Think how bad the market got. Today we have preinstalled garbage apps like LinkedIn, garbage apps mandated to be preinstalled by the government, ads, cloud accounts, notifications spam, telemetry. This is not only Chinese smartphones, for example Samsung also plays this game. I assume there are Chinese backdoors, American backdoors and national government backdoors on almost every phone.
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
Not sure what timescale you're referring to when you're talking about "how bad the market got" and "today", but back around 2012 I got my first and last Samsung smartphone, must have been a Galaxy 3 or something, that had all of those problematic things too.
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
And operators preloading questionable stuff is a much older practice than post-iPhone smartphones. If you had a feature phone in the 2000's, the operator would have customised it one way or another. The iPhone was revolutionary in how much Apple forced the network operators to relinquish control.
Although you will have to buy a used phone in order to pay less than 250$, it seems like GrapheneOS is the best solution for that problem. Not optimal, but the best among what we have.
I recently spent twenty minutes sitting outside of an MLB stadium because MLB decided they needed the same level of play protection as a foreign banking app and it refused to work on my friend's LineageOS phone.
We only got in by installing the app on my Sony and him signing into his account. They charge a fee now to get paper tickets from the box office.
1) My phone is not officially supported by LineageOS so I will have to port it first.
2) I did not analyze LineageOS yet and how it is different from stock Android, so I need to go through complete diff.
> If you want a stretch goal try and de-Google yourself
My goal is to have an open source system that is under my full control and doesn't play tricks on my by sending telemetry or collecting forensic databases. Because now I cannot even connect the phone to Internet and it is not as useful as it could be.
I’d assume that with such a level of required inspection, you also have quite some security requirements. I’d say at that level nothing works as well as GrapheneOS (though you have to either delay security updates or accept temporarily closed source (they get access to the code only in exchange for not publishing it until X days or something) updates, thanks Google). As that currently requires a Google phone, the only way to get close to your price target would be buying it used.
Easier said than done in the US. Even of the phones that allow for rooting (which is few and far between these days) you're at the complete mercy of the carrier for whether or not that ability is actually available to you. Even if the gracious lords may allow it, you have to engage in a long and drawn out Byzantine rite just for the privilege. Currently sitting on a Pixel 10 that will not let me have root.
Give me a Linux phone with halfway decent modem drivers, or give me death.
If you do not update the phone, chances are high that there is some Linux vulnerability you could expoloit. The privileged vendor software also can have vulnerabilities. For example, here [1] researches hacked the phone with Verified Boot using a boot logo parsing error.
My impression that you should treat your phone as something that can be hacked any moment and not store anything important there.
Goldman Sachs paid $6 million to try to get its [soon-to-be] former chief counsel Kathryn Ruemmler's Google search results highlighting her close friendship and many-years-long association with Jeffrey Epstein off the first few pages of results.
Today, the first result on the first page of a Google search for her is the opening paragraph of her Wikipedia biography:
>Kathryn H. Ruemmler (born April 19, 1971) is an American attorney who was principal deputy White House counsel and then White House Counsel to President Barack Obama.[1] Previously a partner at Latham and Watkins co-chairing its white-collar defense group,[2] Ruemmler joined Goldman Sachs in 2020 and was Chief Legal Officer and General Counsel.[3] She announced her resignation from this position in February 2026, effective at the end of June, over her links to child sex offender Jeffrey Epstein.[4][5][6]
> In further digging, we noticed that the URL the phone opens up is “kira-abboud.com,” a website that references fashion influencer “@kirasfashionfinds.” Notably, this exact URL isn’t listed anywhere on Abboud’s social media, and the affiliate codes don’t match up either. The redirect coming from Motorola phones is using Amazona affiliate code “sramz-kff-008-20” which is completely different from any of the codes we saw from links shared by Abboud’s accounts and linked websites.
Something funny is up; this doesn't seem deliberate.
I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
I can understand it's hard to defend against plausibly deniable errors that create backdoors, etc. But this would show a complete lack of code review, no?
Not even that. Bury it in a sufficiently-large PR and there’s a very good chance it’ll be rubber-stamped because no one wants to take the time to carefully review the entire set of changes.
> But this would show a complete lack of code review, no?
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.
The point where they trashed the brand has long since passed, tried the phones when they bought the brand and it was OK for a while but went downhill quickly.
Until now I waited for their GrapheneOS-based phones.
If there isn't a plausible follow up to this injection I don't think I will buy I device from them.
Who outside Apple/Google/Fairphone isn't? Samsung has been shipping the Israeli (IronSource) AppCloud on A series for a while now and people in some regions even spotted it on S-series phones (it'll spy on your usage and install apps). Nothing, which uses clean Android as one of their selling points, started installing something similar (AppServices, presumably also from IronSource given the Aura branding) on various devices.
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
I recently got a Samsung A07 to run some tests on. It's stunningly cheap at <£100, and will supposedly get 5 years of software/security updates.
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
On my Motorola G Stylus 2025 ($400 MSRP) I have to disable Glance after every reboot (search Glance in Settings then click Disable and Force Stop). Archive/Delete is disabled.
I only had to disable it once on mine, after going crazy for a while trying to figure out what had messed up my lock screen. Haven't had it try to come back once.
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
I used to choose Motorola devices for a long time but since 2 years when I bought Edge 30 Fusion I started to notice they automatically (without my knowledge) add 3 stupid apps or games about two times a month :/ There is no way to stop it. My kids phones are stuffed with this sh*t.
Motorola put the malware apps into the “nondisable” list. You can’t remove them even with ADB PM commands. I was fucking mad that my RAZR couldn't be fully debloated.
A chinese one? My xiaomi required debloating, which left me without the "apps" menu in settings. I am not happy about having to do that. Side note: I have to use either intents or adb to administrate the apps.
All the "best phones" for most of us are bloated tracking devices.
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
FWIW, the worst thing I can say about the Moto Edge 50 Neo (a midrange phone) from a year ago is that it had "sponsored" apps pre-installed. They could be uninstalled (not just deactivated) the usual way and never came back.
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
I got a prompt about trying new apps every week or something similar. The wording, the moment it prompted me were clearly designed for people to just say "ok" and then wonder how apps were installing regularly without any action. I got caught myself, disabled it but still got new app installs later. I killed the whole thing and have been free since. But definitely felt like a scam. And the apps suck.
They even force you to select a bunch of apps during out-of-box setup on some Motorola phones and it mandates they automatically download post-setup. You can't say "no", you straight up have to let the phone queue up and let it pull all the APKs down for a bunch of shitty preloaded games and Netflix and crap, load them in, then get to waste fifteen minutes removing them again. :\
In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
Luckily there is a mobile phone OS and hardware that isn't produced by the world's largest advertising company, and furthermore doesn't allow two different corporations to be involved in the core OS of the device.
I hope you are not referring to the company that is pushing AI ads through their system settings, pushing Creator Studio subscription ads through the formerly non-shareware productivity tools, and pushing movie ads through their wallet?
Seriously, get a Pixel and install GrapheneOS, or maybe a Fairphone with LineageOS.
You'd still be walking around as a free advertiser for their stuff, simply by owning Google-branded hardware. And of course the hypocrisy of having a Google phone to avoid Google spying is palpable.
Apple isn't the largest advertising company, but it's a pretty big one. The only other candidates I know of are aftermarket Linux distros, but they have their own problems.
Hmm, this thread and the reports of shady practices make me wonder if this will affect the partnership with GrapheneOS[1]. It seems that such things shouldn't really happen on a device where security is a top priority, whether intentional or not.
Why does it matter? The GrapheneOS team will make the OS images. So as long as the phone is unlockable, has up-to-date firmware bundles, etc. who cares?
I was just wondering that... GrapheneOS team consider Fairphone to be infosec plebs, but instead partner with a company that intentionally harms users' privacy for profit?
I've a Xiaomi phone on which twice appeared obviously debug/hello-world notifications (something like "testtest111") from apps I've never seen or installed. Then another time all Xiaomi phones of close relatives started getting these cheap, spammy ads for Android games in the notifications, this time from some obscure system app: had to look up on reddit that there are settings that disable this specific behavior.
The degree to which I don't own my own device is insane.
I gifted my mom a Xiaomi phone a few years ago. Even after removing all the unnecessary apps and permissions, disabling all the privacy invasive settings and replacing the launcher with the stock Android, I was shocked when I checked the PiHole dashboard. The phone was constantly trying to communicate with dozens of different domains and endpoints, even when idle. None of these attempts had any sort of backoff, so they kept retrying every 30 seconds, draining the battery. Ultimately it generated several times more blocked requests than every other device on my network combined.
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
Isn't this cookie stuffing? Same modus operandi using by Geo-something widget back in 2000s with hidden ebay affiliate links that got caught by FBI. Someone should go in jail for this.
With the digital wellbeing app feature it is possible to set a timer of 0 minutes on all auto-installed and auto-reenabling apps to effectively disabling it for good.
Edit: the timer stays even after updates so the app is not enabled again
I have a Motorola G70, so this is concerning. But its hard to believe that this is a deliberate action by Motorola. To me it seems more likely that an update was compromised. Still bad though.
I like the Stylus G better than most phones I've owned, but Motorola really needs to end its partnership with the offensive "Glance" ad platform. There should not be a third party app like that which keeps re-enabling and reinstalling on every update. I don't understand what Motorola would get out of a partnership with a scammy third rate ad market that would be worth pissing off so many of their customers, but maybe they have some high level corruption in the company.
The comments here say that all Android phone manufacturers do stuff like this. I have never noticed that kind of things on my Fairphone. But then again, I don't have many apps and certainly not Amazon.
Around 10-15 years ago you could get a completely stock Android from China with basically zero branding, fully unlocked and easily rootable, removable battery, expandable storage, dual DIMs, etc. at a great price. I have a few. Unfortunately many of those small honest OEMs appear to have disappeared, and the bigger ones left have turned scummy.
Especially Xiaomi did a huge ugly U-turn like this.
Use to be the best hardware for low price with the selling point of no-crap fully customable phones.
And then, once they become dominant enough starting to play it like the others but stuffing as many unremovable crap as possible.
Note that Xiaomi today is very hostile to bootloader unlocking -- to get unlock code you need to win in daily first come, first served "lottery" (they limit total number of unlocked devices per day). After a second or two passes you're already too late for the day.
Thank you for letting me know, the plan right now is to try for about a week or 2 and then give up and return the tablet if I can't.
Which is a damn shame because not too many options exist with a headphone jack and a Snapdragon processor. I'm in an environment where Bluetooth is unreliable for a good chunk of my day.
The only other tablet that fits my needs is a gosh darn Surface which is like 1000$.
And the only way to win this lottery is by using an automated script that starts sending automated requests as soon as the new day starts at Beijing time.
It is laborious to go through all the apps on a phone and dissable the default unessesary "open web link" feature on ALL the apps, but apparently it has some effect in reducing the "draft" from all the back doors
But AFAIK it doesn't work like that. Motorola makes a phone that has an unlockable bootloader, provides firmware bundles, etc., but the OS images will be made by the GrapheneOS team and they would never do anything like that.
(I think the misunderstanding is that Motorola would make the GrapheneOS builds.)
You're probably just not willing to believe that a 'partnership' with a massive company will change things, like I do. I am disagreeing, not misunderstanding. There's a difference
> I have rarely seen any team more principled than them
Totally agree with you there.
I'll say no more because you pay a heavy penalty on HN for criticising the project.
I'll just say I hope the collaboration brings some needed maturity, level heads, and stewardship, and that the devs can continue just to focus on the tech.
Calling this "hijacking the Amazon app" is hyperbolic in my opinion. They replaced the shortcut in the app drawer. To me this looks like normal scummy OEM behaviour, like pre-installing spyware, "anti-" malware, adware etc. which sadly pretty much every mobile/computer manufacturer does.
Replacing the OS is one of the first things I do with every laptop, PC and mobile device to get rid of (most) crap that was installed without my consent.
If an anti-worker company is getting fleeced, nothing wrong with that.
I hope motorola collaborates with Pine and brings linux to phones. In the age of LLM apps are obviously not a problem. (Hopefully windows Phone 7, not 8 also comes back)
Think how bad the market got. Today we have preinstalled garbage apps like LinkedIn, garbage apps mandated to be preinstalled by the government, ads, cloud accounts, notifications spam, telemetry. This is not only Chinese smartphones, for example Samsung also plays this game. I assume there are Chinese backdoors, American backdoors and national government backdoors on almost every phone.
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
Not sure what timescale you're referring to when you're talking about "how bad the market got" and "today", but back around 2012 I got my first and last Samsung smartphone, must have been a Galaxy 3 or something, that had all of those problematic things too.
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
And operators preloading questionable stuff is a much older practice than post-iPhone smartphones. If you had a feature phone in the 2000's, the operator would have customised it one way or another. The iPhone was revolutionary in how much Apple forced the network operators to relinquish control.
You can delete almost all apps on iOS except the obviously core apps that are necessary for it to function.
Thanks to the EU! They really fixed a lot of things about the iPhone, a shame not every fix went everywhere like core app removals did though.
You can now. You couldn't do this in the early versions of iOS.
> even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them
You see, the user you replied to spoke in the present tense, and is addressing the “(and still comes with)” portion of the original comment.
Although you will have to buy a used phone in order to pay less than 250$, it seems like GrapheneOS is the best solution for that problem. Not optimal, but the best among what we have.
The paranoia is completely warranted, but there is a solution.
Just root your Android phone and put a custom ROM like LineageOS etc
If you want a stretch goal try and de-Google yourself, I have tried but failed twice now.
I recently spent twenty minutes sitting outside of an MLB stadium because MLB decided they needed the same level of play protection as a foreign banking app and it refused to work on my friend's LineageOS phone.
We only got in by installing the app on my Sony and him signing into his account. They charge a fee now to get paper tickets from the box office.
My biggest obstacle to de-Googling is the GBoard keyboard of all things. There's really no good open source alternative that even comes close.
1) My phone is not officially supported by LineageOS so I will have to port it first.
2) I did not analyze LineageOS yet and how it is different from stock Android, so I need to go through complete diff.
> If you want a stretch goal try and de-Google yourself
My goal is to have an open source system that is under my full control and doesn't play tricks on my by sending telemetry or collecting forensic databases. Because now I cannot even connect the phone to Internet and it is not as useful as it could be.
I’d assume that with such a level of required inspection, you also have quite some security requirements. I’d say at that level nothing works as well as GrapheneOS (though you have to either delay security updates or accept temporarily closed source (they get access to the code only in exchange for not publishing it until X days or something) updates, thanks Google). As that currently requires a Google phone, the only way to get close to your price target would be buying it used.
Easier said than done in the US. Even of the phones that allow for rooting (which is few and far between these days) you're at the complete mercy of the carrier for whether or not that ability is actually available to you. Even if the gracious lords may allow it, you have to engage in a long and drawn out Byzantine rite just for the privilege. Currently sitting on a Pixel 10 that will not let me have root.
Give me a Linux phone with halfway decent modem drivers, or give me death.
If you do not update the phone, chances are high that there is some Linux vulnerability you could expoloit. The privileged vendor software also can have vulnerabilities. For example, here [1] researches hacked the phone with Verified Boot using a boot logo parsing error.
My impression that you should treat your phone as something that can be hacked any moment and not store anything important there.
[1] https://www.sstic.org/media/SSTIC2024/SSTIC-actes/when_vendo...
Re: de-Googling yourself:
Goldman Sachs paid $6 million to try to get its [soon-to-be] former chief counsel Kathryn Ruemmler's Google search results highlighting her close friendship and many-years-long association with Jeffrey Epstein off the first few pages of results.
Today, the first result on the first page of a Google search for her is the opening paragraph of her Wikipedia biography:
>Kathryn H. Ruemmler (born April 19, 1971) is an American attorney who was principal deputy White House counsel and then White House Counsel to President Barack Obama.[1] Previously a partner at Latham and Watkins co-chairing its white-collar defense group,[2] Ruemmler joined Goldman Sachs in 2020 and was Chief Legal Officer and General Counsel.[3] She announced her resignation from this position in February 2026, effective at the end of June, over her links to child sex offender Jeffrey Epstein.[4][5][6]
https://en.wikipedia.org/wiki/Kathryn_Ruemmler
>How a Secretive Firm Tried (and Failed) to Fix an Epstein Friend’s Tattered Image
https://archive.ph/Biztm
> In further digging, we noticed that the URL the phone opens up is “kira-abboud.com,” a website that references fashion influencer “@kirasfashionfinds.” Notably, this exact URL isn’t listed anywhere on Abboud’s social media, and the affiliate codes don’t match up either. The redirect coming from Motorola phones is using Amazona affiliate code “sramz-kff-008-20” which is completely different from any of the codes we saw from links shared by Abboud’s accounts and linked websites.
Something funny is up; this doesn't seem deliberate.
My guess is a rogue employee who hopes they can get away with this stuff for years till caught...
That employees cousin probably does social media for Abboud...
How about a rogue AI agent banking some cash for the uprising? Are we there yet?!
No matter how you turn it, that doesn't build trust in the Motorola brand, if a single employee can push that (hypothetical) code.
I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
I can understand it's hard to defend against plausibly deniable errors that create backdoors, etc. But this would show a complete lack of code review, no?
Code review just means you need an accomplice. It makes it harder, not impossible.
Not even that. Bury it in a sufficiently-large PR and there’s a very good chance it’ll be rubber-stamped because no one wants to take the time to carefully review the entire set of changes.
Or be convincing to a LLM.
Humans reading code is so "legacy"...
> But this would show a complete lack of code review, no?
You'd be surprised how many websites use Google Tag Manager to allow their marketing department to roll out trackers and other JS snippet directly into the site's root context.
GTM et al's sole reason of existence is to provide marketing people with a way to bypass corporate IT.
And I definitely would not rule out something like this being the cause in the end.
Yup. Let's see Kiras LinkedIN.
right, they should start reviewing their PRs
An affiliate can create multiple codes
Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.
[0] https://www.reddit.com/r/motorola/comments/1s61usi/edge_60_p...
The point where they trashed the brand has long since passed, tried the phones when they bought the brand and it was OK for a while but went downhill quickly.
Until now I waited for their GrapheneOS-based phones. If there isn't a plausible follow up to this injection I don't think I will buy I device from them.
Who outside Apple/Google/Fairphone isn't? Samsung has been shipping the Israeli (IronSource) AppCloud on A series for a while now and people in some regions even spotted it on S-series phones (it'll spy on your usage and install apps). Nothing, which uses clean Android as one of their selling points, started installing something similar (AppServices, presumably also from IronSource given the Aura branding) on various devices.
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
OneDrive on some Samsung phones recently started uploading user photos on their own, despite user never granting apps the permission to do so:
https://www.reddit.com/r/samsunggalaxy/comments/1t7vqr8/why_...
I am getting tired of all these nonsense.
At this point, Samsung may be shipping more malware than anyone else on phones
It's sad. Samsung phones with just One UI + Good Lock and without all the crapware would actually be a pretty good phone.
But as long as consumers continue buying, nothing will ever change.
I recently got a Samsung A07 to run some tests on. It's stunningly cheap at <£100, and will supposedly get 5 years of software/security updates.
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
On my Motorola G Stylus 2025 ($400 MSRP) I have to disable Glance after every reboot (search Glance in Settings then click Disable and Force Stop). Archive/Delete is disabled.
Fuck Glance with all possible fuckery.
I only had to disable it once on mine, after going crazy for a while trying to figure out what had messed up my lock screen. Haven't had it try to come back once.
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
Maybe you can disable it with ADB?
I used to choose Motorola devices for a long time but since 2 years when I bought Edge 30 Fusion I started to notice they automatically (without my knowledge) add 3 stupid apps or games about two times a month :/ There is no way to stop it. My kids phones are stuffed with this sh*t.
On some phones this is done by something like AppCloud, which you can usually uninstall from the user partition using ADB/Universal Android Debloater.
Motorola put the malware apps into the “nondisable” list. You can’t remove them even with ADB PM commands. I was fucking mad that my RAZR couldn't be fully debloated.
See also: various firmware builds for Moto phones like https://dumps.tadiphone.dev/dumps/motorola/aito/-/tree/user-...
Or: buy another brand and not jump hoops.
Definitely, it's more that is worth trying for people who have a phone already. E.g. on Samsung, you can remove most of the bloatware.
A chinese one? My xiaomi required debloating, which left me without the "apps" menu in settings. I am not happy about having to do that. Side note: I have to use either intents or adb to administrate the apps.
All the "best phones" for most of us are bloated tracking devices.
Motorola's history is so unfortunate.
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
FWIW, the worst thing I can say about the Moto Edge 50 Neo (a midrange phone) from a year ago is that it had "sponsored" apps pre-installed. They could be uninstalled (not just deactivated) the usual way and never came back.
I have exactly the same feelings.
> Moto 360
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
I got a prompt about trying new apps every week or something similar. The wording, the moment it prompted me were clearly designed for people to just say "ok" and then wonder how apps were installing regularly without any action. I got caught myself, disabled it but still got new app installs later. I killed the whole thing and have been free since. But definitely felt like a scam. And the apps suck.
They even force you to select a bunch of apps during out-of-box setup on some Motorola phones and it mandates they automatically download post-setup. You can't say "no", you straight up have to let the phone queue up and let it pull all the APKs down for a bunch of shitty preloaded games and Netflix and crap, load them in, then get to waste fifteen minutes removing them again. :\
This is exactly what I noticed and was disappointed about
You are in luck: LineageOS supports many Motorola devices, including the Edge 30.
In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
Financial apps like banking ones sometimes refuse to work on rooted phones and you have to follow if you want to run them.
I just have no time and knowledge to build ROM myself. 100% open projects also suffer supply chain attacks.
For Samsung phones, depending when the phone was released, you may be getting security updates months after they are provided by Google.
Honestly LineageOS is probably a more secure root than the typical random android OEM; unless you're dealing with Samsung or Google.
> There is no way to stop it.
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
I tried to disable some of them but then, (not even) after OS update (sometimes after reboot) I noticed that they are active again.
Strange, I've never gotten any moto apps on my cheap Moto G. I don't sign into any of their crap, but I don't recall doing anything else....
How old is your Moto G?
Anything in the last few years has the moto app manager that force loads LinkedIn etc.
Due to cheap and cheerful with long lasting battery - I still buy Moto G - but setup offline and disable all these apps using https://github.com/Universal-Debloater-Alliance/universal-an...
Luckily there is a mobile phone OS and hardware that isn't produced by the world's largest advertising company, and furthermore doesn't allow two different corporations to be involved in the core OS of the device.
You're right but we can't easily get Huawei devices in North America.
I thought we were talking about non-adversarial-tracking devices.
I hope you are not referring to the company that is pushing AI ads through their system settings, pushing Creator Studio subscription ads through the formerly non-shareware productivity tools, and pushing movie ads through their wallet?
Seriously, get a Pixel and install GrapheneOS, or maybe a Fairphone with LineageOS.
"Seriously, get a Pixel and install..."
Ah, the Google tax. They can turn the lock of that door (bootloader) when they choose to do so.
But they haven't yet, and if you refuse to give Google money directly there's always the secondhand market.
You'd still be walking around as a free advertiser for their stuff, simply by owning Google-branded hardware. And of course the hypocrisy of having a Google phone to avoid Google spying is palpable.
Apple isn't the largest advertising company, but it's a pretty big one. The only other candidates I know of are aftermarket Linux distros, but they have their own problems.
Unfortunately, that company also polices what kinds of apps you’re allowed to install on your hardware.
No, they only allow one corporation to be involved, which is not necessarily an improvement.
Hmm, this thread and the reports of shady practices make me wonder if this will affect the partnership with GrapheneOS[1]. It seems that such things shouldn't really happen on a device where security is a top priority, whether intentional or not.
1: https://news.ycombinator.com/item?id=47214645
Why does it matter? The GrapheneOS team will make the OS images. So as long as the phone is unlockable, has up-to-date firmware bundles, etc. who cares?
I was just wondering that... GrapheneOS team consider Fairphone to be infosec plebs, but instead partner with a company that intentionally harms users' privacy for profit?
I don't see how the former has anything to do with the latter.
I've a Xiaomi phone on which twice appeared obviously debug/hello-world notifications (something like "testtest111") from apps I've never seen or installed. Then another time all Xiaomi phones of close relatives started getting these cheap, spammy ads for Android games in the notifications, this time from some obscure system app: had to look up on reddit that there are settings that disable this specific behavior.
The degree to which I don't own my own device is insane.
I gifted my mom a Xiaomi phone a few years ago. Even after removing all the unnecessary apps and permissions, disabling all the privacy invasive settings and replacing the launcher with the stock Android, I was shocked when I checked the PiHole dashboard. The phone was constantly trying to communicate with dozens of different domains and endpoints, even when idle. None of these attempts had any sort of backoff, so they kept retrying every 30 seconds, draining the battery. Ultimately it generated several times more blocked requests than every other device on my network combined.
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
And it's about to change soon. https://keepandroidopen.org/
Isn't this cookie stuffing? Same modus operandi using by Geo-something widget back in 2000s with hidden ebay affiliate links that got caught by FBI. Someone should go in jail for this.
This bodes well for the up-coming GrapheneOS cooperation..
Nothing screams "secure" better than app hijacking and url injections.
That sounds like a violation of affiliate t&c ? Wouldn't that nullify them, and even lead to lawsuits?
Is Motorola Chinese by any chance? I remember the Motorola company has been split to phones and the rest
Owned by Lenovo, yes
With the digital wellbeing app feature it is possible to set a timer of 0 minutes on all auto-installed and auto-reenabling apps to effectively disabling it for good.
Edit: the timer stays even after updates so the app is not enabled again
I have a Motorola G70, so this is concerning. But its hard to believe that this is a deliberate action by Motorola. To me it seems more likely that an update was compromised. Still bad though.
Notice that this will pass Play Integrity while your clean rom won't.
Vertical videos converted to 16:9 are bad for your readers, Mr Senior Editor.
> Ben Schoon is a Senior Editor
Thank you so much for being not able to consume the screencast video in the article.
I like the Stylus G better than most phones I've owned, but Motorola really needs to end its partnership with the offensive "Glance" ad platform. There should not be a third party app like that which keeps re-enabling and reinstalling on every update. I don't understand what Motorola would get out of a partnership with a scammy third rate ad market that would be worth pissing off so many of their customers, but maybe they have some high level corruption in the company.
The comments here say that all Android phone manufacturers do stuff like this. I have never noticed that kind of things on my Fairphone. But then again, I don't have many apps and certainly not Amazon.
Fairphone or Pixel with GrapheneOS are currently the best bets if you actually want to own your phone.
Since Uber, Airbnb and Tesla, now every company thinks they can do borderline illegal stuff to make an extra buck.
What is next? Our banks selling our payment histories to the highest bidder?
Isn't credit ratings pretty much that? Buy the payment history on debt and then sell some derived value to anyone willing to pay?
> What is next? Our banks selling our payment histories to the highest bidder?
They do it for your own good, so that you get "more opportunity for consumer experiences in stores and online."
https://en.wikipedia.org/wiki/Card_transaction_data
https://pirg.org/edfund/resources/how-mastercard-sells-data/
Yeah, I miss the days of multiple choices on mobile phone OSes.
Chinese brands always pull this stuff
Around 10-15 years ago you could get a completely stock Android from China with basically zero branding, fully unlocked and easily rootable, removable battery, expandable storage, dual DIMs, etc. at a great price. I have a few. Unfortunately many of those small honest OEMs appear to have disappeared, and the bigger ones left have turned scummy.
Especially Xiaomi did a huge ugly U-turn like this. Use to be the best hardware for low price with the selling point of no-crap fully customable phones.
And then, once they become dominant enough starting to play it like the others but stuffing as many unremovable crap as possible.
Microsoft does similar and worse on Windows. This is capitalism being capitalism. Nothing chinese about it.
Its a source of revenue that doesn't harm the user and cannot be disabled by the user. It's the gold standard.
To think I was worried about buying a Xiaomi tablet while already using a Motorola.
Gonna flash a rom on the Xiaomi anyway, but all oems are doing this type of stuff.
Note that Xiaomi today is very hostile to bootloader unlocking -- to get unlock code you need to win in daily first come, first served "lottery" (they limit total number of unlocked devices per day). After a second or two passes you're already too late for the day.
Thank you for letting me know, the plan right now is to try for about a week or 2 and then give up and return the tablet if I can't.
Which is a damn shame because not too many options exist with a headphone jack and a Snapdragon processor. I'm in an environment where Bluetooth is unreliable for a good chunk of my day.
The only other tablet that fits my needs is a gosh darn Surface which is like 1000$.
And the only way to win this lottery is by using an automated script that starts sending automated requests as soon as the new day starts at Beijing time.
No wonder there are numerous dubious sites doing it for you ... this breeds abuse.
All Android OEMs are "doing this type of stuff."
This is really unethical, replacing original app shortcuts breaks trust.
How low can you go?
This is why we need to fight for the right to unlock the bootloader, not only on flagships.
It is laborious to go through all the apps on a phone and dissable the default unessesary "open web link" feature on ALL the apps, but apparently it has some effect in reducing the "draft" from all the back doors
That begs the question! Did they use a Sony rootkit ? XD
I was possibly thinking of getting a Motorola with G.ràphenéOS when released.
Yeah, not now.
The described behavior would not happen when you use a custom OS.
I understand not wanting to give Motorola any money because of this, though.
True. Google does much worse things overall, but they aren't as surface-level scammy as this.
The tail never wags the dog.
Initially the project won't change, but it likely will over time.
But AFAIK it doesn't work like that. Motorola makes a phone that has an unlockable bootloader, provides firmware bundles, etc., but the OS images will be made by the GrapheneOS team and they would never do anything like that.
(I think the misunderstanding is that Motorola would make the GrapheneOS builds.)
I'm misunderstanding nothing
You're probably just not willing to believe that a 'partnership' with a massive company will change things, like I do. I am disagreeing, not misunderstanding. There's a difference
Have you ever observed the GrapheneOS team? I have rarely seen any team more principled than them, outside maybe RMS.
Time will tell, but my bet is on the GrapheneOS team doing the right thing, they have always done so in the past.
> Have you ever observed the GrpheneOS team
I certainly have
> I have rarely seen any team more principled than them
Totally agree with you there.
I'll say no more because you pay a heavy penalty on HN for criticising the project.
I'll just say I hope the collaboration brings some needed maturity, level heads, and stewardship, and that the devs can continue just to focus on the tech.
Calling this "hijacking the Amazon app" is hyperbolic in my opinion. They replaced the shortcut in the app drawer. To me this looks like normal scummy OEM behaviour, like pre-installing spyware, "anti-" malware, adware etc. which sadly pretty much every mobile/computer manufacturer does.
Replacing the OS is one of the first things I do with every laptop, PC and mobile device to get rid of (most) crap that was installed without my consent.
and mobile device
Very little ability to do that with most devices these days, unfortunately.
If an anti-worker company is getting fleeced, nothing wrong with that.
I hope motorola collaborates with Pine and brings linux to phones. In the age of LLM apps are obviously not a problem. (Hopefully windows Phone 7, not 8 also comes back)
I agree with your overall opinion, but not sure why you had to bring LLMs into a topic that has nothing to do with them.
I would agree, but I just looked on my phone and there was a Moto AI services app I don't remember being there before
I think they mean you don't need to worry about a tiny app ecosystem these days because LLMs make it easy to create your own.