Think how bad the market got. Today we have preinstalled garbage apps like LinkedIn, garbage apps mandated to be preinstalled by the government, ads, cloud accounts, notifications spam, telemetry. This is not only Chinese smartphones, for example Samsung also plays this game. I assume there are Chinese backdoors, American backdoors and national government backdoors on almost every phone.
And there seems to be no way to buy a "free" smartphone without Google Services and telemetry below $250. Why 250? Because free OS have multiple bugs and issues and it is not rational to pay more than that.
I am considering two options, one, try to clean up and patch the firmware for a cheap smartphone (remove almost everything proprietary including Google Services, Unrusted Execution Environment, except for basic GUI and launcher), or two, port something like Lineage OS to my phone. Also I need to examine the network traffic and scan for potential weak points like SUID binaries. It is scary to think how much time I will have to waste for this.
Also, it is pretty stupid, in my opinion, to make an OS not based on Android, for example, use Qt for GUI, because there will be no apps for it.
Not sure what timescale you're referring to when you're talking about "how bad the market got" and "today", but back around 2012 I got my first and last Samsung smartphone, must have been a Galaxy 3 or something, that had all of those problematic things too.
It seems like this starting to happen as soon as apps were installable on phones, even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them. Android, because of the whole OEM story, of course is much worse, but I don't feel like any of what you share is new, been going on for decades at this point.
And operators preloading questionable stuff is a much older practice than post-iPhone smartphones. If you had a feature phone in the 2000's, the operator would have customised it one way or another. The iPhone was revolutionary in how much Apple forced the network operators to relinquish control.
> The iPhone was revolutionary in how much Apple forced the network operators to relinquish control
And if AT&T wasn't as desperate to gain market share, we could have had a different story. Both Verizon and Sprint refused the iPhone because they didn't want to give up control. The bloatware was an important piece, but Apple also mandated control over OTA updates which the carriers did not want to relinquish either. The carriers were also opposed to the phone being sold in Apple stores.
I can remember Verizon being sued for forcing device makers to disable the ability to transfer files from feature phones to computers over Bluetooth, because they charged a per file fee to transfer files with their own proprietary software.
My OG moto droid was pretty clean back in ~2009 or so, but even then there was plenty of sketchy carrier installed bloatware. Even my blackberry before that, feature phones even before that, had the carrier crap on it.
Part of why iPhone was such a breath of fresh air at the time it released. There was no carrier bloatware. Apple didn't allow it. Verizon turned down the iPhone because they would not agree to the no carrier branding and did not want to give Apple control over updates.
It's only gotten worse since then, but yeah its always been a thing.
At least with iPhone, there's still no carrier bloat, no facebook/meta, no linkedin, etc.
I'm not sure why Samsung continues to allow it either, they are also big enough to bully the carriers they could just as easily pull an Apple and kick all the spam off their phones, at least for the flagship models.
You can delete almost all apps on iOS except the obviously core apps that are necessary for it to function.
Thanks to the EU! They really fixed a lot of things about the iPhone, a shame not every fix went everywhere like core app removals did though.
You can now. You couldn't do this in the early versions of iOS.
I wish that was the same for MacOS as well. I don't need the TV app...
> even iPhones came (and still comes) with a ton of apps you cannot remove regardless of how little you use them.
While a lot of the code that apps rely on is part of the OS frameworks, these days you can 'remove' most of the apps on an iPhone if you want.
That said, I would also argue that there's a difference between not being able to remove "Calendar" on iOS and not being able to remove "LinkedIn" on Android.
You should all be aware that Lenovo (the owner of Motorola Mobility) has some dark moments in its past.
https://www.theregister.com/2015/08/12/lenovo_firmware_nasty...
Asus does this on many of their consumer motherboards now, too.
Asus has been doing it since before that article was written. It's amazing that a "put rootkit here" Windows feature has been around for so long.
The Gigabyte motherboard on my system does this as well. I turned it off immediately, of course.
Although you will have to buy a used phone in order to pay less than 250$, it seems like GrapheneOS is the best solution for that problem. Not optimal, but the best among what we have.
I was thinking the same. But it worries me that these news about Motorola in particular doing shady shit. I was looking forward to the upcoming GrapheneOS/Motorola partnership :(
How about the FairPhone running /e/os (which is de-googled)? You can buy it preinstalled directly from Murena.
Although this is not at your target price point. But /e/os can be used on hundreds of android phones (as opposed to GrapheneOS). So you can probably install it on your current phone
graphene will still be a separate OS outside of Motorola's control.
GrapheneOS team is helping Motorola build secure phones to spec. but Motorola won't have some special bloated flavor of GrapheneOS installed
Yes but just barely.
The pixel 9a was on offer recently here in Spain for 319⏠and that includes 21% tax. At major chain called media markt. That phone is one of the few supported by grapheneos.
Cheap smartphone path is harder and harder. Unfortunately the pixel series is easiest but comes in double they number for unlocking the bootloader and flashing lineage, etc.
Xiaomi has been ironically the pioneer in this field, but their phones are inaccessible in the USA assuming youâre USA based. The mediatek chipset also is more fun for this over Qualcomm.
Besides suid binaries, the radio firmware and subsequent radios for WiFi and Bluetooth do give out a lot of information and are open to exploitation.
The most opaque and privileged attack surface is often the modem/baseband and vendor diagnostic stack and allow carriers to process local side AT commands.
Qualcomm is more documented, though there are fun discoveries on mediatek Iâve made just using binwalk.
> Xiaomi has been ironically the pioneer in this field, but their phones are inaccessible in the USA assuming youâre USA based
Xiaomi has virtually stopped allowing users to unlock their bootloaders. They only allow 2000 device unlocks per day, which resets every day at 00:00 Beijing time. You can set an alarm and press the unlock button exactly at 00:00 Beijing time, only to get frozen out due to the thundering herd effect and fail to secure an unlock quota. Then, when you try again at 00:01, you just get the dreaded "quota limit reached, try again tomorrow" message.
That sucks, before it was a one week countdown timer.
If the modem cannot access main memory and CPU then it's ok.
> In further digging, we noticed that the URL the phone opens up is âkira-abboud.com,â a website that references fashion influencer â@kirasfashionfinds.â Notably, this exact URL isnât listed anywhere on Abboudâs social media, and the affiliate codes donât match up either. The redirect coming from Motorola phones is using Amazona affiliate code âsramz-kff-008-20â which is completely different from any of the codes we saw from links shared by Abboudâs accounts and linked websites.
Something funny is up; this doesn't seem deliberate.
My guess is a rogue employee who hopes they can get away with this stuff for years till caught...
That employees cousin probably does social media for Abboud...
No matter how you turn it, that doesn't build trust in the Motorola brand, if a single employee can push that (hypothetical) code.
I agree, but in fairness, I don't know of any brand, tech or otherwise, that can completely wall itself off against insider threats. No matter how vigilant you are, someone who knows exactly how you move will find a way around you.
If I'm not guilty until proven innocent, then neither is Motorola.
How about a rogue AI agent banking some cash for the uprising? Are we there yet?!
right, they should start reviewing their PRs
Yup. Let's see Kiras LinkedIN.
An affiliate can create multiple codes
Note that the smart feed "feature" is Taboola-provided adware[0] so it's par for the course. It's beyond comprehension Lenovo would trash the brand by shipping it on flagships.
[0] https://www.reddit.com/r/motorola/comments/1s61usi/edge_60_p...
You're flabbergasted that Lenovo would trash a sub-brand? Lenovo? The company who trashed their own brand with Superfish?
The point where they trashed the brand has long since passed, tried the phones when they bought the brand and it was OK for a while but went downhill quickly.
Until now I waited for their GrapheneOS-based phones. If there isn't a plausible follow up to this injection I don't think I will buy I device from them.
I had the same reaction.
Who outside Apple/Google/Fairphone isn't? Samsung has been shipping the Israeli (IronSource) AppCloud on A series for a while now and people in some regions even spotted it on S-series phones (it'll spy on your usage and install apps). Nothing, which uses clean Android as one of their selling points, started installing something similar (AppServices, presumably also from IronSource given the Aura branding) on various devices.
Between these companies pushing adware/spyware and Apple putting Apple Creator Studio ads in former iWork applications, ads for Apple Intelligence in the system settings, and pushing ads for their F1 movie in Apple Wallet, smartphones have reached the mass enshittification phase.
The only safe havens are Pixel with GrapheneOS and Fairphone with I don't know what exactly (Murena sorta has ads for their own stuff and has many other issues, I guess LineageOS then). Perhaps ironically, given the context, Motorola with GrapheneOS too :).
OneDrive on some Samsung phones recently started uploading user photos on their own, despite user never granting apps the permission to do so:
https://www.reddit.com/r/samsunggalaxy/comments/1t7vqr8/why_...
I am getting tired of all these nonsense.
At this point, Samsung may be shipping more malware than anyone else on phones
Some 7 months ago there was this submission: https://news.ycombinator.com/item?id=45551504 (Microsoft's OneDrive Begins Testing Face-Recognizing AI for Photos (for Some Preview Users)).
I haven't noticed any further links regarding this topic. Thus I have no idea if setting was fully implemented or abandoned but with this thread here you linked, but I'd rather guess they're full after user's data. And from what users wrote there, MS is not even doing this with some elaborated darkpatterns scenarios but just ordinary stealing these photos. This should be announced louder.
It's sad. Samsung phones with just One UI + Good Lock and without all the crapware would actually be a pretty good phone.
But as long as consumers continue buying, nothing will ever change.
Sony as far as I know is not shipping additional adware on their phones.
Lenovo also shipped a Superfish backdoor on their older computers.
I recently got a Samsung A07 to run some tests on. It's stunningly cheap at <ÂŁ100, and will supposedly get 5 years of software/security updates.
After setting it up, I was surprised (but also not surprised) to see ads on the lock screen. The "feature" is called Glance and while it can be disabled in the settings it took me the help of a video tutorial to actually locate the setting.
On my Motorola G Stylus 2025 ($400 MSRP) I have to disable Glance after every reboot (search Glance in Settings then click Disable and Force Stop). Archive/Delete is disabled.
Fuck Glance with all possible fuckery.
I only had to disable it once on mine, after going crazy for a while trying to figure out what had messed up my lock screen. Haven't had it try to come back once.
Also stopped it from updating automatically in the play store...
Still enough shenanigans to make me go to another brand with my next phone. I always liked Motorola phones for being fairly stock without a lot of bloat ware, but that time seems to be in the past.
Maybe you can disable it with ADB?
I used to choose Motorola devices for a long time but since 2 years when I bought Edge 30 Fusion I started to notice they automatically (without my knowledge) add 3 stupid apps or games about two times a month :/ There is no way to stop it. My kids phones are stuffed with this sh*t.
On some phones this is done by something like AppCloud, which you can usually uninstall from the user partition using ADB/Universal Android Debloater.
Motorola put the malware apps into the ânondisableâ list. You canât remove them even with ADB PM commands. I was fucking mad that my RAZR couldn't be fully debloated.
See also: various firmware builds for Moto phones like https://dumps.tadiphone.dev/dumps/motorola/aito/-/tree/user-...
Or: buy another brand and not jump hoops.
A chinese one? My xiaomi required debloating, which left me without the "apps" menu in settings. I am not happy about having to do that. Side note: I have to use either intents or adb to administrate the apps.
All the "best phones" for most of us are bloated tracking devices.
Definitely, it's more that is worth trying for people who have a phone already. E.g. on Samsung, you can remove most of the bloatware.
Motorola's history is so unfortunate.
They were a great brand, cool phones, one of early Android players.
After being bought out by Google, Motorola had some of the best devices out there with stock android, especially in the budget segment (and loved among android devs).They had one of the best smartwatches in the game at the time - Moto 360 (2014!!).
Then, after dropping the Nexus 6, Google stripped the patents and sold them to Lenovo. For a while it was ok, even dropping the relatively innovative Moto Z which had all the cool "modular" addons, played with it for a bit and seemed cool.
And then, things seemed to start taking a turn for the worse as Lenovo kept enshitiffying it more and more, using the brand name as a wedge in the market in which they are basically forgotten. They have the Razr brand which is cool, but the segment that was their best (budget phones) is now ruined with adware so they can extract every bit of value from it.
Such a sad ending for a company that was so early in the space.
FWIW, the worst thing I can say about the Moto Edge 50 Neo (a midrange phone) from a year ago is that it had "sponsored" apps pre-installed. They could be uninstalled (not just deactivated) the usual way and never came back.
> Moto 360
... I was so mad every time Motorola screwed the pooch in this era.
I was a first-gen Moto X user... on Verizon. I didn't get the Lolipop update forever and a day. I was a first-gen Moto Hint owner. We didn't get the wake word update, we got told to buy the Hint 2. And then finally, I was a first-gen Moto 360 owner. We didn't even get Wear OS updates at all. Not WearOS 2, not even WearOS 1.6. Every single first-gen product got immediately dropped for second-gen shit, and we got abandoned.
I have exactly the same feelings.
You are in luck: LineageOS supports many Motorola devices, including the Edge 30.
In the past I often tend to replace stock Android with LineageOS but in today's world with so many attack vectors like for example malware in supply chains etc. I choose to stay with stock OS. I also have my bank apps and lot of my clients data/credentials stored on my accounts.
How do you imagine that protects you? If anything I'm inclined to trust the LineageOS supply chain more than the OEM on account of being a smaller target, having less bloat, and being 100% open from start to finish.
For a particularly sensitive context I'd want to build the ROM myself on an appropriately secured machine running one of the major distros.
For Samsung phones, depending when the phone was released, you may be getting security updates months after they are provided by Google.
Honestly LineageOS is probably a more secure root than the typical random android OEM; unless you're dealing with Samsung or Google.
> There is no way to stop it.
There are ways. All the apps that install this crap can be disabled through Android's app manager, no fancy method required. (Of course updates can bring them back... But "luckily" Motorola isn't too keen on providing those for their products).
Some examples of the apps to look for:
- App Box
- Games
- MotoApps
- Moto App Manager
- Live lock screen
The active adware apps depends on your region and career. In some region Motorola doesn't push adware at all.
Personally by just disabling those (and similar sounding crap) I've never had adware sneakily installed.
For Moto G or lower tiers Edge I can begrudgingly accept that it's part of the deal... But I would be livid if they did this to my $1500 phone, which is why I refuse to risk getting a razr. Whether you want to fight your phone maker and keep using their product is up to you.
Let's hope that the grapheneos partnership plays off in our favor next year!
Strange, I've never gotten any moto apps on my cheap Moto G. I don't sign into any of their crap, but I don't recall doing anything else....
How old is your Moto G?
Anything in the last few years has the moto app manager that force loads LinkedIn etc.
Due to cheap and cheerful with long lasting battery - I still buy Moto G - but setup offline and disable all these apps using https://github.com/Universal-Debloater-Alliance/universal-an...
I tried to disable some of them but then, (not even) after OS update (sometimes after reboot) I noticed that they are active again.
Hmm, this thread and the reports of shady practices make me wonder if this will affect the partnership with GrapheneOS[1]. It seems that such things shouldn't really happen on a device where security is a top priority, whether intentional or not.
Why does it matter? The GrapheneOS team will make the OS images. So as long as the phone is unlockable, has up-to-date firmware bundles, etc. who cares?
GrapheneOS may be de-googled but it is not de-blobbed, they rely on the vendor to maintain certain drivers etc. Hopefully the driver maintenance team is very separate from the bloatware installation team, but someone could reasonably worry that they're tarred with the same brush.
I would guess that most of the driver development is done by Qualcomm for phones with Qualcomm SoCs. At least that is what I've seen looking at the firmware/driver bundles some Qualcomm-based phones.
(Of course, there is more, like camera firmware, etc. but they are typically provided through the hardware providers.)
I was just wondering that... GrapheneOS team consider Fairphone to be infosec plebs, but instead partner with a company that intentionally harms users' privacy for profit?
It may be worth noting that GrapheneOS in most cases to date are not the initiators for conversations around extra device support. They do not control which mobile divisions and engineering teams can come to them and back genuine interest with the resources needed to reach an acceptable privacy/security standard for support.
The question is really why are Motorola the only ones that have gone that extra mile so far and what does it say about the rest of the Android OEMs (including Fairphone, which unlike most is actually a younger project than GrapheneOS).
The issue with small players like Fairphone is that they rely on external ODMs to develop their hardware and basic software. They do get some IP rights but they actually lack the engineering manpower to actually maintain software. ODMs usually have special trade agreements with factories and Google to optimize the prices. Small companies cannot get such leverages.
I don't see how the former has anything to do with the latter.
You don't see how it doesn't make sense for Graphene to reject a company because it doesn't handle security according to their standards, but be OK with a company that is actively malicious?
I've a Xiaomi phone on which twice appeared obviously debug/hello-world notifications (something like "testtest111") from apps I've never seen or installed. Then another time all Xiaomi phones of close relatives started getting these cheap, spammy ads for Android games in the notifications, this time from some obscure system app: had to look up on reddit that there are settings that disable this specific behavior.
The degree to which I don't own my own device is insane.
I gifted my mom a Xiaomi phone a few years ago. Even after removing all the unnecessary apps and permissions, disabling all the privacy invasive settings and replacing the launcher with the stock Android, I was shocked when I checked the PiHole dashboard. The phone was constantly trying to communicate with dozens of different domains and endpoints, even when idle. None of these attempts had any sort of backoff, so they kept retrying every 30 seconds, draining the battery. Ultimately it generated several times more blocked requests than every other device on my network combined.
This was the first and only Xiaomi device I ever bought, no matter how attractive they might seem.
And it's about to change soon. https://keepandroidopen.org/
It looks like devicenative "accidentally" deleted their documentation page that was linked from that article. Fortunately someone archived it beforehand. Oops.
https://web.archive.org/web/20260526042018/https://docs.devi...
Also, as of some hours ago Motorola has stopped the activity but didn't say anything about how it started in the first place. https://9to5google.com/2026/05/27/motorola-amazon-app-uninte...
Get a daily email with the the top stories from Hacker News. No spam, unsubscribe at any time.