Volkswagen started blocking GrapheneOS users

If their APIs are done correctly, they shouldn't be afraid to expose them.

The company's have done their thing to ensure that the average guy wouldn't even try escaping their lock-in. So chances are becoming smaller and smaller to hope for a critical mass of users to complain.

specially because no car really supports grapheneos, but it can be used in any car supporting regular android provided google play is installed which ensures google's certification and validation is being preserved. if i get this right bmw is actively blocking this, which would be just a dick move.

Vendor lock-in to Play services is ridiculous.

A car is a big purchase, and ideally not something I discard after a few years. I'd like it to not treat me like a second-class citizen and renter who can't make decisions over how to extend the life of my purchase.

All of em.

"Some nerd couldn't use their nerd phone."

What incentive does a dealer have to know or care about this?

Peugeot is reasonable and works. Charging could be faster and WLTP longer, and once I had the screens restart while on the motorway which thankfully did not affect driving but was pretty terrifying. All that to say - go ahead and buy European. You'll have some issues but for me all better than to get a china car with who knows what data exfiltration and hidden issues, or a Tesla that will lock you in when the car burns. EU companies are too boring to spy and too risk averse to have tesla-like issues..

If you don’t want/need a new car, the used car market in Germany is pretty active with EQAs and EQBs.

Not quite an SUV, but maybe fits the same use case?

I always read this online, but my personal experience in EU doesn't match that at all in quite a sample of people and cars over the last ~15 years. At least not for older cards. The reliability after 100k km seems to be somewhat similar.

The repairability of VW-group stuff in 3rd party services is soo much better and cheaper. The WV-group is huge and many models across the brands share same parts and full engines. There exist non-OEM alternatives and people know how to fix those cars.

I have never bought new car. But driving anything but VW got expensive fast.

Toyota cars can have bespoke parts even between different months of the same year for the same model. Continuous improvement isn't really that cool for cars.

Putting these factors aside: they are usually cheaper than their peers in insurance and they have dealerships absolutely everywhere. I've had multiple Skoda and VW EV rentals and the experience has been nothing but pleasant. Hence my priorities.

https://en.wikipedia.org/wiki/Diesel_emissions_scandal https://en.wikipedia.org/wiki/Defeat_device

I have test driven the Kia EV4 and EV3, but I am not a huge fan. I do not enjoy the look of the EV3 and while the EV4 was a nice drive, I kept bumping my leg against the direction selector (which is below the handle for the wipers; But this is a huge nitpick since I am fairly tall, so not really an issue for 99% of drivers).

The main issue with Kia across the board is that their are so darn expensive for insurance. At my current provider, the EV4s insurance would have been 500 EUR more expensive than an roughly equally priced Cupra Born.

Not a huge SUV fan, but the Skoda Elroq and Skoda Enyaq were very nice vehicles as well

In a similar vein, I once met a woman who told me how she would enter every single one of those stupid contests that you'd see printed on cereal boxes and ice cream containers because literally five people enter into those things, so you're odds of winning are surprisingly high. Apparently she won a bunch of them, but her favorite was when got a week long vacation that included going on a fishing trip with Ben and Jerry of "Ben and Jerry's".

- beeps about the speed limit, especially if it misses a sign. For example every time starting on a parking lot it keeps the 5 kph even after multiple turns

- warns about leaving the lane, including trying to stay on the lane by slightly couter steering while ignoring yellow construction lines

- Sometimes when moving off from a standstill in a queue, it triggers all "careful you're about to crash into something"-warnings. I suspect it's detecting exhaust gasses from a car in front?

- You must not, ever, touch the turn signal to announce your will switch lanes soon, while there is still a car next to you. You'll get a loud, obnoxious warning tone. This one is especially annoing as it makes sleeping as a passenger on the autobahn basically impossible.

When I talked to the dealers, they said that the speedometers only have to be accurate +/- 10% according to the SAE specifications.

After DieselGate I assumed that the high reading was to game the fuel consumption game.

Never again, VW auto group…

I guess you just filter it out after a while but it definitely makes me think I need to do some research before getting a new car any time soon.

One dual-boots to a reputable Linux vendor’s signed/sealed OS image with secure boot enabled in BIOS, so that the attestations are valid; financially supports said vendor; contacts them quarterly with check-ins on the status of their lockdown+attestation roadmap and uses professional journalism approaches to highlight their (in/)action; and, contacts one’s relevant governing body to petition for the addition of that vendor’s signed/sealed product line to be added to the authorized signatures list by both government-sponsored apps and to the verification platforms of the competing vendors (in order to balance the necessities of attestations with an appropriate degree of anti-monopolistic protections for consumers).

> It's scary how quickly the banning is moving. The problem is what happens next. When they realise that banning things doesn't really work

This confidence that ‘attestation doesn’t really work’ is the same sort of confidence that lead the Linux user community to largely scoff at, and ignore, attestation’s threat from when it was ballistically launched three decades ago towards the future. Options are now very limited for stopping it, and largely reduced to ‘getting some Linux into the approval list’. Severe compromises in user freedom will be required for the signed+sealed distro images to receive government approvals.

Imagine if Linux were an app on a video game console and you start to see the outcome: it’s a perfectly great working environment into which all of /usr/local and /opt and /home are writable, but the lockdown prevents you from modifying the OS in any way that could defeat the attestation protections. Apps you install into /opt can only access their own /opt/prefix, apps you install into /usr/local can access $HOME. The apps you install can choose to write session data (such as digital age verification certificates) to a system-protected /data store keyed first by the kernel’s signature, and second by the vendor signature the kernel reads from the app; with the understanding that an attestation latch-forward after an exploit patch will wipe that store, and that dual-booting to a different vendor will suspend access to sessions stored by that vendor.

This is, to climb on my hobby horse for a moment, why I continue to believe that Valve will be the first Linux vendor to receive government attestation approval alongside Apple / Google / Microsoft have previously across the desktop and mobile spaces. I’d really prefer that to be Graphene, Ubuntu, and Valve — but Graphene’s customer base is hostile to this, Ubuntu doesn’t have any incentive to care, and of the Linux vendors out there, Valve has a decade-long head start on the need for a locked-down and attested platform for business reasons. All of the above falls out naturally from considering how to defend one app from another on Android, iOS, Steam Deck, and Xbox. So far as I can tell today, though, Linux intends to be left out in the cold on all this. Oh well.

[0]: https://www.birminghammail.co.uk/news/midlands-news/new-vpn-...

https://youtube.com/shorts/WvHl3G6KojI

I believe they're "doing research" into it, which basically means they don't understand how any of it works.

It mostly happened already and it's in motion.

Literally who?

Toyota's have such a backlog of orders that they're marking cars up above MSRP

I still am hoping that at one point they understand the full consequences of remote attestation. There are some signs they start to notice, but it's slow...

If most would do this, they are not individuals anymore.

My take is that they were trying to block rooted phones and/or custom ROMs of questionable origin and GrapheneOS just became collateral damage because all these companies do go the minimal route of using Play Integrity. GrapheneOS supports remote attestation through AOSP APIs, in fact, they have a page about it.

I think it's worth letting this be heard. GrapheneOS has > 400,000 users and is rapidly growing. Breaking things is not going to affect 5 people anymore, but thousands, ten thousands or hundreds of thousands, depending on what the app is.

GrapheneOS is also not responsible for bugs in this app. Any bug reports coming from GOS are likely to be from the hardening toggles, which uncover bugs in the app. This is the apps fault, and these bugs still exist on other OSs. It should be resolved for the benefit of all users.

"Support" is such an overloaded and vague word in the software industry. What does it mean for a company to "support" an app/os configuration?

1. They deliberately target that app/os configuration, QA tests it, and answer customer support requests about it.

2. They target the configuration, QA tests it, but it's offered without customer support.

3. They target the configuration, but only release an untested build, use at your own risk.

4. They don't target the configuration at all, but the builds they do release happen to work on the configuration, totally unacknowledged by the company.

5. They don't target the configuration, and deliberately sabotage their application such that un-targeted configurations are actively blocked. Only adversarial users who hack the software are able to use it.

Too many companies say: "We can't do 1 because we don't 'support' it, therefore we must do 5!"

Because of those bug reports, very few may be specific to the non-mainstream OS? https://news.ycombinator.com/item?id=28978086

Hypothetically, if GrapheneOS wanted to become a certified Android, it would probably not be blocked on technical reasons, only that becoming certified (last time a contract was leaked) requires running privileged Google Play Services (which is less secure) and pre-installing a bunch of Google apps that should not be uninstallable.

How is that not anti-competitive?

The issue is not that this application isnt tested on GOS, its that an anticompetitive, illegal tool is being used to ban non-certified OSs when these apps would work perfectly otherwise.

Obviously VW broke the app for GrapheneOS (or any other custom ROM) on purpose, and ironically, things usually works fine for custom ROMs than some Chinese OEM customized ROMs, and when it works, it means the developer went extra miles to implement workaround to cater the flawed OS.[1]

[1]: ref: Years of Android community experience

Maybe then app developers should be mandated to open fully their server-side protocols, so people can create apps for platforms that are not supported by default. No more undocumented APIs, anybody can get an API key, no API serving limits!

Fuck that.

Then that's a poor design that should go the way of the dodo. Someone hacking the entertainment system should not be able to take over control of the engine. The entertainment system on planes do not allow one to hack into the autopilot. There should be no need for a firewall, they should have no shared wires between them.

People are growingly concerned with both the car manu and Apple/Google control over their car and related extra software goodies.

Laws are really needed when businesses don’t play nicely. I don’t know the legal specifics, but I’m sure glad I don’t need to buy $1000’s of specialty tools to maintain my vehicle, and sure glad that replacement parts are readily available (and will be for decades).

Just image how much worse society would be if car manus did the same thing as Apple and had ID-paired parts. Sorry! Your AC doesn’t work anymore, please install a genuine Honda oil filter at your nearest Authorized Honda Shop, available for a minimum of $500.

(Yes, repairability and standardization are encouraged where feasible.)