Attempting (and failing) to escape Google

:: rant, android

By: Hazel Levine

Alternative title: Young NB Yells At The Cloud

Note that this absolutely isn’t vetted for technical accuracy. It’s probably also not a very coherent post altogether. I just needed to get this off my chest.

Ever since late 2019, I’ve been using a Google Pixel 2 as my day-to-day cellphone. While I’ve known that it didn’t respect my privacy, per the Google tradition of being creepy and generally terrifying, I wasn’t entirely aware of this phenomenon until Google told me when I registered my rooted Nook Tablet with their services in 2014. The fact that this has been recorded six years later was enough to set me off on a path to de-Googlify my Google phone.

The first option I found was RattlesnakeOS, which is basically just AOSP built on EC2. While it seemed like a competent option, and it likely is, I didn’t want to set up an AWS account and pay $5/mo to build it, as I’m already paying $10/mo on my current servers (including the one hosting this website). In addition, there’s GrapheneOS, which is the continuation of the ill-fated CopperheadOS (which effectively died Because Capitalism^TM after CopperheadOS was commercialized, effectively killing the project altogether). I opted for the latter as I wouldn’t have to set up my own build infrastructure on AWS, and the fact that GrapheneOS decidedly had more features directly geared towards a “hardened” Android experience, regardless of de-Googlification.

This of course, would be wonderful… if not for a critical roadblock.

Trying to unlock the bootloader

Here’s how it went down: “Hey, are you able to unlock the boot-loader?”

 Λ ~ fastboot flashing get_unlock_ability
(bootloader) get_unlock_ability: 1
OKAY [  0.000s]

(read: “yeah, sure”)

“Okay, can you unlock the boot-loader?”

 λ ~ fastboot flashing unlock
FAILED (remote: 'Flashing Unlock is not allowed')
fastboot: error: Command failed

(read: “No, because I’m not able to.”)

…so I’m left with Schrödinger’s bootloader. Wonderful! Furthermore, I’m not the only one with this issue; not only do some carriers lock down your ability to OEM unlock, but Google Play Services’ anti-theft protection makes it impossible to do so without an internet connection, and some refurbished Pixel devices (mine being case-in-point) just don’t cooperate, regardless as to whether or not it should work.

My experience with Google support on this topic basically boiled down to “why are you even trying to unlock the bootloader, you idiot”, so that’s out of the question. I’d imagine they’re probably not super happy about me stealing profits from them by trying to escape their ecosystem.

On a happier note, I came across this person on Freenode’s channel #grapheneos, which eased the tension due to them not breaking character:

       hazel1 │ hi yes okay so.
       hazel1 │ i'm on a pixel 2 non-xl, `fastboot flashing get_unlock_ability` returns 1, but `fastboot flashing unlock` says "Flashing Unlock is not allowed"
       hazel1 │ no idea where to go from here.
TheJollyRoger │ Avast! Did ye enable OEM unlocking in the OS under developer options?
       hazel1 │ i did, yes, that's what `fastboot flashing get_unlock_ability = 1` meant
       hazel1 │ also i appreciate your dedication to character.
       hazel1 │ i'm on linux, if that's important, and i'm running these commands as root.
TheJollyRoger │ Shiver me timbers, I be stuck too. Maybe someone else on this here tub will know.

Why this is stupid

This is where I turn this tech rant into a political rant, as I have no self-control.

Per the majority of things that happen in the modern tech industry, this is, of course, a byproduct of capitalism. The fact that carriers or refurbishers can lock you out of customizing your own device is in it of itself terrifying, on the merit that it’s an effective paywall to gain control of the hardware you own — or rather, should own. While I’m a firm believer in security, and a firm believer that the majority of people have devices that work well enough for them (given that they’re not privacy conscious…), I’m also under the impression that people should have control over the things they own. Capitalism, in the name of profit, contradicts that scheme.

The fact that your carrier owns your phone, or your phone manufacturer owns your phone, or Google owns your phone, etc, applies in bounds here. While the saying is generally “if it’s free, you’re the product”, the fact that you’re still the product when buying an expensive device speaks volumes about the technological ecosystems we tend to depend on in 2020. I should be able to unlock the bootloader without a second thought, but the fact that some refurbisher owns the rights to do that with the device I should own, and not me, worries me deeply.

I shouldn’t have to worry about whether some random thing I say is going to be used against me in some creepy fashion three weeks later in an ad that shows up on a torrent site when I’m trying to scrape the web for some obscure piece of software that nobody uses or some movie that nobody watched.

I’m well aware that this point has been regurgitated. I’m well aware this post doesn’t actually make much sense. But regardless, I’m scared that Google has this much control, and I’m scared that I’m unable to remove it.

Follow-up (2020–01–29) and a potential explanation

So apparently this is by design, which pretty much confirms my theory. Great. Per a user on the Pixel Phone Help “official support forum”:

Update: I was able to get a reply from the higher levels in Google and they simply informed the man handling my case, to his astonishment, that the refurbishment process is intentionally locking the bootloader and that is the way they designed it to operate. No options were given to me to remedy the issue and I was asked if there was anything else I wanted to discuss before they ended the call.

This is ridiculous if true. Not only does it compound on my existing complaint of bootloader unlocks being behind a paywall, which is already ridiculous, but it means that even if you go through a paywall, any device defect could lead to a permanently locked bootloader (such as my case). Even more ridiculous is that Google’s factory Pixel images require a bootloader unlock to flash, meaning that this locks users out of potential support options.

Furthermore, if the theory of a refurbished device just being an unlocked carrier edition phone is true (despite my CID being all zeroes), this is just negligence.

Even if 99.3% of users should never have to touch this option, the fact that Google not only sends refurbished phones, but RMAs of unlockable phones with this defect is astounding. It attests to the fact that what you own is not truly yours even moreso than this just being a coincidence — it’s an explicit hostile action towards the privacy-focused by Google. The former glory of Nexus devices of being “the modder’s phone” has been changed drastically upon a vision of a more popular “Google phone”; again, driven by capitalism.