• General
  • "Storage Scopes" when transferring files over the USB

I would like to limit what files (located on my GOS smartphone) can be shared with /accessed by my laptop, when I connect the smartphone to my laptop with a USB cable and click the "Use USB for File Transfer" option on GOS. In other words, I would like to set up kinda like "Storage Scopes", but for what gets to be shared with the laptop.

Could this be done? Thanks!

    The reasoning behind this question (see post above) is that Graphene OS is inherently a much more secure system, as compared to the laptop OS. And by connecting my phone to the laptop I essentially make all my GOS files accessible to the laptop OS and all its programmes (which due to a lack of proper sandboxing and virtualisation among other things on the laptop OS pose a confidentiality and integrity threat to the GOS phone contents and, perhaps generally to Graphene OS too?).

    I am learning, so please, feel free to dispel any wrong assuptions in my reasoning above. Thanks!

    PS. I know that I could limit the folders I would like to share with my laptop by using e.g. Syncthing or a secure cloud storage solution as means of sharing the files/folder I need onto the laptop. But I would like to understand the "USB-sharing" options first.

    I'm not sure how this works, I will be happy to hear any clarifications from anybody else.

    I'm just a user here learning too, let me tell you my setup currently. I don't trust my PC OS, at least not compared to GrapheneOS. Currently, I never connect my phone directly to my PC. Instead I transfer files via an external USB hard drive. I keep my files encrypted outside of GrapheneOS, i.e., when I store them in any cloud storage, on an external hard drive, or on my PC. Within GrapheneOS I rely on the filesystem-based disk encryption and the Storage Scopes feature.

    Am interested to hear what other people do.

      treequell Am interested to hear what other people do.

      I use Warpinator and you just share the file with Warpinator and select which device to send it to. Works over local lan and is very quick. On the receiving device it will land in a Warpinator folder. This isn't the best option for huge transfers but works well for smaller ones.

        confintav Would using a USB drive to move the files between the two devices be something that's viable for you? That way, you're the one choosing which files end up on the laptop, and which ones stay on your Pixel.

          matchboxbananasynergy treequell Thanks! Will go for transferring files via a USB for the time being. And will also give the Warpinator solution a look madduke , thanks! I understand Warpinator works by having both the Pixel and laptop be connected to the same wifi network.

          Would not it be cool though if GrapheneOS would have a way to limit what files get seen by the desktop OS? This would provide an easy out of the box solution for transfering files over the USB securely. Not that using an external USB is too difficult, but this 'limit' feature would be in line with the Storage Scopes philosophy, would increase the smartphone's independence by removing the need for a work-around via external storage. I wonder if it is worthy to make this a feature request? What do you think?

          For those who are like me just setting up the transfer of files over the external USB drive.

          As treequell mentioned above, it would be good/necessary to encrypt the external USB drive. Currently, mine is ext4 LUKS formatted/encrypted. Tried connecting this to my Pixel, but Pixel could not see the USB drive and open it up like my Linux desktop OS does. I will look for solutions and post these here for reference. My preliminary guess is that I would need to have some software on both Pixel and the laptop OS, which are able to open the encrypted USB drive. Will start by playing around with software described in this post https://discuss.grapheneos.org/d/2828-encryption-options-for-usb-storage.