96
submitted 3 months ago by henfredemars@infosec.pub to c/android@lemdro.id

This article goes into more detail about how these new measures will actually work compared to the blog post earlier this year from Google. Namely:

  1. Enabling the OEM unlocking setting will no longer prevent FRP from activating.
  2. Bypassing the setup wizard will no longer deactivate FRP. FRP restrictions will apply until you verify ownership of the device by signing in.
  3. Adding a new Google account is blocked.
  4. Setting a lock screen PIN or password is blocked.
  5. Installing new apps is blocked.
all 41 comments
sorted by: hot top controversial new old
[-] KickMeElmo@sopuli.xyz 62 points 3 months ago

Sounds like good ideas that'll be a pain in the ass for innocent power users.

[-] philodendron@lemdro.id 21 points 3 months ago

Until they sign back in to their own phone..? How is that a pain?

[-] piracysails@lemm.ee 11 points 3 months ago

Not eveyrone has or needs a google or any system-wide account to use their phones.

[-] Jrockwar@feddit.uk 5 points 3 months ago

This assumes everything works fine. It's probably an edge case, but on my Nexus 6P an update somehow messed with my encryption keys, and the screen lock pattern that I'd used for over a year stopped getting recognised. I can't remember the solution but I vaguely remember having to factory reset. Whatever the solution was, it wasn't too different to what a thief would do... I was bypassing the screen lock after all.

[-] ReversalHatchery@beehaw.org 2 points 3 months ago* (last edited 3 months ago)

because I want to get rid of google, and not use or even have a google account anymore

[-] Markaos@lemmy.one 6 points 3 months ago

If you don't sign into a Google account, you will never arm this mechanism at all.

[-] BaroqueInMind@lemmy.one 3 points 3 months ago

Then don't buy their devices? What a novel solution.

[-] ReversalHatchery@beehaw.org 4 points 3 months ago

Who's devices? This is not a manufacturer dependent thing.

Android is useful without any google built-in software, and unfortunately it's not affordable to avoid having a smartphone in today's world.
If you wanted to say to not buy Android devices, all I can say is you are very ignorant. And ignorance is a lot of things but novel.

[-] BaroqueInMind@lemmy.one 1 points 3 months ago

I do not know if your being sarcastic, ignorant, or lazy, but there are other companies out there that produce cheap phones with operating systems other than android.

[-] baggins@beehaw.org 2 points 3 months ago

cheap phones with operating systems other than android.

Who please? All I know of are Apple, or Nothing Phone- they're not cheap IMO.

Genuinely interested though, I'd love to deGoogle.

[-] BaroqueInMind@lemmy.one 1 points 3 months ago* (last edited 3 months ago)

Since you asked nicely:

https://pine64.com/product-category/pinephone/

https://www.punkt.ch/en/products/mp02-4g-mobile-phone/

https://shop.puri.sm/shop/librem-5/

https://www.kaiostech.com/explore/devices/

https://shop.jolla.com/details/91eb91d3-c3de-41d0-b3c0-7075a339112d/

There's a reason iOS and Android OS both dominate the market: they do literally everything all these phones attempt to do but better in pretty much every single way, including the ability to easily de-Google ironically.

[-] baggins@beehaw.org 1 points 3 months ago

Aha! I have heard of Pinephone. Had forgotten them. Will investigate these others. Cheers!

[-] jbk@discuss.tchncs.de 6 points 3 months ago

Looks like they "just" have to stop signing in with a Google account, and may have to enable adb and install apps using it / e.g. Shizuku

[-] shortwavesurfer@lemmy.zip 39 points 3 months ago

Okay, according to the article, this functionality will only activate after you have signed into a Google account for the first time on the device. So, at least for those of us who use custom software such as lineage OS, that won't matter since we don't put a Google account on the device to begin with in a lot of cases. A lot of us boot the phone for the first time, skip the entire setup wizard as fast as possible without signing in or any of that stuff, and then immediately enable OEM unlocking and flash the lineage or whatever software.

[-] henfredemars@infosec.pub 10 points 3 months ago

I also imagine FRP will be ignored by custom ROMs even if the secret data is set.

[-] shortwavesurfer@lemmy.zip 6 points 3 months ago

Well, that won't matter unless it's a brand new phone or has been properly erased because you won't be able to install lineage anyway unless one of those two conditions are met.

[-] AbsoluteChicagoDog@lemm.ee 27 points 3 months ago

"Theievs" definitely not targeting power users...

[-] ElPussyKangaroo@lemmy.world 5 points 3 months ago

I'm more focused on the adorable plushie in the hero image 🥹❤️

[-] kokesh@lemmy.world 4 points 3 months ago

So... I flash wrong ROM, wipe everything and install the correct one and I'm screwed? Or do I just login with my Google account?

[-] henfredemars@infosec.pub 4 points 3 months ago

I think you would be fine. You’re only restricted if you log into the vanilla ROM, do some stuff, and later if you want to use the vanilla ROM again you’ll be required to login to the account you used last on the vanilla ROM to make it happy with the device.

I don’t expect custom ROMs will have any compatibility with this feature. I believe they would bypass it entirely.

[-] kokesh@lemmy.world 2 points 3 months ago

I guess they can skip this crap completely whatsoever

[-] Rikj000@discuss.tchncs.de 2 points 3 months ago

The more I hear about Android 15,
the less excited I get for it..

[-] ReversalHatchery@beehaw.org 2 points 3 months ago

for me it's been the same since 8. sure there are some good changes, but generally it's forced restrictions upon more forced restrictions, and I hate it

[-] istanbullu@lemmy.ml 2 points 3 months ago

Google is making Android worse and worse in each release.

[-] claudiop@lemmy.world 14 points 3 months ago

Why exactly is this worse?

It is an optional feature that the majority of people will be using, making herd immunity for those who do not

[-] aluminium@lemmy.world 0 points 3 months ago

yeah great, EDL mode still is exists...

[-] henfredemars@infosec.pub 3 points 3 months ago* (last edited 3 months ago)

True! But it still hurts the resale value because users are likely to notice a device with broken secure boot if you were to somehow use it to forcefully flash a modified ROM.

Are you proposing this mode could be used to somehow clear the secret data?

My understanding is EDL mode can refuse to flash some partitions and some devices will not enter this mode if fastboot is working, which also enforces preventing access to some partitions. Most people who use EDL already unlocked the bootloader, but I don’t think this method works on all devices if the boot loader is still locked.

[-] UnbalancedFox@lemmy.ca 0 points 3 months ago

And for those who dont install GApps...?

Still neat I guess.

[-] jbk@discuss.tchncs.de -1 points 3 months ago

This could still be bypassed by flashing a new OS that deliberately messes up the userdata wipe-persisting secrets. Well idk if there's a way to prevent that, but I guess really needy and tech-savvy people could recover lost devices that way

this post was submitted on 08 Sep 2024
96 points (97.1% liked)

Android

17834 readers
92 users here now

The new home of /r/Android on Lemmy and the Fediverse!

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

🔗Universal Link: !android@lemdro.id


💡Content Philosophy:

Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.


Support, technical, or app related questions belong in: !askandroid@lemdro.id

For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id

💬Matrix Chat

💬Telegram channels / chats

📰Our communities below


Rules

  1. Stay on topic: All posts should be related to the Android OS or ecosystem.

  2. No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.

  3. Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.

  4. No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.

  5. No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.

  6. No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.

  7. No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.

  8. No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.

  9. No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!

  10. No affiliate links: Posting affiliate links is not allowed.

Quick Links

Our Communities

Lemmy App List

Chat and More


founded 2 years ago
MODERATORS