If this finally pushes adoption of truly open Linux phones, then this will end up being a good thing, and the greatest favor that Google could do for the open source community.
Tragically, Linux phones have languished and are in an absolute state these days, but a lot of the building blocks are in place if user adoption occurs en masse. (Shout out to the lunatics who have kept this dream alive during these dark years.)
It won't though, because there's a ecosystem of banking/insurance/whatever apps that have bought into the android/iphone lockdown mindsete that people will simply be locked out of. Open alternatives can grow when there is a viable means of slow growth, and cutting off the oxygen to such things is the implicit intent.
Don't banks/insurers/whatever have websites that are often mobile friendly?
Some are sadly app only. I avoid those.
Many others are pushing apps as a 2FA, even if you use their website. Some governments are also pushing mobile IDs.
The best Linux for phones, SailfishOS, has a fairly good Android compatibility layer that runs many bank apps well.
But despite that, it's an uphill battle.
The best solution for this is to buy a $30 burner phone at Walmart and use it unactivated, tethered to your main de-Googled device. You can use the burner for only tasks requiring Play Integrity.
Make sure to leave one star reviews on all such apps that you run into.
Yes. However, I already carry a tethered hand-me-down quarantine phone where I install my work apps and undesirable apps like Whatsapp (for those loved friends and family that can't or won't install Signal). Carrying a third phone for "Play Integrity" starts being a bit much.
> banking/insurance/whatever apps
I know banking apps are the typical example, but I've always wondered why. I use my bank's app maybe once or twice a year when I need to Zelle someone, which I only need to do when they don't have Venmo. (Unless we consider Venmo a banking app.)
I only have one bank's app installed, the rest of my banks I only interact with over their website, on desktop.
As for insurance, I've never had an insurance company's app installed.
Am I just an outlier here? Honestly, if I switched to a non standard OS, I'd be more annoyed about losing, say, Google Maps, Uber/Lyft, or various chat apps. Banking and insurance just don't come to mind at all as something I need my phone for.
My bank sends me an alert when my card is used to make a transaction - handy for spotting fraud.
I get an alert when a payment comes it - handy for knowing if a client has paid.
I can quickly check my balance - handy for knowing if I can afford another round of drinks.
I can repay a friend in two taps - handy if they've paid for dinner.
Is anything essential? No. Is it something people use multiple times per day? Yes!
I can get alerts in email or messages, no need dedicated app for that, I can track there also my balance, so only useful thing app provides are easy wire transfers from phone, which I never do, if I wanna transfer money is much more convenient work big display, proper keyboard and mouse than from phone.
We've cultivated a tech culture that can't stand the slightest inconvenience. People will give up nearly everything if it means avoiding the least bit of effort.
We are so boned
So yes if it weren’t for people wanting convenience the “Year of Linux on the Desktop” would have happened 25 years ago.
What do you suggest? Everyone carry around their desktop computers and our CRT monitors like we did when we wanted to play Quake with friends?
> What do you suggest? Everyone carry around their desktop computers and our CRT monitors like we did when we wanted to play Quake with friends?
The exercise would do people good. Jokes aside though, there is a nuance between completely inconvenient and designed for the marching morons.
You mean 80% of adults worldwide are “morons”? Have you ever thought that they may know something you don’t know?
If 80% of adults worldwide somehow became unable to tolerate the slightest inconvenience, then yes, I'd say they would be morons, but I doubt they are. I'm unsure where you're getting the 80% statistic from.
yes, getting emails or text messages instead of having app alerts is luddism.
Get real, dawg
Uhh yes - when 90% of adults worldwide have moved to smart phones - yes you are the Luddite.
Email is for old people has been a meme for two decades
https://www.techdirt.com/2007/11/15/email-is-for-old-people/
That's great for you but unfortunately the overwhelming majority of people do indeed regularly use these features.
You actually check your email regularly? How much effort does it really take to transfer a balance on a phone?
For Bank Of America it’s:
1. Click on “pay & transfer”
2. Click on “transfer”
3. Click on “From” and choose account
4. click on “to” and choose account
Then type in the amount and and click on the date?
Is it really that much easier on a computer?
"if I wanna transfer money is much more convenient work big display, proper keyboard and mouse than from phone"
You realize how ridiculous this sounds, right?
It reads like he made typos/autocorrect mistakes on his mobile phone!
Which is a pretty funny illustration of the gist of what he was saying… it’s easier to make mistakes on phones.
Could all of these be handled through openbanking?
Yes
You're definitely not alone. I just checked the list of installed apps on my phone and found three different banking apps that I completely forgot about because I never use them. I installed them because I thought it would be convenient for checking things on the go, but I actually just end up using the computer whenever I need to do real banking business. The only finance-related app I use with any regularity is Venmo for e.g. paying back a friend for covering dinner.
Another commenter mentioned needing to get alerts for fraud, but none of the financial institutions i'm currently doing business with have any trouble sending me text messages. In fact I have the opposite problem, I can't get them to stop using text for 2FA codes...
2FA is a requirement in Europe. I can't log into my bank account without my phone being able to run the app.
But 2FA is moot if it’s the same device as your bank app, is it not?
Yes. Please tell my bank that.
They know. The EU directive is quite clear that hw tokens are to be preferred over phones. Banks are cheap though and violate it.
It is in the specific case that you don't have biometric or PIN login set up on the device and you use a password manager that doesn't require authentication. In that case, the only factor is "something you have". Otherwise, it is still a multi-factor authentication because the device itself still represents "something you have", and your device unlock represents "something you know" or "something you are".
I would stop using bank requiring phone app to do banking, simple as that, both my main EU accounts use sms verification codes and extra password, which is fine with me. If they will require an app, they will lose customer.
2FA and Google SafetyNet are two completely different things. Your banking app can implement 2FA without SafetyNet.
"I'm am just an outlier here?"
No. The "banking app doesn't work" argument against non-corporate mobile OS, raised incessantly is HN comments, is bogus
I want a "phone", i.e., small form factor computer, that can run something like NetBSD, or Linux. But I have no intention of using it for commercial transactions. Mobile banking is not why I want to run a non-corporate OS
I want to use it for recreation, research and experimentation
NB. I have more than one "phone". The choice is not corporate mobile OS versus non-corporate mobile OS, i.e., "either-or". I can use both, each for specific purposes
> I want a "phone", i.e., small form factor computer, that can run something like NetBSD, or Linux. But I have no intention of using it for commercial transactions. Mobile banking is not why I want to run a non-corporate OS
> I want to use it for recreation, research and experimentation
I am a firm believer that phones are personal computers and should have all the end user freedom we have come to expect from personal computers. I am totally behind what your saying. (The amount of irrational anger that wells up in me when I hear someone make the argument that phones are somehow not general purpose personal computers and shouldn't provider their owners software freedom would astound you.)
Personally, I opt out of services that require the use of phone "apps" and any potential attestation they provide. Unfortunately, I just offload those needs onto my wife and her iPhone.
Want to go to a concert in a TicketMaster venue? You have to have a phone. Pay to park in some places requires a phone. Mobile ordering for some restaurants requires a phone.
I don't think it should be this way, but it is. I think we need consumer regulation to insure software freedom on phones and curtail awful user hostile "features" like remote attestation.
Until that happens (if it ever does) there is a realpolitik with needing corporate phones for some activities that can't be denied.
Those things that you mentioned you can do it on the website meaning also a open computer too
So the world should cared to your needs when literally almost every adult has a phone even in third world countries?
Before you say “what about the poor people” in the US at least, even poor people can get a subsidized free phone through the UCF (?) government fund
Also see: no I’m not going to waste development time di you can get to a website I develop with JS disabled or so you can use lynx
Because phones keep tracking us and stealing our attention.
And everybody should have the option of open computer systems
So exactly how do you think an “open phone” will keep you from being tracked when you are tracked and can be triangulated via cell phone towers?
My main bank is Commonwealth aka CBA (one of the "big 4" banks here in Australia). For a long time, I held out against installing their mobile app (on Android), and managed fine with their web UI (and with 2FA codes via SMS). Then, 2 or 3 years ago, I needed to start using PayID (sort-of Australia's version of Venmo, ie free instant transfers, except it's supported directly by all the major banks here). And I discovered that CBA had (deliberately?) only added PayID support to their mobile app, you absolutely can't use it in their web UI (last I checked). So I had to finally relent and install the mobile app. I started out only opening it on the rare occasions when I needed to send money to someone via PayID.
Then, a while later, CBA pretty much phased out SMS-based 2FA (or they said that if you had the mobile app installed then you can no longer use it?). Only other supported option is in-app 2FA (no support for third-party TOTP apps). So I had to start opening the mobile app every time I needed a 2FA code. Then, within the last year or so, they made a new rule, that in order to log in to the web UI at all (just initial login, I'm not talking about sending money or any other high-risk action), you had to receive a push notification via the mobile app and tap "allow". So now I literally can't log in to the web UI without also logging in to the mobile app!
So, unfortunately, "just keep using the bank's website on desktop" is increasingly and deliberately becoming not an option. I assume there are many similar stories with other banks around the world.
Banks often use their app for a second factor auth. here.
Some banks' only interface is the mobile app. And in Europe people typically use their banking app for P2P payments (no need for an app like Venmo)
I can't deposit checks over the website, and I use a bank with no physical locations near me.
That's true, but the notion that we're still using paper checks in 2026 is so crazy. And yet they remain the cheapest way to handle many transactions in the US financial system. Like a lot of small healthcare providers still prefer to receive paper checks from insurance companies because the electronic payment processors take a 3% fee.
Why won't they just use Bank Transfers? Using Checks or Credit Cards for Payments between companies sounds completely insane and stupid
Yes, it is completely insane and stupid. Direct bank-to-bank transfers require significant administrative work to set up, and may still incur bank fees. For individual consumer accounts most people can use Zelle but it's not universally available.
I haven't had issues with the mobile apps of 3 of the most major US brokerages. They run fine on rooted phone. They do everything I'd want a bank to do anyway.
Ditch your bank if they have issues. If their retention department asks why you're leaving, tell them their app doesn't work.
I’ve found the mobile websites for a lot of these cases to be fine. Not a great UX but not a blocker
And if your bank only does 2FA via app?
Wait till you see how hostile Reddit is when you try and access via a browser on a phone
In that case a two phone approach makes sense. I was willing to try that out, to give Ubuntu Touch a trial on my main phone. This might incentivise it even further for an off-ramp of the Google/Apple duopoly.
I’m old enough to remember the days that banking apps required Internet Explorer and didn’t work on Firefox. Eventually, they were dragged kicking and screaming to support all modern browsers.
Microsoft's shit show seems to be pushing Linux adoption
LMFAO what are you doing on your banking app all the time
But there is a lot of resources put into the android ecosystem already. Even open source apps like anki, syncthing etc
There's no point. Remote attestation means your device needs to be corporate owned to be trusted. Even if you had your own linux phone, it wouldn't be able to interface with institutions such as banks and governments. They trust Google's keys, not yours. This doesn't quite end free computing, it just kills it for normal people and ostracizes us hackers who insist on owning our systems.
Not sure what gov require, but most credit unions do not use such lockdowns
They will.
Until Android is crippled it will continue to take resources away from Linux Phone development and companies that will launch phones for it
[dead]
For me as a desktop linux poweruser, I find this potential transition pretty intimidating, I've never flashed a phone with a custom rom let alone switch to a completely different OS, and I am not sure if the phone can even be reset to its original OS, if things go south.
/e/OS at least has a browser based installer[0] for quite some supported phones. I definitely recommend trying it out, installing a custom os on my phone gave me the same feeling when I first ran debian on a laptop struggling under windows (even though the performance gains aren't that apparent in my opinion).
[0]https://e.foundation/installer/
It's relatively easy. It's basically a command for each step you want to do and it tends to fail gracefully nowadays.
If you can install a linux distro you can flash a custom rom on a well-supported phone.
If it were more mainstream I could see GUI apps to manage all this for people, if they don't already exist. Idk I just use adb.
It's also high risk. I've bricked two phones doing it.
I flash phones almost every other week. And tablets. I have been flashing since Androids came out. But never bricked. But maybe that is why I don't have any problems.
I've been flashing phones for over 2 decades and have never bricked a phone. How did you manage that?
Same here. Just follow the LineageOS steps.
Are you seriously implying that flashing phones doesn’t risk bricking them or you’re not aware of that risk are you serious?
"flashing" a phone is largely the same as any OTA update. There's of course always a risk of it going wrong, disk failures are always possible, but it's exceptionally hard to do so accidentally. Especially with custom ROMs where they basically never include a new bootloader, so "flashing" is no different than installing an OS on a desktop system - it's just writing to the boot partition. Which you can always do again since the bootloader is still available.
I am seriously unaware of the risks and also flashing brand new phones :)
> Are you seriously implying that flashing phones doesn’t risk bricking them or you’re not aware of that risk are you serious?
Yes, that is generally the case. As a general rule with an Android phone reflashing the OS itself or the bootloader carries no risk of bricking the device (meaning making it impossible to recover without specialized hardware and/or opening up parts that were not intended to be opened).
There are plenty of ways to "soft-brick" a device such that you might need to plug it in to a computer, and adb/fastboot can definitely be a pain in the ass to use (especially on Windows), but if you have a device with an unlocked bootloader it's very rare to be able to actually brick the device while doing normal things.
Now, if you're doing abnormal things like reflashing the radio firmware you can absolutely brick some devices there, but you don't have to do that just to boot an alternative OS and generally shouldn't be doing it without very good reason and specific knowledge of exactly what you're doing.
I'm not going to say there are no devices where the standard process to flash an alternative OS is dangerous, but none of the relatively common ones I've ever owned or used have been built that way because OEMs don't want their own official firmware updates to be dangerous either.
tl;dr: It is sometimes possible to brick a device by flashing the wrong thing incorrectly, but the risk of doing that if you are just installing an alternative OS through a standard process is basically zero.
Potential for a brick varies massively depending on phone model, doesn't it?
it's pretty much impossible to hard brick phone, you can almost always recover it
I'm running custom ROMs for the last 15 years
That describes relatively easy for you, but not for the average person who can’t even be bothered to change the default ringtone.
The challenge I've found when looking for instructions for flashing one of my old phones is the assumption of knowledge some rom builders have, or perhaps an assumption about their audience. This seems like it has the potential to bit someone in the ass because if they're relying on other sources like the lineageOS wiki or forum posts elsewhere for example there's no guarantee it'll stay available, complete, or relevant to their variant over time. It's an added burden for what is a gracious volunteer role, but it's a handicap if they want more people using the fruits of their labor.
Don't worry if you're not ready, just as on the desktop, there are pioneers ahead of you that will clear the way <3
Have a look at this post
https://news.ycombinator.com/item?id=46723594 from Emre @emrekosmaz
It is a smartphone that runs Android, launches Debian, and dual-boots Windows 11
Actual link https://nexphone.com/blog/the-tale-of-nexphone-one-phone-eve...
Expecting Google to give up control of one of the only alternative operating systems is right up there with believing in the tooth fairy.
What you're saying should happen, but it will only happen when the government legislates it happens; which frankly they should be doing (along with nationalizing a few other software projects to be fair).
A trillion dollar transnational corporation with massive monopolistic tendencies will never ever do the right thing. Expect to force feed it down their throats.
In general, governments seem to be much more invested in making it illegal to have anything that is too open and too free. Even EU is lusting for draconian control features like chat control where you don't own and operate the software you installed on your device even if, at the same timem, they're trying to gnaw on the influence of Big Tech.
Even if you have linux, there are still third parties that have control over your hardware. Even if you're using graphenos, you can't block the sim or the cellular radio stack, and likely other modules on the SoC, from at-will access to every sensor on the device. You can at least protect your files, unless there's a mitm or other vector that graphenos can't cope with. And at worst, they can simply clone all your encrypted bits and wait on Moore's law or sufficient cubits to go back and crack the copy, on the off chance there's anything they want with your data in the first place.
My phone has hardware kill switches for modem, WiFi/Bluetooth and mic/camera. All three together also kill all sensors.
If it's got a sim card, it's still phoning home and providing location data. You can't escape the panopticon. A faraday bag gets you mostly there, though, but the point isn't that you can maneuver against it, it's that the device and its operation is fundamentally compromised by design.
There's a whole lot of shady crap underlying the infrastructure and the hardware that consumers cannot touch, pinephone / librephone or otherwise. It's not designed for consent. At best you can gain ephemeral relief, but even that is illusory, because by simple process of elimination, differential analysis allows fine grained ID and tracking of people even if they don't have accounts, phones, interact with websites, etc.
It's not a shady cabal of lizard people, it's just the grubby natural alignment of interests by a wide ranging set of companies and regulators and groups who allow it to happen without imposing any accountability, and ensuring that the system remains structured such that no effective accountability can be imposed.
Extorting constant streams of data for adtech is too valuable and the entire thing is too complex for silly things like ethics to interfere.
> If it's got a sim card, it's still phoning home and providing location data
Only when the kill switch is on. I control it.
Also, it's possible to get AweSIM service hiding your data from the mobile operators.
For sure - and you can use WiFi only, set yourself up with a HaLow rig and give yourself a ~10mbps connection anywhere up to 10 miles from your home, suitable for voip and low rate streaming, throw in VPN, and remain completely off-net as far as cellular networks go. I'm actually planning on using a wireless touchscreen and mobile halow/raspberry pi network/storage stack to completely replace my phone, but the bigger issue is automated tracking of everything - if you're the only blank spot in a sea of known individuals, it's just a matter of seconds to id you, since everything everywhere about everyone is tracked online.
We should be enforcing informed consent regulation of network infrastructure, treating privacy and anonymity as synonymous with liberty and freedom. Allowing the system to operate as it does is a choice; those with lots of money get to make it grow by exploiting a constant invasion of privacy with no concurrent return to the society being exploited.
Phones aren't built to be privacy respecting, and kill switches are a mitigation of a symptom, they don't do anything to address the disease.
What a lame and useless doomer POV. Do you refuse to go outside because a lightning strike could kill you at any instant? Why let things that aren't in your control (yet) stop you from taking control of the things you can now?
The limitation of linux phones is hardware. I have been watching the progress of postmarketOS on the fairphone 4, and looks promising.
https://puri.sm/posts/the-danger-of-focusing-on-specs/
Sent from my Librem 5.
I don't care about specs, I care about functionality and price. The camera on the pinephone doesn't practically work because it is too slow and the quality sucks. You basicially cannot record videos whatsoever. I can't use the device for GPS navigation. I can run whatsapp within waydroid, but it isn't practical due to the battery life and startup limitations that imposes. The GPU on the pinephone sucks, is underpowered, doesn't support OpenGL ES 3 or vulkan, and the user interface is always slow as hell to navigate.
So practically I cannot use it as a daily driver.
Librem 5 does have enough GPU horsepower, a functioning camera, and good pmOS support. But $800 is a lot to ask to test out switching to linux with no guarantee that my workflow will work or I will have enough battery life. It looks like the librem 5 can't record videos or do GPS navigation yet.
I am looking at the librem 5 specs again. The EG25-G is probably a better starting point for the modem now that it has been better documented and reverse engineered as a result of the pinephone project. It is interesting that the L5 has a generic smartcard reader though.
> If this finally pushes adoption of truly open Linux phones...
It won't.