Android is not free, let's get to work about it

We need a replacement, and it's achievable

No open system without open userspace
Based on photos from Unsplash. CC0

In the standards field, Embrace, Extend, and Extinguish is a strategy for gaining users of an open standard, and breaking it to lock them in. This does not exactly match Android, as it is a software project, rather than a standard. But it resonates with its story of making the open source effectively unusable without proprietary extensions.

Warning: if I wasn't enough of a techie to do some action, this would be a lot of doomerism. Thank fuck I'm autistic and this is my special interest?

I've been an Android user for, I think over 10 years by now. Well, still am, out of necessity. But I'm fed up with it as a user. I feel like instead of empowerment, I have to fight with this device on every step to keep some control over my own device, and to not send more of my data to corporations.

Google hardly even bothers to keep the Android Open Source Project documentation separate from one for their proprietary Google Play Services.

Does any of your mobile apps send you push notifications? You can be almost certain they go through Google servers. More namely, Firebase Cloud Messaging. Google has made it easy to just add FCM libraries to your Android app, and made it hard to not use FCM.

Do any of your apps use location? There are system APIs for this! Oh, wait, what's this? "Note: The Google Location Services APIs, part of Google Play services, is the preferred way to access location services for apps. […] Clients of the traditional Android location APIs are encouraged to switch to the Google Location Services APIs wherever possible."

Anything scanning QR codes? Remember the old days of ZXing? Not anymore. And of course with incentives: "The Google code scanner API provides a complete solution for scanning codes without requiring your app to request camera permission". You don't have it? I hope you enjoy typing your password and SMS codes, because you're not logging in with the DigiD app.

And now, I couldn't just leave out SafetyNet, and its new replacement, Play Integrity API here. What do these do? I think the most important check: "tells you whether your app is running on a genuine Android device powered by Google Play services". What does "genuine Android device" even mean? I guess not that much control of your device, because you get an accordingly lower device integrity label of MEETS_BASIC_INTEGRITY if your device "may have an unlocked bootloader".

Is there really no hope in Android world?

microG Project is trying to reimplement these proprietary APIs. There are 2 problems with that:

  1. Google keeps making new ones, requiring more work to reimplement them. We're talking about complicated stuff like ML models or speech synthesis.
  2. Google makes all the engineering choices that suit them. To work, microG has to make requests the same way as the Google Play services. microG allows you to e.g. get push notifications without using Google's proprietary code on your device. But this is still the same, fundamentally flawed way, where Google servers are in the middle. Good riddance, but not quite enough.

I've previously had some faith that Huawei shipping Android phones without the proprietary Google parts is gonna change something. Because, e.g. if you have to scan a QR code on both Google and Huawei, you could just use ZXing, which does not depend on either's environment, right? In reality, of course, developers really just do depend on both, write handling dependent on whether it's Google or Huawei, and ship it like that to the app stores. The whole difference is that instead of a Google ML Kit there is a Huawei ML Kit, and so on.

So, yeah. Hope, left me.

I'm currently unemployed. if you are looking for someone experienced with Rust, TypeScript, as an SRE, and/or in Linux software distribution (Electron, Flutter), please contact me.

or - while I'm not struggling to stay alive - if you like my work, please consider sending me a small donation.

GitHub Sponsors, ko-fi, bunq: EUR, USD, GBP, PLN.

some cooler entities to also read. generated with frenring.