this post was submitted on 30 Jul 2023

27 points (90.9% liked)

Privacy

32167 readers

432 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

[email protected]

How on earth is Google allowed to lock android using FRP and force everyone to sign-up using their phone number. Where is the EU ? (self.privacy)

submitted 1 year ago* (last edited 1 year ago) by erranto to c/[email protected]

13 comments fedilink hide all child comments

I was looking at buying a new android device with either android 12 or 13. and I wasn't ready to see how all phones shipping with these versions have forced sign-up using a mandatory phone number. the step cannot be skipped , and workarounds are very tedious and sometimes require a PC.

Where is the EU when you need them. how is it acceptable to force people to sign-up to your spying software when they want to acquire a smartphone?

Are there no laws in place to forbid this type of bundling between hardware and forced subscriptions ??

Are there any privacy non profit organization that can take them to court ?

all 14 comments

sorted by: hot top controversial new old

[–] JubilantJaguar 9 points 1 year ago (3 children)

As already pointed out, this is not correct, at least not yet. On stock Android 12, you can skip adding a Google account. Everything will work except Google Play. So first step is to sideload F-Droid from its website, and then you'll have the run of the FOSS catalog. I know all this because I did it recently.

On a new laptop, however, Windows is becoming like what you report: you are forced to cough up an email address or phone number just to get it running. There's no validation step, though, so fake addresses are fine for now at least. So even if all you want to do with Windows is download and burn a Linux ISO, Redmond is going to require your personal details first. This is a completely scandalous situation.

So I agree with you completely. These are unacceptable trends and we are going to need to get better organized politically if we want them stopped.

[–] DrunkRobotMan 2 points 1 year ago* (last edited 1 year ago) (1 children)

Windows is becoming like what you report: you are forced to cough up an email address or phone number just to get it running

You can actually install windows 11 without a Microsoft account, but it is not at all obvious how to do it. You have to be disconnected from WiFi, run some commands in CMD, and reboot the computer. Then, and only then, the windows 11 installer will allow you to bypass the Microsoft account setup.

Edit: I know because I recently did this

[–] JubilantJaguar 3 points 1 year ago* (last edited 1 year ago) (1 children)

Yeah I did hear about this workaround. But really, I resent being made to jump thru hoops like this, and so do you. Besides, we all know the deal with obscure loopholes - they end up being closed as soon as few enough people are using them. So at what point are we going to refuse to play these games?

As an intermediate step, I'd say the best option right now is sabotage. Play Microsoft's game but give them a fake useless email. If and when the email validation step comes, then we should create and use fake useless email accounts. All while making sure to gum up their systems with as much fake useless data of other kinds whenever it is asked for, of course.

Other option: get organized and have a LInux boot USB ready before buying the computer. That solves the whole issue.

[–] DrunkRobotMan 1 points 1 year ago

Absolutely agree! It's really sad that I need windows for work, otherwise I would've fully committed to linux already.

[–] QuazarOmega 1 points 1 year ago (1 children)

Definitely hate the forced online accounts, luckily you can work around it still by making the installation medium with Rufus or during setup with one of those "test" accounts that due to being overused enable you go to local account creation instead.

You'll have to run the FOSS catalog

You can still get Play Store apps through the Aurora Store if needed

[–] JubilantJaguar 2 points 1 year ago (1 children)

Sure, there are workarounds. But workarounds are a sticking plaster. The trends are all wrong and one day we are going to have to fight all this rather than work around it.

You can still get Play Store apps through the Aurora Store if needed

Searching for apps in Aurora is currently broken, requiring yet more obscure workarounds in order to install anything that is not super popular.

And then a large bunch of Play apps don't work or only half work because of a Google Play Services dependency, often totally superfluous to the needs of the app. Seems to me the writing is on the wall for free computing on Android.

On desktop there is slightly more hope, if only because the hardware is less cutting-edge so it's easier for FOSS to keep up with change. And because of the web, and PWAs. IMO these should be the focus of campaigning and regulation.

[–] QuazarOmega 1 points 1 year ago (1 children)

Of course, I didn't mean to argue against strict regulation, on the contrary, it would be sorely needed on the nigh-enslaved to Google platform that is Android.
Just wanted to share what we can do right now to avoid some of those issues. About app searching in Aurora I think I had it working sometimes, but right now it doesn't seem to work, it should depend on which anonymous account session you get logged into, otherwise you can still search in the website and open in app after you have opened the result you were looking for.

Unfortunately forcing app developers out of relying on Play Services is going to be a tough one, so in that regard you will probably remain restricted to mostly open source apps if you can't/don't want to use MicroG

On desktop there is slightly more hope, if only because the hardware is less cutting-edge so it's easier for FOSS to keep up with change

What do you mean by that?

[–] JubilantJaguar 1 points 1 year ago

Agreed about the general situation on Android.

you will probably remain restricted to mostly open source apps if you can’t/don’t want to use MicroG

But what will that leave, in the end? Anything involving money: out. Anything commercial on a map: out. Banking: out. Streaming and other content apps: out. Between the cloud paradigm and DRM and Safety Net and its inevitable successors, what is de-Googled Android going to actually be able to do?

Take photos? OK. Play music like an MP3 player circa 2005? Maybe, or maybe not: only recently I had terrible trouble finding a FOSS music player that can reliably delete a local file without it hanging around in the Android media cache. The dev of one such app explained that it's because Google is making it ever harder to manipulate local files, they seem to want people to forget the whole paradigm of files altogether. And indeed it seems younger people don't much understand the concept of files these days.

So yes, right now we can jump thru hoops and make things work. But for me it is not a very hopeful situation.

As I understand it, desktop has more breathing space for two related reasons. 1: the web is still an open ecosystem (servers, clients and software) and the web, being the top layer in the stack, is always going to work better on bigger screens and more powerful hardware. And 2: desktop hardware is generally more mature technology and thus easier to make work with Linux than the world of mobile hardware, which is chaotic and fast-moving and undocumented and spread between a ton of different manufacturers. I am not an expert on this but that does seem logical.

[–] PrepaidCompare 7 points 1 year ago

When setting up, you can skip adding a Google account. It's not mandatory. Neither is a phone number unless you want to actually use the phone as a telephone.

[–] EpicGamer 2 points 1 year ago (1 children)

Whats frp?

[–] erranto 9 points 1 year ago

Factory Reset Protection. a mechanism used to tie up the phone to a users identity so when its lost, someone else can't easily wipeout and factory reset it.

[–] [email protected] 1 points 1 year ago

Factory Reset Protection (FRP) only applies if you signed in a Google account and then did a factory reset via the recovery or a computer without logging out of the Google account. The purpose is that if someone steals your phone, it's a useless brick without the ability to log back into that same Google account.

Unless you buy a stolen device, as a user, you should never have to worry about that.

If you really want to, you can just skip the Google account on first setup, unlock bootloader and nuke the Google stuff entirely.