45 comments

[ 2.8 ms ] story [ 75.4 ms ] thread
More devices we no longer own and that are bound to become trash in a few years, and for what reason? So companies can make more profits?
But think of banks and music services, comrade! Banks need the waste to protect you, and poor music services will go out of business if you control your own phone!
And fuck you over with data mining everything all the time without you having any means to cut it out
dont worry, samsung knows only 300 people will actually care.

As for me, I already swore off Samdung for their whole Samsung account bs and apps they bundle and won't let me remove (or disable).

What do you use? Samsung are anti-consumer but none of the other big phone manufacturers seem to be much better (and historically at least Samsung's flagship phones have been pretty good hardware-wise).
I try to avoid big <anything> manufacturers by default.
Those 300 people include some experts at spiritual warfare which will guarantee that all involved in this decision will reincarnate into durian fruits in the next life.
Some of the Samsung apps are better than alternatives. Google is not the best at everything.
Pixel stopped providing device trees, kernel history,

Samsung has been doing this for a while now.

Which are the devices/vendors that still allow / encourage this?

Even Graphene OS reported that they're in talks with some vendor... Have there been any updates towards that?

The main reason i used to root devices are:

* Get longer support/OS updates than what the vendor provided

* System level adblock using adaway

* Titanium backup

These days firefox/brave browser gets me half way through adblocking and i lost interest in the ad filled apps..

Syncing gets me good level of syncing for backup on my NAS etc .

You can use nextdns for DNS adblocking.
So, notice Graphene OS was able to port Android 16 on all the supported devices (from Pixel 6 up) basically within a week without device trees already, without the early (OEM) access to the release.

It's a big inconvenience but not a showstopper for them. Pixels are still viable.

The only blocker with pixels would be if they stopped allowing OEM unlocking or relocking (which is a must).

> Which are the devices/vendors that still allow / encourage this?

GNU/Linux phones (Librem 5 and Pinephone).

You can block ads without root by using Adguard DNS.
> Even Graphene OS reported that they're in talks with some vendor... Have there been any updates towards that?

The startup we were working with before went bankrupt. In June, we started working with a major Android OEM which has provided resources for identifying everything which will need to be done to meet our requirements and provide official GrapheneOS support. They believe they can meet all our official requirements without much trouble and they're going to determine how much resources they want to put into it soon. We don't yet know how many resources are going to go into it.

> The main reason i used to root devices are

Note using GrapheneOS does not involve rooting.

> System level adblock using adaway

You can use RethinkDNS for filtering combined with still using a WireGuard VPN or multiple chained WireGuard VPNs. Android has a perfectly good API for this.

> Titanium backup

GrapheneOS has a built-in encrypted backup system we plan to significantly improve upon. The basics are there already.

Exactly. This is why I won't buy from these companies even when conditions look good. It'll be bait and switch every sigle time. Fairphone all the way.
When Fairphone comes out with a phone with an EMR stylus built in, I'll be the first in line.
That's very picky. I'm sure there are better ways to solve your problem.
The writing's been on the wall for custom ROMs in general for a while, so I've been starting to think about a mobile phone vendor I could actually have a decent business relationship with. I.e. use their stock ROM and be fairly happy with it.

Any opinions? Samsung was a candidate for their somewhat unified ecosystem. Maybe even apple.

I still really like Sony phones. Excellent hardware. They have no online services they are trying to push, they just want you to buy their phones. As a result, the stock software is very clean Google Android without much extra. But they're not available in every region, and quite expensive. Used to have very short software support but now they do 4 major Android version updates / 6 years of security updates.

You get no ecosystem benefits though, it's really just plain Android.

Do they work well on the big US carriers? Especially the ones starting with V?
Samsung carries a lot of advertising crap, tracking, etc. Pretty much every phones is going to be worse than Pixel in that respect, since you get Google's tracking + whatever pile of crap the vendor added (which in the end they all seem to do).

So it's basically:

Pixel with GrapheneOS > iPhone >> Google Pixel with PixelOS

I wouldn't recommend anything else. Theoretically Fairphone + e/OS may have been an option, but the security is crap.

I guess there is Sony, you could even install Sailfish OS, no experience though.

> Theoretically Fairphone + e/OS may have been an option, but the security is crap.

Lack of current privacy/security patches and the current privacy protections in Android means having very poor privacy too. There's no equivalent to the privacy protections added by GrapheneOS either including ones also offered by iOS now such as iOS having a more basic equivalent to the GrapheneOS Contact Scopes feature since iOS 18 and iOS having better storage/media control than Android similar to Storage Scopes in GrapheneOS.

> I guess there is Sony, you could even install Sailfish OS, no experience though.

SailfishOS is much less private/secure than AOSP and is largely closed source. It's the opposite of a more open OS.

It is really a pity, as this means Android OS is closing down.

Without supported Consumer Hardware available on the market in sufficient volume, even less end-users will use an alternative OS, which will affect quality and size of the alternative OS-market and fragment the remaining users even more.

This will put the future of the entire alternative-OS ecosystem firmly back into the hands of Google. If they start further restricting BL-unlock on the Pixel-series to e.g. only Google Developer Account-Holders, the whole ecosystem will finally close down.

(comment deleted)
Been compiling and running lineageos for nigh on five years now. Attention corporate tyrants: I will never give up.
I have to wonder what Samsung's motivation is here. Of course they probably have some bloatware they profit from, but someone who plans to unlock the bootloader just won't buy their device now. Samsung only benefits if they lose money on device sales (do they?) and make it up on "services".
Xiaomi apparently have also stopped unlocking their bootloaders, so the "workaround" was to go to an official store and ask them perform a downgrade, and before the staff can relock the bootloader, grab the phone and run:

https://x.com/kobe_koto/status/1949154478298456531

Absolutely hilarious.

It's still possible outside of China but you have to have a Mi account and for newer phones you have to make some forum posts or some dumb shit.
I did that years ago when I bought a Redmi Note 4 in Shenzhen and discovered that the Chinese ROM is very locked down. I created the Mi post, but I don't remember having to make a forum post (although it does ring a slight bell). AFAIK it was just sending a DM to support on the forum / app to explain why you needed to install the Global ROM rather than the Chinese ROM (and being a foreigner was accepted as a valid reason). About a day later they unlocked the phone bootloader remotely, and then I could install any version of the Global ROM I wanted.

I've bought all my subsequent ones (Note 5, Note 8, Note 11, Note 12Pro) in either HK or UK so they all came with the Global ROM, and I've not felt the need to unlock any of them, so not tried to process since. But it definitely used to be pretty easy.

I suspect the reason for the weird process is legal to ensure that phones in China don't get unlocked in order to circumvent content controls.

This is amazing. Imagine getting the cops called on you for this and having to explain why the phone company was against you stealing your own phone
As someone who roots single-purpose Android devices, this is one of those things that sucks big-time but makes total sense.

The only reason one would unlock a bootloader is to root the system partition. It is impossible to protect data on rooted phones and makes data exfiltration attacks significantly easier to do.

This is a huge problem for banking and music apps that absolutely rely on this capability. Samsung is, by far, the biggest seller of Android phones in the US. (I think Xiaomi is the biggest globally), so they are under much more pressure to clamp down on this.

That said, rooting Samsung devices has been a worthless pursuit for a long time. Doing so irreversibly (via eFuse) disables KNOX, which prevents DeX and Samsung Health from working. It also trips SafetyNet, which disables a whole suite of key apps (banking apps and Apple Music don't work; not sure about Spotify). There's a Magisk module that uses well-known device IDs to work around these, but these only work temporaily. Many people have also reported issues with the camera (a popular reason for buying Samsungs in the first place), and you no longer get OTA updates. I believe you also get degraded camera performance if you flash another ROM since the device module is closed-source and relies on One UI to work. This is before considering that stock ROMs have gotten really good over the years (especially Samsung's), and many of the reasons why we had to root have mostly gone away.

You can work around this by buying a Pixel for now, but I think we're a few years away from bootloader unlocking going away entirely.

That said, I stll root Android devices that will only serve a single-purpose, like my BOOX eBook readers that I use Firefox on. This lets me run AFWall so that I can block network traffic for everything except Firefox (and a few other apps). However, I won't be logging into my Google account on them, and they aren't ever going to run banking apps or anything like that.

Samsung also removed my flashlight recently. The whole pull-down that contained it is gone. Not sure what they're thinking over there.
I'm surprised they let it go on as long as they did.
Normally, I'd go and say "vote with your wallet" - but sadly, in the tablet sphere, it's either ultra low spec Alibaba junk or it's Samsung. No Fairphone, no Pixel, nothing.

Seriously Samsung, go and screw yourselves.

The reason I insist on rooting in the first place is because unlike iOS which has a true full backup that you can trigger from your Mac (and restore afterwards), Android decidedly does not, and a bunch of apps don't do any kind of cloud sync.

Sony Xperia models have been my choice since the Sony Ericsson days. Unlockable bootloader, LineageOS available, microsd card, headphone jack, good screen, decent camera, reasonably powerful SoC, water/dust resistant, and probably several other benefits that I'm forgetting at the moment.

I don't know if any US carrier offers them, but last time I was shopping, models with North American radios could be bought online.

My main complaints about Xperia phones:

- They don't support re-locking the bootloader at all, let alone with custom keys. This could be problematic for folks who depend on mobile banking apps that require full Google Play Integrity (SafetyNet) attestation, or risky for folks who leave their phone unattended around potential adversaries. To be fair, almost all smartphones have this problem.

- Their wonderful Xperia Compact line, comprising smaller versions of their flagship phones, seems to have been abandoned. Even their most recent "compact" models were bulky compared to their predecessors.

It is getting incredibly difficult to obtain a non-backdoored smartphone nowadays.

I tried to find which phones support alternative OSes, without Google control and telemetry, but it turned out that alternative OSes (LineageOS, PostmarketOS, Graphenos) support mostly support outdated models and it makes no sense to buy them. There is also "Google Pixel", but the prices start at around $600 which is 3 times more than a reasonable price for a phone.

So now I am wondering if it is possible to extract the ROM from a reasonably priced Samsung phone, remove the components I don't like and write it back.

GrapheneOS supports the newest Pixels, and only the Pixels that are still getting updates from Google. Right now the least bad option is probably a one-generation-old NOS or Open Box Pixel with GrapheneOS.
I did this. I got an open box Pixel 9A at Best Buy for $450 about a month ago. I immediately installed GrapheneOS on it.
Damn, I got a samsung instead of an asus phone because I could unlock it. Now what:s left? Really annoyed at all those companies who refuse to let me own my own phone.

And before anyone asks me if I really need to unlock my phone... It's the principle of it, if I bought it, I own it and I should be able to run what I want on it. I will not buy a phone from a company that denies me that right.

That said, I do use root for a few things:

- AFWall+ (previously I used netguard but can't run multiple VPN on android so I couldn't have that running together with tailscale)

- Neo-backup. Some messaging apps believe that keeping chat history is not important. Or they believe that it's fine that the only way to transfer chat history is to upload it to Google cloud without encrypting it. I hate losing my chat history and I do not want it uploaded somewhere without encrypting it so I need a backup solution. Enters neobackup

- Sometimes, it is useful to be able to spoof one's GPS without the app being the wiser from a privacy perspective.

- A very stupid banking app I have prevent screenshots but then doesn't allow me to download a proof of transfer. So I use root to remove the restriction against screenshots

Will this stop you from purchasing a new Samsung device?

Yes. I was buying Samsung devices for years because of size (A5, A7, S10e) and ability to unlock bootloader for Lineage OS. Time to look elsewhere.

Yep, if Samsung phones are now just as closed as Apple, well.. Android phones certainly aren't superior in many dimensions. Bummer.
I never had the chance to root any Android device (unknown models, locked bootloaders, no benefit on rooting, or simply bad hardware), guess I'll never have it again.
This seriously pisses me off. We are literally watching the end of true ownership of our phones end right before our eyes, imagine if your laptop or new motherboard you purchased from MSI or whoever did the same and locked the bootloader to only allow booting official Microsoft-signed code (aka Windows only) and if you wanted to run Linux... sorry but no that's what we decided and we know better than you. Despite custom OS support being grainy in phones due to proprietary hardware and ARM chips, I really care about having the option to be able to do it (plus rooting with tools like Magisk is pretty universal across phones anyways since it lets you patch most firmware images).

It was already bad with Huawei stopping their unlock program and Google cracking down more on rooting by introducing strong integrity with their new Play Integrity API (which was an upgrade from the older SafetyNet API), basically meaning there is hardware security called the TEE (ARM TrustZone for most phones if you're interested in reading more) built into the ARM processor which "snitches? (lack of better word)" on you if the firmware booted no longer matches the manufacturer signed firmware, and causes you to fail strong integrity which means apps like bank apps can choose to deny you service (Google Wallet does this for NFC payments). There are workarounds which the custom ROM/root community still uses which mainly relies on older leaked cryptographic signing keys from the TEE being used which bypass the phone's TEE and sign the "integrity verdict" in user land to say "all is good" to Google, but Google can easily tell if these keys have been compromised since they track usage, and the storage of these keys just keeps getting better, getting as close to impossible as you can in a modern phone since to extract it would require you to quite literally de-lid the ARM chip and hope you don't break anything in the process while somehow extracting the key, in other words not feasible.

This is all great when it comes to security which Google and all manufacturers have been pushing on, but it comes at a serious cost of ownership, you cannot tell me we truly own our phones when we have literal hardware protection that, quoted right from wikipedia: "code integrity prevents code in the TEE from being replaced or modified by unauthorized entities, which *may also be the computer owner itself*". I don't know about you but a chip (and Google) that dictates what I can and cannot do with my phone doesn't sound like ownership to me.

All these recent changes and events sounds to me that Google is actively pushing and "encouraging" phone manufacturers to disable bootloader unlocking, we're constantly seeing manufacturers which were once before root and unlock friendly randomly changing their mind and quietly removing or severely limiting that feature in the background (Huawei, Xiaomi, now Samsung, etc). You have to remember these manufacturers won't back down from what Google tells them to do if it's for "security" since they're all in each other's pockets so they won't pushback without a good reason.

And if you want to use the typical excuse "allowing bootloader unlocking is unsafe", we've already proved it can work quite well while maintaining security as demonstrated by UEFI's Secure Boot which allows you to enroll custom boot keys (should you wish), while keeping some popular default keys such as Microsoft for Windows, and allowing you to lock the entire firmware config behind a password (which is stored in a security chip in modern motherboards so you can't use the old trick of removing the CMOS battery). That's more security than any regular citizen might need.

This TEE thing is all about control. Google and manufacturers don't like people installing custom firmware or rooting because then they can't keep you in their ecosystem to keep taking your data and hoping you eventually buy s...