Android is not at the expense of either freedom or privacy. Desktop Linux OSs come at the cost of both. It would be better to direct effort to AOSP projects as it is a much better base to build from.
[delayed]
The Android family of operating systems and the forks made from the android open source project are all linux distributions, and linux phones. Using desktop linux phones and trying to force that as a norm would set…
This claim is false. Isolation and protection from the kernel is vital and it is already targeted for exploitation, and will be targeted even more as time goes on. Properly updating the kernel and improving its…
Most of the hardware security requirements are met by multiple lines of devices. The issue is, not all of them are met. Many have poor updates or intentionally cripple standard features for anti competitive reasons. So…
GrapheneOS is great, and easy to use. Sandboxed google play can run your maps apps that depend on google play without issue.
You would install your own build of GrapheneOS. Not the official images. Its not advisable to run anything as root, at all. Or expose access to it in any form. You can make userdebug builds to access a form of root that…
You dont have the ability to guarantee you have overridden anything. The integrity of the OS cannot be verified and anything with root can lie to you that it was revoked. It does not put power in your hands. Installing…
> every app installed is known to the proxy since each app has a unqiue key GrapheneOSs proxies do not collect and send any "unique keys" from apps. That is made up. > They mention no proxy of RCS data, but in theory,…
You seem to be greatly misunderstanding what is actually happening. You are conflating default OS domains with google play services. Google play services is not bundled or installed by default, and is not given any kind…
GrapheneOS does not run anything through google services. Nowhere in the "terms" is this stated. GrapheneOS uses first party servers for all default OS connections.
These devices fall far behind the industry standard hardware security requirements GrapheneOS has.
Root access takes agency away from you and gives it to 3rd party software. It doesnt expand freedom at all, it just allows other software to abuse the user. With a proper security model and verified boot, you can be…
Linux security is quite bad. Android tries to improve this and GrapheneOS improves it even farther than that. Which device you need to be more secure depends on your needs and which device you put sensitive data on, but…
For context, GMSCompat is Google Mobile Services Compatibility. GrapheneOS installed the google play store and services as normal apps, and worked backwards to make it behave. There is no google specific sandbox, rather…
Im not disputing the ability to use the device for many years. Using the device for a long time and the device being supported for a long time are different things. Fairphone doesnt make their own phones, its outsourced…
You cant respond to any opinion because I have not provided any. Security is objective. What security someone may need can vary, yes, but that does not change how the security of a device works. You are downplaying…
To start, all attestation is remote. It fundamentally has to be remote, be it a server or another device. GrapheneOS points out how its improved privacy and security should mean that it is accepted in a system like play…
Most of this is not related to the claim and is more tangential discussion about things you like that run on the linux kernel, now, there is nothing wrong with that, but I must emphasise that none of what you describe…
MicroG requires privileged access. It also downloads and runs proprietary google code within this privileged context. MicroG additionally has very poor app compatibility and has had severe privacy issues in the past.…
GrapheneOS has 99% app compatibility with sandboxed google play. Apps do not have issues with sandboxed google play at this time.
Android is not at the expense of either freedom or privacy. Desktop Linux OSs come at the cost of both. It would be better to direct effort to AOSP projects as it is a much better base to build from.
[delayed]
The Android family of operating systems and the forks made from the android open source project are all linux distributions, and linux phones. Using desktop linux phones and trying to force that as a norm would set…
[delayed]
This claim is false. Isolation and protection from the kernel is vital and it is already targeted for exploitation, and will be targeted even more as time goes on. Properly updating the kernel and improving its…
Most of the hardware security requirements are met by multiple lines of devices. The issue is, not all of them are met. Many have poor updates or intentionally cripple standard features for anti competitive reasons. So…
GrapheneOS is great, and easy to use. Sandboxed google play can run your maps apps that depend on google play without issue.
[delayed]
You would install your own build of GrapheneOS. Not the official images. Its not advisable to run anything as root, at all. Or expose access to it in any form. You can make userdebug builds to access a form of root that…
You dont have the ability to guarantee you have overridden anything. The integrity of the OS cannot be verified and anything with root can lie to you that it was revoked. It does not put power in your hands. Installing…
[delayed]
> every app installed is known to the proxy since each app has a unqiue key GrapheneOSs proxies do not collect and send any "unique keys" from apps. That is made up. > They mention no proxy of RCS data, but in theory,…
You seem to be greatly misunderstanding what is actually happening. You are conflating default OS domains with google play services. Google play services is not bundled or installed by default, and is not given any kind…
GrapheneOS does not run anything through google services. Nowhere in the "terms" is this stated. GrapheneOS uses first party servers for all default OS connections.
These devices fall far behind the industry standard hardware security requirements GrapheneOS has.
Root access takes agency away from you and gives it to 3rd party software. It doesnt expand freedom at all, it just allows other software to abuse the user. With a proper security model and verified boot, you can be…
[delayed]
Linux security is quite bad. Android tries to improve this and GrapheneOS improves it even farther than that. Which device you need to be more secure depends on your needs and which device you put sensitive data on, but…
For context, GMSCompat is Google Mobile Services Compatibility. GrapheneOS installed the google play store and services as normal apps, and worked backwards to make it behave. There is no google specific sandbox, rather…
Im not disputing the ability to use the device for many years. Using the device for a long time and the device being supported for a long time are different things. Fairphone doesnt make their own phones, its outsourced…
You cant respond to any opinion because I have not provided any. Security is objective. What security someone may need can vary, yes, but that does not change how the security of a device works. You are downplaying…
To start, all attestation is remote. It fundamentally has to be remote, be it a server or another device. GrapheneOS points out how its improved privacy and security should mean that it is accepted in a system like play…
Most of this is not related to the claim and is more tangential discussion about things you like that run on the linux kernel, now, there is nothing wrong with that, but I must emphasise that none of what you describe…
MicroG requires privileged access. It also downloads and runs proprietary google code within this privileged context. MicroG additionally has very poor app compatibility and has had severe privacy issues in the past.…
GrapheneOS has 99% app compatibility with sandboxed google play. Apps do not have issues with sandboxed google play at this time.