Pixel device trees and other code used to adapt the AOSP release to specific (Made by) Google hardware was not released in a big change from precedent. Without the Pixel hardware repos (which include the device trees, driver binaries, and more), custom Android ROMs will have a hard time developing their OS updates. This might also have implications for security (vulnerability) researchers.
Some large organizations buy Pixel hardware for security properties and an ecosystem with multiple teams testing and contributing upstream. Their procurement teams may have opinions on this change.
Hopefully AOSP Pixel device support is merely delayed, not ended, since Pixel is the only way to get Debian Linux ("Terminal") VM + desktop mode support, https://news.ycombinator.com/item?id=43973395.
With Apple's ongoing refusal to enable VM/JIT support on iOS and iPad, Google Pixel + GrapheneOS + Debian is a very competitive 2025 offering.
This is my biggest iPad gripe. I understand the security, but just make it a new "entitlement" that is only given to UTM, Parallels and VMWare fusion.
Or make it a "developer mode" that you can only enable if you pay $99 a year. I'd be fine with that, but the whole iPad is unusable for any kind of software development and I'd love to be able to travel with just an iPad because for everything else I do while I'm traveling (watching videos, reading, browsing, writing, drawing) the iPad is great and I don't have to lug two devices around.
It's not about security. Apple doesn't want to open on external applications, including the one run in VM/emulators, because it wants every software to pass from the AppStore. Not because security, but for the fee it has on app store purchases.
If it opens to having VM, you could just run another OS in a VM (Windows, for example) and install normal software on it (like the desktop version of most programs) and not pay the AppStore fee.
It's only a commercial reason, not a security one.
> For more than 90 percent of the billings and sales facilitated by the App Store ecosystem, developers did not pay any commission to Apple.
Would the remaining 10 percent of App Store sales have meaningful competition from a CLI (no GUI) terminal VM that enables development workflows on iPad?
If it was really about security (in the sense of that which benefits the end user) they'd just stick it behind a toggle and be done with it. I just think it's important to call out the misalignment - security can refer to the interests of the end user, or alternatively to the vendor. The ambiguity is convenient for PR statements.
By that logic the bad actor will just explain that he needs you to log into your online bank account so could you please do that and wire some money. Such scams certainly exist but it isn't a relevant attack vector for the sort of end user security that we're talking about here.
You can load your own root CA on iOS devices (i did it to enable certificates issued by my own private CA). That bypasses a LOT of security issues, and yet it’s still feasible.
Laptops have always been able to virtualise, the same they can download stuff off the internet without going through the App Store. Changing that wouldn’t fly.
Can’t you already do that? If you pay 99/year you can sign your own apps with whatever entitlements no? You just can’t submit them to the Apple Store for obvious reasons
Hypervisor yeah but it’s still possible for code in debug mode - there is even an app that automates the process for you https://github.com/osy/Jitterbug (requires a paid dev account)
Apple customers have bought both, even multiples of each, would be willing to pay a hefty premium (e.g. bundle hypervisor entitlement with iPad Pros that have more memory) -- but Apple continues to refuse.
With the recent court ruling that enables non-Apple payment channels, blocking VMs does not protect revenue, but it does hurt Apple customers who want iPads for a quick portable terminal, while using their Macs for extended work sessions.
After years of being stuck with iPhones I'm also eager to soon switch back to Android. iOS always just felt like a polished compromise. Have been a happy customer of LOS using OnePlus devices. But LOS always also seemed a little opaque and casual. Hence I set my eyes on GrapheneOS and in consequence on a device from the Pixel lineup.
In an alternate universe, trade war and rare earth minerals shortage halts manufacturing of new iPhones, operating system updates become paid products and existing iPhones must implement the secure launch protocol that Asahi Linux uses on Apple Silicon, enabling AOSP for iPhones.
> Apple has dropped the ball so badly that Sky is like a perfect storm of what they could have done, but didn’t. And now, not only is it a third-party app that is doing what Apple should have done, but it is also doing it in a better way that anything they ever shipped.
Wait what? This is a screenshot of 9 short lines of text from the Reddit image server. What is actually going on? Android source is still Apache licensed right? How are these things becoming closed source? What is happening?
You're right, but I am seeing other random Reddit posts that say Google has simply changed their development workflow/branching strategy, and that the claim from the OP is inaccurate.
At the moment we have 200+ upvotes on something that is very light on information, but heavy on confusion. I am just trying to understand what is going on.
Outside the app store, Android 15 on Google Pixels supports Debian Linux "Terminal" pKVM VM with access to Debian Arm packages. It doesn't yet support accelerated (v)GPU graphics, in development for Android and shipped on some Chromebooks.
reply