Conversation

my belief that "maybe running my own build of android daily isn't the absolute best idea" has evaporated within one millisecond of inserting my SIM card and discovering the amount of spam my carrier sends via SIM toolkit, which you can't normally disable or stop from being modal

164

Catherine

@whitequark

Sep 12, 2020

how much did carriers pay google for keeping these toggles on regardless of user consent??

Replying to

Last I checked 0, because its enforced by law.

Replying to

ok yeah that would explain it

Replying to

and

Unfortunately, there are a lot of things relying on it especially government and bank related services. I don't think it has any special sauce to prevent disabling it but rather apps with the platform signature can only be disabled via adb rather than the Settings app.

Replying to

and

It's a shotgun approach to avoiding users accidentally breaking the OS by disabling core components. I'm not sure, but I don't think there's actually a way to configure this on a case-by-case basis. We actually added one special case to this:

github.com

do not allow disabling the default keyboard · GrapheneOS/platform_packages_apps_Settings@7991873

It's not obvious that disabling it after installing another keyboard is a very bad idea. Other keyboards rarely support Direct Boot and won't work for entering the password, forcing...

Replying to

and

We could probably also add special cases allowing disabling certain apps like SIM Toolkit where it's known that nothing is going to break horribly and the functionality just won't be present. I think the real issue is core OS apps aren't classified as mandatory vs. optional.

7:45 PM · Sep 21, 2020Twitter Web App

Replying to

and

Also worth noting about our keyboard special case: plugging in a USB keyboard currently works, but if we decide to enforce our feature denying new USB peripherals while locked from boot to have an expanded threat model, that wouldn't even be a workaround for the trap anymore.

Replying to

and

Current threat model is that we only worry about preventing new USB peripherals after the device has been unlocked, so we currently allow the loophole of being able to add a new USB device by having it connected when booting. It might be nice to prevent it but... accessibility.