Xiaomi apparently have also stopped unlocking their bootloaders, so the "workaround" was to go to an official store and ask them perform a downgrade, and before the staff can relock the bootloader, grab the phone and run:
I dont think you need to do the forum posts but you need to request unlocking every two days and pray it works. Supposedly at 00:00 chinese local time for any chances of getting permission. Took me several months of trying non continuously.
I did that a few years ago. Had to download some tool to my PC.
Then make a request that takes 2 weeks to go through. and enter the or whatever (this was like 2016 or something).
Whole process was clearly designed to make you give up.
Their phones where junk then though and i just got something else in the end.
They're a lot better now so actually unlocking it is probably worth something now.
I did that years ago when I bought a Redmi Note 4 in Shenzhen and discovered that the Chinese ROM is very locked down. I created the Mi post, but I don't remember having to make a forum post (although it does ring a slight bell). AFAIK it was just sending a DM to support on the forum / app to explain why you needed to install the Global ROM rather than the Chinese ROM (and being a foreigner was accepted as a valid reason). About a day later they unlocked the phone bootloader remotely, and then I could install any version of the Global ROM I wanted.
I've bought all my subsequent ones (Note 5, Note 8, Note 11, Note 12Pro) in either HK or UK so they all came with the Global ROM, and I've not felt the need to unlock any of them, so not tried to process since. But it definitely used to be pretty easy.
I suspect the reason for the weird process is legal to ensure that phones in China don't get unlocked in order to circumvent content controls.
They mix up Google-vendor (pixels are absolutely the best and most unlocking-friendly hardware at this point), with Google Play Services services/limitations (ie dominant player in android ecosystem) AND Google, the dominant contributor to AOSP project.
And it's also partially false, as Gemini works just fine after unlocking/relocking, and all the advanced features (full performance of the cameras, NPU access, secure element) work even on non-Google OS. Things that do not work (mostly wallet) are valid issue, but then again, they work just fine after flashing OEM firmware And relocking The bootloader.
So I can only guess the quality of the contribution is similar with other phone brands.
Unfortunately, it's hard to make Fairphone secure. No separate secure element (so much easier to do brute force PIN attacks) and always lags in monthly security bulletin patches and major OS releases (remember that the monthly patches typically only address high/critical vulnerabilities, for the rest you need OS updates, QPRs, etc.).
Until Graphene works out the deal with the OEM that they are talking to, Pixel is pretty much the only secure phone that allows installing alternative firmware.
So, notice Graphene OS was able to port Android 16 on all the supported devices (from Pixel 6 up) basically within a week without device trees already, without the early (OEM) access to the release.
It's a big inconvenience but not a showstopper for them. Pixels are still viable.
The only blocker with pixels would be if they stopped allowing OEM unlocking or relocking (which is a must).
> Even Graphene OS reported that they're in talks with some vendor... Have there been any updates towards that?
The startup we were working with before went bankrupt. In June, we started working with a major Android OEM which has provided resources for identifying everything which will need to be done to meet our requirements and provide official GrapheneOS support. They believe they can meet all our official requirements without much trouble and they're going to determine how much resources they want to put into it soon. We don't yet know how many resources are going to go into it.
> The main reason i used to root devices are
Note using GrapheneOS does not involve rooting.
> System level adblock using adaway
You can use RethinkDNS for filtering combined with still using a WireGuard VPN or multiple chained WireGuard VPNs. Android has a perfectly good API for this.
> Titanium backup
GrapheneOS has a built-in encrypted backup system we plan to significantly improve upon. The basics are there already.
It is really a pity, as this means Android OS is closing down.
Without supported Consumer Hardware available on the market in sufficient volume, even less end-users will use an alternative OS, which will affect quality and size of the alternative OS-market and fragment the remaining users even more.
This will put the future of the entire alternative-OS ecosystem firmly back into the hands of Google. If they start further restricting BL-unlock on the Pixel-series to e.g. only Google Developer Account-Holders, the whole ecosystem will finally close down.
I’ve always said that it’s been “Google’s Android”, and wellp —- Welcome to Google’s Android, where the garden walls have been turned into a razorwire fence and you’re not welcome to leave.
It’s really funny that Apple’s finally allowing carefully controlled access outside of their own fences and slowly adding more APIs and expansion (hell, Apple are the only platform now with third party APIs for RCS in the EU) while Google’s spun an about face and will get away with it.
Of course it's been Google's Android, I don't think anyone ever questioned that. The whole reason why the OS still lives as a single entity and the app-ecosystem is not completely fragmented is due to Google's governance to keep it in check.
All the stuff Apple now slowly starts to allow on iOS due to EU's Digital Markets Act is still just scratching the surface of what Android already supports.
> hell, Apple are the only platform now with third party APIs for RCS in the EU
They provide third party API's to use APPLE's RCS-Service. The alternative would have been to support registering alternative RCS-services as default on the OS (and then, allow the user to choose a service).
> while Google’s spun an about face and will get away with it
Android already allows to install and configure alternative applications for RCS, in fact Samsung uses their own RCS Messaging service on its devices.
Google is first and foremost an advertising company. They're going to do whatever makes them the most profit. It always had razor wire fences unfortunately.
You're ignoring an elephant here: Apple meticulously enables these extras functionality exclusively in the EU. They cut these features out for the rest of the world as much as they can. In that regard, they feel like the corporate equivalent of a stubborn 3 tear old.
As someone who roots single-purpose Android devices, this is one of those things that sucks big-time but makes total sense.
The only reason one would unlock a bootloader is to root the system partition. It is impossible to protect data on rooted phones and makes data exfiltration attacks significantly easier to do.
This is a huge problem for banking and music apps that absolutely rely on this capability. Samsung is, by far, the biggest seller of Android phones in the US. (I think Xiaomi is the biggest globally), so they are under much more pressure to clamp down on this.
That said, rooting Samsung devices has been a worthless pursuit for a long time. Doing so irreversibly (via eFuse) disables KNOX, which prevents DeX and Samsung Health from working. It also trips SafetyNet, which disables a whole suite of key apps (banking apps and Apple Music don't work; not sure about Spotify). There's a Magisk module that uses well-known device IDs to work around these, but these only work temporaily. Many people have also reported issues with the camera (a popular reason for buying Samsungs in the first place), and you no longer get OTA updates. I believe you also get degraded camera performance if you flash another ROM since the device module is closed-source and relies on One UI to work. This is before considering that stock ROMs have gotten really good over the years (especially Samsung's), and many of the reasons why we had to root have mostly gone away.
You can work around this by buying a Pixel for now, but I think we're a few years away from bootloader unlocking going away entirely.
That said, I stll root Android devices that will only serve a single-purpose, like my BOOX eBook readers that I use Firefox on. This lets me run AFWall so that I can block network traffic for everything except Firefox (and a few other apps). However, I won't be logging into my Google account on them, and they aren't ever going to run banking apps or anything like that.
My response would be it doesn't make any sense. There are so many reasons why blocking rooting is a stupid idea. Just some of them:
- If you're capable of rooting a device then you're capable of understanding the risks which come with doing so.
- The number of users who root their devices will always be so comparitively tiny that the increased risk of data exfil is incredibly small. Also, similarly to above, if you're technical enough to root your device then you're probably not regularly putting yourself at risk by downloading shady apps etc. anyway.
- Rather than decreasing security, rooting allows you to enhance the security of your device by installing lower-level tools and, most importantly, removing all the bloatware crap which comes on most phones. This reduces the surface area of attack.
Let's be honest and admit that the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture which is so valuable to companies.
The main reason IMO to block rooting is to stop resellers selling phones with preinstalled malware. If the phone has two Amazon/Aliexpress sellers, you're going to pick the cheaper one right? With who-knows-what alterations? It's a really prevalent problem and most people are not going to notice the "insecure" warning at bootup.
> The number of users who root their devices will always be so comparitively tiny that the increased risk of data exfil is incredibly small
> the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture
You contradict yourself, if the number of users which will root their devices is tiny, the lost profits from tracking, data mining, analytics is tiny as well.
> Let's be honest and admit that the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture which is so valuable to companies.
I'm with you on the general sentiment, but how do the companies that block rooting benefit from any of the nefarious activities you mentioned? Those are executed by different organizations, typically.
- If you're capable of rooting a device then you're capable of understanding the risks which come with doing so.
Spend an hour in xdaforums and you'll see how untrue that is.
Many people root just to get YouTube Revanced or something like that. Meanwhile, you have launchers masquerading as a stock launcher that will happily steal refresh tokens for your Google account.
> This is a huge problem for banking and music apps that absolutely rely on this capability.
In the case of banking, unlocking the bootloader usually requires a full device reset and leaves a very obvious message when you boot up the phone—you can't grab someone's locked device, root it, and grab their financial data just like that.
As for music apps and other apps that download copyrighted content to the user's device, leaving the moral aspects of stripping the user of control of files on their own device aside, preventing their use on rooted devices just loses them users since
- Those are by no means essential apps
- If you know how to root your phone, you probably know how how to pirate media as well
- People can just use computers to exfiltrate copyrighted media instead since most of those apps have PC versions
It "doesn't make total sense", it never has. It's just a kneejerk reaction that conveniently aligns with stripping the user of control.
The problem with banking isn't rooting itself as an attack vector, but the insecurity and laxk of reliability guarantees of rooted phones so that banks rightfully don't want any liability when something goes wrong with their apps.
> The only reason one would unlock a bootloader is to root the system partition. It is impossible to protect data on rooted phones and makes data exfiltration attacks significantly easier to do.
What are you smoking?
The only reason I've ever unlocked a bootloader has been to replace the OS with a different one. And it had nothing to do with rooting. I have no interest in having a rooted phone on my person at all times. But I have full interest in having GrapheneOS protecting me, among many other things, from opportunistic government spying.
This is a huge problem for banking and music apps that absolutely rely on this capability
Yeah, I immediately cleared application data and uninstalled it, once I discovered my bank, of all organizations, was relying on Android to silo a token that grants access to my bank account with nothing else but a 4-digit PIN.
I had submitted a vulnerability report, because the option to require a password could be turned off without a password, and their response was that it works as expected, because they only require a PIN and providing a password is optional. That isn't to say that I have the option to make my account require passwords, it's that providing a password isn't needed, but I have the option of providing one anyway.
With only the PIN requirement, and four attempts before a lockout, a security vulnerability in the OS immediately becomes a 1 in 250 chance they'll have full access to may bank account, if I have a truly random PIN, or a 1 in 5 chance, if I have one of the four most common PINs and it always tries those. All that without having to wait to capture me logging in.
Also, Google explicitly states that the phones storage should not be used for sensitive data.
I don’t get this too. Laptops are just as portable but don’t have this limitation (yet). This argument that it’s to protect banking and music apps is silly, those products work fine on pcs while maintaining security.
To clarify, that line was implying something that makes a big impact:
It is impossible to protect [the owner from accessing] data on rooted phones
It matters a lot to distributors why like to trick copyright holders into thinking that DRM is effect, which could only be the case if it works 100% of the time on 100% of the users, which it generally doesn't.
If PCs were newly invented today, they may well have been locked down from the start. You already seeing the big names, Apple and Microsoft, with MacOS and Windows, respectively, inching along in that direction.
Phones are portable, and thus more likely to suffer from a physical attack. But that's about it.
It is, and always was a flimsy excuse to the strip user of control over his own device.
"Secure Boot" isn't actually there to protect the device from an attacker. It's there to "protect" the device from its own user. It's used to "secure" DRM schemes and App Store revenue streams.
I'm not sure if this is true, or for how long it has been true. I rooted my company phone (Samsung Galaxy S4), removed the crapware, and un-rooted it so that it could join the corporate network. This was a long time ago.
I decided to part with my Huawei Mate 20 X after about 7 years of ownership not because it was a bad phone - on the contrary, it has a nice big screen, decent enough camera, is still plenty fast enough etc - but because the OS hadn't received any updates in a long time.
Rather than see it go to landfill I donated it to a friend who's happy to use it but what an absolute waste.
Bought a Pixel purely because they are committed to updating their phones for a long time.
I've been using Xiaomi phones but I had to buy a new phone every year or two just because they get so sluggish. My other Android phones kind of had the same, except my Nothing 2 has been going strong.
Has this been your experience as well, or have your phones been OK with responsiveness? Seven years is a long time, I imagine the phone must have been unusable by then.
This is already in place in the EU via the WEEE directive (Waste from Electrical and Electronic Equipment), but the costs have apparently been absorbed just fine already by this industry, so it doesn't seem to hurt them sufficiently to be incentivized for longevity.
As much as I hate it, the strongest incentive would maybe be to legally define vendors who supply hardware with a non-interchangable OS-ecosystem as service-providers and put restrictions on the price they can charge for the hardware to render the service (like i.e. a cable-modem from an ISP).
This could force the large players to decide between high-margin hardware or high-margin OS-ecosystem instead of aiming for both.
Come to think of it, these market-dynamics would be interesting to observe...
Is any other product forced to do such a thing? Considering a phone lasts for years and is very small, it produces very little garbage over time compared to disposable product people use. Think how big a garbage can is compared to a phone.
But think of banks and music services, comrade! Banks need the waste to protect you, and poor music services will go out of business if you control your own phone!
You still own the device even if the bootloader is locked. It's like saying you don't own a CPU because you can't add your own instructions. There are always going to be limits to what you can easily customize for a device.
Adding cpu instructions is something that you can't physically do, however unlocking the bootloader is something you can do via software, and if a vendor chooses to lock it down they're basically taking away your ability to do anything you would want to do with a device. Sadly this is has been the case for a while and it's probably going to continue being the case.
I don't believe a user lacking the ability to perform a microcode update impacts their freedom in any meaningful way. The CPU still executes whatever instructions it's given unless the user is deprived of that freedom.
The writing's been on the wall for custom ROMs in general for a while, so I've been starting to think about a mobile phone vendor I could actually have a decent business relationship with. I.e. use their stock ROM and be fairly happy with it.
Any opinions? Samsung was a candidate for their somewhat unified ecosystem. Maybe even apple.
I still really like Sony phones. Excellent hardware. They have no online services they are trying to push, they just want you to buy their phones. As a result, the stock software is very clean Google Android without much extra. But they're not available in every region, and quite expensive. Used to have very short software support but now they do 4 major Android version updates / 6 years of security updates.
You get no ecosystem benefits though, it's really just plain Android.
I really wanted a Sony phone as it ticked all the boxes. Headphone jack, SD card slot and bootloader unlock with LineageOS support. AFAIK no one else does that in current phones.
But the sad reality hit when there were all kinds of hurdles around getting 5G/4G working in Australia. Was not going to risk ~$900 dollars on a phone that could end up being a paperweight and returned it.
It's a sad state and makes me miss the good old days.
Sony phones generally have a ok-ish hardware(their old 4k oled screen is still top-tier for watch videos to date in my opinion) and emmmm-ish software support. And depends on your region, the software support can be even worse. For example, TW-version sony phones have a serious delayed update schedule. You may get an update that others already received for half an year (and pixel phones have already got two years ago)
Samsung carries a lot of advertising crap, tracking, etc. Pretty much every phones is going to be worse than Pixel in that respect, since you get Google's tracking + whatever pile of crap the vendor added (which in the end they all seem to do).
So it's basically:
Pixel with GrapheneOS > iPhone >> Google Pixel with PixelOS
I wouldn't recommend anything else. Theoretically Fairphone + e/OS may have been an option, but the security is crap.
I guess there is Sony, you could even install Sailfish OS, no experience though.
> Theoretically Fairphone + e/OS may have been an option, but the security is crap.
Lack of current privacy/security patches and the current privacy protections in Android means having very poor privacy too. There's no equivalent to the privacy protections added by GrapheneOS either including ones also offered by iOS now such as iOS having a more basic equivalent to the GrapheneOS Contact Scopes feature since iOS 18 and iOS having better storage/media control than Android similar to Storage Scopes in GrapheneOS.
> I guess there is Sony, you could even install Sailfish OS, no experience though.
SailfishOS is much less private/secure than AOSP and is largely closed source. It's the opposite of a more open OS.
I've owned a few pixels but for whatever reason in my case the hardware had a habit of randomly dying just outside of the warranty period. But maybe I can revisit.
Sony Xperia models have been my choice since the Sony Ericsson days. Unlockable bootloader, LineageOS available, microsd card, headphone jack, good screen, decent camera, reasonably powerful SoC, water/dust resistant, and probably several other benefits that I'm forgetting at the moment.
I don't know if any US carrier offers them, but last time I was shopping, models with North American radios could be bought online.
My main complaints about Xperia phones:
- They don't support re-locking the bootloader at all, let alone with custom keys. This could be problematic for folks who depend on mobile banking apps that require full Google Play Integrity (SafetyNet) attestation, or risky for folks who leave their phone unattended around potential adversaries. To be fair, almost all smartphones have this problem.
- Their wonderful Xperia Compact line, comprising smaller versions of their flagship phones, seems to have been abandoned. Even their most recent "compact" models were bulky compared to their predecessors.
Yep. Everyone I know who bought a Samsung anything (TV/Phone/Washer/Dryer) last time said it's their last Samsung product. Samsung sure know how to piss off customers.
Well, I dunno. I've seen it as a lesser evil compared to many others.
In ye olden times I had such a horrible time with my cheapo Samsung when trying to upgrade it from Android 1.5 to 2.1 that I swore it'd be my last Samsung, and it was, for well over a decade. During that time I went through some iPhones and a handful of the most popular alternative Android brands.
Since the thread is about Android I'll focus on that. Every manufacturer was hamstrung by one or more of the following issues:
- Subpar hardware
- Difficult and slow RMA process where your device flies around the globe for repairs
- Software bloat, just like Samsung, but from a country I trust even less (China vs SK)
- Very infrequent updates (if you are lucky enough to get them at all), especially once a newer model is out
Now since this thread is about bootloaders this is probably a hot take, but I spend enough of my time troubleshooting stuff at work, so when I use my phone I want it to "just work" and not have to play some stupid anti integrity protection cat and mouse game to access my bank's app. So the last two are not solved with an open bootloader.
Samsung on the other hand has in recent years given me the "just works" experience on decent hardware, paired with frequent updates. And while their authorized repair shop might not be in my city, it is at least in my country and just a train ride away.
That being said, the nerd in me is disappointed in this move, and the recent EU ruling that forces manufacturers to actually support the stuff they sell for a reasonable time even after it's off the shelves might change things for the better w.r.t. other manufacturers.
I've got a Samsung dryer and when it had a fault with the door sensor they got it fixed pretty quickly. I had better service from them than Bosch or Miele - I replaced a Bosch dryer when I was totally fed up of trying to organise Bosch to fix it and being told it was at least a 6 week wait - Samsung half the price, and surprised us that it is a better dryer (faster, easier to use etc).
I don't love their phones, though my wife has one. However, again on the service front, when my samsung S7 had a problem they fixed it pretty quickly. When my iPhone 5 came with the wifi not working it took weeks to convince Apple that it was actually broken and get a replacement.
All anecdotal of course, and probably varies a lot by location and over time.
It's actually incredible how consistent they are with it. I'm hesitant to buy a foldable or a display from them for this very reason, even though I'd be otherwise interested.
Is the alternative really better overall. We upgraded to a samsung fridge last year from two consecutive cheapo-chinese-local walmart-brands and it was worth every penny. It will pay itself in energy savings in less than two years.
I think their phone in the high end is the best phone on the market, unless ios is a requirement for you. Also, I bought a Samsung AC and really like the smart features. Really nice integration with Alexa too.
samsung is the only smartphone manufacturer that still makes phones (though not many) with all the features I want: microSD slot, dual physical sim, side-mounted fingerprint reader, headphone jack, nfc, and regular (long-lasting) security updates
they also have service centers pretty much everywhere in the world, so I can always get my phone fixed (for a reasonable price, as a result of their ubiquity) if and when I inevitably break it
would I also prefer the option to unlock my bootloader? yes. if I'm honest with myself, is it a deal-breaker? sadly, no, I no longer use custom ROMs
They seem to skip some years when bringing updated models to the US for some reason, but Sony Xperia phones check most of these boxes. I have an Xperia 1 V that I use as an app dev test device and as a backup phone and have found it pretty nice. The hardware feels great and their Android build isn’t nearly as junked up as Samsung’s. I’m always surprised they aren’t more popular.
> samsung is the only smartphone manufacturer that still makes phones (though not many) with all the features I want
Not to mention the built-in EMR stylus. That makes such a difference in using the device, I cannot believe they are not more common. And they are a terrific backup for the not unusual case of a broken screen being unresponsive.
Those 300 people include some experts at spiritual warfare which will guarantee that all involved in this decision will reincarnate into durian fruits in the next life.
What do you use? Samsung are anti-consumer but none of the other big phone manufacturers seem to be much better (and historically at least Samsung's flagship phones have been pretty good hardware-wise).
Same here. I got so tired of fighting "the system" that wanted to manage everything, and post-updates meant mire wasted time switching off bloat/features I didn't need.
Readit News
https://x.com/kobe_koto/status/1949154478298456531
Absolutely hilarious.
Then make a request that takes 2 weeks to go through. and enter the or whatever (this was like 2016 or something).
Whole process was clearly designed to make you give up.
Their phones where junk then though and i just got something else in the end. They're a lot better now so actually unlocking it is probably worth something now.
I've bought all my subsequent ones (Note 5, Note 8, Note 11, Note 12Pro) in either HK or UK so they all came with the Global ROM, and I've not felt the need to unlock any of them, so not tried to process since. But it definitely used to be pretty easy.
I suspect the reason for the weird process is legal to ensure that phones in China don't get unlocked in order to circumvent content controls.
Samsung has been doing this for a while now.
Which are the devices/vendors that still allow / encourage this?
Even Graphene OS reported that they're in talks with some vendor... Have there been any updates towards that?
The main reason i used to root devices are:
* Get longer support/OS updates than what the vendor provided
* System level adblock using adaway
* Titanium backup
These days firefox/brave browser gets me half way through adblocking and i lost interest in the ad filled apps..
Syncing gets me good level of syncing for backup on my NAS etc .
https://github.com/melontini/bootloader-unlock-wall-of-shame...
This proves there is no technical difficulty to provide unlock bootloader
And it's also partially false, as Gemini works just fine after unlocking/relocking, and all the advanced features (full performance of the cameras, NPU access, secure element) work even on non-Google OS. Things that do not work (mostly wallet) are valid issue, but then again, they work just fine after flashing OEM firmware And relocking The bootloader.
So I can only guess the quality of the contribution is similar with other phone brands.
https://www.fairphone.com/en/bootloader-unlocking-code-for-f...
Until Graphene works out the deal with the OEM that they are talking to, Pixel is pretty much the only secure phone that allows installing alternative firmware.
It's a big inconvenience but not a showstopper for them. Pixels are still viable.
The only blocker with pixels would be if they stopped allowing OEM unlocking or relocking (which is a must).
The startup we were working with before went bankrupt. In June, we started working with a major Android OEM which has provided resources for identifying everything which will need to be done to meet our requirements and provide official GrapheneOS support. They believe they can meet all our official requirements without much trouble and they're going to determine how much resources they want to put into it soon. We don't yet know how many resources are going to go into it.
> The main reason i used to root devices are
Note using GrapheneOS does not involve rooting.
> System level adblock using adaway
You can use RethinkDNS for filtering combined with still using a WireGuard VPN or multiple chained WireGuard VPNs. Android has a perfectly good API for this.
> Titanium backup
GrapheneOS has a built-in encrypted backup system we plan to significantly improve upon. The basics are there already.
GNU/Linux phones (Librem 5 and Pinephone).
Without supported Consumer Hardware available on the market in sufficient volume, even less end-users will use an alternative OS, which will affect quality and size of the alternative OS-market and fragment the remaining users even more.
This will put the future of the entire alternative-OS ecosystem firmly back into the hands of Google. If they start further restricting BL-unlock on the Pixel-series to e.g. only Google Developer Account-Holders, the whole ecosystem will finally close down.
It’s really funny that Apple’s finally allowing carefully controlled access outside of their own fences and slowly adding more APIs and expansion (hell, Apple are the only platform now with third party APIs for RCS in the EU) while Google’s spun an about face and will get away with it.
All the stuff Apple now slowly starts to allow on iOS due to EU's Digital Markets Act is still just scratching the surface of what Android already supports.
> hell, Apple are the only platform now with third party APIs for RCS in the EU
They provide third party API's to use APPLE's RCS-Service. The alternative would have been to support registering alternative RCS-services as default on the OS (and then, allow the user to choose a service).
> while Google’s spun an about face and will get away with it
Android already allows to install and configure alternative applications for RCS, in fact Samsung uses their own RCS Messaging service on its devices.
Deleted Comment
The only reason one would unlock a bootloader is to root the system partition. It is impossible to protect data on rooted phones and makes data exfiltration attacks significantly easier to do.
This is a huge problem for banking and music apps that absolutely rely on this capability. Samsung is, by far, the biggest seller of Android phones in the US. (I think Xiaomi is the biggest globally), so they are under much more pressure to clamp down on this.
That said, rooting Samsung devices has been a worthless pursuit for a long time. Doing so irreversibly (via eFuse) disables KNOX, which prevents DeX and Samsung Health from working. It also trips SafetyNet, which disables a whole suite of key apps (banking apps and Apple Music don't work; not sure about Spotify). There's a Magisk module that uses well-known device IDs to work around these, but these only work temporaily. Many people have also reported issues with the camera (a popular reason for buying Samsungs in the first place), and you no longer get OTA updates. I believe you also get degraded camera performance if you flash another ROM since the device module is closed-source and relies on One UI to work. This is before considering that stock ROMs have gotten really good over the years (especially Samsung's), and many of the reasons why we had to root have mostly gone away.
You can work around this by buying a Pixel for now, but I think we're a few years away from bootloader unlocking going away entirely.
That said, I stll root Android devices that will only serve a single-purpose, like my BOOX eBook readers that I use Firefox on. This lets me run AFWall so that I can block network traffic for everything except Firefox (and a few other apps). However, I won't be logging into my Google account on them, and they aren't ever going to run banking apps or anything like that.
- If you're capable of rooting a device then you're capable of understanding the risks which come with doing so.
- The number of users who root their devices will always be so comparitively tiny that the increased risk of data exfil is incredibly small. Also, similarly to above, if you're technical enough to root your device then you're probably not regularly putting yourself at risk by downloading shady apps etc. anyway.
- Rather than decreasing security, rooting allows you to enhance the security of your device by installing lower-level tools and, most importantly, removing all the bloatware crap which comes on most phones. This reduces the surface area of attack.
Let's be honest and admit that the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture which is so valuable to companies.
> the only reason to prevent users from rooting their phones is to protect companies' profits by ensuring users can't fight back against the blatant tracking, data mining, and analytics capture
You contradict yourself, if the number of users which will root their devices is tiny, the lost profits from tracking, data mining, analytics is tiny as well.
I'm with you on the general sentiment, but how do the companies that block rooting benefit from any of the nefarious activities you mentioned? Those are executed by different organizations, typically.
Spend an hour in xdaforums and you'll see how untrue that is.
Many people root just to get YouTube Revanced or something like that. Meanwhile, you have launchers masquerading as a stock launcher that will happily steal refresh tokens for your Google account.
In the case of banking, unlocking the bootloader usually requires a full device reset and leaves a very obvious message when you boot up the phone—you can't grab someone's locked device, root it, and grab their financial data just like that.
As for music apps and other apps that download copyrighted content to the user's device, leaving the moral aspects of stripping the user of control of files on their own device aside, preventing their use on rooted devices just loses them users since
- Those are by no means essential apps
- If you know how to root your phone, you probably know how how to pirate media as well
- People can just use computers to exfiltrate copyrighted media instead since most of those apps have PC versions
It "doesn't make total sense", it never has. It's just a kneejerk reaction that conveniently aligns with stripping the user of control.
What are you smoking?
The only reason I've ever unlocked a bootloader has been to replace the OS with a different one. And it had nothing to do with rooting. I have no interest in having a rooted phone on my person at all times. But I have full interest in having GrapheneOS protecting me, among many other things, from opportunistic government spying.
I had submitted a vulnerability report, because the option to require a password could be turned off without a password, and their response was that it works as expected, because they only require a PIN and providing a password is optional. That isn't to say that I have the option to make my account require passwords, it's that providing a password isn't needed, but I have the option of providing one anyway.
With only the PIN requirement, and four attempts before a lockout, a security vulnerability in the OS immediately becomes a 1 in 250 chance they'll have full access to may bank account, if I have a truly random PIN, or a 1 in 5 chance, if I have one of the four most common PINs and it always tries those. All that without having to wait to capture me logging in.
Also, Google explicitly states that the phones storage should not be used for sensitive data.
What makes securing rooted phones different from securing rooted PCs?
Grug pay Grog many shiny rock for make magic rock work, or Grog use key and magic rock stop working.
It is, and always was a flimsy excuse to the strip user of control over his own device.
"Secure Boot" isn't actually there to protect the device from an attacker. It's there to "protect" the device from its own user. It's used to "secure" DRM schemes and App Store revenue streams.
This couldn't be more wrong. You need to unlock the bootloader if you want to install an alternative OS. Which is a completely valid use-case.
It is so silly though. Someone who knows how to root a phone can probably also figure out how to download songs from Spotify (librespot wink wink.)
For removing bloatware from the user partition you don't need to root, adb or the universal android debloater will do.
Rather than see it go to landfill I donated it to a friend who's happy to use it but what an absolute waste.
Bought a Pixel purely because they are committed to updating their phones for a long time.
Has this been your experience as well, or have your phones been OK with responsiveness? Seven years is a long time, I imagine the phone must have been unusable by then.
As much as I hate it, the strongest incentive would maybe be to legally define vendors who supply hardware with a non-interchangable OS-ecosystem as service-providers and put restrictions on the price they can charge for the hardware to render the service (like i.e. a cable-modem from an ISP).
This could force the large players to decide between high-margin hardware or high-margin OS-ecosystem instead of aiming for both.
Come to think of it, these market-dynamics would be interesting to observe...
Any opinions? Samsung was a candidate for their somewhat unified ecosystem. Maybe even apple.
You get no ecosystem benefits though, it's really just plain Android.
But the sad reality hit when there were all kinds of hurdles around getting 5G/4G working in Australia. Was not going to risk ~$900 dollars on a phone that could end up being a paperweight and returned it.
It's a sad state and makes me miss the good old days.
FYI Pixels still allow flashing custom ROMs, they've just slightly inconvenienced developers.
The future I'm seeing is one in which custom ROMs still exist as hobby projects, but aren't suitable for use in "production".
So it's basically:
Pixel with GrapheneOS > iPhone >> Google Pixel with PixelOS
I wouldn't recommend anything else. Theoretically Fairphone + e/OS may have been an option, but the security is crap.
I guess there is Sony, you could even install Sailfish OS, no experience though.
Lack of current privacy/security patches and the current privacy protections in Android means having very poor privacy too. There's no equivalent to the privacy protections added by GrapheneOS either including ones also offered by iOS now such as iOS having a more basic equivalent to the GrapheneOS Contact Scopes feature since iOS 18 and iOS having better storage/media control than Android similar to Storage Scopes in GrapheneOS.
> I guess there is Sony, you could even install Sailfish OS, no experience though.
SailfishOS is much less private/secure than AOSP and is largely closed source. It's the opposite of a more open OS.
I don't know if any US carrier offers them, but last time I was shopping, models with North American radios could be bought online.
My main complaints about Xperia phones:
- They don't support re-locking the bootloader at all, let alone with custom keys. This could be problematic for folks who depend on mobile banking apps that require full Google Play Integrity (SafetyNet) attestation, or risky for folks who leave their phone unattended around potential adversaries. To be fair, almost all smartphones have this problem.
- Their wonderful Xperia Compact line, comprising smaller versions of their flagship phones, seems to have been abandoned. Even their most recent "compact" models were bulky compared to their predecessors.
As for me, I already swore off Samdung for their whole Samsung account bs and apps they bundle and won't let me remove (or disable).
In ye olden times I had such a horrible time with my cheapo Samsung when trying to upgrade it from Android 1.5 to 2.1 that I swore it'd be my last Samsung, and it was, for well over a decade. During that time I went through some iPhones and a handful of the most popular alternative Android brands.
Since the thread is about Android I'll focus on that. Every manufacturer was hamstrung by one or more of the following issues:
- Subpar hardware
- Difficult and slow RMA process where your device flies around the globe for repairs
- Software bloat, just like Samsung, but from a country I trust even less (China vs SK)
- Very infrequent updates (if you are lucky enough to get them at all), especially once a newer model is out
Now since this thread is about bootloaders this is probably a hot take, but I spend enough of my time troubleshooting stuff at work, so when I use my phone I want it to "just work" and not have to play some stupid anti integrity protection cat and mouse game to access my bank's app. So the last two are not solved with an open bootloader.
Samsung on the other hand has in recent years given me the "just works" experience on decent hardware, paired with frequent updates. And while their authorized repair shop might not be in my city, it is at least in my country and just a train ride away.
That being said, the nerd in me is disappointed in this move, and the recent EU ruling that forces manufacturers to actually support the stuff they sell for a reasonable time even after it's off the shelves might change things for the better w.r.t. other manufacturers.
I don't love their phones, though my wife has one. However, again on the service front, when my samsung S7 had a problem they fixed it pretty quickly. When my iPhone 5 came with the wifi not working it took weeks to convince Apple that it was actually broken and get a replacement.
All anecdotal of course, and probably varies a lot by location and over time.
they also have service centers pretty much everywhere in the world, so I can always get my phone fixed (for a reasonable price, as a result of their ubiquity) if and when I inevitably break it
would I also prefer the option to unlock my bootloader? yes. if I'm honest with myself, is it a deal-breaker? sadly, no, I no longer use custom ROMs
That stopped from S21 on.
> side-mounted fingerprint reader
It is in the screen since S10?
> headphone jack
Not since S20.
Just speaking of the Galaxys of course.