If a user asks for the source, and the distributor says "sure" and then delivers it 12 months later, have they violated the license?
And since Project Treble you wouldn't even get the drivers, because Android Linux is a pseudo-microkernel now, where drivers run in userspace and talk via Android IPC (Binder) with the kernel, enforced since Android 8.
They are trying to avoid it, but I doubt the EU will let this stand:
https://www.developer-tech.com/news/google-alters-play-store...
Android is open source partly because they can fund it from Play Store profits. Google is thinking that their Play Store profits are going to be cut, and they want to make the profit up elsewhere - and importantly, maintain control of the platform. This is their method.
They've already used this playbook in the past with Google Play Services, and even before that when they abandoned all the built-in open source apps (Email, Calendar, etc.).
Aka "We will do less releases because certain OEMs don't want to be seen as outdated as they don't want to spend the resources to rebase even 4 times per year."
In other words, the result is still open, but the development process is not.
[edit] based on the other comments, I surmise that public pushes were already infrequent.
Is the source code available at all times? This is a genuine question, I don't know right now.
With android 16 introducing "mid releases" (QPR2), they expect OEMs to start shipping those as well, QCOM already has a QPR2 BSP release, and Samsung is expected to release QPR2 based builds soon.
As far as contributions go, google usually wanted patches to apply to main, I don't think that ever changed. And even there now that AOSP development is fully closed, it's even easier as partners will likely just upload patches against internal main instead. Less integration work there as well.
There really isn't a good explanation as to why they want to do move code drop cadence, other than they can and want to avoid wasting time releasing QPR1/3 that no OEM ever shipped (expect Pixels that is)
When it comes to large bureaucracies, always assume laziness over malice or strategic competence.
Note, not impossible: You can always carry cash to avoid phone-based bank payments (which would be needed at e.g. my local farmer's market, where nobody has a card payment terminal), some taxi services (Yandex Go for example) provide a web view with some of the features, you can open map services in the browser ...
But for the browser-based cases the experience will be even worse than the standard app experience, and friction is overall much higher.
As a result, only a very small fraction of nerds are committed enough to buy and use these devices. You then have a chicken&egg problem about getting a third option to work.
The only way this has been done semi-successfully in recent years is Huawei's HarmonyOS - and they did it by way of a) already being an absolutely massive phone company, and b) keeping around an expensive Android-compatibility core for many years.
There is https://postmarketos.org/
Maybe 2026 will be the year of Linux on mobile phone.
And yeah, you can even buy phones with a non-android linux pre-installed, e.g. from pine64. But they come with all kinds of "for early adopters" warning labels. Deservedly so, in my opinion.
Considering the ongoing DRAM and SSD crunch, I won't hold my breath.
GrapheneOS is a much more practical open source OS to use Linux on a phone.
BTW, hardware support on postmarketOS "community" class devices has seen some nice improvements as of late. Once these improvements meaningfully stabilize (avoiding the risk of regression/breakage; there's been some of that even in the recent testing for the 2025-12 stable release) it's quite possible that some "community" devices might finally reach "main" class, marking them as OK for daily-driver use. Something to watch for as we approach 2026-06.
Users - there is a broad scope of users. For sustainable eco-system you need also user interest and support of such.
Developers - that sounds funny. I know. But you need enough leverage to get apps or services to be open.
Companies/Software - a modern mobile device takes place in almost any interaction. Commuting, payment, banking, grocery shopping, social messaging, doom scrolling.
Biggest hope for the future is ensuring PWA becomes standardized enough. That way the OS lock-in could be reduced.
Well, you're right, however badly I don't want to admit it. Google broke that cycle once with Android. I'm sure that Apple would have too, even if they were not the first mover. And there's no question that their wealth and influence had a massive role in it - something an open platform cannot match realistically.
But the current situation is simply untenable anymore. I want out, no matter how many others don't care for it. The open platform has to be just functional enough (including app support, even as PWAs), for us to break free from this duopoly. Just like how Linux and BSDs are on desktops. I'm able to do everything on it from work to netbanking. I would hate it really badly if I was forced to use Windows or MacOS these days.
We never had one on desktop; no real issues. Hardware attestation is primarily in the interest of the vendor, not the user. The user relies on chains of trust. This is how the world works.
My worry is one fine day Microsoft, Samsung Apple, and Google (rest of SV Media companies like Netflix etc) will join hands in bringing security and force a ChromeOS or macOS type totally- we decide everything for you.
And in what concerns the mainstream desktop/laptop market, macOS Linux VMs, WSL, ChromeOS, versus GNU/Linux OEM devices, proves most people doesn't care either what they can get at regular computer stores, otherwise GNU/Linux configurations would not be online only at very specific shops.
OpenMoko & friends are selling devices which basically only run Firefox, and sometimes make calls as well. The only people interested in that are diehard FLOSS enthusiasts, which means they have to use ancient hardware because new stuff doesn't have open drivers, which means that even if you ignore the app ecosystem they compare incredibly poorly to mainstream smartphones. No wonder they keep failing.
Interestingly, the desktop/laptop market is heading the other way. The move to cloud SaaS products means a decent number of people now only need a browser. What's keeping a lot of people on Windows is often literally one or two applications. Valve's push for Proton is the perfect example of this: the Steam Deck is providing a huge incentive to fix those last few bugs keeping a game from running on Linux, and with the way Microsoft is screwing up W11 it is now ironically the gamers who are moving to Linux.
What you are seeing in "regular computer stores" is mostly irrelevant. That market is basically dead. Corporate gets its machines directly from Dell/HP/Lenovo, PC enthusiasts mostly get custom builds, and casual people stick with smartphones and tablets. In-store PC sales is now reduced to a university student's Google Docs machine - and Microsoft is doing a pretty good job bribing the manufacturers to push Windows there.
Most of them have no clue that something like System 76 or Tuxedo exists in first place.
Likewise on corporate world, I have long moved into Windows/macOS as official desktops for the last decade, GNU/Linux is only available on VM or servers, and usually it is the cloud provider's own distro.
Those customers where IT allowed the use of GNU/Linux desktops, it was with zero support from them, it was up to us to deal ourselves with any issues preventing our work, and to deal with upper management, in case it impacts delivery.
Until SteamDeck gets rid of its dependency on Windows as source, it is pretty much irrelevant. Games developers will keep using their Windows workstations, while a community smaller than Switch, will get those games thanks to Proton.
And it remains to be seen for how long Microsoft will tolerate Steam, or use their weight as OS vendor, and one of the biggest publishers.
Mobile GNU/Linux might end up in a similar situation if projects like Waydroid[0] can be well-integrated into the system, or if the mobile hardware becomes powerful enough to run it well.
[0]: https://waydro.id
At least for mean almost everything has moved into the browser except, Whatsapp, maps, and music
I'm pretty sure my Linux desktop version of Signal runs great on small screens.
It's because people like you are constantly repeating this mantra of security nihilism [0], instead of spreading the word about true alternatives existing today, Librem 5 and Pinephone.
Security not only matters, we are still far away from the same liability as in other industries.
GNU/Linux also had as baseline what other UNIXes were capable of, and even that had to grew for ACLs, NSA's LinuxSE, and containers.
The answer for most of those questions is no for both Librem and Pinephone. You cannot even buy Pinephones anymore. This is not nihilism.
It doesn't matter. We are not on a mainstream website, we're on HN. You and me can use it as a daily driver (I do). Nothing becomes mainstream and usable by public at the launch (except things advertised by the big tech of course).
> This is not nihilism.
Did you read the linked article? It's not about getting to 100% security/freedom without any effort. This is about giving up, as you did.
> How much does Librem 5 cost?
Yes, it's expensive. If you can't buy it, you can help in many other ways, e.g., by spreading the word or contributing to the free software.
> Can you still buy them?
Yes: https://shop.puri.sm/shop/librem-5/
> Are they able to deliver reasonably up-to-date set of features that general population care?
It doesn't matter. It can provide you with the main features you may need and add something you can't get anywhere else, https://source.puri.sm/Librem5/docs/community-wiki/-/wikis/F....
Further development can deliver most required features to the public, too, https://puri.sm/posts/closing-the-app-gap-momentum-and-time/.
> Will they deliver in a reasonable amount of time?
Yes, 10 working days, according to their website, https://puri.sm/products/librem-5/
> Will they be able to stay afloat?
It doesn't matter: The phone runs the mainline kernel and not locked down, it will be able to receive all updates even without Purism. You can install any other OS, too.
> Can they make enough money to invest in features?
Seems like no, because virtually nobody knows about them, even on HN. And, again, it doesn't really matter.
> Can they support an ecosystem that not only support FOSS but proprietary software too?
Why?
> Can they make contracts with operators to have earlier access to newer tech?
This is pure nihilism. Only Apple and Google can do that, so we're all doomed, right? However Purism have been trying, not without some progress, https://puri.sm/posts/breaking-ground/
> Does the cost reflect the value that the customer gets out of them?
Probably yes, https://source.puri.sm/Librem5/docs/community-wiki/-/wikis/F...
Typed and submitted entirely on my Librem 5.
I'm currently working on an OS image for the Hackberry devices, maybe it'll get some traction. [1]
(My impression was based on lwn discussions about that change)
Edit: https://android.googlesource.com/kernel/common/ has a lot of recent changes
As rooting may tamper the google's telemetry (can we already call it "spying" please).
The worse part is that, you can do all of those functionality with a browser on linux (or Android), yet to use them as Android apps on a device without gapps (even if jt's not rooted and with locked bootloader) is not allowed. Make this make sense.
The same in India. I can't use even the government weather app and the disaster alerts app without signing in to google play.
Seeing that this malpractice (of forcing the users into Google's surveillance net) is widespread among seemingly unrelated agencies like banks and government agencies of several nations, I would really like to know who is peddling this draconian scheme among them.
I want to send some angry rants to the app owners/developers and ask for those malicious peddlers to be permanently banned from further interference in cyber security matters of these institutions.
(Yes, there will still be issues if you use apps that require Google's remote attestation, but at least in Europe, many banks etc. do not require it.)
Play Integrity is a remote attestation scheme by which apps can ask the OS to prove to a remote server that it is unmodified. It allows apps to refuse to run on devices with root or third-party ROMs.
Play Services is a set of libraries and APIs for things like network-based location, push notifications, and advertising. Nearly all Android phones include it, and users of third-party ROMs can add it at install time (but not later) with packages like MindTheGapps. There's an open source substitute called MicroG that allows most apps to run without it.
You're right in your elaboration, but I didn't mention which one it is. My primary concern is that it forces me to log in to my play services account, which I haven't agreed to so far.
> There's an open source substitute called MicroG that allows most apps to run without it.
It's not for the lack of trying and I probably wouldn't even be complaining if it had worked. Phones are getting harder to root these days, much less install a custom ROM. Everyday feels like the ecosystem is tightening around us.
This isn't true, actually. Banks and gov entities use those mobile apps as authenticators. They do have a distinct purpose.
I know in some countries (UK, Germany, Switzerland, Austria) they're used to hardware tokens already since they were in use long before PSD2. But I seriously, seriously doubt banks in e.g. Poland specifically implement support for hardware tokens issued to very few annoying customers who refuse to use an app but otherwise want internet banking.
I'm in the EU and currently I do online banking with 3 banks without using any app, i.e. thru a laptop browser. The 1st literally lets me stay logged in with a simple cookie, with an SMS 2FA requirement every 90 days. The 2nd additionally asks for a PIN to be entered at each session. The 3rd is a neobank and is tougher, requiring a TOTP (which I generate on the same machine, needless to say).
A 4th does require an app, and in fact can hardly even be used with a desktop OS. That bank is Revolut and I therefore don't use it and I recommend others avoid it too.
The Dutch ID app got rid of all trackers and such requirements last year, but they didn't go the full length and made an F-droid repo (or a government store or sth).
Google actively guiding developers to APIs like the Play Integrity API (which requires not only you register the phone with Google on a Google account, but also an untampered device, outdated or not.
I don't even root my devices, just using something like Lineage already gets you the basic-integrity Max. Not enough for many banking apps.
The pen test results get put into the ticket system as immovable entries. Engineers will question them, only to be shot down by the cyber security department who organized the pen test. The engineers will eventually accept that they cannot convince cyber to drop the issue, and implement the jail break detection.
Why does cyber mandate it? Because no one in a large company wants to accept the risk, even imaginary risk. They want to be able to say, when security is breached, “we did our due diligence. Look at the report, we implemented everything in it”
Why do firms offering penetration testing keep putting junk like this into their reports? Because their automated tools list them out and they’re getting paid to find issues. The more the better.
It’s insane and entirely about passing off risk.
The term has fallen by the wayside and hardly ever gets used nowadays.
I have a little Android handheld game device that will allow me to dual boot a Linux from SD quite easily... but why can't I overwrite the existing install? I thought Android was more open and hackable than that.
Not all these devices have the same level of support, so do your research on your model before trying to overwrite the install.
I'm so tired of doing research. I'd just like it to be a functioning BIOS. I at least learned my lesson and have stayed clear of other Android devices.
Unfortunately, Google also uses it to abuse the user by also segmenting the user's access as well, "protecting" apps from the user, which is an abomination.
Exceptions would maybe be games.
We're being prevented from installing and updating software on the devices we own, but Google and Apple will happily approve and sign malware in their stores?
More like a change of tone.
Quarterly releases given more emphasis. More precise stability language. Rather than feeling like an afterthought, feature flags are now receiving first-class treatment.
My view.
The isolation of platform work is earlier.
Landing flags are occurring more frequently than ever.
By “Stable,” it appears the Intuit team is suggesting “boring” which is deliberate.
I have been using a simple lens.
The surface of the platform is slow and predictable.
A gated and reversible design.
The OEM risk will be pushed later.
I wonder how other people see it.
Is Android giving off more conservative vibes?
Are flags cutting down on breakage, or just relocating it?
Has your testing strategy changed if you’ve shipped against AOSP?
In a practitioner’s take, not in a press narrative.
Bug: Microsoft has a majority market share
Almost always, a majority of PCs for sale have Microsoft Windows pre-installed. In the rare cases that they come with a GNU/Linux operating system or no operating system at all, the drivers and BIOS may be proprietary. [...] A majority of the PCs for sale should include only free software.
Android may not be my or your first choice of Linux, but it is without doubt an open source platform that offers both practical and economic benefits to users and industry. So we have both competition, and good representation for open source, in personal computing.
Even though we have only played a small part in that shift, I think it's important for us to recognize that the shift has taken place. So from Ubuntu's perspective, this bug is now closed.Please don't show me your crappy translations any more.
Gemini 3 Pro offers "Nutzen Sie die Power von Android für Ihr Gerät." as a modern, tech-savvy alternative, as well as more literal translations that correctly recognize the idiom.
Not sure why people downvoted but this is sort of true
Microsoft was absolutely dominating and buying up everything (similar to today's tech giants) and they were literally the most mega corporation ever
Until they got hit by the monopoly lawsuit. That alone scared microsoft so much that it backed off
After the backing off is when Companies like google, heck Apple was directly invested to be saved by microsoft just so that they dont get threatened by the govt as monopoly and amazon.
In a way people mention so why couldn't Microsoft create their own engine but its also the fact that blink/chromium is based on fork of webkit which itself is a fork of KHTML from the kde team but webkit added many features (from what I could tell) and is a really complex software in it of itself
This was created by apple and apple as we know it would not have been able to exist without Microsoft backing off them
My point here is that in previous times, Microsoft was a large curtain blocking any innovation if they wanted but after it was feared by even a threat like monopoly, they took it very seriously and thus we have the cultural innovation in many ways that we have
Now the monopoly question was a genuine question still launched by the government.
Today the landscape is different, Google and these large tech companies would buy things and the meta strategy has become to sell, its a very cynical point of things which really just ends up screwing the customers in the end.
The government doesn't care, it might slap some 1% fine and there is a quote that if crime's punishment becomes only fines, then crime becomes legal and the fines compared to company are so small and they got legal structure so high that they strech it for as much as possible
Overall, the govt.'s being really lobbied by these tech giants and they stiffle tech innovation in the end
In the end all of them are the same, they all kind of want to be a microsoft pre monopoly era.
Govt's lack of understanding of the matters around the world is the reason why tech feels so intrusive. This has real consequences to you and me, now I don't trust the govt will be able to improve if its gets lobbied or corrupted and that's a seperate matter and might take new laws all around the world to prevent such corruption / lobbying but right now, the other best thing is to showcase support by being the minor fraction of the population who supports/donates to open source / msme businesses
"Microsoft was more scared of taking over companies that were competitors because of this anti trust trial. They had to back off a little and this created this tiny little gap, this little window from which many flowers can bloom. These flowers ended up growing into massive trillion dollars competitors (google and apple)"
Per Atrioc (https://youtu.be/VS6p5kPeD9I?si=PUT4R5a7Y4kiIvD2&t=692) [Title of the video being the Halo scheme is insane talking about groq's weird acquisition by nvidia]
I would consider that much of what I wrote in the previous comment was I think something I had thought about but this particular video definitely helped me and you could say did influence me in a way to write the comment.
It also mentions how it was provable that Microsoft was scared about it. I am not sure about this contradiction though but I would consider that it atleast created a gap for around 10-18 years from which the tech giants emerged.
One reason, I guess it's not possible because it's a complex OS?
But is the real obstacle being smartphone brands not publishing their hardware drivers?
It is so easy to install linux on a PC, yet I don't see the same happening for android while it's actually running a linux kernel, so it really begs the question.
It comes with optional sandboxed Google Play Services and Store, meaning that these run just like any other app, with no special permissions. You can give them only Network access. The Play Store is still the most secure way to download everyday apps, so a lot of GrapheneOS users use Google's Play Store with a burner account in a separate profile, usually the Owner (the main) profile - since you can then disable apps in Owner and install them into other profiles. And the sandboxed google stuff can be used to run proper Google apps without any problem. Even sandboxed Android Auto works.
It's not particularly difficult -- see Graphene and Lineage. The main issue is that there are few phones on which to run these custom builds. Ironically, Google Pixels allow to run other operating systems than the one they come with (the bootloader can be unlocked). Other than the Pixel and a couple of Chinese models, you are looking at low-end or ancient hardware. You can't just build a phone without OS and install Linux/Android like you would on a PC.
TechTechTech•3d ago
idle_zealot•16h ago
LoganDark•16h ago
cyberax•15h ago
mixermachine•9h ago
Now I run a S23 Ultra and after two years it still does everything I need. OneUI 8.0 and Android 16. For work (app de) I also have a Pixel 7a, always with the newest Android Beta. Also works well.
Even the entry level phones work OK to pretty good now. My Samsung A16 5G (also for work) functions surprisingly well for 150€.
drnick1•5h ago
Maybe, but it is fully under Google and Samsung's control, and is choke full of spyware. You couldn't pay me to use a stock (Googled) Android phone for this reason alone.
LoganDark•4h ago
MarsIronPI•3h ago
Groxx•14h ago
There's no way this isn't intentional hostility towards forks.
BoorishBears•14h ago
All those years back I started calling it, since I built software for (long-lived) HMI devices that ran on Android
kotaKat•10h ago
“Phone by Google” is disgusting.
lossyalgo•9h ago
Zak•8h ago
Groxx•8h ago
Except for RCS, that's completely locked down and is pretty solidly becoming literally just Google. Fuck RCS.
okanat•5h ago
Implementing them independently is extremely difficult and even if you manage to do it you cannot have them commercially available due to radio regulation and patents. Even academic research can only be done with collaboration of those huge companies.
It is impossible to make a phone that is LTE capable completely independently (or even without nation state support). You cannot implement VoLTE or RCS without support from the carriers. They all have their own proprietary protocol on top of the standards.
Google has basically infinite money and their own patents and industry relationships and government support so they can figure out RCS. An indie company, even with infinitely motivated engineers and good funding do not have any of it.
cyberax•13h ago
Groxx•13h ago
anal_reactor•13h ago
written-beyond•12h ago
/s
goku12•11h ago
Of course it is. But it isn't new. This was declared in March last year. We discussed it a lot here. It's only now that it's going into effect.
bossyTeacher•5h ago
Android will soon become fully closed source. The writing is on the wall.
yaro330•5h ago
aesh2Xa1•5h ago
https://news.ycombinator.com/item?id=46550366
singpolyma3•4h ago
TingPing•2h ago
singpolyma3•1h ago