Question for geopolitical nerds and tech nerds.

If you have a stock android phone, it's almost impossible to use it without a Google account. If your nation becomes what is essentially at war with the US, or is under sanction. Does the whole country get their Google accounts blocked, thus rendering their phone almost unusable (without rooting it or reflashing the os etc?).

@quixoticgeek the same applies to Apple phones

@quixoticgeek Apple phones would cease to get OS updates, and presumably lose access to iCloud, maybe email. But it’s possible to use one without iCloud.

…notifications would be a pain though, I think they need to work through Apple servers.

@DrHyde I assume as much, but I have only had an apple phone for 1 week, so don't have direct experience of them really

@quixoticgeek Theoretically yes. Although what would actually happen who knows. It's a step nobody has really tested

But in theory
- Every Android phone stops doing Google services, and any US managed one gets turned into a brick
- Every iphone is a brick
- Every windows PC ransomwares itself
- Every home appliance with a US connection is destroyed or worse
- Every US controlled home battery and solar device stops working

and so on. This is why in reverse the US is scared of China

@quixoticgeek oh and needless to say those nice Tesla cars won't be going anywhere but nor will any US controlled ICE car either or anything with a US cloud based security system

@quixoticgeek the other comments on this are correct but i will also add that Google and Apple (among others) really like money and would probably find a way to get exceptions on the basis of civilian use or something.

if the US truly cut off all trade relations with Europe, the US economy would be fully cooked anyway. the EU is the US' biggest trading partner!

@bigmarinara oh yes. This is totally mutually assured destruction. EU nations have $8Tn of us debt, if they call it in, that's the US economy bricked. Etc... this doesn't end well for anyone. At all. It would be an event on the scale of the collapse of the Roman empire in the mark it would make on human society and history.

@etchedpixels @quixoticgeek I guess first step with Androids is to unlock your bootloader while your phone can still talk to required servers.

And next steps should be "bricking someone else's hardware is a crime" and "selling devices that depend on remote services for advertised functionality is not allowed".

@quixoticgeek
I have been wondering this and pondering the Fairphone with Murena OS as my next phone when the current Samsung dies.
It isn't dying, and I keep fixing it when needed.

@Maker_of_Things I have a fairphone, but I have stock android on it because lots of stuff like banking apps only work on stock android...

@quixoticgeek now I'm wondering how this works for nations currently sanctioned by the US, like Iran

And I'm assuming Chinese businesses or their goverment are also not too happy with the US having this leverage. Huawei has their own OS?

@meeoo this is something I am likewise wondering.

@quixoticgeek
Grrrr, that would be quite an issue!

@Maker_of_Things yep.

@etchedpixels @quixoticgeek Most of the streaming media (Netflix, Amazon, Spotify) gone. No AWS. No Azure..

Nobody is going to test that..

@tony @etchedpixels yeah. MasterCard and visa are gonna stop working too, I assume.

@quixoticgeek
I can really see why Mum tells me I should be withdrawing cash and hiding it away.
She is expecting war, having lived through WW2 and the revolution in China.

@Maker_of_Things here in .NL all cash machines have a dependency on AWS...

@quixoticgeek It would be nice if we had plausible alternatives to Android and iOS.

@lopta total agreement.

@tony @quixoticgeek more likely the non US operations would be seized. There's a mutually assured destruction aspect not unlike nukes involved
And it's easier to sell US bonds and put the US borrowing rate up to 20%

@quixoticgeek The right response would be arresting all US national employees of the company complying with sanctions within their borders as criminal saboteurs and holding them til they produce capability for domestic unlocking of devices.

@quixoticgeek Hot take: foreign nation state agent using backdoor access to brick devices civilians need for everyday life is an act of war and a war crime.

@etchedpixels @quixoticgeek Properly configured Windows shouldn't brick or ransomware. But they've made it increasingly hard to properly configure. And there may be unknown backdoors by which it could be done more intentionally.

@quixoticgeek What's the status of Google and Apple accounts in countries already under sanction by the U.S.? I'm genuinely curious. I know that some people sanctioned have been individually targeted, but I dunno if whole countries are locked out.

@etchedpixels @quixoticgeek Almost every fibre of my being is hoping that this madness passes soon and we never find out.

But I have to admit to having some curiosity about how it all would really play out. Again, I don't really want to live through it, and I certainly don't want the U.S. to go down this road and upend our relationships (further) with the rest of the world. But I do have a morbid fascination about what would happen... because if it did, it would be one hell of a shitshow.

@etchedpixels @quixoticgeek It's a damn shame this isn't a movie and not real life. Then again, if you made a movie of this, critics would tear it to shreds. Who would possibly believe the villains are real-life people here? A sex criminal puppet of Russia gets into the White House and has the support of more than 30% of the country? Bannon and Miller? They're effing cartoonishly evil. Absolutely two-dimensional. Roger Ebert would come back from the dead to give it two thumbs down.

And this is our life...

@jzb @etchedpixels @quixoticgeek remember what depends on Google / Amazon / Apple. I'm in Canada and our Governments host everything on US infrastructure. Quebec Healthcare? Azure. BC elections ? Azure. Etc. (that's for the one I do know) Filing taxes? Intuit. The PC in offices ? Microsoft.

Our F35 (overpriced fighter jets)? The remote kill switch is american. The maintenance can only be done by the US company.

Yes, as a nation we are THAT stupid.

@hub Humans in general are not real good at this kind of planning and threat detection. They're just not.

A lot of sci-fi imagines the human race encountering alien life and civilizations that are more advanced than we are. I think we've already invented technology, systems, and structures that are too complex for us to control. And we've let the worst possible people take the wheel.

Sigh. Is 9 a.m. too early for Scotch? Asking for a friend...

@etchedpixels @quixoticgeek

@Maker_of_Things @quixoticgeek Seventh and last, phones are internet, as are banks.

Internet root DNS is in the US; not as completely as it was, but no one has been doing "let's turn the root DNS off and see what happens" testing, so let's just assume that the whole thing falls over if the US turns the DNS service off.

This takes out the entire machinery of the economy; the ability to transfer money, credit, and all the stuff (like fuel deliveries) that require the credit system.

@graydon @Maker_of_Things yes and no. RIPE control one of the root servers. We might end up with a split brain. But there are 13 root servers around the world.

@Maker_of_Things @quixoticgeek In, oh, about three months, say, something will have come back up to facilitate exchange.

(Exactly what is not entirely predictable from here; unless it's your job to plan for building the thing, I wouldn't worry about just what we'll get that much.)

The trick is to get through that three months. (For anybody who needs their meds, this is likely to be impossible. But having substantial cash on hand will not hurt.)

@jzb @etchedpixels @quixoticgeek If it wasn't for the loss of life and bodily harm, the chaos engineer in me really wants this to happen once so the tightly coupled and largely unnecessary dependencies get fixed.

It's not that we can't, it's that we rather deem prevention "not cost effective".

It'd certainly be worth doing a large civil catastrophe drill on.

@Maker_of_Things @quixoticgeek I’m constantly being asked by family members recommendations on money investment. I’ve said for a year get it out of America. Depending upon where we are up to I have suggested multiple things. I bought my gold more than a year ago.

@Queen1066 @Maker_of_Things i would suggest the best investment is actually knowledge and skills. Don't buy gold or t bills or whatever. Buy a blacksmithing course. Books on gardening. Learn how to repair a bike. Do a course in how to install PV. The value doesn't go down.

@dalias @quixoticgeek The trouble with war is that the reign of bullets is much faster than the rule of law: saying "we'll sue you in court" when there is a gun at your head isn't a practical strategy.

In other words, here's the timeline: Trump tells US Tech to brick phones. Tech bricks phones. Bombs are dropped. People die. The US courts say it was illegal. The foreign courts say it was illegal. The international courts say it was illegal. People are still dead.

If at war: think rules of war.

@poleguy @quixoticgeek I'm not talking about US courts. I'm talking about nations the US potentially wages war on treating this as an act of war and using their state monopoly on violence to seize agents of the collaborating corporations and make them assist in righting their employer's wrongs.

@Maker_of_Things @quixoticgeek My banking app only works on stock Android and not rooted! I found out when I rooted my tablet a while back and it told me off!

@quixoticgeek @Maker_of_Things plus, even if you had cash at home, I doubt anything at your local Dutch supermarket would work without all these nice online services. Perhaps even the e-ink price labels would be screwed, who knows what dependencies we have there?

@quixoticgeek @Maker_of_Things Not getting shit from bank appsis one surprise advantage of living in Poland

@HaTetsu @Maker_of_Things how so?

@quixoticgeek It's worse than that. If your login identity on an unrelated website is tied to a Google email account you won't be able to reset passwords, authenticate actions, etc. It's a way to slowly offline a country.

@quixoticgeek knowledge & skills are great but it forgets the most important thing. Survival needs community above all else.

@dalias @quixoticgeek Right. I sort-of read your first message that way.

I think that is already a thing.

My US tech company employer sometimes sends out emails warning people to stay out of particular countries at particular times because of the risk of kidnapping.

Your "hot take" inspired my response, but now I re-read it I see was off target.

@poleguy @quixoticgeek Yeah. In the past that threat has pretty much only been used for nefarious purposes, but the reality is that nation-states with access to state violence have this power/threat, and while it's not nice, it's appropriate that it be used in defense of their populations when a superpower wages war on them.

@claralistensprechen3rd @dalias @quixoticgeek Not if they pushed an update to erase it, or if you've got bitlocker dependencies.

@dalias @poleguy @quixoticgeek the only agents of Google et SL within reach will be sales, marketing and customer service, not the decision makers or engineers in California or Seattle.

@fazalmajid @poleguy @quixoticgeek Is that really the case? Surely there's plenty of physical infrastructure in these countries, and there should be people responsible for it. I'm not sure how you leverage that best, but you should at least try in a situation like this.

@etchedpixels @claralistensprechen3rd @quixoticgeek A properly configured Windows doesn't install updates until you run out of "shut up and remind me later" and fail to find the way to bypass that.

@tony @etchedpixels @quixoticgeek I suspect digital cinemas as well.

@quixoticgeek Worse, a lot of core functionality isn't in Android itself but in Google Play Services which requires a Google account to get and isn't available except for Google-approved phones. That's making AOSP increasingly problematic.

@tknarr @quixoticgeek LineageOS devices work fine without that (optionally using microg if you want to support apps that need it; this doesn't require a Google account AFAICT).

@dalias @tknarr but do things like banking apps work on it ?

@quixoticgeek i think we're already at "collapse of the Roman Empire" levels of shit by now

no matter what happens next, Trump has blown up the world order the US has sat atop for the past 80 years. all because he and his goons just had to be really, really racist... it's truly something.

@etchedpixels

A phone can be replaced. I care less about the phone than about my data.

#Google

@quixoticgeek

@CppGuy @etchedpixels @quixoticgeek timely reminder back up all your cloud data locally. Google extracts are a bit of a pain to navigate but better safe than sorry.

@etchedpixels @quixoticgeek I think the Teslas will keep rolling. You just might see a lot more data traffic going back to the US. I mean, the things are rolling sensor platforms. Excellent for information gathering.

@ArtHarg @quixoticgeek look at what happened with some fancy cars getting remote killed in Russia

@quixoticgeek
Just switched tot #grapheneos thuis week.
I van highly recommend it.
Works flawless.

@Johan_Barelds including all banking apps ?

@quixoticgeek
They complain but work, might need google play/services

Here's a list of apps that doesn't work https://grapheneos.org/articles/attestation-compatibility-guide#apps-banning-grapheneos

@Johan_Barelds

@mattesilver @Johan_Barelds how many work without Google play services tho ?

@Maker_of_Things @quixoticgeek but will cash have value?

@Photo55 @Maker_of_Things only if we give it value...

@quixoticgeek @dalias @tknarr depends on the bank. some banks check play integrity and some don’t so ymmv

@root @quixoticgeek @tknarr If they use Play Integrity correctly, I think microg's spoofing of it should work. But if they do more sketchy shit, no. I'm not sure; I don't use apps. I insist on only using the websites.

@quixoticgeek Yeah, apps for services that exist outside of the States needed to be hosted on F-Droid yesterday, but they're not completely fucked for delaying. AuroraStore can at least bridge the gaps for app installations. Millions of people would still need to migrate off Google services ASAP but that's an easier goal to obtain once people can still install those apps.

The bigger problem is system updates. It's hard to patch security vulnerabilities when Google's servers are blocked to you. It's even harder when custom ROMs are only getting source for AOSP, the base they all use to build the ROMs, twice a year now instead of every time it's released.

@disorderlyf @quixoticgeek
Having Google's servers blocked is the optimistic case.
The US could also not block the servers, but force Google to put out updates to EU users that brick every phone.

@disorderlyf @quixoticgeek OS level security updates are largely irrelevant unless you're running sketchy malicious apps.

@quixoticgeek
You can install google play/services as normal apps, they're just sandboxed

@Johan_Barelds

@mattesilver @Johan_Barelds right. The whole point of this exercise is to avoid having the Google shit on the device...

@quixoticgeek
Complain at your bank. There's available hw native attestation api, they just choose not to use it
@Johan_Barelds

@mattesilver @Johan_Barelds cool. That's so incredibly helpful. What a brilliant suggestion... Me as a single customer making a complaint will be absolutely all that's needed for them to make their app work without google play...

@dalias
Nah, a properly configured Windows is called Linux.

@etchedpixels @claralistensprechen3rd @quixoticgeek

@happyborg @etchedpixels @claralistensprechen3rd @quixoticgeek Never change, fedi.. 🙄

@quixoticgeek @Maker_of_Things Switch banks if that's the case. You're Dutch right? ASN for example can be used completely through their website, which yes works fine on mobile as well. No apps needed, not even a mobile phone, and still online banking.

@bart @Maker_of_Things I'm not Dutch.

Does the barcode scanning stuff work on the asn website?

@quixoticgeek I object to your "almost impossible" as I have used a Google Pixel for at least a year without a Google account. All essential apps worked just fine. However, I wasn't totally sure that it didn't have some ties with Google anyway so my new Fairphone runs Murena (/e/OS) and that feels better.

@alzimon @quixoticgeek I second your comment. Using Nothing Phone with e/os myself. Which admittedly is "reflashing the OS"...

But some apps are exclusively in Play Store (e.g. my Banking App). Thanks to Murena and e/os this works without a Google Account but if they decide to geofence, I will have issues...

@landesfeind I see the problem. Luckily, my banking app works just fine. But my point was that @quixoticgeek predicted immense pain, while actually it's not THAT bad, even without reflashing (at least for my n=1)

@alzimon @landesfeind except for the possible pain of having to change bank account... No pain at all...

@quixoticgeek @bert_hubert ihm, extend that to all Microsoft 365 and Google Workspace accounts and you have the majority of modern companies being unable to work and access their data.

@jmovs @bert_hubert yes. Entirely.

@jzb
I hope the world can learn about the problems of centralization even without this going much further.

There was some talk by the US government of splitting out Chrome from Google. My dad and I discussed this a bit...

I think Google is too big. But I think the way it needs to be split is not by taking out one product that isn't high friction to switch.

IMO The change we need is making it easy to move across services & suggested and smaller service providers.

@etchedpixels @quixoticgeek

@jzb
That I need a phone blessed by one of two tech giants to run certain apps is a bigger problem than one dominant browser.

And regarding that browser issue, the bigger problem is web sites being made that require it to function. That only enforces the monopoly. Especially when those web sites are ones that you need for paying bills/taxes. There was a similar problem with MSIE 25 years ago, but then the web was less mandatory for daily life.

@etchedpixels @quixoticgeek

@quixoticgeek

Fairphone has a google free phone
Fairphone 6 eOs

@Ellis that's all well and good, but does it support all the apps people need like banking and government apps ?

@quixoticgeek @Maker_of_Things Ah, I read in the thread that you were in the Netherlands at least and assumed more from that, sorry!

I'm not sure I know what you're referring too (barcode scanning), so I guess I don't have a need for it and am thus not missing out on it either.

@quixoticgeek
Don't be frightened of reflashing the OS.
I recently bought a Pixel (ironically made by google), and changing to @GrapheneOS was remarkably easy. The web installer went very smoothly, no tech skills or software tools needed.

I remember the days of reflashing my Galaxy i9000 and several others over the years. It was a real effort, so I understand why most people would be nervous.

You could also check out @murena
Who sell phones with /e/os preinstalled.
#degoogle

@coffee2Di4 @GrapheneOS @murena my concern is that I lose the ability to use the apps I need to survive.

@coffee2Di4 @quixoticgeek There are devices sold with GrapheneOS preinstalled but it's very safe and easy to install it via the web installer with 24/7 real time support via our official chat rooms.

/e/ has very poor privacy and extraordinarily poor security. Sending user data to OpenAI without consent is the tip of the iceberg. They do not provide proper patches and updates. See https://discuss.grapheneos.org/d/24134-devices-lacking-standard-privacysecurity-patches-and-protections-arent-private for details and links to third party articles. It's not at all similar to GrapheneOS.

@quixoticgeek

I've not used /e/is myself, but so far, I've not found anything that doesn't work in #GrapheneOS
My banking app complains that I need to 'tap to finish setup' and directs me to Play Services, but still works.
I can install anything from the sandboxed google play, F-droid and the Graphene app store which let me know if any apps have available updates.

Importantly, it is easy to revert to stock OS

@GrapheneOS @murena

@coffee2Di4 @quixoticgeek /e/ has far less app compatibility than GrapheneOS and isn't a robust production quality OS. More importantly, it lacks the basics of privacy and security due to being months and even years behind on Linux kernel, driver, firmware and other patches. It usually takes them weeks to ship incomplete Android Open Source Project and browser engine patches. It's not a privacy or security hardened OS at all. Look at https://discuss.privacyguides.net/t/murena-voice-to-text-service-in-e-os-sends-the-users-audio-to-openai-which-is-hidden-away-in-their-terms-of-service/29257 for an idea of their approach.

@quixoticgeek @coffee2Di4 The vast majority of Android apps work fine on GrapheneOS.Can start by keeping things simple through installing sandboxed Google Play in the Owner user if you want a similar experience to the stock OS with far better privacy and security. Alternatively, you can split things up more by making a dedicated profile (work profile, Private Space or secondary user) for sandboxed Google Play as many users do but it's not needed for it to be regular sandboxed apps.

@quixoticgeek @coffee2Di4 A tiny portion of apps ban using any alternative OS via the Play Integrity API. Other than that, nearly all Android apps can be used on GrapheneOS. For apps with bugs caught by our security features, there's a simple per-app compatibility mode toggle to work around all those issues which isn't needed for most apps. Banking apps are the main ones banning using another OS, perhaps around 15% of banking apps in total. You can check https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/ for your bank(s).