this post was submitted on 15 Aug 2023
0 points (NaN% liked)

Privacy

31991 readers
636 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I assume it not completely locked down, but does it mean Google doesn't have access to everything like I assume it does with Android?

top 15 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 1 year ago

From what I get, if your phone is anything other than a Pixel still within supported lifetime, then LOS is decent. At that point it's mostly a hardware tradeoff (use a phone that all of has active lifetime support, is bootloader-relockable and has Custom ROM support) than a software one.

[–] [email protected] 1 points 1 year ago* (last edited 1 year ago) (2 children)

Even without explicit installation of GApps, Lineage still uses and connects to quite a few Google services in the background.

It's a great way of keeping older devices up to date, but not much more than that.

[–] [email protected] 1 points 1 year ago

Yes, this is the crux of LineageOS. There is a fork called DivestOS that is more libré and reduces dependence on Google services, as well as having bootloader re-locking for some devices.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago) (1 children)

It's more like a way to make your devices insecure by unlocking your bootloader, disabling Verified boot and letting all kinds of malware persist on your device as well as allowing anyone with physical access to your device to modify the system partition and load malware onto it.

[–] [email protected] 1 points 1 year ago (1 children)

It's a trade-off, everyone needs to decide for themselves

[–] [email protected] -1 points 1 year ago (1 children)

Sure, but DivestOS is better for old devices as it supports bootloader relocking and it's just much better for both privacy and security. If you want the most secure mobile OS on a modern sevice, go for GrapheneOS on a Google Pixel (which also has hardware security with the Titan M2 secure element).

[–] [email protected] 0 points 1 year ago (1 children)

Divest doesn't officially support MicroG or Sanboxed Play Services though, which can be an issue depending on what apps you need.

Lineage will still be the better option for most people because of this, unless they actually need to buy a new phone anyway

[–] [email protected] -1 points 1 year ago (1 children)

I haven't tried microG on DivestOS yet, but from my experience on CalyxOS (before I switched to GrapheneOS) I can tell that it works really well. Doesn't really matter whether it's officialy supported, you can just install it yourself.

[–] [email protected] 0 points 1 year ago* (last edited 1 year ago) (1 children)

After reading up on it on the DivestOS page, it mostly seems to work, with the exception of SafetyNet

https://divestos.org/pages/faq#microgOptions

Some apps require SafetyNet to work, while the option to enable it currently exists it will not work in the unprivileged mode that DivestOS uses and will be removed in a future update.

But then again, the whole point of the DivestOS project is to remove as much Google and other proprietary code as possible.

So if someone wants to use DivestOS specifically, they likely don't use any apps that need microg.

[–] [email protected] -1 points 1 year ago (1 children)

Right, SafetyNet. I haven‘t tried banking apps (or anything else that requires SafetyNet) with microG, but SafetyNet is just a flawed system in general. Even on GrapheneOS, with the proprietary Google services running in a sandbox, only SafetyNet basic integrity can be achieved, because the OS needs to specifically be whitelisted by Google order to get full integrity. It‘s a ridiculous monopolistic move by Google. I just never use banking apps on my phone, I have a dedicated small and light laptop only for banking, that I can also take on a trip if I need to do anything related to banking on the go. I do this for extra security, so my banking is separated from all my other digital activities, but I‘ve heard that basic SafetyNet integrity that be achieved on GrapheneOS is enough for many banking apps.

[–] [email protected] 0 points 1 year ago (1 children)

Well, flawed or not, it's what we need to use if our apps are dependant on it. I guess I'm lucky that my bank doesn't push their App, and even recommends Firefox alongside the other Browsers for Online Banking.

[–] [email protected] -1 points 1 year ago (1 children)

As I said, I don’t do banking on my phone, but if I needed to use a banking app and it was unsupported on GrapheneOS I would honestly consider switching to another bank. The system of banking is flawed as well, that’s why I try to use Monero as much as possible.

[–] [email protected] 0 points 1 year ago (1 children)

Most banks are just massive dicks. Don't you love it when your consultant tells you they have your best interest at heart

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago)

When they do this, I just laugh at them and tell them them to stop pretending. Is this rude? Maybe. Is it the truth? Definitely.

Edit: It's not just banks. Insurance companies and publicly traded corporation in general are just there to screw you over. I'm not a socialist or anything like that but I gotta say: The capitalist system is flawed. (Every system is flawed, a perfect system doesn't exist but it's pretty bad with capitalism)

[–] [email protected] -1 points 1 year ago

It is good for privacy as long you do not install Google Play Services and also do not download any apps that is bad for your privacy. However GrapheneOS is a better option which additional security benefits.