Why there are no "[ROM][UNOFFICIAL]" builds of GrapheneOS?

Scott

Xtreix Since the Edward Snowden revelations, a new business has sprung up around the sale of privacy-enhancing smartphones. It's a scam, or worse in 99% of cases, because that's how this industry works.

Is this also SCAM?

https://e.foundation/
https://murena.com/

Xtreix

Scott Yes completely.

Here's some reading to get you started : https://privsec.dev/posts/android/android-tips/

GrapheneOS

Scott That's a scam. It's highly insecure and does tons of false marketing.

Scott

Xtreix Here's some reading to get you started : https://privsec.dev/posts/android/android-tips/

I am very much surprised by this statements:

F-Droid, despite being often recommended in the privacy community, has various security deficiencies. You can read more about them here.

I do not recommend that you use F-Droid at all unless you have no other choice to obtain certain apps. In some rare cases, there may be some apps which require the F-Droid version to work properly without Google Play Services. If you do end up using F-Droid, I highly recommend that you avoid the official F-Droid client (which is extremely outdated and targets API level 25) and use a more modern client with seamless updates such as NeoStore. You should also avoid using the official F-Droid repository as much as possible and stick to the F-Droid repositories hosted by the app developers instead.

F-Droid does the same like Debian ("package" Apps). I am long-time Debian fanboy.
This is now considered insecure?

[deleted]

Another interesting thing is that no rom uses Gmscompat apart from GrapheneOS, despite it being superior to MicroG and Gapps package.

matchboxbananasynergy

[deleted] There are some lesser known ones that do use it, but they don't all deploy it correctly, or fall behind in updating the compatibility layer.

We know that this is the case because they leave our link to report crashes as the same, so people using other projects report crashes (which occur because the compatibility layer is out of date) to us instead of the project they're using.

GmsCompat is also used in other products like AphyOS etc.

de0u

Scott When it comes to security, details matter. When specific concerns are raised about F-Droid, those concerns may or may not apply to unrelated projects.

Debian was one of the distributions targeted in the xz attack. The outcome for them was ok, but that was partly luck.

Overall, "Debian does X" does not necessarily mean it's right, and "F-Droid does something like what Debian does, at a high level of abstraction", does not mean F-Droid is right.

Scott

de0u As just one example, I believe I have read that installing Asahi Linux on modern Apple hardware requires a macOS partition to bless the Asahi partition as secure enough to boot (see "stub macOS" and related text on this Asahi wiki page).

you guys here in the forum are much more technical than me. I didn't understand anything from the linked GitHub wiki.

However, I plan to install AsahiLinux as soon as USB-C displays are supported.

Isn't that a good idea (security point of view)?

I like Linux much better than macOS.

de0u

Scott I didn't understand anything from the linked GitHub wiki.

I cited it as evidence that Apple has not documented their hardware enough for the Asahi folks to manage the machine without macOS being present.

Scott I plan to install AsahiLinux as soon as USB-C displays are supported.

Isn't that a good idea (security point of view)?

It's probably less secure on modern Mac hardware than macOS, but arguably more secure than Linux on a lot of random x86 hardware.

GrapheneOS

Scott It doesn't leverage the hardware-based security features that are available, and it's a typical desktop Linux distribution without a modern privacy/security model or features.

GrapheneOS

Scott Pine64 hardware has notoriously poor security, including the Pinephone. It's a huge step backwards.

« Previous Page