> "The sideloading restriction is easily solved by installing GrapheneOS"
> "Unless they block ADB, I wouldn't say it's accurate to claim they're "blocking sideloading"".
Not to pick on these folks but it's like we on HN have forgotten that ordinary people use phones too. For some of us, it's not a limitation as long as we can solder a JTAG debugger to some test pads on the PCB and flash our own firmware, but for most users that's just about as possible as replacing the OS.
When we last got new phones I put GrapheneOS on mine and my partners, I never subsequently had to play tech support on hers.
I own no firsthand experience but read many users require app 2FA to make card payments.
The solution must be social-legislative. The London smog and terrifying auto deaths at 30 KPH were solved but not by niche enthusiast projects.
> that is after installing the optional play services, reducing the privacy benefits of graphene.
The only way to use Google Play services on GrapheneOS is via sandboxed Google Play. Sandboxed Google Play are regular apps with zero special access or privileges. They cannot do anything more than any other regular user installed apps. They do not have any access to user data, app data or more control over the device than other apps. They only have what other apps explicitly choose to implement through Google services, which apps can do without Google Play services too. Apps do not need Google Play to use Google services, and Google services are far from the most privacy invasive third party services used by lots of mainstream apps. Privacy from invasive apps is provided through features like our Contact Scopes, Storage Scopes, Sensors toggle, etc. Avoiding 1 particular set of services depended on by privacy invasive apps wouldn't solve that. Users need to carefully choose what to share with apps/services and take advantage of the provided privacy model improvements such as those features if they care about this but still want to use those apps.
> The solution must be social-legislative.
The solution to the anti-competitive Play Integrity API has to be regulatory/legislative but providing privacy and security almost entirely depends on technical improvements rather than laws/regulations which will be largely ignored and cannot solve an international issue without borders.
> niche enthusiast projects
GrapheneOS is a production quality OS made by a non-profit organization. It has a team of full time developers paid to work on it. It's very easy to install, can be purchased preinstalled on devices and has compatibility with the vast majority of Android apps. For most people, they don't have to make any major sacrifice to use it. Using a different app for tap-to-pay or using regular credit cards for it instead isn't really a big deal. There are only a few non-financial apps impacted. Several financial apps have recently explicitly permitted using GrapheneOS via hardware attestation and Block (Cash App, Square, etc.) is in the process of doing so.