this post was submitted on 09 Aug 2024
37 points (63.3% liked)

Privacy

31975 readers
229 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I see quite a few people claiming that Graphene OS is the only way to stay private on Android or that anything but Graphene OS is insecure. In this post, I will describe why I personally do not care for Graphene OS and some alternatives I would suggest.

First off, let's address the security features of Graphene OS. A lot of the security of Graphene OS comes from AOSP itself. In fact, AOSP has a very good track record. If you get malware on your device, you most likely can just uninstall it. For reference, here is the Android security page: https://source.android.com/docs/security/features

There are some Graphene OS unique security features. For instance, it has a hardened kernel and restricts access. I think this is actually pretty useful but I haven't seen a need for it much in the real world. The tightened permissions are nice, and I think that is the main benefit of Graphene OS over AOSP. It is also nice that device identifiers are restricted from a privacy perspective. However, from my perspective, you should not run apps that are bad for privacy. Running it in the web browser will be more secure than bare metal could ever be.

One place I strongly disagree with Graphene OS is the sandboxed Google services framework. They say having Google in a sandbox is more secure. It may be more secure, but it isn't going to be as private as MicroG. The real benefit of MicroG is that it is community-built. It isn't a black box like Google framework, and any data sent back is randomized. I think it is a mistake for Graphene OS not to have support for it, even if it is also run in a sandbox.

Another thing I have noticed is that Graphene OS prioritizes security above all else. That doesn't mean it isn't private as it itself is great for privacy. However, if you start installing privacy-compromising applications such as Gmail and Instagram, your privacy is quickly lost. The apps may not be able to compromise the OS, but for them to be used, they need permissions. To be fair, this is a problem that is not unique to Graphene OS, but I think its attempts to be closer to Google Android make it more tempting for people to stick to poor privacy choices.

I think other ROMs such as Calyx OS take the ethical component much more seriously. Unlike Graphene, it promotes F-droid and FOSS software like MicroG. Graphene purely focuses on security while Calyx OS focuses on privacy and freedom. On first setup, it offers to install privacy-friendly FOSS applications such as F-droid and the like. I realize that MicroG is not perfectly compatible, and some people need apps, but I think alternatives are going to always be better.

One of the most annoying parts about Graphene OS is the development team and some of the community. They refuse to take criticism and have been known to delete any criticism of Graphene OS. Not only that, they have a history of trying to harm any project or person they don't like.

Here is a page that isn't written by me that sums it up: https://opinionplatform.org/grapheneos/index.html I think their take is fairly extreme, but I agree with them in many ways. I also understand how upsetting it can be to be censored.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 7 points 3 months ago* (last edited 3 months ago) (2 children)

Unlike others, Graphene has very strict requirements when it comes to devices to ensure you're safe. As usual if you’re looking to have any security (Verified boot) GrapheneOS + Pixel phone is the only options. I really don’t get it how come people in places like this are okay with having a phone with all their personal data and logins without verified boot. Stolen / lost phone = game over.

Calyx, for instance, isn't as good as GrapheneOS, they do a lot of snitching on you (including to Google and Mozilla) and they overlook critical details such as this one allowing the OS to contact 3rd parties such as Qualcomm. More relevant information for you from here:

XTRA is technology offered by Qualcomm Technologies, Inc. in the US and QT Technologies Ireland Limited in the European Economic Area to improve mobile device performance. XTRA downloads a data file from Qualcomm containing the predicted orbits of the Global Navigation Satellite System (GNSS) satellites. Using the XTRA data file reduces the time the device needs to calculate its location, thus saving time and battery power when using location-based applications. Newer versions of the XTRA software also upload a small amount of data to us. We use the uploaded data for purposes described in this Policy, such as maintaining and improving the quality, security, and integrity of the service. XTRA uploads the following data types: a randomly generated unique ID, the chipset name and serial number, XTRA software version, the mobile country code and network code (allowing identification of country and wireless operator), the type of operating system and version, device make and model, the time since the last boot of the application processor and modem, and a list of our software on the device

Before you say this is the CPU's fault, it isn't, at least on its own. GrapheneOS also deals with this kind of stuff and has patches and options so you can block it.

Other phone brands, let's say Fairphone just don't make thing right. Fairphone guys have been petitioned multiples times to open their platform and/or collaborate with projects such as GrapheneOS and CalyxOS so user can have private and secure phones but they don't care.

CalyxOS does support the Fairphone 4 however that's only due to the persistence and reverse engineering efforts of the CalyxOS project / community. If you decide to use it you won't have a secure bootloader anymore due to a bug in Fairphone's firmware that they choose not to fix. That simply shows how "fair" the "Fairphone" really is and how permissive CalyxOS is.

[–] [email protected] 7 points 3 months ago* (last edited 3 months ago) (2 children)

Fair phone talks the talk, but they haven't walked the walk when it mattered.

TRRS headphone jacks (not walking the walk)

The bootloader issue you mentioned (not walking the walk)

Deliberately using misleading language about phone support and security updates (OS updates vs hardware security updates)

Don't get me wrong, I WANT ANOTHER OPEN PHONE MANUFACTUROR, right now there is only google pixel....

[–] [email protected] 6 points 3 months ago (1 children)

Fully agreed on Fairphone. The mission is noble but the execution has been poor. I saw a revent interview with Nirav Patel, hoping against hope that framework would turn to phones next.

In the end it seems the most degoogleable phone is the pixel.

[–] [email protected] 4 points 3 months ago (1 children)

The framework guys could turn into making tablets with open bootloaders, not the locked bullshit that all vendors from Samsung to Chinese brands like to do. Let's face it, a lot of us want a tablet running a full OS, not iOS or Android and those locked bootloaders make it impossible.

[–] [email protected] 2 points 3 months ago (1 children)

I think that would be a very reasonable next step for them for sure.

With that said (and make no mistake, I'm no fan of apple), you can get a decent range if work done on an iPad, though I would love an open alternative.

[–] [email protected] 3 points 3 months ago (1 children)

I’m no fan of apple), you can get a decent range if work done on an iPad, though I would love an open alternative.

I don't doubt that but a full OS... is a full OS.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)

for sure, enabling professional work where needed is all well and good, though you still need to consider the user experience with that form factor in mind.

I kind of dread to think about using Linux DEs on a tablet. Maybe gnome would work okay. I'm not sure if plasma features a tablet mode. If so, I'll want to check that out on the steam deck.

[–] [email protected] 4 points 3 months ago* (last edited 3 months ago) (2 children)

I kind of dread to think about using Linux DEs on a tablet. Maybe gnome would work okay.

I've an iPad Pro (1st gen, 2.26 GHz dual-core 64-bit, 4GB of RAM) with keyboard, if I could run Debian+GNOME on that thing it would completely replace my laptop. When you've a full keyboard that form factor is just as useful as a laptop. Not very powerful but good enough for a full browser and a couple of document processing applications and whatnot.

To be fair, I would even buy one of those Lenovo P12 Pro tablets with 8GB of RAM and 8 CPU cores if there was a way to run Linux. Those machines with those specs would most likely provide an experience as good as most laptops when paired with bluetooth keyboard and mouse.

[–] [email protected] 3 points 3 months ago (1 children)

I mean it's still a touch centric device first and foremost. I'm not so familiar though, what year were iPad pro's introduced? I wasn't aware you could flash Linux on those, that's pretty neat.

I used to have a keyboard folio cover with the original retina iPad (I think third gen?) back in the day and got the majority of my writing done on it, but I still relied heavily on gesture navigation and what not.

Maybe I'll try gnome on my steam deck as a quick test.

[–] [email protected] 3 points 3 months ago (1 children)

I wasn’t aware you could flash Linux on those, that’s pretty neat.

Well, that's the problem: you can't. As I said, if I could run Debian+GNOME on that thing it would completely replace my laptop. But I can't.

[–] [email protected] 2 points 3 months ago

Ah, missed the if

[–] [email protected] 2 points 3 months ago (2 children)

You could run debian+gnome inside of a VM on your iPad. UTM is pretty good

[–] [email protected] 4 points 3 months ago

Already tried it, total garbage on that device, 10 minutes to boot, unusable UI. Virtualization is never a good solution.

[–] [email protected] 2 points 3 months ago

Virtualization on iOS is terrible. You can only use half of your device's RAM, because iOS kills any app that uses more than that.

[–] [email protected] 4 points 3 months ago

, I WANT ANOTHER OPEN PHONE MANUFACTUROR, right now there is only google pixel…

Yeah, that's an issue there.

[–] [email protected] -2 points 3 months ago (1 children)

Calyx, for instance, isn’t as good as GrapheneOS, they do a lot of snitching on you (including to Google and Mozilla) and they overlook critical details such as this one

Okay, let's unpack the pack of BS shall we...

  • Your first link points to a page where all the connections made by CalyxOS are explicitely listed and explained in detail. Pray tell: how do you interpret that as snitching?
  • Your second link points to a 3-year old, closed Git issue that ends with this: Resolved in CalyxOS 4.9.4, June 2023 Feature Update.

Please go spread your FUD someplace else.

[–] [email protected] 3 points 3 months ago

Your second link points to a 3-year old, closed Git issue that ends with this: Resolved in CalyxOS 4.9.4, June 2023 Feature Update. Please go spread your FUD someplace else.

Let me be very clear about this: the issue isn't that it isn't' fixed, because it is, the issue is that it happened in the first place and a complete failure like that simply does not happen with GrapheneOS.