TL;DR

  • Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
  • The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
  • Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
  • conciselyverbose
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    1
    ·
    3 months ago

    The problem is allowing the APIs it uses to exist at all in the OS is a huge security hole.

    • Blackmist@feddit.uk
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      3
      ·
      3 months ago

      So it’s my choice to run them?

      If I can download an APK, I should be able to run it in a “compatibility mode” and have the OS do it’s best to run it.

      • gh0stcassette@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        3 months ago

        There’s a few apps that let you virtualize an older version of Android, but in my experience they’re slow, and they’re all from sketchy-looking Chinese companies that are for sure harvesting all your data. There’s also an open source project running for this, but I don’t remember what it was called and it was fairly limited.

      • conciselyverbose
        link
        fedilink
        English
        arrow-up
        4
        arrow-down
        6
        ·
        3 months ago

        It can’t.

        A compatibility mode would involve meaningful cost, massively compromise security, and not have a chance in hell of working.

        • gh0stcassette@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          3 months ago

          They could just spin up a container of some sort. It’s still fundamentally Linux, so it should be possible to run Android inside an lxc container the same way you can run a desktop Linux distro in docker (which is based on the lxc functionality in the Linux kernel)

          • conciselyverbose
            link
            fedilink
            English
            arrow-up
            2
            ·
            3 months ago

            The point is that you have to emulate a fuckton of low level access to even have a chance of anything working. Either you replace the actual hardware access with junk data, making none of the apps work, or you break the whole permissions structure, and your security is completely gone.

            All of those APIs were deprecated because it’s impossible to provide them in any way that resembles security.

            • gh0stcassette@lemmy.blahaj.zone
              link
              fedilink
              English
              arrow-up
              1
              ·
              3 months ago

              I mean, as long as it’s in a pretty robust sandbox and it’s either firewalled or has no network access (if possible for the app in question), I would think security implications are minimal. Like, even if the version of Android inside the container is compromised, the app could only take over its own container, which is non-privileged and doesn’t have access to anything you didn’t explicitly give it (in terms of user data).

              • conciselyverbose
                link
                fedilink
                English
                arrow-up
                2
                ·
                3 months ago

                But almost every app is going to crash because they’re built on needing the information those APIs return.

                His example of not being able to control some wireless speaker? Supporting that app is going to be a mess, best case.

                • gh0stcassette@lemmy.blahaj.zone
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  edit-2
                  3 months ago

                  You’d need some sort of translation layer to allow older versions of the Android userland drivers in the container to talk to the modern Android userspace drivers. Or you could write new userspace drivers inside the container that interact directly with the hardware, but this would likely be expensive and insecure. Definitely doable tho, especially for a company as large as Google.

                  Especially on Pixels, with the generic system image feature (allows for booting generic, non-device-specific android images), if the container is built with the same userland drivers as a generic system image, it might not even need any special effort/attention to run, though iirc GSIs are pretty recent, so you wouldn’t be able to run software for anything before like, Android 12 or 13 probably.