Around 10-15 years ago you could get a completely stock Android from China with basically zero branding, fully unlocked and easily rootable, removable battery, expandable storage, dual DIMs, etc. at a great price. I have a few. Unfortunately many of those small honest OEMs appear to have disappeared, and the bigger ones left have turned scummy.
Especially Xiaomi did a huge ugly U-turn like this.
Use to be the best hardware for low price with the selling point of no-crap fully customable phones.
And then, once they become dominant enough starting to play it like the others but stuffing as many unremovable crap as possible.
But AFAIK it doesn't work like that. Motorola makes a phone that has an unlockable bootloader, provides firmware bundles, etc., but the OS images will be made by the GrapheneOS team and they would never do anything like that.
(I think the misunderstanding is that Motorola would make the GrapheneOS builds.)
You're probably just not willing to believe that a 'partnership' with a massive company will change things, like I do. I am disagreeing, not misunderstanding. There's a difference
> I have rarely seen any team more principled than them
Totally agree with you there.
I'll say no more because you pay a heavy penalty on HN for criticising the project.
I'll just say I hope the collaboration brings some needed maturity, level heads, and stewardship, and that the devs can continue just to focus on the tech.
If an anti-worker company is getting fleeced, nothing wrong with that.
I hope motorola collaborates with Pine and brings linux to phones. In the age of LLM apps are obviously not a problem. (Hopefully windows Phone 7, not 8 also comes back)
> In further digging, we noticed that the URL the phone opens up is “kira-abboud.com,” a website that references fashion influencer “@kirasfashionfinds.” Notably, this exact URL isn’t listed anywhere on Abboud’s social media, and the affiliate codes don’t match up either. The redirect coming from Motorola phones is using Amazona affiliate code “sramz-kff-008-20” which is completely different from any of the codes we saw from links shared by Abboud’s accounts and linked websites.
Something funny is up; this doesn't seem deliberate.
I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
I can understand it's hard to defend against plausibly deniable errors that create backdoors, etc. But this would show a complete lack of code review, no?
> But this would show a complete lack of code review, no?
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
Not even that. Bury it in a sufficiently-large PR and there’s a very good chance it’ll be rubber-stamped because no one wants to take the time to carefully review the entire set of changes.
Isn't this cookie stuffing? Same modus operandi using by Geo-something widget back in 2000s with hidden ebay affiliate links that got caught by FBI. Someone should go in jail for this.
I used to choose Motorola devices for a long time but since 2 years when I bought Edge 30 Fusion I started to notice they automatically (without my knowledge) add 3 stupid apps or games about two times a month :/ There is no way to stop it. My kids phones are stuffed with this sh*t.
A chinese one? My xiaomi required debloating, which left me without the "apps" menu in settings. I am not happy about having to do that. Side note: I have to use either intents or adb to administrate the apps.
All the "best phones" for most of us are bloated tracking devices.
Motorola put the malware apps into the “nondisable” list. You can’t remove them even with ADB PM commands. I was fucking mad that my RAZR couldn't be fully debloated.
Luckily there is a mobile phone OS and hardware that isn't produced by the world's largest advertising company, and furthermore doesn't allow two different corporations to be involved in the core OS of the device.
Apple isn't the largest advertising company, but it's a pretty big one. The only other candidates I know of are aftermarket Linux distros, but they have their own problems.
I hope you are not referring to the company that is pushing AI ads through their system settings, pushing Creator Studio subscription ads through the formerly non-shareware productivity tools, and pushing movie ads through their wallet?
Seriously, get a Pixel and install GrapheneOS, or maybe a Fairphone with LineageOS.
You'd still be walking around as a free advertiser for their stuff, simply by owning Google-branded hardware. And of course the hypocrisy of having a Google phone to avoid Google spying is palpable.
I doubt people notice that sort of thing. Maybe whether you have an iPhone or an Android at most. Avoiding Google spying isn't the point of GrapheneOS anyway
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
Well then you're in luck because many of the ROM projects provide step by step build instructions. It's almost entirely automated thus quite straightforward; the primary hurdle is having a capable enough system. Unfortunately given current RAM prices you'll need a system worth as much as a cheap car to properly optimize some of the components.
I'd suggest not using apps that fail to respect your autonomy.
I got a prompt about trying new apps every week or something similar. The wording, the moment it prompted me were clearly designed for people to just say "ok" and then wonder how apps were installing regularly without any action. I got caught myself, disabled it but still got new app installs later. I killed the whole thing and have been free since. But definitely felt like a scam. And the apps suck.
They even force you to select a bunch of apps during out-of-box setup on some Motorola phones and it mandates they automatically download post-setup. You can't say "no", you straight up have to let the phone queue up and let it pull all the APKs down for a bunch of shitty preloaded games and Netflix and crap, load them in, then get to waste fifteen minutes removing them again. :\
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
FWIW, the worst thing I can say about the Moto Edge 50 Neo (a midrange phone) from a year ago is that it had "sponsored" apps pre-installed. They could be uninstalled (not just deactivated) the usual way and never came back.
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
Calling this "hijacking the Amazon app" is hyperbolic in my opinion. They replaced the shortcut in the app drawer. To me this looks like normal scummy OEM behaviour, like pre-installing spyware, "anti-" malware, adware etc. which sadly pretty much every mobile/computer manufacturer does.
Replacing the OS is one of the first things I do with every laptop, PC and mobile device to get rid of (most) crap that was installed without my consent.
Note that Xiaomi today is very hostile to bootloader unlocking -- to get unlock code you need to win in daily first come, first served "lottery" (they limit total number of unlocked devices per day). After a second or two passes you're already too late for the day.
Thank you for letting me know, the plan right now is to try for about a week or 2 and then give up and return the tablet if I can't.
Which is a damn shame because not too many options exist with a headphone jack and a Snapdragon processor. I'm in an environment where Bluetooth is unreliable for a good chunk of my day.
The only other tablet that fits my needs is a gosh darn Surface which is like 1000$.
And the only way to win this lottery is by using an automated script that starts sending automated requests as soon as the new day starts at Beijing time.
The comments here say that all Android phone manufacturers do stuff like this. I have never noticed that kind of things on my Fairphone. But then again, I don't have many apps and certainly not Amazon.
Hmm, this thread and the reports of shady practices make me wonder if this will affect the partnership with GrapheneOS[1]. It seems that such things shouldn't really happen on a device where security is a top priority, whether intentional or not.
Why does it matter? The GrapheneOS team will make the OS images. So as long as the phone is unlockable, has up-to-date firmware bundles, etc. who cares?
GrapheneOS may be de-googled but it is not de-blobbed, they rely on the vendor to maintain certain drivers etc. Hopefully the driver maintenance team is very separate from the bloatware installation team, but someone could reasonably worry that they're tarred with the same brush.
I would guess that most of the driver development is done by Qualcomm for phones with Qualcomm SoCs. At least that is what I've seen looking at the firmware/driver bundles some Qualcomm-based phones.
(Of course, there is more, like camera firmware, etc. but they are typically provided through the hardware providers.)
I was just wondering that... GrapheneOS team consider Fairphone to be infosec plebs, but instead partner with a company that intentionally harms users' privacy for profit?
You don't see how it doesn't make sense for Graphene to reject a company because it doesn't handle security according to their standards, but be OK with a company that is actively malicious?
They announced a partnership with Motorola. They are not just making an OS for their devices, they are partnering with them. There is a fundamental difference between taking a device and making an OS for it, and partnering with its manufacturer. The latter leads to the assumption that Graphene condones Motorola's security practices, and Motorola condones Graphene producing an OS for their devices. The former does not.
The details of the partnership are mostly disclosed in the joint announcements but GrapheneOS has no say or influence on Motorola's stock Android image and policy.
The main objective of the partnership is to do what you described in the former case, get Motorola up to a standard where GraphenOS could support the phone. They could not previously take a Motorola phone and build GrapheneOS for it because of numerous basic requirements they did not yet meet. I can guess that GrapheneOS only really condone the efforts Motorola will put in to meet their support requirements as a platform.
Motorola also gets to incorporate a subset of GrapheneOS's features and improvements as enterprise targeted Motorola features. GrapheneOS do not have any direct influence over the apps and policies for the stock GMS Android image Motorola ship with their phones. Motorola have no significant say in what GrapheneOS does with their OS. GrapheneOS can assist Motorola in hardening efforts at the OS and firmware layer etc.
The entire premise of GrapheneOS is total control of the device. There is no way they would release a Motorola phone with GrapheneOS installed, but with unremovable bloatware.
It may be worth noting that GrapheneOS in most cases to date are not the initiators for conversations around extra device support. They do not control which mobile divisions and engineering teams can come to them and back genuine interest with the resources needed to reach an acceptable privacy/security standard for support.
The question is really why are Motorola the only ones that have gone that extra mile so far and what does it say about the rest of the Android OEMs (including Fairphone, which unlike most is actually a younger project than GrapheneOS).
I like the Stylus G better than most phones I've owned, but Motorola really needs to end its partnership with the offensive "Glance" ad platform. There should not be a third party app like that which keeps re-enabling and reinstalling on every update. I don't understand what Motorola would get out of a partnership with a scammy third rate ad market that would be worth pissing off so many of their customers, but maybe they have some high level corruption in the company.
I have a Motorola G70, so this is concerning. But its hard to believe that this is a deliberate action by Motorola. To me it seems more likely that an update was compromised. Still bad though.
Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.
The point where they trashed the brand has long since passed, tried the phones when they bought the brand and it was OK for a while but went downhill quickly.
Until now I waited for their GrapheneOS-based phones.
If there isn't a plausible follow up to this injection I don't think I will buy I device from them.
Who outside Apple/Google/Fairphone isn't? Samsung has been shipping the Israeli (IronSource) AppCloud on A series for a while now and people in some regions even spotted it on S-series phones (it'll spy on your usage and install apps). Nothing, which uses clean Android as one of their selling points, started installing something similar (AppServices, presumably also from IronSource given the Aura branding) on various devices.
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
Some 7 months ago there was this submission: https://news.ycombinator.com/item?id=45551504 (Microsoft's OneDrive Begins Testing Face-Recognizing AI for Photos (for Some Preview Users)).
I haven't noticed any further links regarding this topic. Thus I have no idea if setting was fully implemented or abandoned but with this thread here you linked, but I'd rather guess they're full after user's data. And from what users wrote there, MS is not even doing this with some elaborated darkpatterns scenarios but just ordinary stealing these photos. This should be announced louder.
I've a Xiaomi phone on which twice appeared obviously debug/hello-world notifications (something like "testtest111") from apps I've never seen or installed. Then another time all Xiaomi phones of close relatives started getting these cheap, spammy ads for Android games in the notifications, this time from some obscure system app: had to look up on reddit that there are settings that disable this specific behavior.
The degree to which I don't own my own device is insane.
I gifted my mom a Xiaomi phone a few years ago. Even after removing all the unnecessary apps and permissions, disabling all the privacy invasive settings and replacing the launcher with the stock Android, I was shocked when I checked the PiHole dashboard. The phone was constantly trying to communicate with dozens of different domains and endpoints, even when idle. None of these attempts had any sort of backoff, so they kept retrying every 30 seconds, draining the battery. Ultimately it generated several times more blocked requests than every other device on my network combined.
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
With the digital wellbeing app feature it is possible to set a timer of 0 minutes on all auto-installed and auto-reenabling apps to effectively disabling it for good.
Edit: the timer stays even after updates so the app is not enabled again
It is laborious to go through all the apps on a phone and dissable the default unessesary "open web link" feature on ALL the apps, but apparently it has some effect in reducing the "draft" from all the back doors
Think how bad the market got. Today we have preinstalled garbage apps like LinkedIn, garbage apps mandated to be preinstalled by the government, ads, cloud accounts, notifications spam, telemetry. This is not only Chinese smartphones, for example Samsung also plays this game. I assume there are Chinese backdoors, American backdoors and national government backdoors on almost every phone.
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
Easier said than done in the US. Even of the phones that allow for rooting (which is few and far between these days) you're at the complete mercy of the carrier for whether or not that ability is actually available to you. Even if the gracious lords may allow it, you have to engage in a long and drawn out Byzantine rite just for the privilege. Currently sitting on a Pixel 10 that will not let me have root.
Give me a Linux phone with halfway decent modem drivers, or give me death.
If you do not update the phone, chances are high that there is some Linux vulnerability you could expoloit. The privileged vendor software also can have vulnerabilities. For example, here [1] researches hacked the phone with Verified Boot using a boot logo parsing error.
My impression that you should treat your phone as something that can be hacked any moment and not store anything important there.
1) My phone is not officially supported by LineageOS so I will have to port it first.
2) I did not analyze LineageOS yet and how it is different from stock Android, so I need to go through complete diff.
> If you want a stretch goal try and de-Google yourself
My goal is to have an open source system that is under my full control and doesn't play tricks on my by sending telemetry or collecting forensic databases. Because now I cannot even connect the phone to Internet and it is not as useful as it could be.
I’d assume that with such a level of required inspection, you also have quite some security requirements. I’d say at that level nothing works as well as GrapheneOS (though you have to either delay security updates or accept temporarily closed source (they get access to the code only in exchange for not publishing it until X days or something) updates, thanks Google). As that currently requires a Google phone, the only way to get close to your price target would be buying it used.
Goldman Sachs paid $6 million to try to get its [soon-to-be] former chief counsel Kathryn Ruemmler's Google search results highlighting her close friendship and many-years-long association with Jeffrey Epstein off the first few pages of results.
Today, the first result on the first page of a Google search for her is the opening paragraph of her Wikipedia biography:
>Kathryn H. Ruemmler (born April 19, 1971) is an American attorney who was principal deputy White House counsel and then White House Counsel to President Barack Obama.[1] Previously a partner at Latham and Watkins co-chairing its white-collar defense group,[2] Ruemmler joined Goldman Sachs in 2020 and was Chief Legal Officer and General Counsel.[3] She announced her resignation from this position in February 2026, effective at the end of June, over her links to child sex offender Jeffrey Epstein.[4][5][6]
De-Googling (in this context at least) means not running Google software on your phone. No Google Play Services always running in the background, plus not using Google apps.
I recently spent twenty minutes sitting outside of an MLB stadium because MLB decided they needed the same level of play protection as a foreign banking app and it refused to work on my friend's LineageOS phone.
We only got in by installing the app on my Sony and him signing into his account. They charge a fee now to get paper tickets from the box office.
Brutal. I had a similarly annoying experience recently, where in order to enter my local big arena for a concert, the TicketMaster app was not enough. I had to step out of the entrance line to download the _arena-specific_ TicketMaster app to access my tickets. I hate the ticket systems that dominate the market, we deserve better.
I'd rather try and get the executives, product managers, and engineers who implemented it fired and elect politicians that will make policies like that illegal.
I could go to a baseball game last year and have been able to for decades. The march to enshittification isn't inevitable. Otherwise there will be no hobbies in the future, and I'll be hoarding my money to just sit in my house doing nothing.
It's not necessarily enjoying it. OP evidently just thinks the trade-off is worth it. Some people like baseball more than researching which phone they can buy, which one has an unlockable bootloader, and which is supported (even unofficially) by LineageOS.
That's fine. They don't have to. Their solution can be calling their local representative and complaining that the stadium their city is paying for, is locking them out.
I don't think I ever tried this one. I think I tried every keyboard on F-Droid but apparently FUTO isn't in the main F-Droid repo. I'm liking it so far. I'm a swipe typer and on most keyboards the swipe functionality is much worse than GBoard but this one seems to work pretty well. I'm going to try it for a while, thanks for the suggestion!
I was in the same boat until a year ago or so. FUTO^[1] finally provided a good text prediction/correction pair + that simply better feeling the Gboard has^[2].
[2]: I never investigated this, so I always assumed that GBoard predicted what key I wanted to press when close to two letters. With FOSS keyboards, with a physically identical layout, I tended to make way more mistakes.
I find GBoard to remain superior in multilingual typing, futo just can't seem to be able to switch to other languages consistently, even with the multilingual option enabled,
it's also not as good at "recovering" from typing too many letters (Gboard sometimes adequately completes with likely shorter words)
Evidently some disagree, but I'm on your side. Biggest reason I didn't immediately think of "But what would I use for a keyboard" is my Q25 has on built-in.
UnifiedPush, F-Droid, a GMaps webview (arguably cheating, but I'm not RMS), NewPipe or Invidious are all good-enough alternatives, but I remember struggling to find a keyboard that felt right when I was using a Pixel 2 for a fortnight.
I think I went with the oldest Fleksy or Minuum APK I could find (from a reputable source), as they were fine without GApps.
Though I'd also like to call out the fact that AOSP has talkback, the accessibility service built-in, but there's no AOSP TTS engine to use it with. This is especially noticable when trying to use any spoken directions in OSMAnd, as it requires a TTS engine to use that function.
The only reason it's not the dumbest thing about Google's stewardship of AOSP is that I'm not sight impaired - as it stands, the multi-trillion-dollar corporation ripping out the built-in SIP client in their phone OS takes that prize
Not sure what timescale you're referring to when you're talking about "how bad the market got" and "today", but back around 2012 I got my first and last Samsung smartphone, must have been a Galaxy 3 or something, that had all of those problematic things too.
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
You can. I’ve removed Apple Music and Apple Maps (seriously, who uses that?) but apple makes extra sure most things are more annoying to use without maps. Calendar app with an address? Default to opening in Apple Maps which is missing so error message (twice). Find my? Also open in apple maps with missing app error message. Even with Google Maps set as default systemwide.
And operators preloading questionable stuff is a much older practice than post-iPhone smartphones. If you had a feature phone in the 2000's, the operator would have customised it one way or another. The iPhone was revolutionary in how much Apple forced the network operators to relinquish control.
I can remember Verizon being sued for forcing device makers to disable the ability to transfer files from feature phones to computers over Bluetooth, because they charged a per file fee to transfer files with their own proprietary software.
> The iPhone was revolutionary in how much Apple forced the network operators to relinquish control
And if AT&T wasn't as desperate to gain market share, we could have had a different story. Both Verizon and Sprint refused the iPhone because they didn't want to give up control. The bloatware was an important piece, but Apple also mandated control over OTA updates which the carriers did not want to relinquish either. The carriers were also opposed to the phone being sold in Apple stores.
I can't remember if it was Samsung or something, but one of the providers shipped Android tablets with a custom-but-default keyboard which sent ALL your keystrokes back to the provider. That was a big nail in the Android coffin for me.
You can't remove the Phone app from an iPad in iPadOS 26. Even when the iPad in question has no cellular functionality. The best you can do is remove the icon, but you get a dialog telling you it won't be removed.
Which is stupid as I don't want my iPad to be getting every voice mail and imessage and so on that my phone does. They are different devices and serve different purposes. My iPad is totally a media consumption device and I have no interest in it being integrated into my phone's communication functions.
You're not my tech support person so I'm not going to get into it deeply, but I don't mean the phone option of "Calls on Other Devices" (which is off on my phone) or the Messages option of "Text Message Forwarding" (which only has my Macs listed.) I mean that whenever I get a voice mail on a call it shows up as an alert on my iPad and Messages receives copies of various text messages, I think via iCloud as this happens when my iPad is at home and I am miles away with my phone at the office.
My OG moto droid was pretty clean back in ~2009 or so, but even then there was plenty of sketchy carrier installed bloatware. Even my blackberry before that, feature phones even before that, had the carrier crap on it.
Part of why iPhone was such a breath of fresh air at the time it released. There was no carrier bloatware. Apple didn't allow it. Verizon turned down the iPhone because they would not agree to the no carrier branding and did not want to give Apple control over updates.
It's only gotten worse since then, but yeah its always been a thing.
At least with iPhone, there's still no carrier bloat, no facebook/meta, no linkedin, etc.
I'm not sure why Samsung continues to allow it either, they are also big enough to bully the carriers they could just as easily pull an Apple and kick all the spam off their phones, at least for the flagship models.
Although you will have to buy a used phone in order to pay less than 250$, it seems like GrapheneOS is the best solution for that problem. Not optimal, but the best among what we have.
I was thinking the same. But it worries me that these news about Motorola in particular doing shady shit. I was looking forward to the upcoming GrapheneOS/Motorola partnership :(
How bad it's always been? Go find a Windows Recovery image for a Sony Vaio from the 2000s. Prepackaged shitware has always been a thing. I read this article and thought "wow someone finally matched an old Vaio."
That said, I want to hear a statement from Motorola on this. The GrapheneOS phones they announced a few months ago were going to be my "out" from this kind of nonsense. I want confirmation that I'll be able to trust them when it finally gets released.
Cheap smartphone path is harder and harder. Unfortunately the pixel series is easiest but comes in double they number for unlocking the bootloader and flashing lineage, etc.
Xiaomi has been ironically the pioneer in this field, but their phones are inaccessible in the USA assuming you’re USA based. The mediatek chipset also is more fun for this over Qualcomm.
Besides suid binaries, the radio firmware and subsequent radios for WiFi and Bluetooth do give out a lot of information and are open to exploitation.
The most opaque and privileged attack surface is often the modem/baseband and vendor diagnostic stack and allow carriers to process local side AT commands.
Qualcomm is more documented, though there are fun discoveries on mediatek I’ve made just using binwalk.
On that last point, GNOME/Gtk/Adwaita apps generally function really well on small screen sizes. The design language naturally suits it, and in my experience most apps will even make some layout adjustments where they're needed when resized to ~phone screen dimensions.
Anecdotally, out of the ~50 or so I have installed right now on my laptop, which covers the basic calculator/calendar/contacts/etc., and also things like file compression, torrenting, a Mastodon client, RSS reader, and so on, all of them are ready to use on a phone.
Alas, if only there was a (reasonably priced + fully functional) phone that could use them.
I recently got a Samsung A07 to run some tests on. It's stunningly cheap at <£100, and will supposedly get 5 years of software/security updates.
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
On my Motorola G Stylus 2025 ($400 MSRP) I have to disable Glance after every reboot (search Glance in Settings then click Disable and Force Stop). Archive/Delete is disabled.
I only had to disable it once on mine, after going crazy for a while trying to figure out what had messed up my lock screen. Haven't had it try to come back once.
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
Isnt Motorola basically a ‘Shanzhai’ (copy cat) brand now? Some dude putting the logo on some OEM parts? I am thinking of that Commodore phone from a while back and others. While completely speculative, it is interesting to see legit brands go Shanzhai or get Shanzhaied and Shanzhai brands go legit (xiaomi, huawei)
Because they are forking over some of their revenue to affiliates. If there is no affiliate, Amazon keeps that money for itself. Paying the affiliate only makes sense if it's driving purchases that wouldn't have happened otherwise.
gsky | 14 hours ago
28304283409234 | 11 hours ago
userbinator | 11 hours ago
greatgib | 11 hours ago
And then, once they become dominant enough starting to play it like the others but stuffing as many unremovable crap as possible.
gib444 | 13 hours ago
Yeah, not now.
Uzazo | 13 hours ago
I understand not wanting to give Motorola any money because of this, though.
[OP] Cider9986 | 13 hours ago
gib444 | 13 hours ago
Initially the project won't change, but it likely will over time.
microtonal | 12 hours ago
(I think the misunderstanding is that Motorola would make the GrapheneOS builds.)
gib444 | 10 hours ago
You're probably just not willing to believe that a 'partnership' with a massive company will change things, like I do. I am disagreeing, not misunderstanding. There's a difference
microtonal | 9 hours ago
Time will tell, but my bet is on the GrapheneOS team doing the right thing, they have always done so in the past.
gib444 | 8 hours ago
I certainly have
> I have rarely seen any team more principled than them
Totally agree with you there.
I'll say no more because you pay a heavy penalty on HN for criticising the project.
I'll just say I hope the collaboration brings some needed maturity, level heads, and stewardship, and that the devs can continue just to focus on the tech.
sourcegrift | 13 hours ago
I hope motorola collaborates with Pine and brings linux to phones. In the age of LLM apps are obviously not a problem. (Hopefully windows Phone 7, not 8 also comes back)
WolfeReader | 12 hours ago
SubiculumCode | 11 hours ago
ta8903 | 9 hours ago
dotcoma | 13 hours ago
kayson | 12 hours ago
Something funny is up; this doesn't seem deliberate.
londons_explore | 12 hours ago
That employees cousin probably does social media for Abboud...
GuestFAUniverse | 10 hours ago
0xEF | 9 hours ago
microtonal | 9 hours ago
mschuster91 | 8 hours ago
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
pitkali | 7 hours ago
macintux | 6 hours ago
GuB-42 | 5 hours ago
Humans reading code is so "legacy"...
ezekiel68 | 2 hours ago
apples_oranges | 9 hours ago
Neil44 | 7 hours ago
brightbeige | 5 hours ago
jollymonATX | 11 hours ago
blitzo | 12 hours ago
xzxz | 12 hours ago
microtonal | 12 hours ago
GuestFAUniverse | 9 hours ago
microtonal | 9 hours ago
catlikesshrimp | 8 hours ago
All the "best phones" for most of us are bloated tracking devices.
kotaKat | 9 hours ago
See also: various firmware builds for Moto phones like https://dumps.tadiphone.dev/dumps/motorola/aito/-/tree/user-...
KennyBlanken | 12 hours ago
tredre3 | 12 hours ago
catlikesshrimp | 8 hours ago
yjftsjthsd-h | 11 hours ago
layer8 | 11 hours ago
pjc50 | 10 hours ago
microtonal | 9 hours ago
Seriously, get a Pixel and install GrapheneOS, or maybe a Fairphone with LineageOS.
catlikesshrimp | 8 hours ago
Ah, the Google tax. They can turn the lock of that door (bootloader) when they choose to do so.
bushwart | 5 hours ago
sjamaan | 5 hours ago
bushwart | 4 hours ago
tredre3 | 12 hours ago
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
SubiculumCode | 11 hours ago
markjchambers | 11 hours ago
Anything in the last few years has the moto app manager that force loads LinkedIn etc.
Due to cheap and cheerful with long lasting battery - I still buy Moto G - but setup offline and disable all these apps using https://github.com/Universal-Debloater-Alliance/universal-an...
xzxz | 9 hours ago
brnt | 12 hours ago
xzxz | 9 hours ago
fc417fc802 | 7 hours ago
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
xzxz | 5 hours ago
I just have no time and knowledge to build ROM myself. 100% open projects also suffer supply chain attacks.
fc417fc802 | 5 hours ago
I'd suggest not using apps that fail to respect your autonomy.
dannyw | 6 hours ago
fg137 | 6 hours ago
edarchis | 10 hours ago
xzxz | 9 hours ago
kotaKat | 8 hours ago
hypendev | 9 hours ago
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
xzxz | 9 hours ago
ahartmetz | 8 hours ago
kotaKat | 6 hours ago
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
dingensundso | 12 hours ago
Replacing the OS is one of the first things I do with every laptop, PC and mobile device to get rid of (most) crap that was installed without my consent.
userbinator | 11 hours ago
Very little ability to do that with most devices these days, unfortunately.
coretx | 12 hours ago
999900000999 | 12 hours ago
Gonna flash a rom on the Xiaomi anyway, but all oems are doing this type of stuff.
KennyBlanken | 12 hours ago
petu | 11 hours ago
consp | 10 hours ago
999900000999 | 9 hours ago
Which is a damn shame because not too many options exist with a headphone jack and a Snapdragon processor. I'm in an environment where Bluetooth is unreliable for a good chunk of my day.
The only other tablet that fits my needs is a gosh darn Surface which is like 1000$.
VortexLain | 8 hours ago
risfriend | 12 hours ago
heikkilevanto | 12 hours ago
microtonal | 9 hours ago
sandreas | 12 hours ago
1: https://news.ycombinator.com/item?id=47214645
microtonal | 9 hours ago
Retr0id | 5 hours ago
microtonal | 5 hours ago
(Of course, there is more, like camera firmware, etc. but they are typically provided through the hardware providers.)
phoronixrly | 7 hours ago
bushwart | 5 hours ago
phoronixrly | 2 hours ago
bushwart | 2 hours ago
phoronixrly | 2 hours ago
ysnp | an hour ago
The main objective of the partnership is to do what you described in the former case, get Motorola up to a standard where GraphenOS could support the phone. They could not previously take a Motorola phone and build GrapheneOS for it because of numerous basic requirements they did not yet meet. I can guess that GrapheneOS only really condone the efforts Motorola will put in to meet their support requirements as a platform.
Motorola also gets to incorporate a subset of GrapheneOS's features and improvements as enterprise targeted Motorola features. GrapheneOS do not have any direct influence over the apps and policies for the stock GMS Android image Motorola ship with their phones. Motorola have no significant say in what GrapheneOS does with their OS. GrapheneOS can assist Motorola in hardening efforts at the OS and firmware layer etc.
unethical_ban | an hour ago
The entire premise of GrapheneOS is total control of the device. There is no way they would release a Motorola phone with GrapheneOS installed, but with unremovable bloatware.
ysnp | an hour ago
The question is really why are Motorola the only ones that have gone that extra mile so far and what does it say about the rest of the Android OEMs (including Fairphone, which unlike most is actually a younger project than GrapheneOS).
p0w3n3d | 11 hours ago
petu | 11 hours ago
noduerme | 11 hours ago
andyjohnson0 | 11 hours ago
rainforest | 11 hours ago
[0] https://www.reddit.com/r/motorola/comments/1s61usi/edge_60_p...
consp | 10 hours ago
GuestFAUniverse | 9 hours ago
futune | 2 hours ago
microtonal | 9 hours ago
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
fg137 | 6 hours ago
https://www.reddit.com/r/samsunggalaxy/comments/1t7vqr8/why_...
I am getting tired of all these nonsense.
At this point, Samsung may be shipping more malware than anyone else on phones
microtonal | 6 hours ago
But as long as consumers continue buying, nothing will ever change.
pndy | 3 hours ago
I haven't noticed any further links regarding this topic. Thus I have no idea if setting was fully implemented or abandoned but with this thread here you linked, but I'd rather guess they're full after user's data. And from what users wrote there, MS is not even doing this with some elaborated darkpatterns scenarios but just ordinary stealing these photos. This should be announced louder.
robotnikman | an hour ago
dmos62 | 10 hours ago
The degree to which I don't own my own device is insane.
xnickb | 10 hours ago
shantara | 9 hours ago
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
fransje26 | 10 hours ago
Nothing screams "secure" better than app hijacking and url injections.
davidelettieri | 9 hours ago
Edit: the timer stays even after updates so the app is not enabled again
metalman | 9 hours ago
codedokode | 8 hours ago
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
tomaytotomato | 8 hours ago
Just root your Android phone and put a custom ROM like LineageOS etc
If you want a stretch goal try and de-Google yourself, I have tried but failed twice now.
ux266478 | 6 hours ago
Give me a Linux phone with halfway decent modem drivers, or give me death.
codedokode | 6 hours ago
My impression that you should treat your phone as something that can be hacked any moment and not store anything important there.
[1] https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendo...
dataflow | 5 hours ago
Stop buying phones from Verizon?
ux266478 | 4 hours ago
dataflow | 2 hours ago
codedokode | 6 hours ago
2) I did not analyze LineageOS yet and how it is different from stock Android, so I need to go through complete diff.
> If you want a stretch goal try and de-Google yourself
My goal is to have an open source system that is under my full control and doesn't play tricks on my by sending telemetry or collecting forensic databases. Because now I cannot even connect the phone to Internet and it is not as useful as it could be.
Semaphor | 5 hours ago
bookofjoe | 6 hours ago
Goldman Sachs paid $6 million to try to get its [soon-to-be] former chief counsel Kathryn Ruemmler's Google search results highlighting her close friendship and many-years-long association with Jeffrey Epstein off the first few pages of results.
Today, the first result on the first page of a Google search for her is the opening paragraph of her Wikipedia biography:
>Kathryn H. Ruemmler (born April 19, 1971) is an American attorney who was principal deputy White House counsel and then White House Counsel to President Barack Obama.[1] Previously a partner at Latham and Watkins co-chairing its white-collar defense group,[2] Ruemmler joined Goldman Sachs in 2020 and was Chief Legal Officer and General Counsel.[3] She announced her resignation from this position in February 2026, effective at the end of June, over her links to child sex offender Jeffrey Epstein.[4][5][6]
https://en.wikipedia.org/wiki/Kathryn_Ruemmler
>How a Secretive Firm Tried (and Failed) to Fix an Epstein Friend’s Tattered Image
https://archive.ph/Biztm
thfuran | 4 hours ago
bookofjoe | 4 hours ago
>If you want a stretch goal try and de-Google yourself, I have tried but failed twice now.
My point is that even with unlimited resources it's impossible to de-Google yourself.
BenjiWiebe | 3 hours ago
Larrikin | 5 hours ago
We only got in by installing the app on my Sony and him signing into his account. They charge a fee now to get paper tickets from the box office.
beepboopboop | 5 hours ago
Hizonner | 5 hours ago
Larrikin | 5 hours ago
skinfaxi | 4 hours ago
Larrikin | 3 hours ago
ofieiehdiehe | an hour ago
If, on the other hand, you care more about your hobby than these quirks annoy you, than by all means, go right ahead.
Larrikin | an hour ago
I could go to a baseball game last year and have been able to for decades. The march to enshittification isn't inevitable. Otherwise there will be no hobbies in the future, and I'll be hoarding my money to just sit in my house doing nothing.
lightedman | 3 hours ago
But it seems you LIKE being abused.
xethos | 2 hours ago
That's fine. They don't have to. Their solution can be calling their local representative and complaining that the stadium their city is paying for, is locking them out.
pwg | 3 hours ago
plagiarist | 2 hours ago
merryocha | 5 hours ago
lsowen | 5 hours ago
https://keyboard.futo.org/
merryocha | 4 hours ago
eskori | 4 hours ago
[1]: https://keyboard.futo.org/
[2]: I never investigated this, so I always assumed that GBoard predicted what key I wanted to press when close to two letters. With FOSS keyboards, with a physically identical layout, I tended to make way more mistakes.
ezst | an hour ago
it's also not as good at "recovering" from typing too many letters (Gboard sometimes adequately completes with likely shorter words)
codedokode | 4 hours ago
xethos | 2 hours ago
UnifiedPush, F-Droid, a GMaps webview (arguably cheating, but I'm not RMS), NewPipe or Invidious are all good-enough alternatives, but I remember struggling to find a keyboard that felt right when I was using a Pixel 2 for a fortnight.
I think I went with the oldest Fleksy or Minuum APK I could find (from a reputable source), as they were fine without GApps.
Though I'd also like to call out the fact that AOSP has talkback, the accessibility service built-in, but there's no AOSP TTS engine to use it with. This is especially noticable when trying to use any spoken directions in OSMAnd, as it requires a TTS engine to use that function.
The only reason it's not the dumbest thing about Google's stewardship of AOSP is that I'm not sight impaired - as it stands, the multi-trillion-dollar corporation ripping out the built-in SIP client in their phone OS takes that prize
everyday7732 | 2 hours ago
qwertytyyuu | 3 hours ago
embedding-shape | 8 hours ago
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
mitchell209 | 7 hours ago
dannyw | 6 hours ago
u_fucking_dork | 6 hours ago
You see, the user you replied to spoke in the present tense, and is addressing the “(and still comes with)” portion of the original comment.
basisword | 3 hours ago
GeekyBear | 2 hours ago
ornornor | 2 hours ago
zamadatix | 5 hours ago
TazeTSchnitzel | 6 hours ago
GeekyBear | 2 hours ago
thewebguyd | an hour ago
And if AT&T wasn't as desperate to gain market share, we could have had a different story. Both Verizon and Sprint refused the iPhone because they didn't want to give up control. The bloatware was an important piece, but Apple also mandated control over OTA updates which the carriers did not want to relinquish either. The carriers were also opposed to the phone being sold in Apple stores.
everdrive | 4 hours ago
GeekyBear | 2 hours ago
You couldn't even revoke permission to access the camera and Mic. It had permission to do literally anything, and you couldn't change it or remove it.
givinguflac | 3 hours ago
wang_li | 3 hours ago
Which is stupid as I don't want my iPad to be getting every voice mail and imessage and so on that my phone does. They are different devices and serve different purposes. My iPad is totally a media consumption device and I have no interest in it being integrated into my phone's communication functions.
givinguflac | 3 hours ago
wang_li | 2 hours ago
thewebguyd | an hour ago
Part of why iPhone was such a breath of fresh air at the time it released. There was no carrier bloatware. Apple didn't allow it. Verizon turned down the iPhone because they would not agree to the no carrier branding and did not want to give Apple control over updates.
It's only gotten worse since then, but yeah its always been a thing.
At least with iPhone, there's still no carrier bloat, no facebook/meta, no linkedin, etc.
I'm not sure why Samsung continues to allow it either, they are also big enough to bully the carriers they could just as easily pull an Apple and kick all the spam off their phones, at least for the flagship models.
VortexLain | 8 hours ago
futune | 2 hours ago
chasil | 3 hours ago
https://www.theregister.com/2015/08/12/lenovo_firmware_nasty...
ryukoposting | 3 hours ago
ryukoposting | 3 hours ago
How bad it's always been? Go find a Windows Recovery image for a Sony Vaio from the 2000s. Prepackaged shitware has always been a thing. I read this article and thought "wow someone finally matched an old Vaio."
That said, I want to hear a statement from Motorola on this. The GrapheneOS phones they announced a few months ago were going to be my "out" from this kind of nonsense. I want confirmation that I'll be able to trust them when it finally gets released.
rootsudo | 3 hours ago
Xiaomi has been ironically the pioneer in this field, but their phones are inaccessible in the USA assuming you’re USA based. The mediatek chipset also is more fun for this over Qualcomm.
Besides suid binaries, the radio firmware and subsequent radios for WiFi and Bluetooth do give out a lot of information and are open to exploitation.
The most opaque and privileged attack surface is often the modem/baseband and vendor diagnostic stack and allow carriers to process local side AT commands.
Qualcomm is more documented, though there are fun discoveries on mediatek I’ve made just using binwalk.
ksymph | 2 hours ago
Anecdotally, out of the ~50 or so I have installed right now on my laptop, which covers the basic calculator/calendar/contacts/etc., and also things like file compression, torrenting, a Mastodon client, RSS reader, and so on, all of them are ready to use on a phone.
Alas, if only there was a (reasonably priced + fully functional) phone that could use them.
amelius | 8 hours ago
What is next? Our banks selling our payment histories to the highest bidder?
Ekaros | 8 hours ago
like_any_other | 8 hours ago
They do it for your own good, so that you get "more opportunity for consumer experiences in stores and online."
https://en.wikipedia.org/wiki/Card_transaction_data
https://pirg.org/edfund/resources/how-mastercard-sells-data/
pjmlp | 8 hours ago
realusername | 8 hours ago
zx8080 | 7 hours ago
> Ben Schoon is a Senior Editor
Thank you so much for being not able to consume the screencast video in the article.
zb3 | 7 hours ago
0x59 | 7 hours ago
Retr0id | 7 hours ago
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
password4321 | 6 hours ago
Fuck Glance with all possible fuckery.
shawn_w | 6 hours ago
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
subscribed | 6 hours ago
rbbydotdev | 6 hours ago
theologan | 4 hours ago
marcusholt | 4 hours ago
thenthenthen | 4 hours ago
daft_pink | 3 hours ago
Retr0id | 3 hours ago
wat10000 | 2 hours ago
advisedwang | 2 hours ago
wat10000 | 2 hours ago