> Most Android devices these days have bootloaders that cannot be unlocked, preventing device owners from installing custom kernel images onto their devices. And even if you have a phone where that isn't true, Google's SafetyNet will prevent you from using many crucial applications, like your bank's Android app, on that handset.
Googles own devices not only allow you to unlock the bootloader, but to relock it with your own signing keys. So your statement is just wierd - if you care, vote with your wallet and don't complain how "most devices" don't give you feature you're not ready to pay for.
OP said "Most Android devices". You then singled out a specific subset of phones that are only a small portion of the market to claim that OP's comment is "weird".
OP's comment is accurate because Pixels are not "most Android phones". You also don't know whether or not OP already owns a Pixel, so I'd say it's "weird" to tell them not to complain without knowing whether or not they have already voted with their wallet.
Still, what's the point in telling someone "to vote with their wallet" instead of complaining? Why not both? Where, if not on HN, should we voice our opinion that tech is going down some path we aren't excited about?
Avoiding Google/FB/Amazon/Microsoft or whatever your megacorp of choice is is becoming increasingly hard, and it absolutely deserves being talked about. As do any other things in which our choices and freedoms continue to be snuffed out, and that point should be able to stand alone, without being weighed against things like "Vote with your wallet" or "But in Y thing we have more freedoms now! Why does X matter?"
These conversations are also worth having, but they shouldn't entirely replace the a call for alternative paths.
The general problem I have (personally) with these type of complaints is that there is no real way for any of these companies to act on it further. In the case of Google, they already have acted on it. It's just noise to them at this point.
If you believe something else is being snuffed out, it would help to mention what it is so people can help you. Because making that statement without context doesn't really stand alone, it's also just noise.
False. You just want to meta-complain. c0l0 has pointed out how Google(R) MoronNet(TM) in practice usually negates any benefit gained from how virtuous their kernel maintenance process is.
Google could definitely act on it further by leveraging their agreements with vendors who ship the proprietary Google components of most Android devices. That risks those vendors reimplementing the proprietary components from scratch though, which would fragment the Android ecosystem further.
You say that such complaints are just noise to Google because they have already acted on these complaints (ie, Pixel bootloaders are unlocked). On that, I think you and I agree re: pointless complaining.
I'm asking, why not continue to complain in an effort to push vendors with locked bootloaders to unlock them? Specific vendors are irrelevant, I'm just curious if you do/don't think people should complain to them, as well.
You've simultaneously demonstrated a misunderstanding of my comment, and - correct me if I'm wrong - answered my question.
My comment is not about specific vendors and their actions. My comment is only about wondering when, in your mind, is a valid time for people to complain; a philosophical question. That's why the question is broad - is it OK for people to complain about vendors who have yet to take action?
Your comment just now suggests that, yes, contrary to your post complaining about complainers, you likely think it's fine to complain to/about vendors who haven't taken action you'd like to see taken.
I'm not concerned with what's valid or fine or not, this is just if you want a chance to get your problem solved or if you want to waste your own time on a complaint that is to the wrong people. These out-of-context complaints/rants happen so often online that twitter even has a meme for it: https://en.wiktionary.org/wiki/sir,_this_is_an_Arby's
Edit: Your logic in the last paragraph doesn't follow to me, as I was responding to a specific complaint. So that's another reason I can't really give an answer to the question.
The poster wasn't just complaining about "most phones" but claiming there was no solution.
It seems perfectly reasonable to point out that there is a solution that works at both the individual and global levels. If you want to control your own android devices, there are several good options and if more people start making those choices then the overall situation will also improve.
2. Even though SafetyNet may not be as annoying as something like UAC, it still has deep reaching effects[1] since now the standards are proprietary and nobody can make an actual good UI alternative to the garbage dog-slow banking app.
The irony is your stale rhetoric only applies the other way: Users who were saved by "risk analysis" and firewall type systems don't know they were saved and don't care.
1. I assume this attestation is checked on the app's server - I assume Google signs their attestation that your device is "good" and this is verifiable by the server of the banking app. Otherwise the in app checks could just be nopped.
> vote with your wallet and don't complain how "most devices" don't give you feature you're not ready to pay for.
I believe that the ability of a device owner to exercise the same level of control over it as the company that manufactured it is a matter of consumer rights, not features.
It is not only about hardware. Lineageos re-uses binaries from the original image. The modem still runs original binaries. The bootloader is also original. Plenty of space to hide backdoors, possibly disguised as bugs.
that's not how it should be, that's how it is. The only way cheaper devices are so cheap is by cutting all the corners they can, and turns out one of the corners people don't care to be cut is their privacy and security
locking bootloader is a way to prevent you from undercutting their spyware.
if there is a spyware, than it is a part of their business model, and every user that got away is a drop in revenue. But their targeted users don't mind to be spied on.
How in the world is this a premium feature? It's a piece of software that can be written once (and only once), with the cost amortized between all OEMs.
Where I live, both of my banking apps work without SafetyNet and even Google Play Services. I have missed one or another app for having no Play Services, but nothing too important and it's offset by having the option to block all internet connection for other apps.
Googles own devices not only allow you to unlock the bootloader, but to relock it with your own signing keys. So your statement is just wierd - if you care, vote with your wallet and don't complain how "most devices" don't give you feature you're not ready to pay for.