Android
The new home of /r/Android on Lemmy and the Fediverse!
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
🔗Universal Link: !android@lemdro.id
💡Content Philosophy:
Content which benefits the community (news, rumours, and discussions) is generally allowed and is valued over content which benefits only the individual (technical questions, help buying/selling, rants, self-promotion, etc.) which will be removed if it's in violation of the rules.
Support, technical, or app related questions belong in: !askandroid@lemdro.id
For fresh communities, lemmy apps, and instance updates: !lemdroid@lemdro.id
📰Our communities below
Rules
-
Stay on topic: All posts should be related to the Android OS or ecosystem.
-
No support questions, recommendation requests, rants, or bug reports: Posts must benefit the community rather than the individual. Please post to !askandroid@lemdro.id.
-
Describe images/videos, no memes: Please include a text description when sharing images or videos. Post memes to !androidmemes@lemdro.id.
-
No self-promotion spam: Active community members can post their apps if they answer any questions in the comments. Please do not post links to your own website, YouTube, blog content, or communities.
-
No reposts or rehosted content: Share only the original source of an article, unless it's not available in English or requires logging in (like Twitter). Avoid reposting the same topic from other sources.
-
No editorializing titles: You can add the author or website's name if helpful, but keep article titles unchanged.
-
No piracy or unverified APKs: Do not share links or direct people to pirated content or unverified APKs, which may contain malicious code.
-
No unauthorized polls, bots, or giveaways: Do not create polls, use bots, or organize giveaways without first contacting mods for approval.
-
No offensive or low-effort content: Don't post offensive or unhelpful content. Keep it civil and friendly!
-
No affiliate links: Posting affiliate links is not allowed.
Quick Links
Our Communities
- !askandroid@lemdro.id
- !androidmemes@lemdro.id
- !techkit@lemdro.id
- !google@lemdro.id
- !nothing@lemdro.id
- !googlepixel@lemdro.id
- !xiaomi@lemdro.id
- !sony@lemdro.id
- !samsung@lemdro.id
- !galaxywatch@lemdro.id
- !oneplus@lemdro.id
- !motorola@lemdro.id
- !meta@lemdro.id
- !apple@lemdro.id
- !microsoft@lemdro.id
- !chatgpt@lemdro.id
- !bing@lemdro.id
- !reddit@lemdro.id
Lemmy App List
Chat and More
view the rest of the comments
I agree, Motorola is owned by Lenovo. They have found middling success with the return of their Razr line and with phones in the lower to mid tier range. But they really want something super flagship. Something like the Think Phone would have probably sold really well with a Graphene option.
Yeah this sounds like what Graphene insists on.
That sounds like a fancy speak for a Trusted Platform Module. Isn't some kind of TPM mandatory to obtain a google certification for a new device?
It (unfortunately) isn't required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.
Yeah, a TPM or secure element. I don't think it's required.
It (unfortunately) isn't required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.
Are you sure there's no rate limiting? My phone definitely does rate limit the on-boot disk decryption prompt. Do you mean there's no rate limiting if someone detaches the NAND and brute-forces it off-device?
That rate limiting can easily be bypassed by an attacker. In order to be effective, the rate limit needs to be enforced by tamper-resistant hardware, i.e. a secure element. Here are some of the requirements for a secure element: https://developer.android.com/privacy-and-security/keystore#StrongBoxKeyMint
For details, I recommend reading:
Only devices with a proper implementation of a secure element (Titan M2, i.e. Pixel 6 or later, or the Apple SEP, i.e. iPhone 12 or later) are actually resistant to brute-force attacks by forensic data extraction tools, such as Cellebrite or GrayKey. GrapheneOS has obtained some internal documents from multiple forensics companies. They published the Cellebrite docs at https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation
Specifically, I recommend looking at this chart:
It clearly shows that data cannot be extracted from iPhones with the SEP, unless the device is in the AFU state, meaning that the encryption keys are kept in memory.
Those are the charts for Pixels:
The only way a graphene is phone gets major adaptation is if you could use pay with it.
I can pay with NFC and my GrapheneOS phone.
Where is this/ what app do you use?
I'm in the UK and use Curve. I've used it locally, of course, but also in Singapore, Australia and Japan and it worked without incident.
There are several supported apps, such as Curve Pay, PayPal, and banking apps that have their own tap-to-pay implementation.
https://shkspr.mobi/blog/2025/06/contactless-payments-with-grapheneos/
https://grapheneos.social/@GrapheneOS/115295538501760765
You can also use the
contactless payments supportedtag when searching the GrapheneOS banking app compatibility list on GitHub. https://github.com/PrivSec-dev/banking-apps-compat-report/issues?q=is%3Aissue+label%3A%22contactless+payments+supported%22Not OP, but my (German) bank supports the Digitales Bezahlen App with GrapheneOS. I used it exactly twice, both times because I forgot my wallet at home.
We need details please
I'm in the UK and use Curve. I've used it locally, of course, but also in Singapore, Australia and Japan and it worked without incident.
I think people overestimate that feature. Where I live you still have to hand your card to the teller most of the time and nobody is handing their phone over for tap to pay.
I pay with a normal card but I'd say the majority of people around me pay with their phone.
Also, I need to use my bank app to pay for things online. I scan a QR code and confirm the payment with a pin or fingerprint. Correct me if I'm wrong but I think many bank apps also don't work properly with graphene.
Edit: maybe I'm getting confused, I thought bank apps normally needed google play services and that because of that they don't work on grapheneOS, but I don't know if that's correct
hmm how bout round the world?
Like Germans prefer cash but tons go all digital—yuge in China for example, Apple Pay’s big stateside (USA)…
Curious your region btw to expand my knowledge on this
I live in the US and I also just got back from a 10 day trip that had me in 6 different airports around the US and saw basically nobody using their phones to pay. I saw a bunch of people using the translate app, the camera, FaceTime, Apple wallet for boarding passes, but no tap to pay.
I think it’s because the places that use it also have their own apps, like Starbucks. You can order and pay in the app and if you are likely to setup Apple Pay you are probably fine going all the way with the app too. The same is true of Walmart and other major retailers who also specifically don’t take Apple or Google pay because they want you to use their app.
It’s heavily used everywhere else in the world, the US is well-known to lag behind on payment technology. It’s like travelling back in time when you go there.
I pay with my phone literally everywhere in Canada, haven’t opened my wallet in months. I was in the US last year and they didn’t have mobile payment terminals at restaurants so you always had to pay for sit down service at a counter, always wanted me to sign for tap, kept calling it Apple Pay instead of tap or contactless, had places that would only swipe a physical card which isn’t even allowed in other countries anymore, it’s crazy.
Walmart takes tap in Canada, they were one of the last holdouts. The “individual app for each service” thing is very American, even American companies abroad don’t do it because they’ll lose business. It’s the same thing with cash transfers. There are 100 different private ways to send money in the US. PayPal, CashApp, Facebook Pay, Apple Pay, Venmo, etc.
None of those exist in Canada because we just have Interac e-transfers. Hard to compete with free & automatic support by every bank account in the country. Other countries have similar systems. The US has Zelle but as far as I know that was implemented way later and doesn’t have the mindshare.
So random that the USA is lagging behind in this regard, travelled Europe - everyone using phone pay, and in Australia my home country, it's pretty much the only way people pay nowadays.
Not really. The kind of people this ROM caters to are exactly the kind of people who don't use Google Pay to begin with.
There's other pay features in the world like Wero and MobilePay