IdeaWell

Project ideas from Hacker News discussions.

Android/Linux Dual Boot

Original Article

Hacker News Discussion

πŸ“ Discussion Summary (Click to expand)

The discussion revolves around alternative mobile operating systems, the current state and limitations of Android, and the philosophy of software control.

Here are the three most prevalent themes:

1. The Appeal and Challenges of Non-Android Mobile OSs (Linux Phones)

Users are actively exploring and discussing custom operating systems like Sailfish OS, pmOS (postmarketOS), and Maemo Leste as alternatives to mainstream Android, often motivated by a desire to escape Google's ecosystem or use older hardware. However, users are encountering rough edges, particularly concerning application compatibility (especially banking apps) and working hardware peripherals.

  • Quotation Support:
    • For Sailfish OS: "This year I picked up an Xperia 10 to flash Sailfish OS onβ€”which has rough edges (many of the hardware issues should be fixed in the next release), but Android App support bridges some of the gaps in application support," said "toastal".
    • For PMOS usability: "I just bought a second Fairphone 4 just to play a bit with pmOS. It's not fully usable as a daily driver yet, but with some work it can get there," noted "tapia".

2. Concerns Over Restrictive App Stores and Control (The "Sideloading" Debate)

A significant portion of the conversation focuses on Google's move to restrict non-Play Store installations, leading to a semantic debate over the term "sideloading." Many users believe Google is using this terminology to make installing apps from alternative, trusted sources sound inherently risky or malicious, contrasting this control with the traditional open nature of personal computing.

  • Quotation Support:
    • On Google's intent: "I do not believe an an OS vendor with an app store has a right to limit alternate distribution channels or that a government does something wrong by restricting such practices as unfair competition," asserted "Zak".
    • On language mattering: "Language matters, so don't let google turn sideloading into a dirty word. It was called sideloading before Google was even founded," argued "estimator7292".

3. Security Model Deficiencies of Traditional Linux vs. Android Sandboxing

Users debate the fundamental security comparison between mainline Linux desktop environments (like those running postmarketOS) and the application sandboxing inherent in Android (and GrapheneOS). Concerns were raised that the traditional Unix security model lacks sufficient isolation for mobile use where users run untrusted software.

  • Quotation Support:
    • On the lack of isolation in standard Linux: "On Android, everything I run is subject to the permission model and sandboxed. That is not the case on Linux," stated "tom_alexander".
    • On the risk of untrusted apps in Linux: "For example any app can listen to your microphone and spy on you at anytime. Programs can act as ransomeware or destroy all of your files," warned "charcircuit" regarding standard Linux security perceptions.

πŸš€ Project Ideas

Hardware-Agnostic 3G/4G/5G Network Bridge ("Legacy Cell Hotspot")

Summary

  • A physical device that acts as a highly localized, low-power mobile hotspot capable of bridging modern 4G/5G connectivity to localized 2G/3G cellular standards (or even outdated proprietary systems if feasible, focusing on legacy voice/SMS/low-bandwidth data).
  • Solves the imminent problem of 3G network shutdowns rendering older, enthusiast-desired feature/smartphones (like the N900) completely unusable for primary communication or emergency services.

Details

Key Value
Target Audience Enthusiasts maintaining legacy phones (N900, older feature phones), security researchers needing specific cellular bands, hobbyists working on old embedded GSM devices.
Core Feature Acts as a "gateway": Accepts 4G/5G SIM input, terminates connection, and re-broadcasts a small, localized 2G/3G cellular signal (potentially custom firmware on SDR/small baseband hardware) for nearby devices to connect to.
Tech Stack Embedded Linux (OpenWRT/Buildroot), Software Defined Radio (SDR) hardware (e.g., LimeSDR Mini or similar low-cost/power ARM board with suitable radio front-end), OpenBTS/YateBTS or similar open-source mobile network stack customized for localized coverage.
Difficulty High (Requires deep understanding of cellular protocols, spectrum licensing (for non-hobbyist use), and radio hardware integration.)
Monetization Hobby

Notes

  • "For the N900, Maemo Leste would be a good choice, if not even better." (hexagonwin) and "my provider here (Swisscom Switzerland) is killing 3G by the end of the year..." (sschueller). This directly addresses hardware rendered obsolete by infrastructure changes.
  • Could spark extensive discussion on necessary bandwidth vs. protocol support (2G/3G fallback) and the ethics/legality of maintaining low-power legacy radio broadcasts.

Permission Granularity Comparison Tool ("Security Model Visualizer")

Summary

  • A diagnostic and educational tool designed to visually and functionally compare the runtime security models and permission control between established mobile OSes (Android/GrapheneOS/Sailfish/pmOS via Waydroid) and traditional Linux desktop environments (like Fedora/NixOS).
  • Clearly illustrates where sandboxing, mandatory access controls (MAC), and application isolation differ, specifically addressing user confusion about default security in standard Linux vs. Android.

Details

Key Value
Target Audience Linux and mobile OS enthusiasts debating security models (e.g., the lengthy discussion between charcircuit, palata, and seba_dos1).
Core Feature An interactive web/desktop application where a user selects two operating environments. It then runs simulated/containerized tasks (e.g., "Read all files," "Access GPS," "Record audio in background") and displays: 1) The OS-level result (e.g., "Denied," "Allowed"), and 2) The underlying security mechanism triggered (SELinux, Namespaces, Flatpak Portal, Android Permissions).
Tech Stack Frontend: React/Vue.js for interactive visualization. Backend/Runner: Containerization (Docker/Podman) or Virtual Machines running simplified versions of targeted OS stacks (Android/Linux) for safe demonstration of capabilities.
Difficulty Medium (Requires building accurate simulation environments or leveraging existing sandboxing for demo purposes).
Monetization Hobby

Notes

  • "The world isn't black and white... I can take them away (or give more) in a few taps at will." (seba_dos1) vs. "The defaults being tuned for different use cases and threat models are not 'being decades out of date'..." (charcircuit). This tool visually maps those defaults and user overrides.
  • Highly valuable for educating users on the practical implications of "trusted userland" vs. mandatory sandboxing.

Sensor & Notification Proxy for Waydroid/Containerized Apps

Summary

  • A lightweight local service or set of interfaces designed to inject/proxy access to specific hardware sensors (GPS, compass, accelerometer) and system notifications from the native Linux host OS into an Android container (like Waydroid).
  • Solves the developer/enthusiast pain point of verifying if containerized Android applications needing hardware access (sensors) can function reliably for daily use, addressing the specific concerns raised about GPS and navigation apps.

Details

Key Value
Target Audience Users running Sailfish OS or postmarketOS who rely on Waydroid for Android app compatibility (e.g., mapping, messaging).
Core Feature Provides stable, low-latency bidirectional IPC (Inter-Process Communication) for sensor data streaming (e.g., forwarding GPS coordinates from native gpsd or similar services into Waydroid's Android sensor framework emulation layer). Also handles routing specific application notifications back to the host desktop environment.
Tech Stack Host Side: Rust/Go for performance, utilizing host OS libraries (e.g., D-Bus, systemd integration). Guest Side: A custom AIDL/Binder service proxy running within Waydroid that translates native sensor events into formats the Android framework expects.
Difficulty Medium (Integrating deep within the Android subsystem emulation layer is complex, but sensor data forwarding is conceptually straightforward).
Monetization Hobby

Notes

  • "Did you test apps that need sensors and notifications? If I want to run an OpenStreetmaps apk (there's no good way to run OMS on Linux natively), do I get GPS and compass heading? Do I get turn-by-turn navigation?" (pbmonster). This directly solves the utility question for mapping apps.
  • If successful, it significantly increases the viability of Sailfish/postmarketOS as a "daily driver" by bridging core application expectations with open OS capabilities.