As AOSP is becoming even more closed source (only QPR0 and QPR2 will be released normally from now on) and you may be curious about GOS lore (because it's going to be the only timely patched form of Android), here's a snippet of it.
I'm sure sharing it to ask questions is a quick way to get banned in GOS communities btw.
I'm sure sharing it to ask questions is a quick way to get banned in GOS communities btw.
π11π5π2
Tadi Channel
https://tuta.com/blog/how-to-disable-gemini-on-android Don't login into your OS vendor's account. The capabilities and incentives of screwing you are way too high. "There was a contract which you accepted" is less of a working defense when a given contractβ¦
https://boingboing.net/2026/01/05/everyone-hates-onedrive-microsofts-cloud-app-that-steals-then-deletes-all-your-files.html
Just don't login into OS vendor's online accounts, anywhere.
Just don't login into OS vendor's online accounts, anywhere.
Boing Boing
Everyone hates OneDrive, Microsoft's cloud app that steals then deletes all your files
OneDrive is Microsoft's cloud-based storage service, and it's aggressively pushed on users of Windows. They want your files on their servers, and are willing to use dark patterns to getβ¦
π6β€1π1
Tadi Channel
What is a small phone? People vary about the definition, but to me, they basically don't exist anymore, so what I'm used to call "small" is what I actually consider as normal. The barrier of it to me is the width of 72mm. Considering how small the list isβ¦
This being not bl unlockable is the greatest offense to the compact phone market yet
π14π3π₯°1
https://nuxx.net/blog/2026/01/09/oled-not-for-me/
When I noticed significant fringing on an S20+, I thought it's a phone specific skill issue, because the supply chains are longer and responsibility gets diffused. Turns out that a 2025 OLED monitor is the same. It's quite plausible that the controller does support the needed corrections for subpixel rendering (SPR), and yet a monitor company failed the only job they had.
When I noticed significant fringing on an S20+, I thought it's a phone specific skill issue, because the supply chains are longer and responsibility gets diffused. Turns out that a 2025 OLED monitor is the same. It's quite plausible that the controller does support the needed corrections for subpixel rendering (SPR), and yet a monitor company failed the only job they had.
π€―3π1π1
Tadi Channel
https://nuxx.net/blog/2026/01/09/oled-not-for-me/ When I noticed significant fringing on an S20+, I thought it's a phone specific skill issue, because the supply chains are longer and responsibility gets diffused. Turns out that a 2025 OLED monitor is theβ¦
Here's the S20+. It's not a limitation of the subpixel array. In case of one, the colors would be switching sequentially like on a thin cable shot far away with a Bayer sensor. Here, the individual colors are evidently "centered" with a bias to the expected center of the pixel. This allows them to reliably drift in their own direction.
π4π3
Tadi Channel
Here's the S20+. It's not a limitation of the subpixel array. In case of one, the colors would be switching sequentially like on a thin cable shot far away with a Bayer sensor. Here, the individual colors are evidently "centered" with a bias to the expectedβ¦
And pretty much yes, I believe that some of the people who thought PWM irritates them, may actually dislike misconfigured subpixel rendering. While fringing is one thing, some of the SPR configurations can result in blur. It's a fairly straightforward topic that probably isn't going away just yet.
π4π2β€1
https://youtube.com/watch?v=oP7xzAdCYQU
I wonder if they even paid him for using his personal brand, considering he's not in the video even for a moment. Too cheap to collab with a streamer?!
I wonder if they even paid him for using his personal brand, considering he's not in the video even for a moment. Too cheap to collab with a streamer?!
YouTube
We made IShowSpeed's Dream Phone
The Nothing team theorises what it would take to make a dream streaming Phone for IShowSpeed. Working out what features he would need and how much it would cost to develop this custom phone.
The Nothing team also have a special update with Subtle Computingβ¦
The Nothing team also have a special update with Subtle Computingβ¦
π12π3
Tadi Channel
BTW, think of it as a litmus test for every "reputable" """keybox extractor""" wannabe (I'm speaking of all keybox sellers who claim to extract them from devices rather than OEM leaks) who won't manage to do anything despite the writeup. Since it couldn'tβ¦
To be clear, Keymint remote key provisioning changes this to a really massive degree.
https://android.googleapis.com/attestation/status
This json will either disappear at some point, get redefined or grow to megabytes, since device-wide (all units running the same build during a given time frame) public listing of revocations would no longer be practical β the banned "serials" would supposedly have to be per each unique app installation. Yes, I'm still trying to comprehend it. No, collecting unit-unique public keys at the factory and uploading them to Google isn't the whole story.
Tldr: if whoever decides to play by Google's rules, attestation/PIA/screen proxying from a device you personally own may actually let you live in peace, but for all it's worth, it really seems that Google won't have to choose between revoking a whole device (bad for PIA adoption) and letting non-compliers in.
To benefit from the new level of control, Google will likely just break the promise of:
"Additionally, Google backend servers are segmented such that the server which verifies the deviceβs public key does not see the attached attestation keys. This means it is not possible for Google to correlate attestation keys back to a particular device that requested them."
If they won't, why all this effort?
https://android.googleapis.com/attestation/status
This json will either disappear at some point, get redefined or grow to megabytes, since device-wide (all units running the same build during a given time frame) public listing of revocations would no longer be practical β the banned "serials" would supposedly have to be per each unique app installation. Yes, I'm still trying to comprehend it. No, collecting unit-unique public keys at the factory and uploading them to Google isn't the whole story.
Tldr: if whoever decides to play by Google's rules, attestation/PIA/screen proxying from a device you personally own may actually let you live in peace, but for all it's worth, it really seems that Google won't have to choose between revoking a whole device (bad for PIA adoption) and letting non-compliers in.
To benefit from the new level of control, Google will likely just break the promise of:
"Additionally, Google backend servers are segmented such that the server which verifies the deviceβs public key does not see the attached attestation keys. This means it is not possible for Google to correlate attestation keys back to a particular device that requested them."
If they won't, why all this effort?
π6β€1
https://linuxiac.com/linux-snap-users-warned-as-attackers-push-malware-through-old-trusted-apps/
Looks like Snaps don't have to be signed before uploading them and then are only signed by the store. A quite bad design.
Looks like Snaps don't have to be signed before uploading them and then are only signed by the store. A quite bad design.
Linuxiac
Linux Snap Users Warned as Attackers Push Malware Through Old Trusted Apps
A new Snap Store scam campaign abuses expired publisher domains to bypass trust signals and deliver malicious app updates.
π9π€―3
Tadi Channel
To be clear, Keymint remote key provisioning changes this to a really massive degree. https://android.googleapis.com/attestation/status This json will either disappear at some point, get redefined or grow to megabytes, since device-wide (all units runningβ¦
As a matter of fact, I do wish someone would test this Google's promise, there's nothing to lose because the architecture for granular revocation is now in place and changing it would only be a change of policy, not of client side implementation.
π1
Tadi Channel
https://linuxiac.com/linux-snap-users-warned-as-attackers-push-malware-through-old-trusted-apps/ Looks like Snaps don't have to be signed before uploading them and then are only signed by the store. A quite bad design.
For comparison, Flathub's process is Github-reliant (accounts are forced to have 2FA by the org)
β€3π1π1
https://www.theverge.com/tech/864595/nexphone-android-linux-windows-11
Don't underestimate this one. For reasons.
Don't underestimate this one. For reasons.
The Verge
This midrange Android phone also runs Windows and Linux
2026: the year of Linux on your phone.
π₯9β€2π€―2π₯°1π1
Tadi Channel
I've heard people are interested in reading more, this is one additional resource that describes completely authoritative use of content credentials that includes concepts like app whitelisting: https://security.googleblog.com/2025/09/pixel-android-trustedβ¦
This image is cryptographically attested to be completely real
*adds a third eye on your forehead*
*adds a third eye on your forehead*
π10π4π3