next question:
Nekogram X has 4 different APK's that come up in Obtanium... Which is reccomended?
Full
Full No GCM
Mini
Mini No GCM
I don't know what GCM is, nor what they mean by mini, and uh... I feel like i'm rapidly getting lost in the weeds trying to figure this out @_@
GlytchMeister
Full / mini: https://github.com/NekoX-Dev/NekoX#what-is-the-difference-between-the-full-and-mini-version
GCM (Google cloud messaging): https://github.com/NekoX-Dev/NekoX#what-is-the-nogcm-version
Probably not recommended to use NekoX though, as it doesn't appear to have been changed in a year.
ok this one has 3 apks, one is debug, im not toughing that with a ten foot pole, i'm entirely too dumb for that
next is nouserlib...? Is that a more privacy- or security-focused one? Like is this one not gathering info for autocomplete? I never use autocomplete anyway so... or is it more along the lines of reduced attack surface?
and then there's Release. I'm assuming this is the default.
GlytchMeister nouserlib
TLDR: If you aren't using glide typing, you can use the nouserlib version.
https://github.com/Helium314/HeliBoard?tab=readme-ov-file#faq--common-issues
What is the nouserlib version?: The normal version (release) allows the user to provide a library for glide typing, while the nouserlib version does not. Running code that isn't supplied with the app is dynamic code loading, which is a security risk. Android Studio warns about this:
Dynamically loading code from locations other than the application's library directory or the Android platform's built-in library directories is dangerous, as there is an increased risk that the code could have been tampered with. Applications should use loadLibrary when possible, which provides increased assurance that libraries are loaded from one of these safer locations. Application developers should use the features of their development environment to place application native libraries into the lib directory of their compiled APKs.
The app checks the SHA256 checksum of the library and warns the user if it doesn't match with known library versions. A mismatch indicates the library was modified, but may also occur if the user intentionally provides a different library than expected (e.g. a self-built variant). Note that if the the app is installed as a system app, both versions have access to the system glide typing library (if it is installed).
...okay.... so nouserlib means users cannot provide their own library, which means they cannot do dynamic code loading with this, which means it's more secure, right? Sorry, all of this is just... really stretching my ability to understand stuff to my absolute limit, so I'm gonna be asking a lot of dumb questions that might seem obvious to even the most mildly, barely-experienced users. I was trapped in iOS purgatory for... something like 15 years at this point, and before that, i was on flip phones lol
GlytchMeister nouserlib means users cannot provide their own library, which means they cannot do dynamic code loading with this, which means it's more secure, right?
Correct. As I said before, if you don't want / need glide typing, you can use nouserlib.
Re: NekoX:
"What is the difference between the Full and Mini version?
The full version comes with built-in proxy support for v2ray, shadowsocks, shadowsocksr, and trojan, which is usually provided to advanced users to help friends who have no computer knowledge in mainland China to bypass censorship. Don't complain about imperfect functions or ask to add other rare proxy types, you can use their clients directly.
What if I don't need a proxy?
Then it is recommended to use the Mini version.
What is the noGcm version?
Google Cloud Messaging, also known as gcm / fcm, message push service by google used by original Telegram android app, it requires your device to have Google Service Framework (non-free) installed."
Okay, so I don't have friends in china, let alone ones with little to no computer knowledge, so I don't need the full version, and since I'm hoping to avoid google, I don't think I need GCM... Especially since I'm not really using Telegram for time-sensitive stuff, so i don't think I even really need to worry about notifs in the first place, really.
Have I got that right?
GlytchMeister
Yes, sounds like the Mini No GCM version would be fine for you then.
ok, so to get telegram, I need a phone number, and to get a phone number, I need silent link, and to get silent link, i need a crypto wallet.
I know... pretty much nothing about crypto anything... except that it makes lots of CO2? Maybe?
Anyone have a respectable wallet that doesn't require me to be Thomas A. Anderson to know what I'm doing?
GlytchMeister cake wallet
Is great for a little starting dabble in crypto
OK cool
Anyone know how to get bitwarden working with autofill and heliboard?
...okay that's weird, it worked when I signed into github, but not when I signed in here...
Well, anyway, I also need a 2FA... I was using https://github.com/mattrubin/Authenticator, but... This has apparently not been updated in forever.
GlytchMeister
https://github.com/beemdevelopment/Aegis
Edit: You can also use Bitwarden or Ente if you want cloud sync. Although I don't particularly recommend using Bitwarden's 2FA app if you also use the password manager, unless you have a separate account for each.
Yeah I prefer to keep my 2fa offline, like my old app and Aegis do.
This might seem frivolous but is there a recommended way to replicate the Motorola shake flashlight thing? Everywhere I've looked so far, people either complain the options are either not FOSS, drain battery, or just kinda don't work all that well.
Looking around, shake for flashlight looks like a "no"... Either they drain battery, require root, or just kinda don't work well.
I ran across something really weird when setting up my silent.link: dialing *187# caused the GOS launcher to crash. I got logs about it and everything, should I make a new post about this?
GlytchMeister I ran across something really weird when setting up my silent.link: dialing *187# caused the GOS launcher to crash. I got logs about it and everything, should I make a new post about this?
You can but my guess is that it's probably an issue with the app that GrapheneOS can't fix.
Okay I've got silent.link, next is jmp.chat and cheogram
Conversations.im is free if obtained from codeberg via obtainium, right? I see its paid on the play store but on fdroid all they have is a donation link, so I'm a little confused, but that's the server I've heard of so far that is reliable, so...
OK lemme see if I can find those logs again, it happened on my empty owner profile, just a sec
New question:
Cheogram has their own special github lookalike thing and I can't get Obtanium to find a "suitable release." I have heard lots of bad things about F-droid, and a lot of those problems extend to 3rd party f-droid clients, and I would really rather not download the google play store, sandboxed or not. Accrescent is in early alpha, and GOS's Apps repository only has GOS's apps and a few google apps to help set up sandboxed google stuff...
Can anyone help me figure out Cheogram’s git and make it work with obtanium? Or maybe help me verify that Cheogram isn't set up for an ancient SDK and use Obtanium to pick the right apk from f-droid?
Also, proton's github says I need either the android studio bundle or the standalone android tools... But those look like they're for emulating android on a desktop... Right? As in in don't actually need them?
