Asus refunds Zenfone buyer for failing to provide bootloader unlock tools(androidauthority.com) |
Asus refunds Zenfone buyer for failing to provide bootloader unlock tools(androidauthority.com) |
Still holding a pixel 3, unlocked, with lineage. There are no small phones with good specs and unlockable. Zenphone seemed the way, until they stopped with their unlocks.
What a market to be burying in the mud.
https://consumer.huawei.com/en/community/details/P20-Pro-Boo...
there's someone from Huawei who acknowledges the policy change, with a date. Maybe check archive.org for the mentioned time and url? HTH.
the point of oem unlock, and rooting at all, is diametrically opposed to the vendors interest in nearly every facet. The vendor will bark "hackers" as a thinly veiled threat for the uninitiated, but we are initiated. what the vendor doesnt need you doing is erasing their telemetry and walled garden spyware. they dont need you developing alternatives to their store and to their apps, and they especially dont need you turning this effort into something as simple as an ubuntu installation for older phones they expect to follow the strict trade-in model of "buy a new phone every year"
arguably Asus refunded the purchase because this person isn't playing by the rules and being a good consumer.
Do you mean "privacy nightmare"? Security-wise, Google Pay beats using your physical card since it uses a device-specific number that can't be skimmed by terminals and reused online.
> the custom rom is still far more valuable from a security perspective than bending the knee to some bespoke ecosystem payment app (especially if you have an older device.)
I'd argue that it only makes sense if you have an older device that's otherwise not receiving any more security updates.
The more pertinent factor is probably the fact that you’re using an operating system built by an advertising company.
Installing crDroid on my OnePlus 9 Pro took half an hour, another half to install Magisk Delta with a few modules. The universal dark mode alone (Xposed module "DarQ") is worth the effort, but also the ability to clone apps, have proper clipboard sync, make full-system backups and customise the look and functions of my OS to a currently unparalleled degree.
The only compromise is I can't seem to be able to do NFC card payments (send or receive), one of my 4 banking apps needs a custom patch every few months to start working and a friend tells me the McDonald's app doesn't work.
After OnePlus decided to stop publishing factory images, I decided to stop buying their phones. It's a real shame, because they really do make some great stuff and prices are quite reasonable generally speaking. I used to buy a new OnePlus phone nearly every year. The OnePlus 6 was one of my favorite phones of all time.
Alas, it's also annoying that some dumb banks (I'm looking at you ING Poland) consider rooted device as "insecure" but thay have no problem if I open a bank page using admin/root account on the computer)
Unfortunately, locking (and unlocking) it wipes user data, so it should be relocked right after installation of GrapheneOS.
I think since my first Android (HTC Desire Z/T-Mobile G2) I spent a total of 1 week on stock, never was a fan of any of them.
You can bypass all current app checks using Magisk and Play Integrity Fix, but it's a bit of work to maintain and can break occasionally. You gain in this case full control of your device like a desktop OS, block ads, modify app behavior, disable unwanted system features, but you have to put in effort to maintain it.
However if you don't want to deal with that, you can also just not use those apps, use it like you would a Librem or PinePhone, load primarily open source software to it, optionally don't even bother with play store, etc. Might not be for everyone, but if you don't care that much for Google Wallet or multi-player games on your phone, it's not a bad option.
Which is a major problem because my tolerance for my bank's app not working when I open it is so low it might as well be non-existent.
I personally gave up this fight.
Magisk and PINE[1] have solved this for me. Yes, even Google Wallet is all good with my LineageOS ROM. PINE is an auto-updating PIF.
...wha? I just installed GrapheneOS on my Pixel 8 Pro and it is, by a decent margin, the best custom ROM experience on a phone I've had to date.
This was not a project I expected to use Discord for support. Sad.
I guess I must not run any of those apps?
Using the "simplest answer is often the best" approach, it would historically be the profit motivation at 99% probability. Currently, though, feels like surveillance and intelligence gathering is edging to the higher likelihood.
Edited to add: and maybe it's not even intelligence agencies, maybe it's purely profit driven from the personal-data-selling industry.
Might be better to form a class action.
Wouldn't that be a good reason to do small claims? I can't imagine why I'd want to wait for years in a class action when I can just do a small claims.
Also class action cases are very rare in the UK. In the past the courts have generally refused to approve class action cases. It not like in the U.S. where there’s a cottage industry around class action cases. I’ve personally never heard of a class action case happening in the UK, I know they do happen, but they’re so rare that they don’t make it into the news, and most people will never involved in one either directly or indirectly.
Would it be OK if you were forced to use only the single OS that your computer came preinstalled with?
I would note that technically the small claims court in the UK does not set precedents. That would be the function of a higher court.
Timothy provided us with documentation of the court case and
proof that ASUS has settled.
For instance, in a US District Court on most questions of federal law, as regards decisions of other federal courts: published decisions of any federal court can be cited as persuasive (most district court decisions are unpublished), and decisions of the Court of Appeals for the circuit in which the District Court is located, or of the US Supreme Court, may be entered as persuasive precedent.
It's easy to file a small claim in the UK. More info on the process for England & Wales here: https://www.gov.uk/make-court-claim-for-money
> let alone succeeded!
The article is light on details, but it sounds like the parties settled before any hearing or ruling.
https://xdaforums.com/t/court-action-against-asus-false-prom...
Which is why I never understood why Asus Zenfone kept being recommended on HN all the time when people asked for good android phones to buy. I thought this community appreciated long SW support. I think the people recommending it were not dogfooding it.
Why not go for something that has 5-7 years of SW updates like a Pixel or a S-series? The Zenfone wasn't any cheaper than those either(at least in EU) so you were also getting a poor value for money.
> ASUS has one of the worst software support commitments in the Android world
How can you possibly say both things in the same article?
This means they are "some of the best Android phones you can buy", as in, they have some of the best specs per $ you can buy. Not that they are actually good phones.
It makes total sense someone could think they are great phones while they also have terrible software support since software support is not a simple hardware number on the spec sheet.
This is very like PC people that hyper-focus on a few metrics like CPU frequency since it is simple and numerical and easily compared, even if it is not actually sufficient to tell you much about full system performance.
Example ASUS phone description from enthusiast: "It's got good speakers, 2 charge ports, 165 refresh rate, optimal cooling, a set of ultra sonic buttons, ip54, crazy good battery, acceptable camera, storage is crazy high 256GB for 1 grand, 512 for 1.1 grand, 12G ram for 1k, 16G ram for 1.1k, can take 2 sim cards."
As a bonus, it also opens the door for Graphene OS should you choose to go that direction.
From Electrical Engineering apps to my various current/normal/legacy hardware that uses aux... I don't want to carry around a dongle. Ever. I don't want to attach them to things. I just want my phone to have the $3 peripheral.
Maybe I misunderstand the posting.
Then I found out to unlock the bootloader I had to:
1. get a string via a `fastboot` command
2. create a motorola.com account
3. paste string in some motorola.com page to get an "unlock code" emailed IF Motorola decides your device is "unlockable"
4. `fastboot oem unlock UNLOCK_CODE`
5. connect phone to the Internet and wait between 3 and 7 days [2] (turned out to be 3 or 4)
Until I did all that shit, the option to unlock the bootloader in system settings was grayed out.
Afterwards the device works well, but it was a terrible experience and I DO NOT recommend Motorola devices for rooting based on this.
[1]: https://wiki.lineageos.org/devices
[2]: https://nerdschalk.com/how-to-fix-oem-unlock-greyed-out-or-o...
I didn't expect their laptop dominance to exactly extend to Androids. I was hopeful.
I should have probably known better, apparently they don't do native linux support. I had to use some Fedora fanboy stuff to get my peripherals to work. It was easy, but still couldn't use most distros.
> Why not go for something that has 5-7 years of SW updates like a Pixel or a S-series? The Zenfone wasn't any cheaper than those either(at least in EU) so you were also getting a poor value for money.
SW updates aren't the only criteria when choosing a device, if you're looking for a small phone with a headphone jack and a non-glass/metal back, the number of options are very limited (iirc, Zenfone 9 is literally the only phone which satisfies the constraints).
They're the same size as the Galaxy S series
They're literally the same dimensions as the basic Samsung S23, which was cheaper than the Zenfone as had better SW updates.
Ever since the visor redesign with the Pixel 6, the Pixel series has been too big for my hands.
I do miss the great Pixel software though...
Or an iPhone. People love to hate on Apple, but they actually support their devices.
iPhones are good, but in this case it's a bit like recommending a Chromebook to someone that is used to build their own computers and runs linux.
Windows only offers essential life support, trying to ensure that something written 20 years ago still runs today, despite being completely abandoned for 19 years with no reasonable way of fixing it.
I agree the OP6 is great (my girlfriend is still using hers), but I was still on my OP 3 like a year ago, until future ROM updates were deemed impossible thanks to Qualcomm binary blobs.
It's a real shame it's all over now. The OP 9 Pro was the last OnePlus phone made in their old way (or close to it) - not too expensive, well built, close to stock ROM, easy to reflash, decently repairable. Hopefully it lasts me as long as the 3 did because currently I don't see anything else like that on the market.
https://oxygenupdater.com/article/438/
Yes, I am still on my beloved OnePlus 6 running Lineage and had been looking around for a used 7 or 8 for 5G capability (I'm a bit sketched out by the overall throttling hoopla of 9th gen). Perhaps it's time to expand the search beyond OnePlus.
https://www.phonearena.com/phones/size/Asus-Zenfone-10,Asus-...
You have to disable cookies or tell the company responsible that you don’t want it. The latter, I believe (though ianal), is legally binding.
Unless you store it in a wallet with a faraday cage, this is a laughable opinion to express.
If you grab data from a tap transaction, you can't use that data to perform another tap transaction.
Hmm, funnily enough at least a few years ago German Ing-Diba didn't care about rooted phones. I switched banks at some point though, so I have no idea whether that's still true.
As for ING - about 4-5 years ago it was possible to spoof the check but about 3 years ago they went full bonkers and if you didn't get the app from playstore (so for example aurora) it refused to launch...
GrapheneOS also gives you a Network permission per-app; if you uncheck it, the app has no connectivity, period.
Highly recommended.
https://discuss.grapheneos.org/d/696-issues-with-netflix-app
I just verified that I could download it just fine using Aurora Store, and I don't have Google anything installed.
You can get unlucky with your bank app but someone maintains a wiki of compatible banking apps
Android auto works OK.
The 3.5mm audio connection is nowhere near dead yet.
Also can Graphene still update if the bootloader is locked?
Yes, it can still update just fine. It installs its own certificate at install time and all updates are signed with it.
Skimmers would need a way to also learn the CVC2 from the back of the card to use it at most (but not all!) online merchants, but that's feasible using a small camera or a waiter/cashier accomplice doing the skimming.
With Google Pay and Apple Pay, and similar mobile wallets, that number is never shared during payments (and in fact not even stored on the device).
https://en.wikipedia.org/wiki/Chip_Authentication_Program
You need to read the entire card number + cvc2 + expiry date with your camera. That's not skimming, that's just taking a photo of the card.
* use bank website for the one bank that requires it, otherwise I got a new bank account without silly fake security.
* thepiratebay has everything Netflix and Disney does and it works anywhere
In tech as in all of life, wellness of those in leadership can be ephemeral and is never to be taken for granted or assumed. I wish good health to all involved.
Its goal is to help with an amicable settlement.
More info: In small claims, lawyers are not forbidden, but they may only speak for their client, and their client must be there, or present remorely, listening and ready to accept offers or deals.
And if lawyers use legalese, the residing judge must explain to you what is being said, and will look unfavorably at the lawyer for not speaking plainly, and wasting everyone's time.
Technically lawyers are not allowed as lawyers, but accommodations must be made for a company 1000s of km or more away. Someone must speak for them.
I suspect a similar thing happens in the UK, and that forced conference ensures companies must hear reasoning, arguments in full before the case.
In Ontario, it's very informal. You just talk. The retired judge only intercedes if it becomes heated, or runs long.
It helps solve things.
> Our chat rooms are bridged across Discord, Telegram and Matrix so you can choose your preferred platform.
> We have an official forum for longer form posts, which is publicly accessible and easier to search. We are using Flarum for our forum.
https://discuss.grapheneos.org/
If they mandated discord as a closed support community sure, but you can't be too upset by the mere affiliation with a discord channel when they also offer all the above
Do you happen to know a suitable alternative?
You can take a win 95 gui app and run it on windows 10 without issue. You can’t do the same on Linux.
E.g. see this user report: https://www.reddit.com/r/SteamDeck/comments/1743cec/almost_s...
For the sake of nostalgia, I downloaded an Encarta 2000 ISO form Internet Archive, then spun up a Windows 98 VM to run it on but that VM had a lot of sound issues in Virtual Box, then I realized that Encarta would also run just fine installed on Windows 11 lol.
This kind of backwards compatibility is not something I need on a daily basis but it's pretty neat that I can just run very old SW on my main OS without fiddling with VMs.
It’s pretty much guaranteed that Microsoft will add an extended support period to windows 10. Windows 7 just left extended support last year.
"The app can't function in a low security environment, but complainant is free to use the web client in such event." case dismissed
(obviously an oversimplification, but the point stands)
Where I live the app is 100% needed because it’s the „second factor“ in the login process.
What happens when you primary bank has been one of these app-only banks for the last 5 years, and you decide to make a technology change to your phone, and can now no longer get into your banking app?
Even if someone hijacks my computers web browser, the worst they can do is see my statements, any attempt to transfer out will pop up a prompt in the phone.
Though you get those newer "app only" banks. I've never used any since I see that as a major downside, not a selling point, so idk whether they tolerate root. Even with traditional banks, I've come across a few features which can only be accessed via the phone app - in this case likely due to the belief that "web? Everyone just uses apps!" rather than security
Meanwhile my main phone is always on the mobile network, using a proprietary modem that's running ridiculously complex firmware that does edge, lte, 5g, VoIP, has its own tcp/ip stack and a dozen other super complex protocols, is closed source, gets no security reviews and is exposed to at least my mobile provider at all times. And that's just the modem. Don't let me get started with all the value-add software the phone vendor loaded the device up with. Some of which is running with elevated privileges. You seriously think this is more secure?
Both will nail you to the ground.
It's important to distinguish between banking app and payment app. If you just want to check your account balance or find an ATM, the banking app will probably not mind that you're on a device that can't pass integrity checks.
If you want to use your phone's NFC to pay for coffee, though, you're going to have a bad time.
$8.99
I like headphone jacks too but I’m not going to pretend that this isn’t a solved problem.
Unless you own the product and know it has that problem I don’t know why you would invent it out of nowhere.
Can we also acknowledge that this is a general purpose smartphone and not an audiophile playback device? A ton of phones with headphone jacks had/have terrible DACs because they are general purpose devices designed to be good enough for the average person.
Someone who wants an audiophile playback device should buy an audiophile playback device.
But let's indeed let it be here, it gets OT for the ASUS topic. The GrapheneOS warning just had to be mentioned as it was related to the bootloader re-locking.
In the end, you'll always have to enter it on payment websites anyway.
https://stackoverflow.com/questions/14861908/apdu-command-to...
I bet it’s better to just have a product like this compared to a smartphone headphone jack with a run of the mill DAC:
ed: i guess i should add that i just use a pair of bluetooth cans or even bone-conducting set when i am listening to stuff from my phone 'cause it's just podcasts and youtube videos
Fallback should never be the weakest link in a security chain. Especially not in something as high stakes as your banking login.
I can’t remember how I got my first bank token in my phone. Probably by physically showing up in the bank office with my id.
If your SMS OTP leaks to the attacker, they still need to know the first factor (password, biometrics) to gain access.
Meanwhile, if your rooted phone is controlled by an attacker ... that's it, the attacker has everything.
The secure enclave on a rooted phone that no longer has execution integrity?
Well, some offer a hardware device for like 25€ that can do the same thing, but then if you have an account with multiple banks, you need multiple of these devices.