HackerTrans
TopNewTrendsCommentsPastAskShowJobs

ysnp

no profile record

comments

ysnp
·vor 9 Tagen·discuss
Can Android OEMs, bundling Google Mobile Services for Android certification, choose different trust roots for verification?

>The correct thing to complain about is requiring developer mode for unverified installs, which doesn't seem necessary

I had assumed the friction was to dissuade developers from not going through ADV. Isn't it partly for making malware distribution more traceable and campaigns easier to halt on GMS/certified Android systems?
ysnp
·vor 24 Tagen·discuss
Can you add CopperheadOS data 2014-2018 and AndroidHardening Project from 2018-2019?
ysnp
·vor 24 Tagen·discuss
For what it's worth, strcat is the GrapheneOS founder so they will have a keen insight into current plans.
ysnp
·letzten Monat·discuss
Any promising mesh networks, radio networks or routing protocols worth looking into?
ysnp
·vor 2 Monaten·discuss
It may be worth noting that GrapheneOS in most cases to date are not the initiators for conversations around extra device support. They do not control which mobile divisions and engineering teams can come to them and back genuine interest with the resources needed to reach an acceptable privacy/security standard for support.

The question is really why are Motorola the only ones that have gone that extra mile so far and what does it say about the rest of the Android OEMs (including Fairphone, which unlike most is actually a younger project than GrapheneOS).
ysnp
·vor 2 Monaten·discuss
The details of the partnership are mostly disclosed in the joint announcements but GrapheneOS has no say or influence on Motorola's stock Android image and policy.

The main objective of the partnership is to do what you described in the former case, get Motorola up to a standard where GraphenOS could support the phone. They could not previously take a Motorola phone and build GrapheneOS for it because of numerous basic requirements they did not yet meet. I can guess that GrapheneOS only really condone the efforts Motorola will put in to meet their support requirements as a platform.

Motorola also gets to incorporate a subset of GrapheneOS's features and improvements as enterprise targeted Motorola features. GrapheneOS do not have any direct influence over the apps and policies for the stock GMS Android image Motorola ship with their phones. Motorola have no significant say in what GrapheneOS does with their OS. GrapheneOS can assist Motorola in hardening efforts at the OS and firmware layer etc.
ysnp
·vor 2 Monaten·discuss
I've not seen someone refer to a portion of GrapheneOS's mitigations as superficial and meaningless before. What might an OS with significant improvements to usable attack surface reduction and exploit mitigations look like to you? What sort of things (given a team of less than a dozen contending with OS updates, upgrades and device support) would you have liked to see implemented?
ysnp
·vor 2 Monaten·discuss
They have commented elsewhere that any inclusion/exclusion criteria (if at all) should be transparent and collaboratively decided rather than arbitrary, monopolised or ineffectual/deceptive. They mention several times that people should not be excluded from web services for browser/OS choice.
ysnp
·vor 2 Monaten·discuss
The requirements are not particularly stringent. It is more an embarrassing show from the rest of the Android OEMs that they don't meet basic standards like timely security updates and a decent support period.
ysnp
·vor 3 Monaten·discuss
From what I've read I understand it is more like:

/e/OS (recipient of EU funding) and iodéOS are European projects that have not been singled out by the French government in smearing despite them having the similar self-professed goals to GrapheneOS. That they had any influence at all on the French government directly is speculated but not asserted.

CalyxOS/Techlore are blamed for being complicit in escalating the animosity and furore around what were initially low-key fallouts/disagreements. This led to GrapheneOS/Micay escalating to defend themselves which unchecked fuelled a spiral of influencer content, vile spamming of CSAM in GrapheneOS rooms (I can personally attest these were some of the biggest on Matrix at the time and led to the team giving up on Matrix moderation and self-protection capabilities), intense public speculation/accusations about Micay's character/mental health etc. which eventually resulted in the swatting attempts.

F-Droid project members have publicly aired their dislike of Daniel as a result of direct or indirect disagreements and did have a software quirk that caused an issue for GrapheneOS/possibly other custom OSes' users due to their added permission (which the two parties again disagreed on). Conspires is loaded wording.

But I do not think it is productive for me to dredge up posts and potentially cause more misunderstandings as a complete outsider for something that is directly affecting someone's life like this. They (Micay/GrapheneOS) have posted detailed contextual snippets and information about what has happened so please contact them directly for reference to the original posts and discuss if you really wish to find out more.
ysnp
·vor 3 Monaten·discuss
There are a lot of judgemental comments here criticising Daniel's character, responses and handling of what was likely a very trying and stressful period in their life.

Barely any comments about the linked thread which is about Wired publishing an article that was extremely poorly researched after having misled GrapheneOS about the intention and content of what would be published. This seems like the sort of thing that should earn a disclaimer on future Wired articles as worthless and get them removed from RSS feeds/have subscriptions cancelled. Complete lack of integrity and respect for standards. Why did they not interview anyone else involved in the project or around at the time?
ysnp
·vor 3 Monaten·discuss
Phantom Secure is directly named as one of the parties Donaldson was dealing with, with others being suspected:

>Donaldson tried to make a deal with Phantom Secure, which ultimately didnt work out. Micay suspected other counterparties were linked to organized crime, but we cannot confirm those identities or ties on short notice. Donaldson began pursuing such deals before Micay left and continued afterward.

https://discuss.grapheneos.org/d/34369-original-grapheneos-r...
ysnp
·vor 3 Monaten·discuss
It may be worth checking Motorola's OLED models in person (for example the Razr Fold, Razr Ultra and Signature) so see if their Flicker Prevention mode helps. I don't think any IPS models are likely to be supported in the first wave/generation of supported devices in 2027.
ysnp
·vor 3 Monaten·discuss
Having GrapheneOS preinstalled is an option they may discuss with Motorola. It is not the current plan. The current plan is that Motorola release their devices as normal, but some of the flagship devices in 2027 will support manual installation of GrapheneOS.
ysnp
·vor 4 Monaten·discuss
GrapheneOS will support future Morotola phones that meet a subset of their requirements, rather than existing phones. Less likely to be budget lines for now.
ysnp
·vor 4 Monaten·discuss
DNSSEC is one of very few topics where voices I respect on security seem completely opposed (WebPKI depends on DNS vs. DNS security does not matter). Is there any literature that demonstrates deep understanding of both arguments? Why are they (DNSSEC + WebPKI) never considered complimentary?
ysnp
·vor 4 Monaten·discuss
Is the case that captures all RF still planned for the productised Baochip?
ysnp
·vor 4 Monaten·discuss
Can anyone from Motorola confirm that the form submission and time delay requirements will be removed?
ysnp
·vor 4 Monaten·discuss
Hi daneel, what would you like GrapheneOS to do while you develop your own formally verified, open hardware, open source firmware/OS baseband processor they can use? Sit on their hands doing nothing or making the best of the least worst options currently available?
ysnp
·vor 4 Monaten·discuss
Since ~2023 all Motorola phones with Snapdragon SoCs (the ones most likely to support MTE as needed by GrapheneOS first) have been larger or equal to 6.5" screens.