I have a Pixel 9 currently running stock ROM on it but I really want to de-google and up my security/privacy. At the moment, I can’t decide if I should switch to GrapheneOS or not? I am aware of PlayIntegrity API and the entire effort that Google wants to make iOS out of Android (close source walled garden ffs) but I wonder will it affect GOS in any serious way?
LAPTOP
I currently use Fedora KDE on my laptop but I’m wondering if there is anything more secure but still usable. I heard there is Secureblue but I really don’t like GNOME (reminds me of iPad OS) - is anyone using the KDE version? Is it any good? Any downsides?
I’m really looking forward to the KDE Linux because it looks like a nice step up from regular Fedora in terms of security.
What do you suggest? Any other worthy alternatives? What OS are you using and why?
I would say do it. There are many many advantages and very little if any downside if you value FOSS (and the accompanying privacy & security value system). And you can always install play services on another profile to use the apps that absolutely need it. GOS is not going anywhere and they will support Pixel devices as promised.
If you like the KDE DE, I recommend Kinoite. It’s Atomic KDE Fedora. No downsides I can think of, just the DE is different from the OG Silverblue.
–
Those are my recommendations. Can’t go wrong with these options.
It depends on the threat model. Many people don’t need to have multiple user profiles. It is quite inconvenient to have the Play Store in a different profile, let alone one that is not the Owner profile. Only applications from the Owner profile can run in the background. If you install the Play Store in another profile, you must manually install updates.
What I mean by this is that for a beginner, it is enough to just install the Play Store, download everything you need, and then gradually learn as you go.
Simply by installing GrapheneOS, they are already gaining a great deal of privacy.
Basically that only a problem if your bank runs apps which are using it, some games I guess might use it too. GrapheneOS is still superior option especially if you’re trying to “degoogle”.
You can always factory reset your phone if you don’t like Graphene.
You don’t sign up an indefinite contract or anything, it’s just some (potentially temporary) software running on your phone.
For Linux, start anywhere honestly. All distros will be good and bad in their own way and it’s a very subjective topic.
The most popular answers will be mostly for Ubuntu, but that might only be a concern if you go DEEP on doing crazy things with your system. Also, sometimes it’s as easy as replacing apt by dnf in the terminal, hence not a HUGE change either.
Man, I hate so much that you’re probably very right here.
I think that Graphene should be used with several profiles but I do agree that convenience beats all of it there.
I mostly wonder how much invasive stuff is when it comes down to shit apps like Gym ones, WhatsApp and all the other ones that you sometimes can’t do without a web version.
I like to put those evil apps into their own profile, away from my privacy-respectful/self-hosted ones in my Owner profile.
I guess the biggest obstacle for me to install GOS is the current situation in my country (France) where GOS users are seen as criminals… I’m not sure if I want the extra attention on myself. Everything else sounds way better than stock Pixel or even iOS.
Regarding Linux, Kinoite and Secureblue look really good but I’m still sceptic regarding all apps being flatpak - Libreoffice first which has some annoying bugs in the flatpak version. Also, rpm-ostree consumes a lot of bandwidth. I hope it will soon be replaced with bootc images.
I guess I could just jump back to default ROM, I haven’t thought about that. Good idea.
Ubuntu doesn’t attract me at all with snaps and GNOME, Fedora does seem more secure and user friendly with it’s KDE version. Unfortunately, it is a hassle to update/reinstall every 6 months.
I don’t know your situation or threat model, and admittedly I’m not very tuned into French politics so I’m probably not the best one to make this judgement for you, but as a general rule I would encourage you not to do their work for them. Don’t give up your freedom to use the tools you want just because they put out a couple of news reports smearing GrapheneOS.
Unless those stories really blew up, chances are that most of the public has not yet even heard of GrapheneOS, much less think of it as a tool for criminals. Even if they do, it’s not as though it’s obvious that you’re using GrapheneOS in day to day use. It really just looks like the stock Pixel OS. I doubt you would really be drawing extra attention to yourself, as you put it.
The best way for these tools to be recognized as the useful tools they are is for normal people to use them and talk about them. If we let them scare us, then it really will be only criminals who use them.
Gnome is a desktop environment, it can be used on any Linux distro just like KDE and it is mostly just about how you interact with your apps/windows, nothing more just visuals.
Besides this, you don’t need to reinstall every 6 months because some distros are rolling releases. Others are also LTS versions: Fedora Linux | endoflife.date
But even if you do have some critical/big updates, it’s mostly a matter of waiting and rebooting your device. No need to start from scratch.
If you do want to do so, you can also port your configs into the new upgrade but it’s not a mandatory step like on Windows where you need to do that because they become EOL or because the OS is unstable/buggy out of nowhere.
I’ve used Arch for several years and I want something more reliable now. Arch and the derivatives also lack Secure Boot preconfigured and you need to install a MAC solution yourself which is a must for me. Other than that, Arch was almost perfect but it did eat a lot of my free time which I value more now.
Regarding flatpaks, I really think that they are the best solution at the moment and I hope they will fix the remaining issues soon so that everyone can use them (regardless that RedHat created them).
I also have no issues with Wayland which is a lot safer and feature-rich than Xorg.
Technically not true, as just look at the Kicad developer’s comments on Wayland. X.Org has a lot more features and is safe if properly coded. It’s kind of like the Rust zealots that hype its memory safety, but if you’re skilled coder, you can verify variables, data, and make sure pointers don’t go outside their range… It’s really instituting megacorp crutches so they can hire inexperienced coders fresh out of school on the cheap regardless of country (I parted ways with my megacorp job for this dysfunctional behavior).
I could also go in on Flatpak, but suffices to say that the tech press and many video “influencers” are co-opted, so you’re not getting the truth. And some even get caught up in the propaganda which says something about their opinions.
