You’re the one that made the claim and I’m trying to do my own research to figure out if that’s true but I don’t have anything to go on. When you make a claim the onus is on you to back it up.
5 Likes
Ironic, because you’re not critically thinking or doing your research by using AI, lmao
3 Likes
Your “experts” are saying, privacy/scecurity concious people should use Apple and Google products.
This is all what I have to say.
And this kind of mindset is harmful to privacy and software freedom. From a technical standpoint GOS is the best, but they don’t prioritize user rights or oppose what Kicksecure calls the war on general purpose computing.
(some of this may be outdated)
GrapheneOS is not aimed at power users or hobbyists aiming to tinker with their devices more than they can via the stock OS or AOSP.
The hardware attestation feature is part of the Android Open Source Project and is fully supported by GrapheneOS.
Direct use of the hardware attestation API provides much higher assurance than using SafetyNet so these apps have nothing to lose by using a more meaningful API and supporting a more secure OS.
TLDR: Rather than encouraging app developers to abandon the plainly anti-FOSS/anti-user technology that is SafetyNet hardware attestation, GrapheneOS instead encourages developers to continue locking down their apps such that they only work on specific operating systems, but also kindly asks them to add the official releases of GrapheneOS to the list of “approved” Android builds (in addition to proprietary “Google-approved” Android, of course). The above link is a handy implementation guide for developers that GrapheneOS has published to their website and actively encourages its users to share with developers.
SafetyNet hardware attestation is an anti-FOSS/anti-user technology that has no legitimate use case. It allows apps to arbitrarily refuse to run on “un-approved” versions of Android. Apps have absolutely no business policing the operating systems that users are allowed to run on their device. If this technology is adopted by a large number of applications that people rely upon, we are left with no option other than to use an “approved” OS. We cannot fork GrapheneOS if the project goes in a certain direction that we disagree with, because then we would be unable to run the apps we need.
Strcat’s response to anyone ideologically opposed to this is “don’t use GrapheneOS”:
If you have an ideological issue with GrapheneOS providing working attestation and preserving the app security model, i.e. allowing apps can perform checks that cannot be faked without an exploit, my recommendation is using something else. If you consider this capability to make it a “walled garden” then GrapheneOS is happily a “walled garden”
Well, at the end of the day we should use the devices we think will work for us.
There’s not a single correct answer here, maybe someone needs the privacy of a Linux phone while someone else needs the security of an iPhone, it all comes up to what you need/want and not necessarily on what researchers say you should actually use.
1 Like
Indeed. I trust nothing.
Like Plainrock124 said: “That’s like buying a 3DS without the 3D!”
It’s easy to disregard something when you don’t understand the how’s and why’s. Rather than letting a hallucinating AI think for you, let me give you a bit of research material on why the Google Pixel & GrapheneOS is recommended and why GrapheneOS currently only supports the Pixel.
(Shorter, easier to read)
(More in-depth, more difficult to read)
4 Likes
POV: ringo2 proceeds to use an AI summariser xd
1 Like
I don’t get what the crime here is, does every single operating system have to be targeted at power users who want to tinker with it?
This is talking to apps that already use Google’s more restrictive SafetyNet and asking them to use the more open AOSP hardware attestation where they can support multiple operating systems. They’re not supporting locking down apps but they’re trying to find a middle ground with apps that are already trying to do that.
… while someone else needs the privacy and security of a Huawei phone.
1 Like
I have two sources to get my infos about privacy/security: Randos on the internet and AI. I use both sources and I don’t see where the problem is.
1 Like
The simple processors aren’t ever going to be close enough to developing a mainstream CPU, because printing transistors at the size required to be considered an alternative would still require a lithography machine. The question now is, how do we force American companies to remove the IME?
What childish fantasy is this? Can you seriously tell me ALL the funders of these projects?
Again the “audits are security” delusion.
You also have to use the kernel they fund (Linux), the machines they provide (Google cloud), the CAs they decide are trustworthy, etc.
You seem to be a troll this whole thread, having come in with a pre decided notion: Apple is bad, so GrapheneOS is bad because they recommend them, and everyone should agree with me. You are free to hallucinate the first two, but this thread is a pathetic attempt to enforce the third. Folks who actually do security and privacy agree on what GrapheneOS said about iOS, your opinions do not matter.
My advice to rational actors in the thread is to stop feeding the troll.
2 Likes
I don’t like BigTech. I am interested in good, bullet proof privacy enhancing methods and solutions. I read alot of stuff and try to form my own opinion. And I came to the conclusion, that there are good reasons to distrust the established privacy priests. Edward Snowden recommended GrapheneOS. But he never audited the code and he doesn’t know what the proprietary chips are actually doing. He is an influential person in the privacy community, but his recommendation for GrapheneOS is based on BLIND BELIEF and not technical expertise. There are other reasons why I am sceptical of the Graphene organisation which I have mentioned earlier in this thread. But in the last two months or so, the Graphene devs made claims, which have strengthened my scepticism even more. They hate all privacy/security solutions (including desktop Pcs with Linux, Pinephone, lineage, /e/ etc.) They only recommend two products: Google Pixels and Apple iPhones. Just think about it: GOOGLE AND APPLE. The devs of the supposed most private and secure phone OS recommend exclusively Google and Apple products. And this is what privacy minded people should believe? This is why I think, this is just like these chinese “experts” who say, you should use Huawei for privacy and security reasons. Maybe this isn’t all about privacy and security. Maybe its all about geopolitics in the end.
1 Like
Computer manufacturing isn’t my lane so I won’t say much about it. All I’ll say is that people thought it was laughable that you could manufacture your own processors at all and now it seems people are actually doing it. If they are to improve in speed, I’d expect the manufacturing process to get more expensive and it’d probably be a while before anyone gets around to developing said processes for free. The point is, decentralized manufacturing is certainly possible for at least some things, and we certainly don’t need to manufacture everything in just a select few countries. Even if it’s only small at first, there are still use cases where we could benefit from having truly open (yet relatively slow) processors. In any case, this is missing the main point:
- That’s not gonna happen. We can’t realistically pressure powerful companies to change their proprietary technology in such fundamental and meaningful ways. It is an inherent problem with proprietary tech that can only be circumvented through the development and adoption of truly open alternatives.
- Simply removing IME wouldn’t be a good thing.
1 Like
Topic closed. This is not Conspiracy Guides.
5 Likes
This is a good article, thanks for sharing. I haven’t read a lot of the non-Whonix articles on this site but they’re pretty solid from what I’m seeing. We should expand our own resources with some of this stuff.
Edit: oop didn’t see the post is locked lol, mb — well related discussions can always be started if people want to be on-topic and not go too off the rails.