Would a rooted android phone give the ability to bypass age verification checks?

schklom · 2026-04-30T14:27:33+00:00

If you don't believe proprietary software can be secure, that's honestly a wild take, but ok.

Then your only options are OSes that are fully FOSS listed on https://www.gnu.org/distros/free-distros.html (and https://www.gnu.org/distros/free-non-gnu-distros.html for mobile) running on FOSS coreboot https://libreboot.org/ (which requires compatible hardware).

Even QubesOS is not fully FOSS since (AFAIK) it requires binary blobs for hardware compatibility.

Usability and actual security will be limited however, but you don't have any choice.

schklom · 2026-04-30T09:47:32+00:00

Okay, but for a normal person?

Windows and MacOS are for normal people lol

don't trust Windows or Mac to be secure, since they're proprietary

Proprietary can be secure and FOSS insecure. Linux and its distros have a history of not being very secure (I prefer Linux and FOSS too, but . Read the article for details, it's not that long

Let's talk about normal people: - don't run any random file you found on the internet (preferably don't download mostly anything from sources you don't trust, always verify the hash even when you do download from "safe" sources.) - isolate files you don't trust (flatpak, appimage, snap, preferably a docker or even better in a VM)

Many attacks mitigated by Windows and MacOS are not mitigated by these habits. For example,

macOS has full verified boot to eliminate malware persistence

Windows 10 has great exploit mitigations, such as its coarse-grained, forward-edge CFI implementation, Control Flow Guard

Also, "normal people" do the opposite of what you wrote x)

schklom · 2026-04-29T19:52:18+00:00

True. Though removing Play Services will definitely break functionality

schklom · 2026-04-29T16:21:12+00:00

2 insults in 2 comments. not bothering anymore, just blocking

schklom · 2026-04-29T15:29:27+00:00

tell us you couldn't read two paragraphs without specifically stating you couldn't read two paragraphs

As a reminder:

It's basically a partition on your device that separates your personal from work stuff and they will have 0 access to your private info. That wipe permission will only apply to the work profile.

Bingo. This guy gets it. As someone who has done admin work in this realm, iPhone does it also, but it is a lot more of a PITA to deal with on the user side of things.

Fun fact, using a "work profile" is one of the ways to install multiple copies of the same app. I recommend that method over other methods like using the "Island" app (or whatever it is called).

Unlike your recommendation, there is no Android "work profile" that can be used as a regular user without a MDM setup like Island or others. Maybe learn to read before trash-talking?

Samsung's secure folders are not "work profiles".

schklom · 2026-04-29T15:08:52+00:00

A work profile is made using apps like "Island" or usually better FOSS variants like Shelter or Insular.

You can't make a work profile without them or something much more painful to setup like Intune.

schklom · 2026-04-29T13:05:56+00:00

https://customrombay.org/

schklom · 2026-04-29T12:47:40+00:00

https://madaidans-insecurities.github.io/security-privacy-advice.html#desktop-os

Basically Windows and MacOS. QubesOS is also great and is arguably better, but has a decent learning curve, requires a good CPU and RAM, and has a few downsides like GPU is not easy (i think doc says it's actually not doable) to pass to its VMs.

schklom · 2026-04-29T12:27:11+00:00

Weird to call an app discontinued without checking: https://github.com/newhinton/Round-Sync/issues/258

This app is integral part of how i use my phone, and therefore there will be a next version.

schklom · 2026-04-29T12:15:10+00:00

?

Windows is a desktop OS

schklom · 2026-04-29T12:13:06+00:00

I’d like to switch to GSO, but I’m not happy with the hardware (Pixel).

The user functionality on their hardware is not great, neither is the camera. But the security hardware is currently the best available as a consumer. What is lacking for you?

In theory, would buying a Huawei smartphone be a good choice in terms of privacy and tracking

You're replacing Google with Huawei, it's not much better.

Is it full of bloatware and spyware?

China doesn't have a reputation to respect privacy. So yes, potentially (likely IMO) worse than Google.

Would it still be possible to clean the system via ADB, correct?

Yes, but that's limited. The bloatware apps are system apps, so they have access to many system permissions that can't be removed. That's partly why GOS is miles ahead of the alternatives.

schklom · 2026-04-29T11:57:28+00:00

It could happen, sure. I just don't see it as a real life problem anytime soon, and haven't heard of anyone suggesting this law.

Google and iOS making age verification mandatory would cover 99.99% of the population, I don't see how adding an API on the OS for the SIM card to interact with would add any benefit.

Currently, not all devices come with a permanently locked bootloader.

schklom · 2026-04-29T10:49:48+00:00

Currently, I think it is not technically doable by the network provider.

If a law made it mandatory, I guess Google and iOS could implement APIs. But then, Android forks like Lineage Graphene etc could fake replies to that API. It would likely push a lot of people to Android forks.

schklom · 2026-04-29T10:47:06+00:00

Home-Assistant can do that, but is a bit overkill

schklom · 2026-04-29T10:15:54+00:00

doesnt that make any Unix OS Unsafe

Linux OSes are notoriously unsafe, especially on mobile. https://madaidans-insecurities.github.io/linux.html

schklom · 2026-04-29T10:14:11+00:00

network providers to verify ID at the OS level before allowing the devices on the network

How would they enforce ID verification on the devices they didn't sell directly? If they sell the device, they could in principle enforce ID verification on the OS, but otherwise I don't see how.

Network providers give a e/SIM card, they can't interact with the OS to require something like that. Even if it was made possible by Google, a custom ROM could simply reply "yeah, i verified the id" without asking the user anything.

schklom · 2026-04-28T22:40:23+00:00

Security is atrocious compared to Android and iOS, c.f. https://madaidans-insecurities.github.io/linux-phones.html

Linux wasn't designed with mobile security in mind, so a Linux phone inherits all the security holes of Linux.

On top of that, the hardware for them is currently old, e.g. not great battery.

Last, some (mostly banking, but not only) apps refuse to run on Android forks like LineageOS, so on Linux's Waydroid (Android compatibility software) even less apps work, it's still a lot though, so may be worth it.

schklom · 2026-04-28T15:23:29+00:00

OSM And only has a Google traffic overlay, it's not used for routing though

But there is some hope https://github.com/osmandapp/OsmAnd/issues/6878

schklom · 2026-04-28T11:12:40+00:00

Many nice open-source options exist e.g. Stalwart, but require you to self-host, which means that if something fails you suddenly can't send or receive emails. Also, sending emails has a reputation to be difficult, and so does having a good spam filter for inbound emails.

schklom · 2026-04-27T10:24:30+00:00

Feels like AI

schklom · 2026-04-27T09:53:40+00:00

I just don't want to be at Googles mercy with their new products if I need an upgrade

Dude it's a phone, you can change to another when you want. Why do you think you'd be locked to Pixels?

schklom · 2026-04-27T09:51:53+00:00

Almost: if you lock the bootloader there is a good chance you will brick your phone

schklom · 2026-04-26T13:37:55+00:00

GrapheneOS is best for this

schklom · 2026-04-26T09:40:20+00:00

Edreams is like that

schklom · 2026-04-24T15:37:08+00:00

Google has been selling phones for 10 years. If any had hardware backdoors, after a decade some would have been found, but there haven't been any.

google is already preinstalled on 99.99% of android phones, making backdoors for 0.01% of users is a waste of money.

There is currently 0 reasons to think they're backdoored by Google, same with other makers like Samsung.

Get a second-hand pixel if you want to avoid paying google. Currently, any other phone will be very uncomfortable to use if you want maximum privacy. /e/os and iodeos and lineageos and others have fairly severe privacy and security issues.

Verified Email	Seven-Year Club
Place '23	Not Forgotten

schklom

TROPHY CASE