186

Can't we do anything as google is killing AOSP and custom ROMS (programming.dev)

submitted 23 hours ago* (last edited 23 hours ago) by Timely_Jellyfish_2077@programming.dev to c/privacy@lemmy.ml

123 comments fedilink hide all child comments

It feel like we’re losing to Google, day by day. They aren’t killing AOSP directly, but they are making it useless step by step.

Now it’s Google Play Services, Play Integrity checks, installation source checks… more and more apps just refuse to run without GMS. Banking apps? Most of them don’t work. And it’s only getting worse. I run vanilla AOSP on my main profile, no Play Services. I keep GMS only in my work profile for the apps that absolutely need it. But now even some regular apps that don't need any play services won’t work on my main profile anymore. They simply block your from running , like le chat.

Maps is google's most important app there is no way to run without play services. Sure we can use webview or gmaps wv, but they don't provide turn-by-turn directions. Earlier maps used to work without play services, but two years ago, an update stopped it from working. Now that old version is out of date and no longer works.

Google is slowly making GMS very important to run. The problem with GMS is they require to run as system app and has to have all the permissions by default.

Hope EU puts pressure to make google allow apps to run independently without GMS or atleast install them as user apps(like graphene os sandboxed play services).

If we keep going on like this, AOSP can only run fdroid apps in the future.

you are viewing a single comment's thread
view the rest of the comments

[-] Narauko@lemmy.world 16 points 15 hours ago

Yeah, this is a problem. I attempted to switch to GrapheneOS just a month ago and had to roll back to stock Android. One of my banking apps worked, but 3 others didn't. My 2FA app didn't work. I stopped receiving important texts as they were previously RCS and that refused to validate no matter what I did.

Google has made it extremely hard to degoogle.

[-] Dreaming_Novaling@lemmy.zip 3 points 8 hours ago

One of my banking apps worked, but 3 others didn't.

Same issue, I just did web browser instead

My 2FA app didn't work.

I suggest just exporting and using a different 2FA app, especially an open source one like Aegis

I stopped receiving important texts as they were previously RCS and that refused to validate no matter what

RCS on GrapheneOS is very finicky and requires using AppOps to enable READ_DEVICE_IDENTIFIERS, and you have to let carrier services and google messages have more permissions to work. You also might have to deregister your previous phone to use the number (i.e. my old iPhone still had my number in the settings, had to remove it). There's a very long GrapheneOS thread about it, but the link should be the solution.

[-] dropped_packet@lemmy.zip 10 points 14 hours ago

Why not just access your financial institutions in a web browser?

[-] Narauko@lemmy.world 2 points 13 hours ago

That was an inconvenience, but one I could make if it was the only issue. It was more the total accumulation of things. My 2FA app pulling support for "unsigned" operating systems coupled with missing work texts due to RCS failure were the main straws to break the camel's back. Having to find an alternative and then manually change all 2FA was almost a deal breaker in itself. That played into using a web browser for my financial institution access.

[-] dropped_packet@lemmy.zip 2 points 11 hours ago

There is always a trade-off with privacy and security. It's totally okay to decide you prefer convenience over privacy.

If you wanted to give it another shot:

You could use a different 2FA app - I know Bitwarden works well
You can use a soft phone SMS, bonus that you can send and receive from a computer

[-] dogs0n@sh.itjust.works 3 points 13 hours ago* (last edited 13 hours ago)

Missing texts is definitely a deal breaker. I hate how RCS was championed as the "open" protocol and yet only google and samsung are able to implement it.. we were lied to. Or i feel lied to idk i thought it was an open knowledge spec when we were hearing about forcing apple to support it.

[-] dogs0n@sh.itjust.works 1 points 13 hours ago

Convenience and security probably.

The website version of a lot of banks require you login (each time) with a customer numer and then random letters from your password and or pin, which takes forever so I never bother unless I need the website.

Im (more) paranoid whenever I use a sensitive website. Quadruple checking the domain name, am i on https (even tho i use no-http and have a password manager). It's a bit more relaxing using an app.

Theres probably some security downsides (other than user error), but a modern banking site shouldn't suffer much since they invest heavily in locking down their shtuff.

[-] vas@lemmy.ml 5 points 13 hours ago* (last edited 13 hours ago)

With respect to 2FA, if you want to be more ready for any future next time, you could migrate to an open-source TOTP app. E.g. andOTP. I use this one, it's fine. The underlying standards don't change in decades, so you can choose any compatible client and be without trouble for years and years. And it may be good to do in any case, googlified phone or not. Good apps also tend to provide password-protected backups.

I have no knowledge about RCS though, never used it so can't tell. Otherwise GrapheneOS user for ~2 years, before that LineageOS, before that CopperheadOS for another few years.

[-] EnsignWashout@startrek.website 5 points 13 hours ago

Google has made it extremely hard to degoogle.

Just remember that there are no nice reasons why they are working this hard to keep your phone captive.

We can argue about how bad it will get, but there's only worse things coming from this effort.

[-] Narauko@lemmy.world 3 points 13 hours ago

Oh, totally, which is why I am working towards as much decoupling as possible. I plan to replace my Nest gear with Ubiquity for cameras and stuff as I can afford it, and eventually set up my own offline automation server. This can only end badly for consumers.

The collusion between services like Authy and Google indicates this to me, but it's also effective and means I have to pivot in slower degrees. I am encountering similar issues moving to Linux from Windows, so this is a full Silicone Valley issue.

this post was submitted on 14 Aug 2025

186 points (100.0% liked)

Privacy

40822 readers

1759 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS