Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That just sounds like "you don't get to own your device"


This is correct, people generally don't get to own a device provided by their employer. Not allowing the bootloader to be unlocked on company-owned devices seems like a very desirable feature.


Not allowing a bootloader to be unlocked on a company-owned device does sound like a desirable feature, but only for company-owned devices. Applying that setup to all phones assumes that the default phone is a company-owned device and is subject to external control.


A different SKU for enterprise managed devices would cripple IT departments that don't pay the big bucks to e.g. verizon to manage their device provisioning & MDM enrollment.


Wut? I don’t follow? Anyway, once you are big enough to care about preventing bootloader unlocking on your company devices you are big enough to pay for that privilege.


You'd need two different SKUs for each different color and size to enable this in a more user-friendly way, where devices either enterprise locked or carrier locked get the one with a locked-by-default bootloader, and ones bought directly by the consumer have an unlocked bootloader. Realistically the latter group is so small it doesn't make sense to complicate the production and logistics process by having this separation. Instead, we get the current situation where the bootloader can be unlocked after initial setup check.


The latter group is plenty big enough at the point of sale (e.g. every single store).


At least in the US, most phones purchased in stores are carrier locked. I cannot purchase an unlocked pixel at most, if not all, nearby retailers.


It would be much nicer if it defaulted to allowing unlocking through. You can boot up a DEP enrolled Mac and use it even if your internet connection doesn't work, including disabling SIP and the bootloader. Though your MDM attestation may fail if you then enroll it. That need to explain yourself to the IT department should be enough incentive to an employee to not unlock your work device bootloader.


They already do these special locked SKUs for American carriers.


Has it occurred to you that the feature you're defending allows Google to lock customers into their provisioning/MDM? That this is worse than Verizon controlling provisioning/MDM, because at least Verizon is subject to market competition (ie you can buy the device from other parties), whereas Google doing it means you have no choice whatsoever?

You're also grossly exaggerating things. We're not talking about a change that would prohibit management, just one that would not allow them to do zero-touch enrollment into their management systems.


Customers as in people who buy Pixel phones? Why would Google try to lock those people into MDM?


If this is like DEP on macOS, it is more like a first use redirect until enrollment than a fully-blown MDM.


It assumes that company owned and managed phones are more common than people who want to unlock the bootloader. I know this isn't ideal, but that's the correct assumption to make.


That’s a stupid false dichotomy caused by a poor onboarding workflow. “Well we either make it easier for businesses or deny the right to literally every customer to own their device. It’s okay because most people won’t notice.”


You'll notice that the market is not lining up to buy the PinePhone in response to this state of affairs, so I would say that the decision has been working out well for Google.

It is very much the case that most people don't care about this definition of freedom.


Very few people exercise their fifth amendment right. That doesn’t mean people are tacitly agreeing to it being taken away.

I didn’t say it wasn’t popular. I’m saying people don’t realize how badly they are exposed because the hammer hasn’t dropped.

The market for PinePhone is weak because it’s “only for the pesky open source people”. It will stay that way a long time and we better hope they survive long enough for Google to keep screwing people into a big enough market.


It assumes that company owned and managed phones are more common that people who are unwilling to connect to the internet to unlock their bootloader. Which is definitely true. Probably by several orders of magnitude. Who cares? You get to unlock your bootloader.


I don't know about managed, but for high-end I think it's been true for many years that the bulk of them are bought by companies.


But the provisioning check is forced on everyone.

I don't think it's reasonable to enforce a provisioning process on every single person just because a small number of the devices go to enterprise-sized companies that want "zero touch" and Google (and their distributors) don't want the expense of stocking two SKUs, one set to require provisioning, and another not.

I shouldn't have to prove ownership of my device to said device straight out of the box.

A company should not have the ability to render millions of devices useless because they purposefully or accidentally shut off a provisioning service

All this bullshit is so that Google and their enterprise customers save a few dollars.


> A company should not have the ability to render millions of devices useless because they purposefully or accidentally shut off a provisioning service

Isn't this considering a hypothetical scenario where somebody buys one of these phones, tosses it in a drawer for years, and only later comes back to discover the provisioning server is gone?

If you buy one of these phones it says it can be unlocked and you can't unlock it, Google is obligated to take it back for a refund or to eat a lawsuit from aggrieved customers for false advertising.


So how much of a premium would you pay for the alternate sku?


Even if you buy it yourself you don't get to own it before having google bless your device, which you can only hope they will.


Well, "hope" is doing a lot of heavy lifting here. Google is still very much bound by the law regarding advertising and declaration of utility of sold product. The law gives them broad leeway as to the implementation, but if they decided tomorrow "hey you know how you can unlock your devices that we advertised as unlocked on our store? We changed our minds, the devices sold can no longer be unlocked," that would be grounds at the very least for return with refund, and a lawsuit if Google didn't honor that.


except that their employer[0] doesn't own it either

[0] except for the employer being google in this case


You get to "own your device" after you connect it to the internet once, to make sure it's not pre-provisioned for enterprise use.


If the servers are running. If the servers deign to give permission to own the device you purchased. If they correctly recognize that this device is owned by the user. After I've purchased the device, the seller has no right to withhold ownership, and the existence of enterprise devices doesn't change that in the slightest.


If the process doesn't work then return it as defective.

Transfer of control isn't happening exactly at sale time but a few hours later isn't a big deal.

Though of course that depends on it staying unlocked.


This is incorrect. Have you considered that the delay between getting the device and getting it connected could be well outside of the return window or people could be purchasing them in countries without such consumer rights?

Smartphones aren’t only for the developed world.


Who buys a brand new phone but also has no internet connection for weeks? Do they have all the apps they need pre-downloaded? I don't think that's a big group.


Who said it has to be brand new to the end user? It might sit in a box for years getting sold back and forth as a commodity before anyone opens that box.


It usually takes about a month between the time I order something from the US and the time I have it in-hand. Last holiday season was about 2 months.

Never tried a return because I'd have to pay through the nose on shipping.


They specifically said a delay between getting the device and connecting it.

That's very unfortunate if you'd have to pay a return for a promised feature not working.


Have you ever hear of the concept of a “gift” or the even more exotic “person in a foreign country”? It’s shocking that the connectivity addiction is so strong that you’re even asking this question.


> Have you ever hear of the concept of a “gift”

If it's a normal gift, then the recipient won't have any roms or bootloaders they need to install. To get those they will need internet, at which point they can unlock the phone.

> or the even more exotic “person in a foreign country”

What's the problem? Are they buying a phone they won't get a plan for, and can't find anywhere with wifi, and they have no home internet? But they still want to unlock the boot loader because... why?

If that ultra-niche scenario is not what you have in mind, then please explain.


It's quite common for people from elsewhere in the world to buy electronics in the US, Europe, Japan, etc and then bring them back to their home countries for a fraction of the cost of what the official or unofficial importer(s) want. That's why you end up with all sorts of region-locking nonsense, companies trying to protect their importers who have a monopoly on distribution of a particular device.


You can unlock it before you go home.


And it depends on the user being willing to connect it to the (public) internet without a firewall in between.

I wonder if any of the countries that implement a country-wide firewall block this domain. That would disable bootloader unlocking for the entire country.


We're talking about a cell phone though, right? A device that sooner or later is going to be connected to a cellular internet that will track it relentlessly?

I'd imagine the demographic that is buying the cell phone and then not intending to use it as a phone is not one that Google is losing a lot of sleep over serving poorly.


What happens in 5 years when Google gets tired of running the server?


So you don't own it when you buy it. At best Google still owns it and they graciously allow you permission to change the bootloader after you submit to their terms of service. Also, better hope their servers are online and reachable, and that you have functional internet.


This is honestly the most overblown issue I've ever seen on HN. How many people are buying a brand new in box pixel to install a custom OS on and do not have an internet connection anywhere, not even a free public wifi? I'd be shocked if this impacts even a single person.

At this point it's being angry for the sake of it.


I can totally imagine a situation in which, in the future, someone buys a new old stock pixel phone and can't replace the OS because the bootloader can't be unlocked because the servers don't exist anymore.

A few years ago I bought a Nokia N900 which was at the time a 10 year old phone. I did this to use it as a daily driver.

Without community support the phone would have been useless. But, more importantly, if the phone required an internet connection to some server in order to let you replace the stock OS then it would have been a brick because Nokia's servers were long gone by then.

That being said, all things considered, the most important argument here is not of the practicality but the principle.

You handed over money for a piece of hardware but you can't make full use of the hardware until you let the phone talk to the manufacturer once. Thats completely insane irrespective of how small of a perceived issue you think it is.


It's possible to care about issues that infringe on people their rights even if they do not affect you personally.


And then there is getting outraged on behalf of an imaginary person who might possibly be affected. A person who I doubt actually exists.


The best you can do is to consider it as part of the transaction of buying the device. If it fails for whatever reason, return the device.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: