Think how bad the market got. Today we have preinstalled garbage apps like LinkedIn, garbage apps mandated to be preinstalled by the government, ads, cloud accounts, notifications spam, telemetry. This is not only Chinese smartphones, for example Samsung also plays this game. I assume there are Chinese backdoors, American backdoors and national government backdoors on almost every phone.
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
Not sure what timescale you're referring to when you're talking about "how bad the market got" and "today", but back around 2012 I got my first and last Samsung smartphone, must have been a Galaxy 3 or something, that had all of those problematic things too.
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
And operators preloading questionable stuff is a much older practice than post-iPhone smartphones. If you had a feature phone in the 2000's, the operator would have customised it one way or another. The iPhone was revolutionary in how much Apple forced the network operators to relinquish control.
I can't remember if it was Samsung or something, but one of the providers shipped Android tablets with a custom-but-default keyboard which sent ALL your keystrokes back to the provider. That was a big nail in the Android coffin for me.
You can't remove the Phone app from an iPad in iPadOS 26. Even when the iPad in question has no cellular functionality. The best you can do is remove the icon, but you get a dialog telling you it won't be removed.
Which is stupid as I don't want my iPad to be getting every voice mail and imessage and so on that my phone does. They are different devices and serve different purposes. My iPad is totally a media consumption device and I have no interest in it being integrated into my phone's communication functions.
Although you will have to buy a used phone in order to pay less than 250$, it seems like GrapheneOS is the best solution for that problem. Not optimal, but the best among what we have.
How bad it's always been? Go find a Windows Recovery image for a Sony Vaio from the 2000s. Prepackaged shitware has always been a thing. I read this article and thought "wow someone finally matched an old Vaio."
That said, I want to hear a statement from Motorola on this. The GrapheneOS phones they announced a few months ago were going to be my "out" from this kind of nonsense. I want confirmation that I'll be able to trust them when it finally gets released.
I recently spent twenty minutes sitting outside of an MLB stadium because MLB decided they needed the same level of play protection as a foreign banking app and it refused to work on my friend's LineageOS phone.
We only got in by installing the app on my Sony and him signing into his account. They charge a fee now to get paper tickets from the box office.
Brutal. I had a similarly annoying experience recently, where in order to enter my local big arena for a concert, the TicketMaster app was not enough. I had to step out of the entrance line to download the _arena-specific_ TicketMaster app to access my tickets. I hate the ticket systems that dominate the market, we deserve better.
1) My phone is not officially supported by LineageOS so I will have to port it first.
2) I did not analyze LineageOS yet and how it is different from stock Android, so I need to go through complete diff.
> If you want a stretch goal try and de-Google yourself
My goal is to have an open source system that is under my full control and doesn't play tricks on my by sending telemetry or collecting forensic databases. Because now I cannot even connect the phone to Internet and it is not as useful as it could be.
I’d assume that with such a level of required inspection, you also have quite some security requirements. I’d say at that level nothing works as well as GrapheneOS (though you have to either delay security updates or accept temporarily closed source (they get access to the code only in exchange for not publishing it until X days or something) updates, thanks Google). As that currently requires a Google phone, the only way to get close to your price target would be buying it used.
Easier said than done in the US. Even of the phones that allow for rooting (which is few and far between these days) you're at the complete mercy of the carrier for whether or not that ability is actually available to you. Even if the gracious lords may allow it, you have to engage in a long and drawn out Byzantine rite just for the privilege. Currently sitting on a Pixel 10 that will not let me have root.
Give me a Linux phone with halfway decent modem drivers, or give me death.
If you do not update the phone, chances are high that there is some Linux vulnerability you could expoloit. The privileged vendor software also can have vulnerabilities. For example, here [1] researches hacked the phone with Verified Boot using a boot logo parsing error.
My impression that you should treat your phone as something that can be hacked any moment and not store anything important there.
Goldman Sachs paid $6 million to try to get its [soon-to-be] former chief counsel Kathryn Ruemmler's Google search results highlighting her close friendship and many-years-long association with Jeffrey Epstein off the first few pages of results.
Today, the first result on the first page of a Google search for her is the opening paragraph of her Wikipedia biography:
>Kathryn H. Ruemmler (born April 19, 1971) is an American attorney who was principal deputy White House counsel and then White House Counsel to President Barack Obama.[1] Previously a partner at Latham and Watkins co-chairing its white-collar defense group,[2] Ruemmler joined Goldman Sachs in 2020 and was Chief Legal Officer and General Counsel.[3] She announced her resignation from this position in February 2026, effective at the end of June, over her links to child sex offender Jeffrey Epstein.[4][5][6]
De-Googling (in this context at least) means not running Google software on your phone. No Google Play Services always running in the background, plus not using Google apps.
I was in the same boat until a year ago or so. FUTO^[1] finally provided a good text prediction/correction pair + that simply better feeling the Gboard has^[2].
[2]: I never investigated this, so I always assumed that GBoard predicted what key I wanted to press when close to two letters. With FOSS keyboards, with a physically identical layout, I tended to make way more mistakes.
I don't think I ever tried this one. I think I tried every keyboard on F-Droid but apparently FUTO isn't in the main F-Droid repo. I'm liking it so far. I'm a swipe typer and on most keyboards the swipe functionality is much worse than GBoard but this one seems to work pretty well. I'm going to try it for a while, thanks for the suggestion!
> In further digging, we noticed that the URL the phone opens up is “kira-abboud.com,” a website that references fashion influencer “@kirasfashionfinds.” Notably, this exact URL isn’t listed anywhere on Abboud’s social media, and the affiliate codes don’t match up either. The redirect coming from Motorola phones is using Amazona affiliate code “sramz-kff-008-20” which is completely different from any of the codes we saw from links shared by Abboud’s accounts and linked websites.
Something funny is up; this doesn't seem deliberate.
I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
I can understand it's hard to defend against plausibly deniable errors that create backdoors, etc. But this would show a complete lack of code review, no?
Not even that. Bury it in a sufficiently-large PR and there’s a very good chance it’ll be rubber-stamped because no one wants to take the time to carefully review the entire set of changes.
> But this would show a complete lack of code review, no?
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
I recently got a Samsung A07 to run some tests on. It's stunningly cheap at <£100, and will supposedly get 5 years of software/security updates.
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
On my Motorola G Stylus 2025 ($400 MSRP) I have to disable Glance after every reboot (search Glance in Settings then click Disable and Force Stop). Archive/Delete is disabled.
I only had to disable it once on mine, after going crazy for a while trying to figure out what had messed up my lock screen. Haven't had it try to come back once.
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.
The point where they trashed the brand has long since passed, tried the phones when they bought the brand and it was OK for a while but went downhill quickly.
Until now I waited for their GrapheneOS-based phones.
If there isn't a plausible follow up to this injection I don't think I will buy I device from them.
Who outside Apple/Google/Fairphone isn't? Samsung has been shipping the Israeli (IronSource) AppCloud on A series for a while now and people in some regions even spotted it on S-series phones (it'll spy on your usage and install apps). Nothing, which uses clean Android as one of their selling points, started installing something similar (AppServices, presumably also from IronSource given the Aura branding) on various devices.
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
Some 7 months ago there was this submission: https://news.ycombinator.com/item?id=45551504 (Microsoft's OneDrive Begins Testing Face-Recognizing AI for Photos (for Some Preview Users)).
I haven't noticed any further links regarding this topic. Thus I have no idea if setting was fully implemented or abandoned but with this thread here you linked, but I'd rather guess they're full after user's data. And from what users wrote there, MS is not even doing this with some elaborated darkpatterns scenarios but just ordinary stealing these photos. This should be announced louder.
I used to choose Motorola devices for a long time but since 2 years when I bought Edge 30 Fusion I started to notice they automatically (without my knowledge) add 3 stupid apps or games about two times a month :/ There is no way to stop it. My kids phones are stuffed with this sh*t.
Motorola put the malware apps into the “nondisable” list. You can’t remove them even with ADB PM commands. I was fucking mad that my RAZR couldn't be fully debloated.
A chinese one? My xiaomi required debloating, which left me without the "apps" menu in settings. I am not happy about having to do that. Side note: I have to use either intents or adb to administrate the apps.
All the "best phones" for most of us are bloated tracking devices.
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
FWIW, the worst thing I can say about the Moto Edge 50 Neo (a midrange phone) from a year ago is that it had "sponsored" apps pre-installed. They could be uninstalled (not just deactivated) the usual way and never came back.
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
I got a prompt about trying new apps every week or something similar. The wording, the moment it prompted me were clearly designed for people to just say "ok" and then wonder how apps were installing regularly without any action. I got caught myself, disabled it but still got new app installs later. I killed the whole thing and have been free since. But definitely felt like a scam. And the apps suck.
They even force you to select a bunch of apps during out-of-box setup on some Motorola phones and it mandates they automatically download post-setup. You can't say "no", you straight up have to let the phone queue up and let it pull all the APKs down for a bunch of shitty preloaded games and Netflix and crap, load them in, then get to waste fifteen minutes removing them again. :\
In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
Well then you're in luck because many of the ROM projects provide step by step build instructions. It's almost entirely automated thus quite straightforward; the primary hurdle is having a capable enough system. Unfortunately given current RAM prices you'll need a system worth as much as a cheap car to properly optimize some of the components.
I'd suggest not using apps that fail to respect your autonomy.
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
Luckily there is a mobile phone OS and hardware that isn't produced by the world's largest advertising company, and furthermore doesn't allow two different corporations to be involved in the core OS of the device.
I hope you are not referring to the company that is pushing AI ads through their system settings, pushing Creator Studio subscription ads through the formerly non-shareware productivity tools, and pushing movie ads through their wallet?
Seriously, get a Pixel and install GrapheneOS, or maybe a Fairphone with LineageOS.
You'd still be walking around as a free advertiser for their stuff, simply by owning Google-branded hardware. And of course the hypocrisy of having a Google phone to avoid Google spying is palpable.
I doubt people notice that sort of thing. Maybe whether you have an iPhone or an Android at most. Avoiding Google spying isn't the point of GrapheneOS anyway
Apple isn't the largest advertising company, but it's a pretty big one. The only other candidates I know of are aftermarket Linux distros, but they have their own problems.
Isnt Motorola basically a ‘Shanzhai’ (copy cat) brand now? Some dude putting the logo on some OEM parts? I am thinking of that Commodore phone from a while back and others. While completely speculative, it is interesting to see legit brands go Shanzhai or get Shanzhaied and Shanzhai brands go legit (xiaomi, huawei)
I've a Xiaomi phone on which twice appeared obviously debug/hello-world notifications (something like "testtest111") from apps I've never seen or installed. Then another time all Xiaomi phones of close relatives started getting these cheap, spammy ads for Android games in the notifications, this time from some obscure system app: had to look up on reddit that there are settings that disable this specific behavior.
The degree to which I don't own my own device is insane.
I gifted my mom a Xiaomi phone a few years ago. Even after removing all the unnecessary apps and permissions, disabling all the privacy invasive settings and replacing the launcher with the stock Android, I was shocked when I checked the PiHole dashboard. The phone was constantly trying to communicate with dozens of different domains and endpoints, even when idle. None of these attempts had any sort of backoff, so they kept retrying every 30 seconds, draining the battery. Ultimately it generated several times more blocked requests than every other device on my network combined.
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
Hmm, this thread and the reports of shady practices make me wonder if this will affect the partnership with GrapheneOS[1]. It seems that such things shouldn't really happen on a device where security is a top priority, whether intentional or not.
Why does it matter? The GrapheneOS team will make the OS images. So as long as the phone is unlockable, has up-to-date firmware bundles, etc. who cares?
GrapheneOS may be de-googled but it is not de-blobbed, they rely on the vendor to maintain certain drivers etc. Hopefully the driver maintenance team is very separate from the bloatware installation team, but someone could reasonably worry that they're tarred with the same brush.
I would guess that most of the driver development is done by Qualcomm for phones with Qualcomm SoCs. At least that is what I've seen looking at the firmware/driver bundles some Qualcomm-based phones.
(Of course, there is more, like camera firmware, etc. but they are typically provided through the hardware providers.)
I was just wondering that... GrapheneOS team consider Fairphone to be infosec plebs, but instead partner with a company that intentionally harms users' privacy for profit?
Isn't this cookie stuffing? Same modus operandi using by Geo-something widget back in 2000s with hidden ebay affiliate links that got caught by FBI. Someone should go in jail for this.
With the digital wellbeing app feature it is possible to set a timer of 0 minutes on all auto-installed and auto-reenabling apps to effectively disabling it for good.
Edit: the timer stays even after updates so the app is not enabled again
I have a Motorola G70, so this is concerning. But its hard to believe that this is a deliberate action by Motorola. To me it seems more likely that an update was compromised. Still bad though.
I like the Stylus G better than most phones I've owned, but Motorola really needs to end its partnership with the offensive "Glance" ad platform. There should not be a third party app like that which keeps re-enabling and reinstalling on every update. I don't understand what Motorola would get out of a partnership with a scammy third rate ad market that would be worth pissing off so many of their customers, but maybe they have some high level corruption in the company.
The comments here say that all Android phone manufacturers do stuff like this. I have never noticed that kind of things on my Fairphone. But then again, I don't have many apps and certainly not Amazon.
Note that Xiaomi today is very hostile to bootloader unlocking -- to get unlock code you need to win in daily first come, first served "lottery" (they limit total number of unlocked devices per day). After a second or two passes you're already too late for the day.
Thank you for letting me know, the plan right now is to try for about a week or 2 and then give up and return the tablet if I can't.
Which is a damn shame because not too many options exist with a headphone jack and a Snapdragon processor. I'm in an environment where Bluetooth is unreliable for a good chunk of my day.
The only other tablet that fits my needs is a gosh darn Surface which is like 1000$.
And the only way to win this lottery is by using an automated script that starts sending automated requests as soon as the new day starts at Beijing time.
Around 10-15 years ago you could get a completely stock Android from China with basically zero branding, fully unlocked and easily rootable, removable battery, expandable storage, dual DIMs, etc. at a great price. I have a few. Unfortunately many of those small honest OEMs appear to have disappeared, and the bigger ones left have turned scummy.
Especially Xiaomi did a huge ugly U-turn like this.
Use to be the best hardware for low price with the selling point of no-crap fully customable phones.
And then, once they become dominant enough starting to play it like the others but stuffing as many unremovable crap as possible.
It is laborious to go through all the apps on a phone and dissable the default unessesary "open web link" feature on ALL the apps, but apparently it has some effect in reducing the "draft" from all the back doors
But AFAIK it doesn't work like that. Motorola makes a phone that has an unlockable bootloader, provides firmware bundles, etc., but the OS images will be made by the GrapheneOS team and they would never do anything like that.
(I think the misunderstanding is that Motorola would make the GrapheneOS builds.)
You're probably just not willing to believe that a 'partnership' with a massive company will change things, like I do. I am disagreeing, not misunderstanding. There's a difference
> I have rarely seen any team more principled than them
Totally agree with you there.
I'll say no more because you pay a heavy penalty on HN for criticising the project.
I'll just say I hope the collaboration brings some needed maturity, level heads, and stewardship, and that the devs can continue just to focus on the tech.
Calling this "hijacking the Amazon app" is hyperbolic in my opinion. They replaced the shortcut in the app drawer. To me this looks like normal scummy OEM behaviour, like pre-installing spyware, "anti-" malware, adware etc. which sadly pretty much every mobile/computer manufacturer does.
Replacing the OS is one of the first things I do with every laptop, PC and mobile device to get rid of (most) crap that was installed without my consent.
If an anti-worker company is getting fleeced, nothing wrong with that.
I hope motorola collaborates with Pine and brings linux to phones. In the age of LLM apps are obviously not a problem. (Hopefully windows Phone 7, not 8 also comes back)
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
reply