Correction: because of CalyxOS' implementation of microG, signature spoofing can't easily be used to break out of the sandbox. Sorry to those whom I inadvertently misled. The fact remains that microG is still an insecure implementation that doesn't implement proper security or transit protection and disregards security.
>If you have the ear of strcat, I urge you to to talk to them about this kind of paranoid conspiracy thinking that leads them to directly accuse me (and others in this thread) of being a co-conspirator in a vast plot to undermine GrapheneOS. It's fantastic thinking and it damages the reputation of what is otherwise a gift to the community.
It's not conspiratoral thinking. It's plainly obvious if you go into the CalyxOS Matrix rooms that the leaders often spread misinformation about GrapheneOS or allow it to flourish. They also spread misinformation about CalyxOS to promote it, such as claiming signature spoofing has no security drawback as implemented on CalyxOS.
You don't see other OSes and projects spreading misinformation. Likewise, GrapheneOS doesn't attack LineageOS, /e/, etc. we don't discourage people from using them, except saying that yes, they are insecure, so be aware of that. We don't spread attacks and other projects are free to criticize GrapheneOS for legitimate things.
However, criticizing it for legitimate things is far different from concern trolling in the GrapheneOS rooms, getting banned, and then portraying it in the Calyx rooms as GrapheneOS being toxic, which is a common tactic. You can see this using the Logbot service: just look up "concern troll" in the GrapheneOS rooms, see what comes up, and compare it with the messages around the same time in the Calyx rooms. It's quite evident. Of course, I highly doubt you'll sincerely do that considering you're simply calling us paranoid, but to anyone watching that's what you should do.
>I have been on Hacker News a long time, posting on everything from sex worker rights to Telegram to Emacs. I don't know about your Matrix room, I've never visited it. I have no interest in impersonating anyone save myself.
No one said that you impersonated anyone. The point strcat brought about impersonation was that a person from the Calyx community went and impersonated the Bromite developer, attempting to start conflict between Bromite and GrapheneOS.
>I don't see that anywhere here in this thread. I see a thread that should have been a space for celebrating a cool more-private, more-secure Android project being hijacked because its competitor's lead developer believes themselves to be the target of a conspiracy. A conspiracy that isn't even occurring in the very thread they're engaged in:
CalyxOS isn't particularly secure but that's beside the point. That's not the issue and it's fine to not be security-focused. The issue is that the Calyx community and developers consistently spreads misinformation. Just look at what one of them is doing right now with microG.
>From who? Nobody here is doing this! Especially maliciously.
Says the person calling people paranoid for trying to stop misinformation being spread. You can see what people are doing in this thread whether maliciously or nonmaliciously.
>If you think CalyxOS is implementing a feature that is harming users, you might try and communicate with their community in a cooperative, direct way, rather than this self-destructive crusade GrapheneOS is airing publicly.
And people have, and they get banned from their community.
I'm sure you didn't do it intentionally, it's just that what you said is a common piece of misinformation spread about GrapheneOS. It's understandable that you'd think that given how much it's repeated and considering that many people got duped too.
>I would trust MicroG a lot more than Google, even if it's sandboxed :)
This is the reason that GrapheneOS sandboxes it. You can disable permissions however you'd like, nothing stops you. You don't want it to send certain data? Then don't give it that permission. Disabling INTERNET will prevent it from sending anything (it's used to privilege, so it likely won't use another app to bypass, but you can use a different profile anyway).
>Play Services are still closed-source google components that I don't want on my phone.
microG is just a reimplementation (a partial one) of Play Services. The privacy benefits are negligible.
>I just wanted to express that I generally see GrapheneOS pick the security side over privacy if there is a choice to be made between both (and only then). And with privacy I mainly mean big data tracking from the likes of Google.
I'm guessing you're referring mainly to microG.
Privacy is not just not sending data. It's far more than that. It needs to be able to blend in with others, and needs a certain decent level of security to avoid simply bypassing privacy features through vulnerabilities.
microG doesn't protect data in transit even close to the way Play Services does. How do you expect to have privacy when apps can simply intercept microG data?
Signature spoofing as microG needs, ruins the security model. It bypasses signature checks by apps. Even in CalyxOS's slightly less bad implementation, vulnerabilities in microG can be used to break out of the sandbox. How do you expect to build a security model on this? Vulnerabilities in microG are very likely, considering how the project disregards security.
How do you expect privacy with such little security? You'll not have any privacy if an app can bypass your privacy features.
It also only reimplements a portion of the APIs and breaks when apps need new ones. How is it supposed to keep up with the APIs anyway? It's tens of thousands of lines of code. It's certainly not a viable option.
Using Play Services as a sandboxed app, on the other hand, avoids this. It doesn't require the microG patch which erodes security, it protects data in transit, and it actually gets the majority of APIs and functionality working. The only functionality that doesn't work is SafetyNet attestation and functionality which depends on privilege. SafetyNet enforces using the stock OS, so you'll never get it with microG. Privileged functionality would need invasive OS integration.
It's clearly a much better solution that preserves the security model. It does it right.
GrapheneOS also optionally blends in with stock Android users. This isn't a bad thing and increases privacy. Connections made are just things like connectivity checks, nothing special.
Besides, CalyxOS isn't particularly good for this either. Their Netguard firewall that they bundle doesn't implement it properly and apps can still bypass it. They aggressively integrate Google services, and have Facebook integration as well.
No, giving criticism of an OS is not attacking it. You'll see that strcat only responded to places where GrapheneOS was mentioned. You'll see that there was misinformation being spread about GrapheneOS, whether intentionally or unintentionally, that originates from the Calyx community. Just look at their Matrix rooms and what their supporters/influencers say about GrapheneOS.
Bundling a bunch of apps and integrating proprietary corporate services with privileges unavailable to other apps is not privacy, sorry.
I disagree. LineageOS has a legitimate use case, being able to easily tinker with the device. It's certainly not as private or secure, and that doesn't make it a bad option depending on someone's use for it.
See grapheneos.org/history/copperheados and verify it for yourself using Github graphs and other resources.
A better description would be "One person handled development of the project and other person CEO'd the sponsor company. The CEO attempted to hijack the project and the developer eventually resumed the project under the name GrapheneOS."
>How can you claim that we're the ones shipping proprietary service integrations when we ship an open source implementation, and you're the ones shipping an integration for the proprietary implementation.
Play Services is not integrated into GrapheneOS at all. It only has a few shims that, as strcat explained several times, return placeholder data. Play Services has no special permissions, and using it on GOS is the same as installing any other app.
microG is integrated into your OS. It's a partial reimplementation of proprietary Play Services.
That was for distributing Google apps, not for shipping firmware updates. You're making a false comparison.
As you could see if you had read strcat's comments and the documentation, GrapheneOS doesn't ship Play Services but only some compatibility shims, otherwise Play wouldn't know how to work. Users must manually install Play and associated apps.
He's not "the GrapheneOS developer", he's the lead developer and one of many developers. It's a collaborative open-source project which has made a production-grade OS and whose contributions have been upsteamed for AOSP.
Pixels are pretty much the only Android phone that supports full verified boot with custom keys, meaning verified boot of the entire base system works no matter what OS you're booting (as long as your OS supports verified boot in the first place). They're about on par with iPhones security-wise, but Pixels support alternate OSes which is really nice.
Other Android phones often either have broken verified boot implementations (such as only verifying the kernel) or completely lack it.
The Titan M makes Pixels even better; it is a security chip which stores keys such as those for verified boot.
The security of Pixels is why security-focused mobile operating systems like GrapheneOS often target Pixels instead of say, Samsung Galaxies.
By that definition, Linux, Chromium, and lots of other software isn't Google-free. But that's ridiculous. Android does not contain any tracking code, and at most uses Google servers as the default for network connectivity tests, etc. which you can change. Versions of Android running on actual phones often have tracking, but this is not related to Android itself and is largely about Google Play Services.
And if you flash a good custom OS like GrapheneOS, maybe LineageOS without microG, then Google doesn't track you even if you use their hardware. Even better if you use a secure OS like GrapheneOS or standard AOSP without Google Play Services or bloatware.