The “know it better” is, I think, a big argument, that’s imo often a bit overlooked. Android does not have that much “tinkers” as “proper” Linux has. For the average Gnome DE @ Ubuntu user, Android forks are fine. But if you’re the kind of person, who optimizes their Arch system with cool scripts from Github, you won’t get the same experience on LineageOS. I know Termux is a thing but that feels more like a workaround.
Edit: Had to reword the comment, because people thought I was talking about malware and supply chain attacks.
Edit2 to clarify my point: I think big downside of Android is that if you want to tinker with it, you basically have to be an android developer. With “proper” Linux the barrier to entry is smaller and the learning experience is more granular. Hence why we think “we know ‘proper’ Linux better”.
Android does not have that much “hackers” as “proper” Linux has
It’s hard for Android to have hackers precisely because Google and manufacturers are trying their best to prevent that. They do not allow rooting, they blocks features on rooted devices, etc. So they do their absolute best to keep on exercising control despite collaborating on open source software.
… so why are eg flatpak apps less secure than Android ones?
And Play & Apple stores are full of unchecked scam apps. They basically are solving this by securing the os more. Yet apps (even Instagram) can still take pics without your action. I assume they listed in on you too.
The app (& SDK) argument I think has more to do with user- and dev-base. Something that Microsoft failed at in the mobile market. So basically we need a quality/seamless way of running Android apps on Linux.
And since we can run Win games on Linux very nicely I think this wouldn’t be that much of an issue … Tho minimal industry support (eg banking apps) is still needed.
I worded my comment badly. I was not talking about supply chain attacks, rather the ability to tinker on “proper” Linux which you don’t get on Android.
The difference between Android and “proper” Linux? You said it:
Android is a semi-immutable (heavily modified and basically owned by Google) distro that runs app in sandboxes.
That is not what “tinkerers” want. They want access to the system. I have not tried it but can you even run an android app from the command line? I guess you can somehow but that just brings me to my other point. You kinda have to be an Android dev to tinker with Android, while on “proper” Linux the learning experience is more granular.
edit: indeed running Android apps from CLI is not very tinker-friendly:
Sorry, I couldn’t follow/I don’t think I understood you.
Why wound you want or need to run anything via CLI?
Most Linux users never use anything CLI (similar MacOS & Windows). Why would Linux phone users? And what does that have to do with android app devs?
The difference between Android and “proper” Linux? You said it:
But (what I said is that) all of that you can get in various Linux distros too - what I was saying that the basic difference for devs is Google/Android SDK.
we need a quality/seamless way of running Android apps on Linux
Like Waydroid? There was a thread recently on that and it seemed (even though not necessarily a representative sample) most people used it for… games, not “actual” applications. They were NOT used for banking apps also (at least I don’t remember anybody mentioning that) because I bet most people just go on their bank website for that.
The issue is that the banking app is often the only way to get 2 factor authentication. The other way is to use SMS but that can be hijacked by social engineering attacks so it cannot be considered secure.
It’s nothing sophisticated. You just steal someone’s phone number by calling their phone service provider pretending to be them. I don’t know how serious this threat is but for this reason SMS is not considered secure in the “security circles”.
The “know it better” is, I think, a big argument, that’s imo often a bit overlooked. Android does not have that much “tinkers” as “proper” Linux has. For the average Gnome DE @ Ubuntu user, Android forks are fine. But if you’re the kind of person, who optimizes their Arch system with cool scripts from Github, you won’t get the same experience on LineageOS. I know Termux is a thing but that feels more like a workaround.
Edit: Had to reword the comment, because people thought I was talking about malware and supply chain attacks.
Edit2 to clarify my point: I think big downside of Android is that if you want to tinker with it, you basically have to be an android developer. With “proper” Linux the barrier to entry is smaller and the learning experience is more granular. Hence why we think “we know ‘proper’ Linux better”.
It’s hard for Android to have hackers precisely because Google and manufacturers are trying their best to prevent that. They do not allow rooting, they blocks features on rooted devices, etc. So they do their absolute best to keep on exercising control despite collaborating on open source software.
… so why are eg flatpak apps less secure than Android ones?
And Play & Apple stores are full of unchecked scam apps. They basically are solving this by securing the os more. Yet apps (even Instagram) can still take pics without your action. I assume they listed in on you too.
The app (& SDK) argument I think has more to do with user- and dev-base. Something that Microsoft failed at in the mobile market. So basically we need a quality/seamless way of running Android apps on Linux.
And since we can run Win games on Linux very nicely I think this wouldn’t be that much of an issue … Tho minimal industry support (eg banking apps) is still needed.
I worded my comment badly. I was not talking about supply chain attacks, rather the ability to tinker on “proper” Linux which you don’t get on Android.
Android is a semi-immutable (heavily modified and basically owned by Google) distro that runs app in sandboxes.
What is the difference?
The difference between Android and “proper” Linux? You said it:
That is not what “tinkerers” want. They want access to the system. I have not tried it but can you even run an android app from the command line? I guess you can somehow but that just brings me to my other point. You kinda have to be an Android dev to tinker with Android, while on “proper” Linux the learning experience is more granular.
edit: indeed running Android apps from CLI is not very tinker-friendly:
https://stackoverflow.com/questions/6613889/how-to-start-an-android-application-from-the-command-line
Sorry, I couldn’t follow/I don’t think I understood you.
Why wound you want or need to run anything via CLI?
Most Linux users never use anything CLI (similar MacOS & Windows). Why would Linux phone users? And what does that have to do with android app devs?
But (what I said is that) all of that you can get in various Linux distros too - what I was saying that the basic difference for devs is Google/Android SDK.
Like Waydroid? There was a thread recently on that and it seemed (even though not necessarily a representative sample) most people used it for… games, not “actual” applications. They were NOT used for banking apps also (at least I don’t remember anybody mentioning that) because I bet most people just go on their bank website for that.
The issue is that the banking app is often the only way to get 2 factor authentication. The other way is to use SMS but that can be hijacked by social engineering attacks so it cannot be considered secure.
Can you please share an example? I’d be curious how that would work, especially if it works while understanding how it works.
It’s nothing sophisticated. You just steal someone’s phone number by calling their phone service provider pretending to be them. I don’t know how serious this threat is but for this reason SMS is not considered secure in the “security circles”.
https://www.howtogeek.com/358352/criminals-can-steal-your-phone-number-heres-how-to-stop-them/
https://www.fcc.gov/consumers/guides/cell-phone-fraud
… people miss Android … to play Android games? Omfg.