For those unfamiliar, GrapheneOS is a privacy and security enhanced custom ROM endorsed by Snowden. Despite these big names, plenty of people give it backlash
Even @TheAnonymouseJoker@lemmy.ml gives it backlash despite being a moderator of Lemmy’s biggest privacy community. A quote here: “grapheneOS trolls are downvoting every single post and comment of mine, and committing vote manipulation on Lemmy. They are using 5-6 accounts.” That was in response to downvotes on a comment posted in the c/WorldNews community, which is entirely unrelated to technology.
One of the reasons is that GrapheneOS can only be installed on Google Pixels due to security compatibility, which makes complete sense considering Android should be most compatible with Google’s own devices. GrapheneOS even lists the exact reasons they chose Pixels, and encourage people to step up and manufacture a different supported device.
One year ago, Louis Rossmann posted this video outlining his reasons for deleting GrapheneOS. Mainly, he had multiple bad experiences with Daniel Micay (the founder and main developer of GrapheneOS) which put his distrust in the GrapheneOS project. Since then, he has stepped down and will no longer be actively contributing to the project.
So, I am here to learn why exactly people still do not like GrapheneOS.
I don’t think Snowden’s endorsement is the positive you think it is. Even if you can ignore treason, he’s a pretty toxic person, by all accounts.
FYI- Its not a ROM.
I use it on my phone and my wife’s. I would like to get a Pixel tab too with Graphene. There is no other phone OS like it and it’s open source. I have had Lineage on an old phone and on a tablet currently and while it’s nice, GrapheneOS just works amazingly. I’ve also briefly tried Calyx but it had various small issues that Graphene doesn’t.
People like to take sides on the internet without doing proper research too, I think. I had this idea that Micay was toxic and kind of avoided the project for a long time. My conclusions after doing more research is that he is someone that lacks social skills and is indeed very opinionated. However, GrapheneOS isn’t made for privacy activists that can afford to use Mull instead of Vanadium, for example. GrapheneOS is made for people that cannot afford to have a phone that might leak information that could endanger their lives.
If Mikay was someone like Palmer Luckey which is a biggot that’s a whole different story. I am glad I gave GrapheneOS a try and I am very happy using it, even if it is kind of overkill for my privacy needs.
Removed by mod
Micay stepped down but the animosity he created within the community persisted.
Even @TheAnonymouseJoker@lemmy.ml gives it backlash despite being a moderator of Lemmy’s biggest privacy community. A quote here: “grapheneOS trolls are downvoting every single post and comment of mine, and committing vote manipulation on Lemmy. They are using 5-6 accounts.” That was in response to downvotes on a comment posted in the c/WorldNews community, which is entirely unrelated to technology.
It seems to me that you might be confusing things: You say that people hate the OS but share a comment complaining about the community of users/fans, not about the OS.
I have never used GrapheneOS and cannot comment on the OS, but I have seen some users in different communities commenting that GrapheneOS is the only valid alternative OS and discrediting any other OS. It becomes tiring pretty fast.
Removed by mod
Removed by mod
Oh, it is 🤣
What other phones do you suggest that allow signing the ROM with my own key?
I did some asking in the matrix prior to buying a google pixel and was pretty much told get a pixel or fuck off. There was one guy who gave actually helpful advice on other is options I had so i think its purely a community thing. Its unfortunate honestly i think any good faith criticism is an asset but unfortunatly the graphene community is too blind to see it that way.
I want criticism of it cos i want a better is that addresses said criticism I don’t see why some people can’t get that. Keep up the good work.
Sorry for the pain. The internet is always harsh and being a moderator can be even more harsh. Please get help if you need it. I and many others would be happy to step in as a mod if you need R&R
Removed by mod
Hey there, I’m sorry about this craziness. My comment was not really directed at you, but I was just quoting part of the original post that mentioned you.
I was trying to suggest that OP is confusing criticism of the GrapheneOS community with criticism of the OS. You make a good point and, as I pointed out, you were not criticising the OS, but the community. Not the same thing.
Removed by mod
Removed by mod
Genuine question for you and I hope you don’t ban me again for asking an objective question.
Do CalyxOS or LineageOS (which doesn’t even allow you to lock the bootloader) have all these others security and privacy features?
Storage Scopes
Native Code Debugging
Hardened Memory Allocator
Pin Scrambling
Auto Reboot
Secure App Spawning
Bluetooth and Wifi Autodisconnect
MAC Address Randomization per connection
Sandboxed Google Play Services (I know Google is the devil and I know of Micro G but certain applications simply do not work without the actual Google Play Services installed, and having them sandboxed is significantly better than giving them privileged access)
These are just the few I can think of on top of my head. Because as far as I’m concerned, I originally had the same reaction after Rossman’s video and wanted to switch over to LineageOS (not Calyx because they’ve fallen as long as 4 months behind on security updates which is why Henry from Techlore stopped using Calyx even though he really likes the project), but GrapheneOS objectively is the most secure and hardened version of Android in my view. I would love to be proven wrong by actual evidence and not just a distrust in the OS because of the developers and their toxic community.
Removed by mod
bruh, I think I agree with most of your conclusions, but you gotta work on your delivery, as it definitely doesn’t serve your message well. I think you receive a lot more pushback because you use so many harshly negative words to describe people.
Just in this comment, you use:
- disease
- sewer
- “security” clowns
- pure snake oil
- disgusting sole developer
- minions
- witch hunt
- maliciously
- trained monkeys
which makes this comment sound more like a Donald Trump rally than a well-reasoned argument. It’s understandable given your history of conflict with members of the project, and I usually hate tone policing, but I think this word choice severely hurts your argument. Remember, most people here are just passerby and have no idea about the drama or your experiences with their community. Their first impression is gonna be you’re the flip-side to Micay.
I think your thesis is largely correct, that the project does a suspicious amount of shilling for big tech and Google and pushes a lot of anti-FOSS propaganda and has a toxic social media presence that silences good people geniunely asking questions or voicing opinion in good faith.
Removed by mod
What privacy oriented rom do you suggest?
Anyway happy cake day!
Removed by mod
Thanks for the alternatives.
I’m currently using a used ('cause fuck Google, you’re not gettin my money) Pixel phone with GrapheneOS (since my Pinephone stopped turning on) with TrackerControl and InviZible Pro. Is nice having a real clean AOSP rom with privacy/security customization.
GrapheneOS also provide an indeed cool feature: a proxy for Android services provided by Google, like Attestation key provisioning, Widevine provisioning, SUPL and PSDS. Does CalyxOS and/or LineageOS provide something like this?
Thanks in advance.Removed by mod
These people have been infiltrating the community for a while now. Look at that madaidan guy who blatantly pushes corporate propaganda similar to the grapheneos bots. They want to eventually make you use closed source garbage for “security” and compromising privacy in the process. That’s the intended plan.
I’m not sure how involved Micay still is with GrapheneOS, but he did seemingly talk in the name of the foundation this march in discussions of Mozilla Location Service being retired.
https://github.com/mozilla/ichnaea/issues/2065#issuecomment-2001175420
And he still feels the need to attack other projects. (Last paragraph)
https://github.com/mozilla/ichnaea/issues/2065#issuecomment-2002073168
If I had a Pixel I’d probably still try it, but not sure how well they’d like me rooting and customizing the device.
maybe consider buying hardware that supports a real mobile Linux like https://postmarketos.org/ next time
Linux mobile is not threat modeled for a moble device. It is quite risky. Mobile devices must consider more known and unknown attack vectors than a device (like a Desktop) that stays in a consistent trusted environment (like home or a personal office in some cases).
So Graphene must be the only option. It feels very cult-y
Nah I dont think that at all. But DivestOS and GrapheneOS are the most security hardened. DivestOS takes extra steps to further deblob Android of proprietary bits to further reduce attack surface. See my other reply for my detailed (barely scratching the surface) insight into why Linux isn’t a good mobile OS, but more so how Linux isn’t security hardened well at all by default.
The software that runs on mobile Linux is the same that runs on desktop arm64 Linux, minus a few mobile-specific components packaged by postmarketOS/etc. Minus the few mobile-specific components (modem drivers, userland components like the virtual keyboard and window manager), the software is very well tested and used regularly. Only thing I’m sketched about is the sim card, which has quite a lot of control over the device from what I was told. It’s not like non-linux phones are any safer from this though; if anything they’re more likely to be targeted by any hardware vulnerabilities/backdoors due to being more popular devices.
Security through obscurity is not security. There are special considerations that have to be taken on a mobile device. Mobile OSes, while unhardened normally, are still designed to protect against attack vectors that aren’t considered by normal linux. Linux can be hardened, but is very open by default. It also offers no out of the default sandboxing of apps from each other. It isn’t immutable, unless postmarketOS is, which is a large security threat when considering device integrity. Full disk encryption isn’t enabled by default (unless changed in postmarketOS). Root login is enabled by default (a huge attack vector). Linux isn’t secure by default, but more private than any proprietary OS like Windows, iOS/MacOS, ChromeOS, and Android. But Linux because of its open default makes it vulnerable to spying 3rd party by apps installed by the user. It is also vulnerable to attacks from a network.
I recommend a deblobbed Android ROM like DivestOS (my personal fav and more deblobbed of proprietary blobs than any other ROM) or GrapheneOS. See a good comparison between ROMs here: https://eylenburg.github.io/android_comparison.htm
For linux hardening, check out Kicksecure for Debian distromorphing, Secureblue for Fedora Atomic (immutable) rebasing, and Brace by DevistOS’s developer for general security hardening of Fedora/RHEL, Debian/Ubuntu, Arch Linux, and OpenSUSE Tumbleweed.
Linux can be hardened, but is very open by default.
yup.
It also offers no out of the default sandboxing of apps from each other.
I don’t use applications that need sandboxing. I would enjoy if OpenBSD’s pledge and unveil were ported to Linux at some point though.
It isn’t immutable, unless postmarketOS is, which is a large security threat when considering device integrity.
How does immutability improve security beyond standard unix file modes?
Full disk encryption isn’t enabled by default (unless changed in postmarketOS).
I used to do FDE, but now I prefer just encrypting the files I actually need encrypted. FDE doesn’t protect you from an attacker that can get access to your phone while it is booted.
Root login is enabled by default (a huge attack vector).
What huge attack vector? It’s just as secure as any account if it’s given a good password. I’d argue sudo/doas is a lot less secure when authenticating to root, since if an attacker knows your user password, they now also have root access.
I recommend a deblobbed Android ROM like DivestOS (my personal fav and more deblobbed of proprietary blobs than any other ROM) or GrapheneOS.
I will use my already deblobbed Linux distribution, but thanks ;)
Did you go to any of my links about Linux hardening? Do you implement any hardening yourself? Do you harden kernel flags or replace malloc with hardenned_malloc?
If PostmarketOS is just ARM linux with minimal changes than it isn’t secure enough for a mobile device. All apps should be sandboxes regardless of whether you can trust the code or developer. Each app expands the attack surface of your device.
Linux kernel also has proprietary blobs for firmware and device support. That is the difference between Linux normal or libre kernels.
Did you go to any of my links about Linux hardening? Do you implement any hardening yourself? Do you harden kernel flags or replace malloc with hardenned_malloc?
No. Why would I need to do this compared to a standard Linux desktop PC? Does having a WWAN radio somehow open me up to some massive amount of exploits compared to another mobile device, say a linux laptop?
Linux kernel also has proprietary blobs for firmware and device support. That is the difference between Linux normal or libre kernels.
I don’t think my hardware (pinephone) needs any blobs (If any, the GPU? Panfrost exists so probably not). It may need proprietary firmware, but firmware doesn’t touch the kernel and is loaded onto the auxilliary device’s CPU, so it’s not as big of a security compromise (excluding CPU firmware). I already replaced the modem firmware with an open source version, so I think I’m fine there.
- My point was that standard linux should have those things too if it wants to be considered “secure”. Default Linux isn’t secure out of the box without a lot of work. It is more private than proprietary OSes but not more secure, therefore compromising your ability to safeguard privacy as a result. Linux is also a great target for threat actors because the majority of servers run Linux, meaning security researchers and cyber criminals alike are looking for weaknesses. I’d recommend looking into Android’s Security model because it is interesting and gives insight on designing a secure mobile device. Stock Android suffers from OEMs not providing consistent long-term updates for devices, which 3rd party security hardened ROMs like DivestOS and GrapheneOS help to address.
Extra reading: see Whonix comparison table to see what they look for when choosing a base OS that can be later hardened for security. Note that some things in the table are not security specific but important for anonymity (which Whonix modifies to Kicksecure to better protect). Whonix is a security focused operating. Here is a comparison of different memory allocators showing their features for preventing different types of exploitation. Memory based attacks consistently are reported to be one of the most common types of attacks.
- Here is a link to the Wikipedia page on Linux-libre Kernel. I’m not suggesting this should be the default, was just making a point that binary blobs may be needed in a kernel for compatiblity or security (eg updating firmware that is vulnerable when that happens).
Point still stands. postmarketOS isn’t hardenned. Default desktop linux isn’t hardened. Malware could easily infect your device and exfiltrate data, escalate privileges, modify the kernel, etc. Each of the things I have mentioned (hardened_malloc, immutable OS, hardened kernel, hardened firewall, removal of identifiers, full disk encryption, locking of root login [not the same as invoking root], MAC hardening through SELinux or/and AppArmor, service minimization for reduced attack surface, package manager hardening, secure boot, sandboxing of applications, etc) should be implemented for both Desktop or Mobile Linux to have “good” security. Security is preventative. All of these things come together to create a system better equipped to protect against know and unknown threats, which especially true for mobile devices which are near-costantly in unknown environments. A vulnerable device is weak link in the chain of your security, which can be used to compromise your privacy. You may never be attacked or have your device exploited, but that doesn’t make it secure as a result.
I would love to see an actually secure mobile device that is rid of Google’s stench. Problem is postmarketOS isn’t secure, its just default linux on a phone. If it saw largescale adoption (which we all would like a good alternative to do) it would be easily exploited.
It says postmarketOS is based based on alpine Linux, which according to Whonix doesn’t meet their threat model and it’s odd to claim “Alpine Linux was designed with security in mind” when Alpine’s package doesn’t pass The Update Framework model. A vulnerable package manager can be used to compromise a system, read more package management on TUF’s website.
What’s stopping the developer to put a backdoor in it and collaborate with the CIA and the NSA?
Nothing
Although it probably would be easier to attack the modem
That’s why the modem is isolated from the rest of the system through IOMMU: https://grapheneos.org/faq#baseband-isolation
In my personal opinion, privacy-oriented distributions are more likely to be targeted by intelligence agencies, I prefer a mainstream debloated version at least that way you have the advantage of not attracting attention among so many millions of users. trusting your OpSec in the good will of someone it’s not a good idea, at least for me.
If depends on what you mean by “privacy centric”
Your logic is quite flawed.
privacy-oriented distributions are more likely to be targeted by intelligence agencies
Since GrapheneOS is based on Android (AOSP), any vulnerability that exists in Graphene definitely also exists in AOSP. Graphene is often faster at fixing security vulnerabilities than Google. GrapheneOS makes some substantial security improvements to AOSP, so the chance of a bug in AOSP being exploitable in Graphene is much lower.
trusting your OpSec in the good will of someone it’s not a good idea, at least for me
That’s literally what you’re doing with the stock OS. Since it’s proprietary, no one can actually verify what’s actually going on. You’re literally trusting a billion-dollar big tech advertising corporation that participates In the NSA PRISM program. What you’re saying doesn’t make any sense.
A libre software license.
The fact that the system is open source
Nothing. But what’s stopping you from checking out the source code?
although just a cursory look at the drama surrounding it is reason enough, my real reason is pretty simple: the hardware costs just way too much.
a phone should cost like $100, max. that’s an easily breakable thief magnet and you should put in as much effort as possible to treat it as a fungible device. you break or lose one - no big deal, it’s encrypted, restore from backup and keep on truckin’.
I can lose/break/gift like 6 or 7 competent devices (SDM680/845/etc, 6 GB RAM) before I even get close to the price of one used Pixel. hard, hard pass.
I usually buy pixels used for $200, where are you getting 6/7 phones for that price?
you’re not mentioning which Pixel you’re getting for $200 and also that’s only twice the stated budget. anyhow, the cheapest Pixel 7 I have locally available is $310 (“lighty used”), which I think is the lowest rung; sixes are like three years old and that’s a no bueno for phones with fixed batteries. as an aside, if I’m buying something someone rubbed their face on, spat on, and rubbed all over, I’m paying half price max, not 15% less than NiB ($355 here).
last week I bought a Poco F1 (SDM845/6GB) in not great condition for $60; excellent LineageOS and PostmarketOS support though and easily replaceable batteries. a month or so prior, a Mi 9T Pro (SDM855/6GB) for $80. those are on the high side, there’s a ton of LineageOS supported Xiaomi devices for $50 or less if you go down to SDM6xx/4GB, which is plenty for everyday use. they can be had on the cheap because their MIUI operating system is bloated and hella slow so people just upgrade, whereas unlocking the boot loader and flashing an alternative nets you a super useable device.
I’m not saying any of those is as good as a modern Pixel device, but for my use cases they are more than enough.
It sounds like you already know the main reasons.
There are one or two accounts on Lemmy who seem to show up in every privacy or graphene thread and shit-talk GOS.
I say if there is something wrong with GOS or the code itself, identify it and prove it. The founder may have been “problematic” or whatever, but it doesn’t sound like that person is even associated with the project anymore.
I have personally daily-driven GOS for a year. It has worked well for me. I use a lot of FOSS apps. I use some traditional Play Store apps and avoid logging into Google and I manage permissions closely. I’d say GOS gives you options. Maybe some people would like other customized degoogled OS better, and that is fine. Just… for the love of all that is sacred, don’t use vanilla Googled Android.
I just think it is a vessel for proprietary software and doesn’t protect my freedom.
There a certainly worse things to use but I like Lineage OS personally
I don’t understand your comment. Could you explain it a bit more?
TL;DR Lineage OS is fine as it pretty much anything else fossdroid
Is there any truth to the concern that Lineage could be hacked more easily than Graphene OS?
And what about how Graphene OS uses Pixels that have a chip that make brute-forcing hacking a locked device much harder?
Are those real things or just gimmicks? I really don’t know.
It depends on your threat model. However, I am skeptical of flashy security features. I haven’t heard of a case where Graphene saved a journalist or similar.
People who escape doom because of technological prowess don’t usual tell others out of risk of antagonizing an adversary and inviting more conflict.
Removed by mod
I find the criticisms of the founder pretty seriously overblown. My interactions with him have always been positive. He’s on the spectrum and a lot of people engaged in pretty serious abuse toward him and the project he created… so I’ll give him some slack.
I’ve used GrapheneOS for 5 years. It’s good, the project has integrity, and there really isn’t anything that meaningfully compares in meeting its goals. It’s proactive in that they actually do meaningful security research and implement solutions. People who troll on the project are either straight up bad actors or just stupid.
Removed by mod
because you NEED a pixel.
Yea, my main issue is that because of the price, you’re locked to phones that are either out or almost out of support, or secondhand. Even the last generation’s cheapest model is $300! Though very tempted to try to save that anyway.
Plus they are not officially sold here, so always a bit of a gamble.
$306057512216440636035370461297268629388588804173576999416776741259476533176716867465515291422477573349939147888701726368864263907759003154226842927906974559841225476930271954604008012215776252176854255965356903506788725264321896264299365204576448830388909753943489625436053225980776521270822437639449120128678675368305712293681943649956460498166450227716500185176546469340112226034729724066333258583506870150169794168850353752137554910289126407157154830282284937952636580145235233156936482233436799254594095276820608062232812387383880817049600000000000000000000000000000000000000000000000000000000000000000000000000 ? Man that’s a lot
Explanation
The
!sign denotes a factorial, so300!would be 300*299*298*298*…
You don’t need to give money to Google, it’s trivial to find a second-hand.
not in my country, they are expensive and unavailable. and you have to be ok with their form factor and features over the other options.
overall needing to have one specific phone can get very restrictive.
Is it a reason to hate the GrapheneOS project? Pixel phones are simply the best Android devices for security. You should hate other phone manufacturers that don’t care at all.
i don’t hate graphene in and of itself, i simply can’t use it. and its not much use to most people when most people don’t own pixels.
we should hate most phone manufacturers because they are pretty much all shitty.
Removed by mod
The guy you were replying to is saying “People hate GrapheneOS because it requires a Pixel,” they were not saying “everyone in the world should be using a Pixel” as you seem to have mistaken.
You’re getting very fired up and heated in the comments here… maybe take a break?
Removed by mod
Hey man, nice to see you raising hell again. How’ve you been? Haven’t seen you in a bit.
BTW, I followed most of your guide, and my phone battery is lasting me upwards of 5 hours of screen on time since I applied your secret sauce. Never mind the ridiculously low data usage.
And if anyone here is wondering, @TheAnonymouseJoker@lemmygrad.ml and I don’t see eye to eye 100%, and we started our conversations sort of being pricks to one another, until we started to finally get along. He does have some very valid insights and knowledge for privacy and security on Android devices and most with solid evidence, which raises the bar on trust. Having said that, regardless of how you choose to take his posts, I do urge you to at least consider his points. I’ve found them invaluable.
I followed most of your guide, and my phone battery is lasting me upwards of 5 hours of screen on time since I applied your secret sauce. Never mind the ridiculously low data usage.
Can you please give a link to this guide? Thanks.
Sure, here it is:
Be aware that there are new apps out there that can replace some of the ones suggested here by the OP, but the bottom line remains the same today.
It’s a bit… shorter than I expected, but thanks
Removed by mod
I welcome the challenge of meeting every kind of people. With you, honestly, it was fun, and from the get-go I was aware that we would just get along at some point.
I’m very sorry to read about your injury man. I’ve been battling my own demons lately, with some very traumatic experiences I went through about 2 years ago. I forgave the people that caused the emotional and mental damage, but just this morning I woke up sweating and hyperventilating at 5am and could not go back to bed. Freaking nightmare of that crap had me relive the situation all over again.
I guess that’s what makes us human. And people here, open your mind to what could be. Yes, this guy comes across as an asshole at first, don’t I know, but once you see beyond that defense wall, not only is he super cool, but a great conversation partner, specially when there are opposite views on each side. Pretty insightful that’s been my experience with him. And yes, he is very passionate about his beliefs, and more people should be like that instead of just following the flow.
I’m still around but, as long as my wife and kids allow me to 🤣
Removed by mod
Removed by mod
It is ironic, but that’s the best you can get in terms of security on Android, which is why GrapheneOS supports nothing else
A lot of people here have higher priority for privacy over security. If you wanted maximum security you should be fine with using even apple products, they’re incredibly secure. But privacy- that’s a completely different thing. Hell, even the community is named privacy. The freedom to compromise alleged security features for privacy should be an option for users.
I’m sorry, but that’s just not how security works. Most of the “security” features exist because of patching known vulnerabilities. What this means in real terms: vulnerabilities and how they work are published to the public. There are people who specifically write and sell malware to exploit these known vulnerabilities. This is happening all the time. If you have a permissive security model, you are opening all of your information up to compromise
You cannot reasonably expect privacy on a system that makes major concessions to security. Security is necessary for privacy. The two are not the same thing, but one is needed for the other.
But also… GrapheneOS is in fact a very privacy-friendly operating system. I would consider it the most privacy-friendly in fact.
For me it is a matter of trust. What does it matter if you’re getting security updates faster than everyone else if you’re getting them Solar Winds? In other words, if you don’t need security against nation-state actors, the highest threat is Google / Apple themselves.
Your logic doesn’t escape me but in point of fact, when we’re talking about GrapheneOS we’re not talking about volunteering usage data to Google. GrapheneOS does a better job of protecting user privacy than any other mobile option I can think of.
The problem I have is treating security and privacy like they’re opposing forces. They’re not. You don’t need to make security concessions to ensure privacy and that line of thinking doesn’t make sense when you examine it.
Genuinely curious: what your privacy metrics (what does this actually mean to you) and what is an organization that you trust?
Not too many unfortunately. I trust Proton bc I am not breaking any Swiss laws, and I know they leak recovery emails so I don’t have one listed, but that’s about it.
To be honest I’m not an expert in this, definitely haven’t achieved de-googled life yet, but someday I dream I will. Even if they are not collecting usage data they’re surely getting metadata
I think that’s a good baseline. Not placing unnecessary trust is definitely a priority. The idea is definitely to remove as much of the need as possible for trust.
You have good goals and they are attainable. I wish you luck.
I don’t think it’s ironic. Google benefits massively from their projects like AOSP or OpenTitan being open source, and they even benefit from projects like GOS doing some heavy lifting for them in developing bug fixes that get integrated upstream.
The fact that their mobile phones are relatively friendly to alternate operating systems is of pretty significant benefit to them.
Google is invested in security research, albeit usually for reasons that don’t benefit users.
Google is a tech giant, which abuses peoples privacy with every click
Their phones enable users to (at least partially) escape that bs
that’s what I found to be ironic
For a good reason. Pixels are currently the only phones besides iPhones with proper hardware security. Only Pixels support hardware memory tagging, have a secure element (Titan M2) that supports the Android StrongBox and Weaver API, insider attack resistance and hardware key attestation. They also have a programmable USB controller, that allows you to fully disable any USB data connections while the OS is running. The GrapheneOS team maintains a list with hardware requirements at https://grapheneos.org/faq#future-devices
Why is ur comment showing up blank for me?
Because Lemmy.ml mods are morons
How are they blanking a replay to a comment just cos the comment being replied to is on .ml thats cooked is it cos ur banned or cos im banned or both or are they just morons and screwed it up?
I don’t know why it’s blank, but when checking the c/privacy modlog from my instance, I can’t find anything.
But when I go to lemmy.ml and check the modlog from there, I see this:
Thats photographic proof of .ml selectively federating the modlog to do all sorts of dodgy things such as hiding who committed what actions and generally trying to hide mod/admin abuse.
Removed by mod
Bla bla I will just keep the same phone I’ve had for years
Also I don’t care about the form factor of Pixels
I dont hate it but id rather just use lineage os cause of broader device support. I live a degoogled life and would rather not have to explain to people I dont use and avoid google services yet own a google manufactured phone lol.
Here you go:
“Google makes the most secure phone. Including for securing your phone against Google.”
Its better then explaining you rather risk your data security then buy a phone from Google.
I really don’t mean to make this sound like FUD, but what about that blackbox security chip only used in google phones, that they promised to open source but never did? No OS can get around that…
Is there a fully open source phone?
I like lineage is and have used for 5+ years. I’m now using it without google services. I mainly use it because I can’t really afford a pixel phone and the many supported devices lineage is has is phenomenal. That being said I would love to tey graphene os.
