This is what I use, and it works well. It's very straightforward to add apps and automatically update them as new releases are pushed to Github or wherever they are hosted.
You know what I really want? No more "app stores" or "app managers". Just let me download and run an application, like on every non-mobile computer in the world.
I hate the constant updates. I hate the end-of-life OS forks. I hate the limited programming languages. I hate that there's this complicated gatekeeping, where you have to jump through a bunch of extra hoops to install a program if it hasn't been blessed by some specific official organization. And I hate that all the mobile phones come locked up (if not to a mobile carrier, then to an operating system, only able to be maintained by a specific 3rd party, and the device becomes a useless brick once that specific 3rd party stops supporting that specific operating system on that specific device).
Regular computers work much better. A common architecture. Run any OS built for that common architecture. Run any program that has executable machine code for that common architecture. You can install a different OS when the old one is unsupported. You can keep using the hardware until the hardware dies, not just until the company who made it drops that hardware's support. Common hardware components so every OS doesn't have to support every different individual model of computer. No gatekeeping of the programs you can install. No extra hoops. Just a machine that can run whatever you want it to.
I just want a computer in my pocket. I don't want all the extra bullshit.
The belief that all mobile devices are this locked down is Apple's greatest trick.
I don't even think it is premeditated by the Company's leadership. But the users and ecosystem evolved in a way where this level of fandom and narrative are great for them.
I agree... but also that computer in our pocket has our entire life wrapped in it.
The desktop has some mitigations against this. PWNing your mobile device could completely wreck you in a lot of ways.
I switched from android to iphone because someone 0-day'd me. I'm not saying it can't happen on iOS or something; just less likely - and mostly because of these restrictions.
Can OSes offer an application sandbox feature, where I can define sandboxes within which to install applications. Applications within a sandbox only has visibility into the resources I define: some folders, no camera or mic etc. I understand that app permissions do the same, but this would be more convenient than having to define granular permissions each time you install an app.
> Applications within a sandbox only has visibility into the resources I define
Isn't that more than a typical sandbox what you're asking for?
The GrapheneOS developers said they're working on a feature where every app could be run in its own VM, like on ChromeOS: https://discuss.grapheneos.org/d/20647
> some folders, no camera or mic etc. I understand that app permissions do the same
The "some folders" part is already true for Android. Apps can't blanket access files/folders of other apps (save for ones stored in "external storage", which has also been scoped down in the recent releases: https://source.android.com/docs/core/storage/scoped).
> more convenient than having to define granular permissions each time you install an app
It isn't Android that makes this inconvenient. It is the app developers that cause "prompt fatigue" (by showing permission requests repeatedly) or "blackmail" by refusing to work until permissions are granted. A new sandbox mechanism is unlikely to change much.
> It isn't Android that makes this inconvenient. It is the app developers that cause "prompt fatigue" (by showing permission requests repeatedly) or "blackmail" by refusing to work until permissions are granted. A new sandbox mechanism is unlikely to change much.
That's why spoofing should be an option. You want GPS? Timbuktu. You want my camera? Here's a close up video of a saggy scrotum. You need access to my contacts? Here's an address book with the contact details for all the funeral services within a 50 mile radius.
Yep. With exception to apps that don’t interact with the internet in any way whatsoever (not even opening downloaded files), which is pretty rare, keeping up with library updates is pretty important if one doesn’t want to make them ever more of a sitting duck as time goes on.
People keep talking about having been hacked, but it's honestly baffling to me.
I'm 28. I started using computers on a regular basis when I was ~9 years old, playing RuneScape. Since then, I've spend probably 10s of thousands of hours on the internet - downloading torrents, signing up for sketchy Russian websites, doing online banking, testing experimental software downloaded over HTTP from a .xyz domain. I graduated high school, went to a technical college for compsci, graduated, worked in helpdesk, desktop support, IT management, and more recently DevOps. I develop software using all sorts of package managers, and used hundreds of thousands of unvetted software packages that arrived as dependencies.
Not once have I, or anyone I've been responsible for, been hacked. No crypto, no viruses, nothing. What the heck are you guys doing getting your Android phones hacked???? Like I only use a modicum of common sense these days, but I guess I've just been lucky and have been the odd one out. I still enjoy reading HN arrivals about security though, so maybe I just have always been slightly more security conscience?
In any case, this is just a stream of consciousness / gut feeling comment. Don't put too much weight into it, I haven't.
The way in which getting hacked works these days is that you as the user will never know. They will just silently exfil your data, and also use you to get to others. You will be none the wiser.
If it's so secret that nobody will ever find out, then I'm okay with it.
On the other hand, it's true that some people find out their credit score is trash right before buying a house, or that their name is involved in terrorism when applying for a visa, etc.
"You know what I really want? No more "app stores" or "app managers". Just let me download and run an application, like on every non-mobile computer in the world."
pretty sure you can do that, just use non android/ios mobile os
kali linux,ubuntu mobile os is up there, no one force you to use android/ios system
man, i feel this big time - all i want is to just run what i want on my phone without all the locked down nonsense, feels like every device now is less mine than ever tbh. ever wonder who actually gains the most from all this locking down? is it just security or something else too?
Unobtanium supports more sources, has more features, and is actively developed.
https://obtainium.imranr.dev/
https://github.com/ImranR98/Obtainium
s/Unobtanium/Obtainium/g
Funny how everyone in this thread uses the wrong name, like a collective halluzination :D
I've seen you type this exact phrase twice now and I'm not sure what it means.
https://unix.stackexchange.com/questions/159367/using-sed-to...
Cloudflare blocked my access from Safari ios
This is what I use, and it works well. It's very straightforward to add apps and automatically update them as new releases are pushed to Github or wherever they are hosted.
What a bad name for such app, as it has nothing to do with the actual git.
I've noticed this on my org as well, people refer to "putting things in git" and 75% of the time they're referring to the source forge.
You know what I really want? No more "app stores" or "app managers". Just let me download and run an application, like on every non-mobile computer in the world.
I hate the constant updates. I hate the end-of-life OS forks. I hate the limited programming languages. I hate that there's this complicated gatekeeping, where you have to jump through a bunch of extra hoops to install a program if it hasn't been blessed by some specific official organization. And I hate that all the mobile phones come locked up (if not to a mobile carrier, then to an operating system, only able to be maintained by a specific 3rd party, and the device becomes a useless brick once that specific 3rd party stops supporting that specific operating system on that specific device).
Regular computers work much better. A common architecture. Run any OS built for that common architecture. Run any program that has executable machine code for that common architecture. You can install a different OS when the old one is unsupported. You can keep using the hardware until the hardware dies, not just until the company who made it drops that hardware's support. Common hardware components so every OS doesn't have to support every different individual model of computer. No gatekeeping of the programs you can install. No extra hoops. Just a machine that can run whatever you want it to.
I just want a computer in my pocket. I don't want all the extra bullshit.
You can download an ".apk" file and just install + run it, like an ".exe" or ".msi"
It is.
The belief that all mobile devices are this locked down is Apple's greatest trick.
I don't even think it is premeditated by the Company's leadership. But the users and ecosystem evolved in a way where this level of fandom and narrative are great for them.
You have to install the app. You can’t just run it directly, as opposed to executables on desktop computers.
I agree... but also that computer in our pocket has our entire life wrapped in it.
The desktop has some mitigations against this. PWNing your mobile device could completely wreck you in a lot of ways.
I switched from android to iphone because someone 0-day'd me. I'm not saying it can't happen on iOS or something; just less likely - and mostly because of these restrictions.
Can OSes offer an application sandbox feature, where I can define sandboxes within which to install applications. Applications within a sandbox only has visibility into the resources I define: some folders, no camera or mic etc. I understand that app permissions do the same, but this would be more convenient than having to define granular permissions each time you install an app.
> Applications within a sandbox only has visibility into the resources I define
Isn't that more than a typical sandbox what you're asking for?
The GrapheneOS developers said they're working on a feature where every app could be run in its own VM, like on ChromeOS: https://discuss.grapheneos.org/d/20647
> some folders, no camera or mic etc. I understand that app permissions do the same
The "some folders" part is already true for Android. Apps can't blanket access files/folders of other apps (save for ones stored in "external storage", which has also been scoped down in the recent releases: https://source.android.com/docs/core/storage/scoped).
> more convenient than having to define granular permissions each time you install an app
It isn't Android that makes this inconvenient. It is the app developers that cause "prompt fatigue" (by showing permission requests repeatedly) or "blackmail" by refusing to work until permissions are granted. A new sandbox mechanism is unlikely to change much.
> It isn't Android that makes this inconvenient. It is the app developers that cause "prompt fatigue" (by showing permission requests repeatedly) or "blackmail" by refusing to work until permissions are granted. A new sandbox mechanism is unlikely to change much.
That's why spoofing should be an option. You want GPS? Timbuktu. You want my camera? Here's a close up video of a saggy scrotum. You need access to my contacts? Here's an address book with the contact details for all the funeral services within a 50 mile radius.
Wait that? If someone burns 0-days against you, you have bigger problems and an iPhone won't save you.
Yep. With exception to apps that don’t interact with the internet in any way whatsoever (not even opening downloaded files), which is pretty rare, keeping up with library updates is pretty important if one doesn’t want to make them ever more of a sitting duck as time goes on.
People keep talking about having been hacked, but it's honestly baffling to me.
I'm 28. I started using computers on a regular basis when I was ~9 years old, playing RuneScape. Since then, I've spend probably 10s of thousands of hours on the internet - downloading torrents, signing up for sketchy Russian websites, doing online banking, testing experimental software downloaded over HTTP from a .xyz domain. I graduated high school, went to a technical college for compsci, graduated, worked in helpdesk, desktop support, IT management, and more recently DevOps. I develop software using all sorts of package managers, and used hundreds of thousands of unvetted software packages that arrived as dependencies.
Not once have I, or anyone I've been responsible for, been hacked. No crypto, no viruses, nothing. What the heck are you guys doing getting your Android phones hacked???? Like I only use a modicum of common sense these days, but I guess I've just been lucky and have been the odd one out. I still enjoy reading HN arrivals about security though, so maybe I just have always been slightly more security conscience?
In any case, this is just a stream of consciousness / gut feeling comment. Don't put too much weight into it, I haven't.
The way in which getting hacked works these days is that you as the user will never know. They will just silently exfil your data, and also use you to get to others. You will be none the wiser.
If it's so secret that nobody will ever find out, then I'm okay with it.
On the other hand, it's true that some people find out their credit score is trash right before buying a house, or that their name is involved in terrorism when applying for a visa, etc.
>Just let me download and run an application, like on every non-mobile computer in the world.
You can do that. Pretty easily. Having to manually update software is pretty annoying though, so why not automate it?
"You know what I really want? No more "app stores" or "app managers". Just let me download and run an application, like on every non-mobile computer in the world."
pretty sure you can do that, just use non android/ios mobile os
kali linux,ubuntu mobile os is up there, no one force you to use android/ios system
I'm a Fedora guy through and through but...did Ubuntu Touch die on the vine? It seemed like it was approaching some approximation of this.
It's still around,but only supports a few devices. Last I looked, it didn't work with volte.
They make normal computers that small now. You can buy one.
Did we all forget Bonzai Buddy?
That model doesn’t work for most people. Most people want the latest version at all times, and don’t want to have to sysadmin their phone.
I <3 obtainium, i'm not sure what unobtanium is
you wouldn't get it
sorry, I don't use android, but how is this different from unobtainium?
Unobtanium supports more sources, for one.
s/Unobtanium/Obtainium/g
Unobtainium is horrible unreliable and clunky software. It's way worse than AUR and that's an under statement.
In what ways?
[dead]
I'd suggest Unobtanium. This doesn't look actively maintained.
man, i feel this big time - all i want is to just run what i want on my phone without all the locked down nonsense, feels like every device now is less mine than ever tbh. ever wonder who actually gains the most from all this locking down? is it just security or something else too?
Hasn't been updated for 2 years. Is it feature-complete?
But what about https://f-droid.org/en/ ? It do the same but have a nice gui =)
F-Droid
F-Droid requires a compatible repository; it doesn't work with GitHub releases.
should have used gitlab
or forgejo
I was thinking that one could "roll their own repository" that scrapes githubs and then just throw that into f-droid.
Probably already exists.
Aka how to give anyone who can legally compel Microsoft RCE on your device.
We all put far too much faith in the github.com TLS cert.