If we want privacy and freedom, everyone needs to want it.
The limitations of our FOSS communities
In the past couple of days, Google released Android 16, as well as the Android 16 update to the AOSP (Android Open Source Project). People have noted that the device trees for all Google Pixel devices have disappeared. These device trees are crucial for maintaining hardware support with newer versions of the Android OS. In its place, Google expects developers to target a virtual phone as the OS’s reference.
This severely impacts open source ROM makers like GrapheneOS , who are currently evaluating a future without Pixel support given the possibility of future Pixels not supporting installing your own OS (y’know, the entire reason I got my Pixel in the first place). And even if that doesn’t happen, without the device tree for Pixel models, it will be significantly more difficult for third party Android ROMs to support future Pixel models, and I imagine support for existing Pixel models will have to be ported from older Android versions.
This entire situation made me want to reexamine the situation with free and private smartphones in general, and in some ways it feels a bit bleak.
Android is basically the only option
We do have Linux Mobile OSs being worked on by volunteers, and also the commercial PureOS made by the company Purism (if you are willing to pay the hefty price they charge for their phones). But in general these OSs aren’t really usable for a lot of people because they lack the engrained app support that Android enjoys. Sure they might be technically competent OSs, but it doesn’t mean much if people can’t run the software they require. It may be possible to use software similar to Waydroid to run an Android container where Android software could work, since Android also uses the Linux kernel, and I feel like there might be a project that does this, but I cannot remember and in any case there are a number of things that could go wrong.
This is largely the reason why most people in the business for a libre smartphone have stuck to forking Android, and this does indeed solve a lot of the hurdles introduced by making an open source OS from the ground up. Just let Google do it for us! Then we can strip out the evil tracking bits, add sandboxing technology for improved security, and boom libre phone. But of course, this approach also means near-total reliance on the AOSP development being continued by Google. If Google were to decide to shut down AOSP and make it a completely proprietary project, we’d basically be SOL. We’d have a few more years where Android apps continue to be updated for older versions of Android, and then that’s it, game over.
Given Google’s recent actions, combined with the antitrust lawsuit against them threatening to force a sale of Android, I think there is a very real possibility that Google could do this. Who would stop them? Maybe the DOJ unless Google gives Trump a large enough bribe. And then we would essentially be on our own with regards to our open source phone OSs.
I suppose this isn’t a huge deal if your needs for your phone aren’t too large. For what it’s worth, I’ve been attempting to minimize my phone usage lately, and it has worked out well enough that I mostly just use it for communicating with people, listening to music, navigating, and taking photos. Basic stuff that could be done on just about any smartphone. Except… for communication, I use Signal, and Signal isn’t (yet) supported on Linux Mobile (though theoretically one could either use a container like I mentioned above, or create their own Signal client for Linux smartphones, since Signal is open source). And it is very important to me that my conversations are end-to-end-encrypted, so having to lose that functionality in the pursuit of a libre phone OS is probably enough to make me throw my hands into the air and shout “Fine, I’ll just buy an iPhone!”. I would much rather enjoy the security of Signal under the potential threat of a proprietary OS’s backdoor, than the guaranteed insecurity of SMS messaging under a secure open source OS.
I fear this is where we’re headed in a few years: a proprietary Android platform will leave me with no reason to continue using Android, so it’s back to iOS. If I have to use a proprietary OS, I would rather use the one made by the company that at least tries to pretend they don’t sell your data, even if they’re totally lying .
What this says about our open source software
I think a big weakness in our open source software spaces is our reliance not necessarily on big companies (but, yes), but on the idea of receiving privacy and freedom as a byproduct. In order to explain what I mean, take something like the Steam Deck for instance. It’s an incredible device and I’m super thankful to Valve for making it happen because it has made a very positive impact on the Linux gaming space. But that’s the thing: while it is true that, thanks to the Steam Deck, we are able to enjoy gaming under a much freer and more private OS, that isn’t what Valve sells the device on at all. They market it as a speedy portable PC that can play most of your PC games with decent battery life and a user friendly interface that, until recently, Windows did not provide whatsoever.
And people bought the Steam Deck because it lived up to those promises very well. As a byproduct of all of this, many Linux gamers were able to abandon Windows completely, removing a large piece of proprietary malware from their systems. But we can’t keep banking on earning more freedom and privacy as a side effect of unrelated demand because it makes it easy for companies to whisk that freedom away at their leisure. When less than 5% of your userbase is supporting you even partially for the freedom benefits, it wouldn’t be a big loss to strip that freedom away.
Granted, licenses like the GPL make it difficult for a company like Valve to make SteamOS closed-source, since most of SteamOS relies on software that cannot legally be redistributed by other people unless it is also open source. On the other hand, with something like AOSP, which is wholly owned by Google save for a few components like the kernel… it’s like being under the edge of a knife.
If we want to avoid this problem, and if we want it to be easier than ever to enjoy free and private OSs and software, we need that freedom to be in demand. We need companies to suffer in the form of low sales when they don’t offer freely licensed source code with their products. If people will only pay for libre software, then companies will be forced to adjust. But of course, that’s a naive Libertarian way of thinking about it; even if people did have the discipline to boycott proprietary software, big tech companies are good at entrenching themselves in such a way that we have no choice but to use the software anyway. For instance, I am forced to use the proprietary Duo 2-factor-authentication app to authenticate my college account, even though a libre alternative like like KeePassXC would (and does) easily work with the open TOTP standard used by most websites.
But demand for freedom is the first step, and until we take that step, I fear many libre software projects will always be held at knifepoint by the power imbalance posed by companies like Google who wholly own AOSP. Unfortunately, most people probably don’t even realize open source software is an option, let alone care enough to defend it. That’s why it is important that we educate people about software freedom and explain why it matters, though I will admit that even that is a difficult task.
I also feel this is a cultural issue not limited to software. For instance, Republican voters in the US sold away their freedoms to elect the dictator Donald Trump, who is harboring the military in many cities to intimidate and provoke the population, all the while many innocent people, plenty of whom are legal citizens, are getting rounded up and deported by the terrorist group known as ICE. People have been quick to throw away essential liberties like due process for reasons I struggle to understand, cheering on Trump as he tightens the handcuffs around their own wrists. A lot of this behavior could probably be attributed to propaganda networks like Fox News, but I wonder if people would be more resistant to these things if our culture had a more burning and championed desire for freedom (probably not, to be honest).
What I do believe is the problem comes down to what people know and what they don’t. Most people grow up thinking proprietary systems are the only option, that proprietary computing is actually just normal computing. You buy a Mac, or a Dell, or an HP, or a Surface. You buy an iPhone or a Samsung. There is no understanding of the privacy risks that come with proprietary software, or what privacy risks can lead to later down the road. If you are able to successfully text someone, or call someone, or write in a document, or browse the internet, then that is enough. Bonus if it has fancy bells and whistles.
An analogy that is often used about open source software is that having the source code is like knowing the recipe to a meal. In that regard, I have to wonder if it is really the people’s responsibility to ensure that the “food” they consume is healthy, or if it is something that should be delegated to a governmental agency like the FDA. But then again, we have nutrition facts labels and everything and we still buy junk food. I still buy junk food. We have the source code to these unhealthy meals, and yet we still choose to eat them.
Sorry that this kind of turned into a rant. I suppose my conclusion with this line of thought is that it is not enough that our software is free and open source. We, as a society, must also care about it being free and open source, and we must care about it treating its users ethically rather than merely having the possibility to. If we neglect doing this, most people will continue eating junk food.