think "moderately okay security" is better than "just use Google's spyware infested OS".
The GrapheneOS folks replied in disagreement, insisting that this is a terrible idea because security would be less than perfect. They then started making up stories about me and throwing around unfounded accusations. I don't trust them in the slightest, and strongly recommend staying away from them.
> I recently suggested that GrapheneOS support devices with average security on Mastodon. Much like yourself, I think "moderately okay security" is better than "just use Google's spyware infested OS".
For most use cases, like mine, I agree. But I understand GrapheneOS disagreeing with that statement. "average security" is not their goal, nor the use case they are working for. GrapheneOS' focus is security. They just happened to make the best AOSP version there is out there. So lots of us wish they better support our use cases disregarding the use case they work for. But they obviously don't want to spend resources on it, and I'd assume they wouldn't even accept extra resources to do those things, as it would dilute their "most secure mobile OS" brand by having less secure versions of it.
For those of us who don't need the best security, another fork of AOSP that incorporates many of the features GOS has, like sandboxed Google Play and contact and storage scopes would do. But we can't expect GOS to be the one doing that.
I'm the community manager for GrapheneOS. That isn't what happened, and it is very weird to not only see that on Mastodon, but also that you're going around saying it in other places, too.
People involved with the project you're working on have a history of making attacks on GrapheneOS, but what I mostly want to focus on is your suggestion because my goal here isn't to get in a back-and-forth with you or convince you, but rather provide context for others reading this.
Our hardware requirements are not arbitrary. They are what we need in order to be able to provide usable security to people who depend on it. There's no "average security" for devices that are missing patches for known vulnerabilities for months. That's a non-starter, not something imperfect that an OEM can work on improving. Multiple OEMs have reached out to us and actually want to do the work of improving their devices so that we can use them to provide security for people. It's very weird for people to be fixated on this idea that GrapheneOS should instead be supporting devices which can't actually provide what the OS is known for.
Without a secure element, a 6 digit PIN is no longer secure and can be bruteforced. What average person is using a long diceware passphrase to unlock their phone? Our device requirements are reasonable, and can be found at https://grapheneos.org/faq#future-devices. Every time people ask us to support another device, we have to point to that explain that we cannot, because to date, no other devices meet them, and those who do purposefully go out of their way to cripple third-party OS support (Samsung chief among them). Then, we ask people which of our requirements we should drop in order to support that other device, and why people think that requirement is unreasonable. To date, we have received no convincing reply to that.
You think we're chasing "perfection" but Pixels are just the best that exists right now and is extremely far from perfect. Our requirements aren't a wishlist, they're based on what is possible and reasonable today, not in the future.
> Without a secure element, a 6 digit PIN is no longer secure and can be bruteforced.
Thanks for providing an actual example which we can use as a realistic reference.
Right now such device can run OSs which ship first party spyware. If GrapheneOS supported those devices, they’d be usable with an OS without that spyware, which is a net improvement. The security issue of “a PIN can be brute-forced” exists regardless of OS.
It has always been the goal of the project to provide security and privacy features while maintaining usability. People are expected to acquire a device to use GrapheneOS rather than us supporting as many devices as possible where we cannot offer the same protections.
We're hoping to have a non-Pixel device that actually meets the projects requirements in the near future, potentially. Our requirements aren't exotic and OEMs are confirming that they're well within their capabilities. We'll focus on working with OEMs interested in shipping secure devices in order to expand our offerings, which should offer more choices for potential users as well.
That's like suggesting to Formula 1 World Champion to accept not being at the pinnacle of excellence and despite their talent to voluntarily move to a mid tier team because having a moderately okay car is better than not being in the sport.
Same for cycling, tell last years Tour de France winner to stop using that light high end carbon fibre bike and just use that heavy 1960s steel bike instead, they both have wheels and get you from the start to the finish after all. Don't aspire to be more than average or the best. Just settle.
Hi there, I'm the community manager for the GrapheneOS project. To you, and perhaps others seeing your comment, I would just like to ask that if people are going to watch the video, they should watch it in context, and also read the material that Louis is linking to in the video description, as I'm getting the sense that he's relying on people to not read them.
Our perspective is that Louis was upset with Daniel because we wouldn't do content with him, which resulted in a lot of jabs in his videos preceding that one, along with him expressing support for a video and a creator who has created what is essentially a hitpiece video on the project and its founder.
The main context that seems to be missing is that a supporter of the creator of that hitpiece was raiding our community rooms not longer before Louis' video happened, which culminated in the GrapheneOS founder being swatted by that person 3 times in the span of a few days. Louis Rossmann expressing support (with his large following) for that creator lends credence to their claims and leads more people to attack us. That should hopefully explain why Daniel was upset at Louis (in private, which Louis decided to livestream and leak). If Louis really thinks Daniel is some mentally ill person, is broadcasting him like that really the compassionate thing to do? Even in his version of events, this seems cruel.
Louis is a kiwifarms user, a website dedicated to harassing people (including Daniel). Daniel's thread what started by a self-admitted fan of Louis, shortly after his video, so it has directly led to a bunch more hatred. You can find all of that out yourself.
So for you, and those reading this comment after the fact, I'd encourage you to do your own research, and also to not take what a YouTuber says at face value just because they said it.
GrapheneOS is aiming at the best possible security, so they won't compromise. CalyxOS and /e/OS run on FairPhones (though it seems like /e/OS is more into privacy and less into security).
There is no alternative. /e/ and others dont even come close.
Security is one thing, the privacy they(GrapheneOS) provide is another. You can have privacy without every detail of security they require. While they refuse to provide privacy without security.
Thats why I buy Pixels and feel more and more dirty each time I do it.
Had sailfish in between but that is another set of problems, Jolla failing to realize, they need to have strong compatibility Android layer (to use everyday stuff like bluetooth - in my case for paying public transport) until there is enough software for Sailfish. In any case, Sailfish is my FAR prefered option, over GrapheneOS. But unfortunately the spin of the world and my wishes are not aligned.
In your given scenario (no Google Services, no microG), compatibility is the issue.
I dont use Android because I like it. I use it because I am forced to use it, without it I cant connect to corporate VPN, cant even take public transport (actually I can use NFC card and take a lot of care never to lose money on it, to drive to first place where I can charge it). Banking software. Update firmware for my headset.
Then there come the fishy practices of applications, full of advertising kits stealing information, where HelloWorld app is 90MB apk, as it has Facebook SDK included. You can partially protect yourself with https://netguard.me/, but even I can avoid it (wont explain how, typical android developer doesnt know much beyond java and I dont want to shoot myself in a foot helping them).
Respectfully, you did not really give an answer to my question, you elaborated on the complaining.
What is it that makes GrapheneOS "good enough" (Would you say "perfect"? You seem to want "perfect") in terms of privacy, and /e/OS / CalyxOS / LineageOS unbearable?
I use /e/OS without the Google Play Services. I don't use any app from the FAANGs, and /e/OS uses a custom location service and blocks thousands of trackers.
Surely that's better than "nothing", isn't it?
GrapheneOS is more secure, but you're talking privacy here. With GrapheneOS I could run the Play Store or Google Maps in a sandbox, but it would probably not be better than not running them at all, would it?
Good for you, I was also doing it when I was a kid. Actually was even cooking roms and removing everything that I didn't need.
Then I got my first banking app and was decompiling it on each new version, removing checks for root, "compatibility" and security checks, and compiling it back. Then another app came, this time for public transport, and I was reversing two apps, once every 2-3 months. Became quite efficient with it.
Then I deliberately bought pixel for GrapheneOS, installed it and never looked back.
As I have already mentioned: I am not using Android because I like it or I would want it. Sailfish has everything, I will ever need. For myself.
Either you can't stay on-topic, or you don't actually know what ROMs like /e/OS or CalyxOS are. They don't require any work: you can buy a phone running one of them and use it just like you use a normal Android. If anything, it's probably closer to Stock ROMs than GrapheneOS is.
I am not interested in your complaints, really. I was interested in your take about the privacy issues on other custom ROMs, but it really feels like you don't know. And that's okay.
Sure you are not interested in my complaints and I am not interested in arguing with another fanboy (there is wealth of knowledge on the internet and I am sure you are able to google a bit - but then there is no arguing with me, so no point in doing that, right?), had one IlikeKitties enough for a year. If you are interested, install GrapheneOS and compare it, and in worse case, argue with yourself.
I use a Oneplus 9 pro with Iodé OS (based on LineageOS). It comes with Aurora store and MicroG pre-installed. It works very good and I'm very happy with. It is regularly synced with security updates from LineageOS.
It's such a shame, vision-wise the GrapheneOS crew must be much closer to the FairPhone team than they are to Google and Samsung, one would guess... But the GrapheneOS people find security tech (such as secure enclaves) and update cycle very important. After the bad Pixel news, they find Samsung to be the best fit: [1]
I would (as many here) also hope that they could somehow make the FairPhone crew step up in their security practices, help them do it. They would be the golden combo, except perhaps for things like camera quality and raw speed/AI chips. And possible the niche is just to small to be profitable.
But a man can dream... I'd pay 1.5 to 2x normal price for a FairPhone/GrapheneOS combi, it would align with my values in almost all dimensions. And then I'd buy a Pebble and just be happy.
I really don't know what to do when my iPhone 12 mini dies. I do like the iPhone, but I also liked my OnePlus3 with LineageOS. I was originally planning on a Pixel/GrapheneOS after this phone, but that dream has shatter I think...
> It's such a shame, vision-wise the GrapheneOS crew must be much closer to the FairPhone team than they are to Google and Samsung one would guess... But the GrapheneOS people find security tech such as secure enclaves etc very important.
I seriously doubt that given fairphones track record in regards to updates and security. GrapheneOS Devs value timely updates and integration of security tech. Fairphone does neither.
FairPhone has such limited resources and needs to extract money from such a small niche, that they have hard choices to make. And it's sustainability above all.
But if another party would help with the security aspects, that might change the equation for them.
FairPhone may not be the most attractive partner security-wise but I think that the FairPhone team is much, much less likely to rug pull them like Google did (and Samsung may). Which has got to be worth something.
Very nice, will use it on my child, but this doesn't cover my case.
I have it as a wallet (those flip cases) so it is always with me. But it can stay in backpack for days without using it, except maybe for calls (to talk with parents after I don't call for weeks :D) and to pay for public transit (huge mess to charge nfc cards). I don't use social networks, chat software (sms excluded) at all, never even registered to fb, cant even remember when was the last time I installed any app.
I consider this a very sane use of phone. It is not addiction, rather satisfying addicted society that is pressuring me to use it.
> Very nice, will use it on my child, but this doesn't cover my case.
Thanks for sharing your perspective. I need to point out what I originally stated was:
... exercises to determine one's phone addiction, if any ...
Note the "if any" qualifier.
You express having no phone addiction and I have no reason to think otherwise. More importantly, I am not going to adjudicate as to yourself or anyone else.
You lose on long run. In few years, you will pay more and still watch ads while YT will no longer be free. (let me remind you of video streaming services)
Managers want their rewards that are tied to earnings and stockholders want to earn more.
And once they both get their money, the next year reward will be tied to even more earnings. And stockholders will want to earn more.
I’ve paid for YouTube Premium from the beginning (remember YouTube Red?) and it has been a mostly great service for 10+ years. The value I get is vastly greater than Netflix or any other streaming service. But if they ever start putting ads in the paid subscriptions (like many streaming services now with their basic tier) I’ll jump ship.
Yep, you were a test project. Will people pay for free content or punish them by leaving the platform. And will they start to pay if you increase number of ads. Now they moved to next stage.
Anyway, not there yet. Frog is boiled slowly, slow enough that people dont notice until it is to late.
First they need to kill ad blockers tier. Then you increase number of ads to unbearable (they are already doing that) and get as much people as possible to paid content. Also market must be ripe enough, so there will be no more ships to jump. Then you will get ads, different tiers to pay, segmentation of content etc.
I hear you, but I can only live in the now and not whatifs. I refuse to watch ads and will pay to avoid them. If a service I use makes that impossible, then I’ll no longer use the service.
And there is more content in the world right now than any single person will ever be able to consume. I have zero concerns about dropping a service.
But you don't need to drop a service. You can keep it as good as it is. You just don't reward google predatory tactics by paying, as you are literally making YT worse.
But that is exactly the business they are trying to morph YouTube into. If we agree that being exposed to persuasion always has negative value, then ads are bad. Watching ads is the only behavior that causes them to persist. If everyone blocked them, YouTube would go out of business or switch entirely a paid model. If everyone paid, then they switched to a paid model already. The only choice the causes ads to persist and increase is to both refuse to pay, refuse to block, and still watch. So don't do that.
So if I don't pay and I don't want to watch ads then what? I'm not going to jump through mental gymnastics to not pay creators and Google for offering the service. If you truly don't want to reward Google, then don't use anything from Google.
How did it work until now? Anyway, we both know that care for "creators" is "think of the children" thing, but I will play along: pay them using patreon (or, I have bought this: https://theduranshop.com/the-duran-gold-eagle-premium-t-shir..., triple time overpriced but they deserve it).
For Google, don't worry. You have payed them, with your data, thousand times over. And if you stop providing today, your existing data will be exploitable for years to come.
On top of it, by paying, you create a direct trail from watched video (data) to your account, from there to your credit card and from credit card to physical person. So you are giving them even more data.
Anyway, if Google goes bankrupt, because of you, you can consider yourself a saint.
Someone who has really done something very good for the whole planet and human society.
So what's your alternative if I don't want ads (content is not free to make), want the creators to be paid, and paying for premium is tempting YouTube to abuse pricing? (or so you say)
Not sure what you mean. I was a test subject? The test still seems to be ongoing after 10 years. I fail to understand how any of these alleged experiments involve me.
Exactly, it's the enshittification trajectory as explained by Cory Doctorow. Without laws and regulations that stop companies from doing that, it's inevitable.
> I’ve paid for YouTube Premium from the beginning (remember YouTube Red?) and it has been a mostly great service for 10+ years.
I struggle to see the difference between Youtube Premium and regular Youtube with the exception of ads.
It's the same shitty recommendation algorithm. It's the same "you will watch shorts or else". It's the same nerfed unusable search. It's the same "we randomly decided that your bandwidth isn't enough, here's a 480p version of the video you're currently watching".
Yes, it’s mostly just the ads. There are some nice-to-haves like video downloads and background audio on the iOS app. I almost never use search, recommendations, or shorts, but I’m sure you’re right to criticize those features.
Can you download the videos to mp4 or is it some proprietary DRM thing that only plays on YouTube? If not that just sounds like a worse version of yt-dlp
Definitely the latter. On the iOS app you choose videos to download, and I believe they only work for 30 days without Internet access. I use yt-dlp for videos I want to archive, but I use the YouTube app downloads for one-off stuff like loading up my iPad before a flight.
I've stopped recommending this (except for in-person to friends) because it's so valuable, and I'm seriously worried about it getting stomped by YouTube.
> difference between Youtube Premium and regular Youtube with the exception of ads.
Yeah. That's the difference. That's literally it, the rest is window dressing. You are choosing the monetization strategy: ads or money. If you're not living paycheck-to-paycheck, and you watch a lot of YouTube, paying $13 or whatever is the sensible choice.
Yes, lots of things about the product suck, as you've described. But the content on it is good and the recommendation algorithm is pretty good, at least in its obvious goal of bringing me to new-to-me channels on a regular basis.
> If you use ad-blocker: they'll embed ads into the video
If they do this then the right arrow becomes your best friend. If it's part of the stream then they have no way of blocking things so you can't skip past them. If they embed some way of notifying the app that it needs to block skipping here or there then that's what adblock would start triggering from. I'm assuming that's why they don't do it now.
> If you use ad-blocker: they'll embed ads into the video.
Someone will eventually make an AI adblocker that will dynamically update the video with all ads removed or replaced. For example, let's say that I specify to my AI streaming video editor that "detect all bottles and glasses with alcohol and replace their contents with water and their labels with Liquid Death"
Similar technology will be/is already used to e.g. display a Coke can for some markets and a Beer can for other markets, depending on who paid for that market.
Yes, businesses want money. The point is that YouTube has no leverage on creators. they have to play nice because the barrier to entry is nil as competitors already exist in Twitch, Dailymotion, Nebula, Vimeo, Dropout, etc.
None of that helps you if you want it to be free, but for those of us willing to pay, we can happily ally with creators if YouTube gets shitty.
That’s how it’s supposed to work. It’s a good deal now and I’m happy to take it. None of that matters if you are comparing it to piracy… obviously.
We will see how prepared you will be to pay, where each of creators you watch will be on different network and you will have to pay for each network $10/month, while you watch 20 creators.
Again, this is nothing new. It already happened with video streaming, where Youtube now is Netflix then.
This already happened with Dropout.tv when college humor left YouTube.
Yes, it ain’t perfect. The alternative is the creator literally stop making videos. YouTube is already not serving ads for demonetized videos. People doing it for the love of filmmaking can already do it for free.
No, the alternative is that you DONT pay. That you deliberately not do what is the easiest move(1) and on top of that even feel special for doing it. That you suffer a short time for better next. That you fight them with technical means. That you vote with your wallet, squeeze your teeth hard and show them you just wont pay and they will lose ad watcher if they show more ads.
And now you will tell, that people are not disciplined enough for that, that majority wont pass the marshmallow(2) experiment?
That some Mike Judge movie was actually documentary?
Yes, I know.
1. https://en.wikipedia.org/wiki/Booby_trap , A common trick is to provide victims with a simple solution to a problem, for example, leaving only one door open in an otherwise secure building, luring them straight toward the firing mechanism
They already get 55% of revenues at YouTube which is basically the highest percentage in any creator industry. How do we pay creators under your rubric and allow them to be discovered?
Looks like it worked and it works, without any changes, while the number of views is keeping their earnings to small group that will not increase as there is not infinite number of time to watch the movies. And dont "creators" me. It is about google earning more money for their stockholders and managment collecting their rewards, not about "think of the children".
>And dont "creators" me. It is about google earning more money for their stockholders and managment collecting their rewards, not about "think of the children".
Classic consumer-only socialist. You have no model for production except business is bad. If you care about labor then you care about labor getting paid. So far you've demonstrated that you have no model of paying content creators. You would rather they go away then actually pay for their services. You pretend you should be able to get it for free. If you have no model of production, then you have no model.
Looks like the planet will. It has already started to sanitize flee infestation called humanity. And, contrary to what it was told to you, planet is fine. Nothing wrong with it. Scratching. And will joyfully survive for millions years to come. We wont.
Sure I do, by suckers watching ads, like it always was.
The whole thing about Google is that they are not software company (as people like to falsely believe), they are advertising company, financing everything else from ads. Including search, youtube, android, gmail and all other side projects.
And those side projects brings them data, to advertise more efficiently.
Now, seeing a trend to monetize their side toys is just pure greed, they don't really need that.
This is also the reason, why no one can compete with them. As competing with free products is impossible unless you have side financing.
It worked until now for, what, 20 years? And it worked very well, check Google stock.
Don't be afraid, they have calculated people not paying into the strategy.
And it wont stop working because you wont pay Google extra money. But it will become worse for most of people, including you, if you set yourself into position of slave and pay, confirming their theory that they can exploit you so much more.
Btw, did you check the link? You should really learn from it.
"vote with your wallet" is like trickle down economics, it's like if only everyone used paper straws we could prevent climate catastrophy. Split up FANGM should be the bare minimum.
It is not, but discipline is needed instead consumerism. And every half intelligent marketing guy will make it harder than to just pay.
Paper straws you mentioned are just paper straws.
Splitting should happen 10 years ago. I doubt it will have any special impact now.
> Paper straws you mentioned are just paper straws
No they are the decipline you are talking about, the delusion is, if everyone used paper straws we would save the ecological destruction of the oceans. The structural problems of endless profit maximization machines can not be addressed by appealing to individual action.
> Splitting should happen 10 years ago. I doubt it will have any special impact now.
That depends on the amount of pieces, don't you think?
Ok, I wanted to avoid it, but since you didnt understand, paper straws are just straw men. They have absolutely nothing with voting with wallet, it is just some lame scenario, comparable at nothing and kicked instead of the real thing.
Or said differently: plastic straws are only a minor part in ocean pollution, while people not voting with their wallet is the main reason for all corporate shenanigans we are experiencing.
And yes, I agree it depends on number of pieces, but I don't put any trust into USA as state, even without Trump, being able to persecute billion $ corporation.
> while people not voting with their wallet is the main reason for all corporate shenanigans we are experiencing
That's what I'm getting at is wrong. The paper straws are an analogy, if everyone stopped driving cars and lived in the woods we could reduce carbon emissions significantly, therefore the reason we can't stop climate change is people not voting with their wallets. Everything is people not voting with their wallets, it applies to everything, that's why it applies to nothing.
Or stratify users into creators and viewers and force both strata to pay, where viewer users cannot upload and creators cannot watch (even if they paid).
Content creators have loyalty to the magic money tree on the internet, they will shake as many of the trees they can, right down to begging for $1 from every 'fan' to add to the $50,000 they make a month.
People dont understand how world works. Management reward are tied to earning more money. As long this is true, the next year, the reward will be tied to earning even more. The more you pay, the more it will cost. And when people wont be prepared to pay more, alternative model will be invented, like adding ads to paid content. There is only one way to stop this - break it from the start and make it nonviable, don't pay.
They are trying to block ads blockers as some manager wasn't able to get reward. Or is worried he wont get it. And this means that money that can be collected from ads has peaked. Now come the "optimizations", now payable, then no longer free, later payable with ads, then they will squeeze content creators, that will move to other platforms where you will have to pay for multiple platforms where you were once watching it for free on YT.
Sounds familiar?
Made it as short as possible, but this could be wall of text, from comparing to what happened to streaming services etc. Without piracy (not advocating but it is a fact that it forced publishers into internet model) we would probably still buy content on CDs and DVDs, maybe BluRays.
Greed of infinite growth in finite system has destroyed the planet and you can bet it will destroy YT too.
Except the alternative model will be invented even when people can pay more — do both and make even MORE.
It used to be practically shameful for large companies to run ads on their websites. They had clean websites with only their content. Especially for subscribers. Now they’re all filled with ads!
Such high profile target without security patches for system and probably outdated pkgs/ports for at least 3 years, I am actually surprised they survived that long.
They survived for a decade like this. Since it was sold, basically. Only since sharty has become a dedicated adversary did it become a problem for them.
There’s a billion other issues too, i’d be surprised if it’s not gone again very soon.
TLDR: while the OS is great (really GREAT), the real-world compatibility is not.
I had Sailfish OS for a daily driver for two years, and OS is great (let me say that again, Sailfish IS GREAT!), but there are "the details".
Jolla is completely ignorant to needs of their users. While they do have an android layer, they are ignoring to things that are of huge importance for daily life, like bluetooth passtrough, and are important due to daily needs, for instance, bluetooth passtrough is really important for using public transport here.
FFS, I was reversing banking application and patching it to be able to use it. And actually became very good at it :D
Here is a bluetooth feature request thread, that is open for 5 years: https://forum.sailfishos.org/t/bluetooth-support-in-android and being blatantly ignored.
And lets not get into details, like NFC.
So at the end you will have a great OS, incompatible with the whole world. After 2 years of suffering, I ditched Sailfish, bought Pixel and installed Graphene OS.
Once Jolla starts to listen to their customers, they are on the path to very real android contender, but unfortunately they just dont understand, that people need some features, they are not providing while the vendors wont support some exotic OS. They need to adapt, not vendors - the whole thread is full of this mentality.
The android "container" was a step into right direction but they just shouldnt abandone it and keep on supporting it, adding additional layers of compatibility.
I really hope they will change their mind at some point and prioritize compatibility, would love to ditch android and its spyware driven ecosystem completely, but sadly, Graphene OS + NetGuard is just a far better alternative until Jolla stops behaving like an infant. They are literally sabotaging themself in a worse possible way.