Comments
Hopefully AOSP Pixel device support is merely delayed, not ended, since Pixel is the only way to get Debian Linux ("Terminal") VM + desktop mode support, https://news.ycombinator.com/item?id=43973395.
With Apple's ongoing refusal to enable VM/JIT support on iOS and iPad, Google Pixel + GrapheneOS + Debian is a very competitive 2025 offering.
This is my biggest iPad gripe. I understand the security, but just make it a new "entitlement" that is only given to UTM, Parallels and VMWare fusion. Or make it a "developer mode" that you can only enable if you pay $99 a year. I'd be fine with that, but the whole iPad is unusable for any kind of software development and I'd love to be able to travel with just an iPad because for everything else I do while I'm traveling (watching videos, reading, browsing, writing, drawing) the iPad is great and I don't have to lug two devices around.
It's not about security. Apple doesn't want to open on external applications, including the one run in VM/emulators, because it wants every software to pass from the AppStore. Not because security, but for the fee it has on app store purchases.
If it opens to having VM, you could just run another OS in a VM (Windows, for example) and install normal software on it (like the desktop version of most programs) and not pay the AppStore fee.
It's only a commercial reason, not a security one.
https://lapcatsoftware.com/articles/2025/6/1.html
> For more than 90 percent of the billings and sales facilitated by the App Store ecosystem, developers did not pay any commission to Apple.
Would the remaining 10 percent of App Store sales have meaningful competition from a CLI (no GUI) terminal VM that enables development workflows on iPad?
> developers did not pay any commission to Apple
That's certainly a take. The developer fee is $99 a year, that HAS to be paid to put something on the App Store.
Sure they are not getting commision on the download, but they ARE getting their pound of flesh from the developer fee.
An estimated 3M iOS developers would generate $300M developer fee revenue.
App store revenue is around $100B, or 300X estimated developer fees.
By transpute 2025-06-1215:27 If the full sentence is referencing sales commission, then the fixed developer fee would not qualify, since it's not a percentage of revenue, https://www.collinsdictionary.com/dictionary/english/sales-c...
Sales commission is the percentage of the value of a sale that a sales associate or sales representative may earn.
By fc417fc802 2025-06-127:501 reply If it was really about security (in the sense of that which benefits the end user) they'd just stick it behind a toggle and be done with it. I just think it's important to call out the misalignment - security can refer to the interests of the end user, or alternatively to the vendor. The ambiguity is convenient for PR statements.
We’ve decades of examples of simple toggles not working. Bad actors will just explain to the target the necessity of switching it on.
By fc417fc802 2025-06-1211:01 By that logic the bad actor will just explain that he needs you to log into your online bank account so could you please do that and wire some money. Such scams certainly exist but it isn't a relevant attack vector for the sort of end user security that we're talking about here.
By znpy 2025-06-129:23 You can load your own root CA on iOS devices (i did it to enable certificates issued by my own private CA). That bypasses a LOT of security issues, and yet it’s still feasible.
Put it in the bootloader then.
The pretence that Apple makes these things for security reasons and there's absolutely no way in the world to make it possible is a bit ridiculous.
Apple shipped hypervisor support back in iOS 16, then removed it!
This is a nice post of things that bothers me in the Apple ecosystem: arbitrary limitation after arbitrary limitation.
I didn't know about the Apple Watch couldn't pair with an iPad, and I don't think even an Apple fanboy could make an excuse for that one.
By jampekka 2025-06-1214:49 > I don't think even an Apple fanboy could make an excuse for that one.
You're underestimating the strength of the reality distortion field.
But we have another example to look at. Why isn't this a big problem on Apple laptops?
By jaoane 2025-06-128:53 Laptops have always been able to virtualise, the same they can download stuff off the internet without going through the App Store. Changing that wouldn’t fly.
Can’t you already do that? If you pay 99/year you can sign your own apps with whatever entitlements no? You just can’t submit them to the Apple Store for obvious reasons
By transpute 2025-06-1212:00 It was removed, https://news.ycombinator.com/item?id=44255512
By tacker2000 2025-06-128:13 They will never allow this. They want to control and also cash in on the apps you use on these devices.
By abandonliberty 2025-06-127:581 reply Apple wants you to buy both... $100/year may make it worth it for them.
By transpute 2025-06-129:01 Apple customers have bought both, even multiples of each, would be willing to pay a hefty premium (e.g. bundle hypervisor entitlement with iPad Pros that have more memory) -- but Apple continues to refuse.
With the recent court ruling that enables non-Apple payment channels, blocking VMs does not protect revenue, but it does hurt Apple customers who want iPads for a quick portable terminal, while using their Macs for extended work sessions.
By gioazzi 2025-06-128:01 UTM is a Mac/iOS emulator and VM host
By raffael_de 2025-06-128:481 reply After years of being stuck with iPhones I'm also eager to soon switch back to Android. iOS always just felt like a polished compromise. Have been a happy customer of LOS using OnePlus devices. But LOS always also seemed a little opaque and casual. Hence I set my eyes on GrapheneOS and in consequence on a device from the Pixel lineup.
By transpute 2025-06-129:16 In an alternate universe, trade war and rare earth minerals shortage halts manufacturing of new iPhones, operating system updates become paid products and existing iPhones must implement the secure launch protocol that Asahi Linux uses on Apple Silicon, enabling AOSP for iPhones.
https://taoofmac.com/space/blog/2025/06/03/2155
> Apple has dropped the ball so badly that Sky is like a perfect storm of what they could have done, but didn’t. And now, not only is it a third-party app that is doing what Apple should have done, but it is also doing it in a better way that anything they ever shipped.
By fsflover 2025-06-128:29 > since Pixel is the only way to get Debian Linux ("Terminal") VM + desktop mode support
My Librem 5 also offers the desktop mode, since it just runs a desktop OS based on Debian (PureOS).
Wait what? This is a screenshot of 9 short lines of text from the Reddit image server. What is actually going on? Android source is still Apache licensed right? How are these things becoming closed source? What is happening?
By charcircuit 2025-06-129:011 reply The copyright holder can change the license for new versions. Copyleft does not matter.
By palata 2025-06-1214:19 It does when there are many copyright holders, like famously in Linux.
By safety1st 2025-06-1210:41 You're right, but I am seeing other random Reddit posts that say Google has simply changed their development workflow/branching strategy, and that the claim from the OP is inaccurate.
At the moment we have 200+ upvotes on something that is very light on information, but heavy on confusion. I am just trying to understand what is going on.
As far as I understand this only concerns Google Pixel devices, and AOSP "coming to an end" is mostly speculation. Is this going to affect other manufacturers too, e.g. the Fairphone[1]?
By charcircuit 2025-06-126:241 reply Fairphone should still be able to get the source for Android from Qualcomm.
By charcircuit 2025-06-127:171 reply Looking at how it works for Wear OS. Qualcomm still only hosts the repos for the BSP and not the whole OS. It's expected to still get those from Google, from the partner portal.
> (BSP) is the layer of software containing hardware-specific boot loaders, device drivers, in sometimes operating system kernels, and other routines
https://en.wikipedia.org/wiki/Board_support_package presumably. Never heard that TLA in my life and it's not like I've not gotten my hands dirty in Android
By overfeed 2025-06-129:18 You wouldn't need to touch BSPs or drivers unless you're doing bringup or updating the Android kernel for a supported device. The common approach to avoid a lot of pain whn updating Android is to simply stay on the old kernel supported by the OEM or partner.
By swiftcoder 2025-06-128:41 Unless you are actually shipping a custom device running Android, there's very little reason for most developers to poke that far down the stack
By kaladin-jasnah 2025-06-1215:09 This acronym is somewhat known in Android device hacking communities that try to replace Android with Linux or Windows, because these communities usually deal with understanding the bootloader and Qualcomm distributes bootloader sources from what I remember in their BSP.
By subscribed 2025-06-129:29 How does the firmware upgrade cycle looks like? Does their secure element securely throttle pin brute force? Does their hardware offer modern memory protection?
Not true.
From the Android VPN and GM: "We're seeing some speculation that AOSP is being discontinued. To be clear, AOSP is NOT going away. AOSP was built on the foundation of being an open platform for device implementations, SoC vendors, and instruction set architectures.
AOSP needs a reference target that is flexible, configurable, and affordable – independent of any particular hardware, including those from Google. For years, developers have been building Cuttlefish (available on GitHub as the reference device for AOSP) and GSI targets from source. We continue to make those available for testing and development purposes."
By belowaverageiq 2025-06-1213:272 reply Ready-made AOSP device trees for Pixels, which are needed to build custom ROMs, are the ones going away. This is a blow to GrapheneOS as they have been dedicating 100% of their time to improving their ROM itself in the past few years.
Since at this point they'll need to create device trees like LineageOS does with Snapdragon/MTK phones, so I hope they won't stick with the worst Android manufacturer on Earth. Especially now that the snapdragon 8 elite 2 will have the same security features as the Tensors.
By belowaverageiq 2025-06-1213:391 reply Never mind, it seems like they're thinking of wasting their time with a custom ODM-built smartphone. I truly hope they won't choose this route. If they do someone should add "Will the GrapheneOS-Phone fail?" on Polymarket, I'll bet my parents' house on it.
> custom ODM-built smartphone
I agree that this would be a crazy choice and doomed to fail.
By xnx 2025-06-1214:08 The Pixel device trees going away is very disappointing, but he headline "AOSP project is coming to an end" is an exaggeration.
By DanAtC 2025-06-1212:36 Reading between the lines tells me they're discontinuing Pixel AOSP support which is a pretty big blow with zero warning to those who used them as de facto reference models.
