No.
Does Pure OS ship with alternative stores, or just their own “software” app?
Yes,
No, (again does the “software” store feature from Pure OS do this? - it’s not just aptitude that will provide a graphical front end listing all the packages in a repo? - I don’t know, not exceptionally familiar with the Software app in PureOS)
exactly… but… the same is true of PureOS?
That’s not the equivalent question. It’s equivalent to “Does Google Android come with other things alongside Play Store?”. The actually equivalent question is “Does anyone ship PureOS with their own store?” The answer is “Even PureOS doesn’t ship with the final Store, it hasn’t fully rolled out yet :P”.
Now you cannot say that. Google has absolute control over the store/Play Services, and can do (or aren’t allowed but still do) whatever they like: https://android.gadgethacks.com/news/googles-uncertified-device-ban-is-hit-amazon-no-more-android-apps-fire-os-0183744/
PureOS wins here by not having any proprietary, revokably licenseable “Services” API that is necessary to use the majority of apps. No control over what the OEM or user can install there.
I don’t actually know, but what I was getting at is that since it’s open, no one will stop any OEM if they want to.
PureOS allowing side loading will not make a huge difference for power users, that’s true. But power users are not that relevant for censorship at scale. That’s why I talk about how PureOS is much better for OEM (and defaults, and stores) diversity than Android.
Again, clearly I’m missing something, I see the comparison is exactly equivalent.
you ask does android ship with anything except the default (google play store)
I ask does PureOS ship with anything except the default purism (purism software store)
The Play store links to a curated list of apps, distributed from a central repository, as APKs. public keys of the play store are already trusted on the device when shipped.
you can choose to use other stores (with other app lists curated by other people.) -if you choose to "accept the “risk” of doing that. or choose to install applications directly with standalone APKs
(alternatively you can use (for example) gcc-arm and write/compile your own software. directly on the device.)
the Software store on PureOS is a curated list of applications, distributed from a centrally controlled repository, (as APT) public keys of the pureOS software store are already trusted on the devices when shipped.
you can choose to use other “stores” (with other app list curated by other people. ) -if you choose to “accept the risk” of doing that, or you can choose to install applications directly from standalone APTs
or you can write and compile your own software directly on the device.
Uhhh… Purism develop the OS, and the “software app” and distribute it on devices they are sending out? (it’s certainly in the distribution ISO)
This would be the same as a Nexus (designed by Google) shipping with Android (developed by google) with the google play store… so is the google store good when Google distribute it via the Nexus platform?
(Perhaps you’re contending that if there was a Huawei store that shipped by default on Huawei devices that would fix this issue of central control and potential censorship?)
(directly from the article!).
Right… so a curated store of applications where someone else is going to control what the 90% of people who do not care to install things outside of the walled gardens see…
Stopping censorship must involve moving away from centralized distribution systems,
The trouble is that 90% of the users want a centralized distribution system for applications and updates, and will gladly take the penalty that an applications may be removed.
Changing the people who control the distribution system from Google to Purism does nothing to address the core problem, (it just moves the problem)
The article literally goes from apple/google duopoly bad.
To android users aren’t locked in, but they have to follow complicated instructions or know what apps they can trust when they are not locked in, to we created and curate our own store. (and you can go outside of that store if you like!)
I think the thing being missed here is that there’s two different cases being talked about.
You’re talking about what the “end user” of the phone can do. @dcz is talking about what other people wanting to use PureOS to manufacture their own phone (OEMs) could do with it.
Forgive me if I’m misunderstanding; it sounds to me like the distinction you’re trying for is that:
Google, via licensing, doesn’t allow OEM’s to ship their own software store alongside the Google play store?
If that’s the distinction you’re going for I respectfully disagree as my samsung phone came with the samsung store alongside the Google play store and I’m pretty sure samsung hasn’t been penalized by Google for this.
Also Amazon kindles, to the best of my knowledge, also fall into this realm of Android devices shipping with multiple stores.
If you’re saying Google doesn’t allow shipping android with the play store having been replaced by another store, then I point you to the fairphone which I believe ships exactly that way.
Maybe I too am missing something but that seemed to me to be the difference you were going for?
Samsung may have reached an agreement with Google to allow them to do that but they DO require Google to allow them to do that. Here Purism doesn’t need to allow anyone.
I believe Amazon android devices never shipped with Google services for exactly that reason.
Fair enough, I thought the kindle my friend had also had google services but if my memory is inaccurate I accept that.
If that is the distinction we’re painting then, wouldn’t it be fair to say that:
While google might be able to choose to prevent an OEM from shipping both google play and a competing app store in android; would purism allow an OEM to ship a phone with a competing app store that allowed proprietary software inside of PureOS?
I suspect that Purism would require an OEM that does such a thing to rename the OS so as not to cause confusion for customers. While this is not technically exactly the same thing, in a situation where pureOS is the bigger name, it could be functionally the same result for the majority of people whom want the “trusted” name.
I can say that because the context of the question was whether I can take a device with google play store (pre-installed/licensed by OEM) and install whatever other app stores I like on that devices without stepping on the toes of the google play store license. - yes I can.
Whether the “majority of apps” is distributed through the play store is of no consequence now. - as I’ve said several times, give it five years of good sales and the Purism “software store” will be the main supplier of apps (as the default play-store-alike) for 90% of users.
The situation with restricting what other software I can run on the device (which doesn’t exist) is very (VERY) different from the article linked (amazon) device is not licensed to run that software!
Even if the google play store was licensed under GPLv3, section 7e would allow Google to deny Amazon rights to use the “google” play store on their devices, (as it contains the name Google - which is their trademark)
Google would also be allowed to stop them advertising their product as compatible with the play store under term 7d (which allows them not to use their marks in advertising.)
Amazon are free to create their own competing application repository - as purism are doing!
GPLv3 is a license in use by Purism - so even in your contrived example where you needed to twist the premise of a question… tell me how open source is protecting me from this practice? of restricting the devices that your software can run on?
(also linking to a site where a person must accept tracking cookies to read the article whilst discussing privacy is the ultimate irony!)
Somewhat. I’d further clarify that in Google’s case they can prevent you from using the code (for all Google Play Services i.e. the App store, Google Maps, YouTube app etc) AND the Branding.
In PureOS’ case they can at most, stop you using the name/branding.
I definitely can say that my kid’s Fire doesn’t have google play store and I cannot even install it without side-loading google apk. But I can also confirm friend of mine sideloaded google apk and wiped amazon store from his Fire (after rooting it).
No, that’s exactly what I was trying to determine. That makes Google so much less dangerous IMO, and indeed makes the store equivalent to Purism.
The other way Google has monopoly (and control) over the apps ecosystem that Purism will never have is Play Services APIs. Once an OEM is banned from distributing it, applications needing them can’t be installed, regardless of where they come from. But that’s another argument I guess.
I think you are right. I try to avoid apps because there is always a possibility that they contain spyware. But today I had problems with such a small but important thing as a parking app. I had no cash (who has …) and the machine would not take cards - only coins or parking app. So I started to think about buying a cell phone to use only for parking ! If the app has spyware it cannot gather much information. Perhaps where my car is but that is clear by using the parking meter anyway.
The important thing is to prevent spyware (apps) to get into your main computer/phone. At least until spying apps are outlawed and there is a reliable verification procedure for apps. Of course Android and Apple do not qualify in that respect. So we could end up using several phones. They could be low quality and really bad as long as they are cheap. You can switch them off when they are not needed. The car parking phone I can leave in the car so not to carry around too many phones. Perhaps I need a bit better phone for my banking app …
Why put everything in the same computer/phone ?
I would rather say that the main problem is our laziness. The laziness is the mother of all sins :-). I might have both motivation and understanding but then I think: “Oh, that is too complicated - i have no time to do the right thing. Let’s use the Android app”.
Exactly. On my linux box, I have multiple vm’s running (qemu). One vm is dedicated to quarantining all of my interactions with google. In addition I have a vpn to a cloud server that I tear down and build a new every month (it gets me a new IP address).
There’s another concern w.r.t. Google’s level of control, in that they can remotely uninstall an application on a user’s handset. Which they sometimes do when they find an application to contain malware. And probably for some self-serving reasons as well, from time to time.
That said, the same is in a sense also possible in PureOS or any other Linux distro. If you want to remove a package from an end-user’s handset, all you have to do is publish a new empty package with a higher version number, and unpublish all prior versions from the apt repo. As soon as the user updates, they effectively uninstall their application.
Nice, but I think the user next door could not do that. But it is easy to buy a cheap phone and install some disgusting app in it if necessary. Also it would solve any problems with installing non-free apps on my Librem 5 (when I get it) so that I can keep it purely Linux (Purism OS).
A bigger problem is Facebook (and the likes). I must be active in some groups and I wonder if I must buy another phone for that ? And a banking phone and … Perhaps one Linux phone and one phone for ugly apps which I can switch off when I do not use the apps.
You are right, this is not a solution for a typical user.
With respect banking apps, I never put them on a mobile device. I manage my bank accounts from home. Banking is not that urgent of an activity and so why create a larger risk surface?
So do I, but I must have a Swedish Swish app on my phone because it is used very much in Sweden even for paying at a small market stand. And it needs my BankId app which also is used for verification in many places. It is really difficult to use coins and notes in some places in Sweden. You cannot even ride a bus with cash in some cases.
Do they charge for bank accounts in Sweden? If not, set up two: one to keep enough money to use on a mobile and then the real account. I would assume transfers between them would be easy and free.
I do have several already - for safety. But I do not want to make it too complicated and I need a substantial sum for my daily business. EU now has a directive for two-step verification which in practice means that I must have my cell phone to get a verification code each time I pay. This makes the cell phone necessary to be able to pay at all. It should be no problem for Librem 5 as the code is transferred over SMS (which must work relatively fast). The payment systems are evolving in the EU and I do not know where we will end up but I hope it will be platform independent with support for Linux.
In general I do not want too many special apps. It is better to have a few standard apps that are reliable. And it would make it more difficult to “make software disappear”.