this post was submitted on 25 Jan 2026
580 points (99.3% liked)
Technology
79302 readers
4391 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
According to the linked article it prevents the use of Samsung Pay and access to the Secure Folder (an extra layer of security you can enable that requires a second PIN to be input before you can access certain apps and files). This seems pretty reasonable, the goal is clearly to prevent access to especially sensitive data if someone has stolen the phone.
It's not reasonable in my opinion.
I can maybe understand not wanting other operating systems in their attestation chain that is protecting a payment system from the standpoint of liability.
All of the other things are entirely hardware features that any OS should be able to use. They're using the ARM Trusted Execution Environment (ARM TrustZone) and a embedded Secure Element to enable the ability to store cryptographiclly secured files without the system ever having access to the keys.
Both TEEs and eSEs are not a Samsung invention or IP and are enabled by hardware on the device, the TEE is part of the ARM standard and is used in a huge number of other OSs (https://en.wikipedia.org/wiki/ARM_architecture_family). Secure Elements are also widely used pieces of hardware supported by innumerable OSs and also a feature of the hardware that you paid for.
GrapheneOS also claims it's not defending against anything real. Which makes sense as Pixels can clearly maintain security while allowing alternate OSes. So this is just hostile vendor lock-in. Disappointing as there was some speculation that OP would be the GOS OEM, but there's no way they would do this is that was true.
Sad. Having used the OPX, OP6T, OP9, and briefly the OP10, I can honestly say their hardware is usually pretty good. I went to Graphene on a Pixel for the software. Software was always Oneplus' weak point so it's extra silly that they're doing this. So many hobbyists have bought OP hardware and used it with software of their choice. They started co-developing their Oxygen OS with Oppo a while back and that's when it really went to hell.
They started developing Oxygen around the time of OnePlus 2. I used my OnePlus One into 2020, it was a nice phone. It’s sad to see how they’ve gone down this nasty path.
That makes sense. I figured they were worried that an alternate OS would be more likely to exploit their encryption somehow, but if it's all using industry standard hardware then it really ought to be open.