←back to thread

We should have the ability to run any code we want on hardware we own

(hugotunius.se)
2071 points K0nserv | 3 comments | 31 Aug 25 21:46 UTC | HN request time: 0.001s | source
Show context
add-sub-mul-div ◴[01 Sep 25 01:07 UTC] No.45088513[source]
As for the new Android restrictions I assume my Galaxy S20 will be immune to them because it's not getting (major) updates anymore. I'll continue using it as long as I can to avoid this. Does anyone know the most recent Galaxy phone that will be safe from this? I want to get a backup.
replies(1): >>45089200 #
odo1242 ◴[01 Sep 25 03:31 UTC] No.45089200[source]
It likely won't be safe - they're probably going to enforce it through a Google Play Services update rather than an Android update, which means all previous Android OS versions after 5.0 (Lollipop, released in 2014) will be hit with the changes. In order to bypass that you'd need to install a Custom ROM or stop using and uninstall the Google Play Store entirely (since it's not possible to selectively disable just this).

Android uses Google Play Services updates to update some features or security without relying on manufacturers to update the OS and drivers.

replies(1): >>45089548 #
1. seviu ◴[01 Sep 25 04:47 UTC] No.45089548[source]
I seriously doubt they can restrict sideloading through Google play services.

But if they do then it’s worse than what I thought.

replies(2): >>45092356 #>>45107185 #
2. jamesnorden ◴[01 Sep 25 12:55 UTC] No.45092356[source]
Entirely possible, i.e. by not allowing Google Play Protect to be toggled off anymore.
3. odo1242 ◴[02 Sep 25 18:34 UTC] No.45107185[source]
Google Play Services effectively has superuser access to Android devices - it can uninstall or update Android apps, access app data, change system settings, etc. (The only way around this is to sandbox Google Play Services like GrapheneOS does, use an open source reimplementation like microG, or remove it entirely (but a lot of Android APIs, most of the ones that are Internet-based, are actually just Google Play Services APIs).

Originally this design was out of necessity (device manufacturers refusing to give devices OS updates to fix security issues), but it can also be used to do nefarious stuff like this. It’s also one of the main reasons Android is less secure than iOS (most Android vulnerabilities are in Google Play Services).