• Development

  • Using GrapheneOS as a base for a consumer product

Fascinating thread. As I read the latest posts and now respond via this lovely Keychron keyboard connected to my tablet, a thought comes to mind: you speak of reporting on events in a repressive location. Simple texting via Signal is fine for a sentence or two, but are you actually seeking to support reporters? If so I might offer an alternative path to consider, as it doesn't seem this is about profit but rather supporting the free flow of journalism globally.

Typing on this keyboard is much faster & less likely to destroy my thumbs than using a phone. If detailed & accurate reports are to be prepared, even a folding keyboard would be beneficial, and can be used with a $30 tablet with NO sim card. But how to transmit securely? I would personally suggest a digital handheld radio, with an encryption performed using PGP on the tablet, and sent with a digital radio protocol. Here in the US it is ILLEGAL to send encrypted info on the amateur radio bands, but if one is sending data in a place where repression & torture are consequences of reporting, legality is not on the table. A report could be written at leisure of the author, encrypted, and then sent from a time & place where a brief burst of RF emmanates. Transmission concluded, the radio is shut down. The window of opportunity to locate & triangulate the signal is brief.

This scenario may not be useful BUT were I seeking to support journalists, this is how I would go about it. There is a little bit more of a learning curve, but in the present age I suspect this would be far less likely to be detected than monitoring cell signals. Given that a given Signal acct does have an identifier (a SIM, even if changed) and that anonymous SIM can be connected to a time/location of transmission. RF has no identifier, just the radio waves moving through the ether.

    DrJack60
    I find it disturbing that you refer to the amateur bands for this activity.

    There is a lot of spectrum out there, and I’m sure there are better places therein.

        Blastoidea Absolutely, if one is in such a setting then using 'unauthorized frequency' is the least of one's worries. I meant this in a more general sense, to convey the idea that using non-cell RF might be a better solution. Out of band radio mods are trivial, and other countries actually have more open spectrum than we have in the US anyway.

          Thanks for a creative idea but switching our entire stack and plan is not feasable

          I still have a question about profiles. If I set up multiple user profiles: can I require a password when the user wants to switch between profiles?

          Also. Can I put a profile at rest so that the data is removed from memory and encrypted?

            • [deleted]

            • Post #70

            pixpot I only ever use one profile but from what I heard on here each profile is encrypted with the password you set for it. And each user profiles data is put at rest when you end its session.

            • N1b likes this.

              pixpot yes you can and should protect individual profiles by passwords or pins. When you delete a profile, you'll get a warning and all the data will be inevitably lost since the decryption key is wiped (if I understand it correctly the data is technically still there until overwritten, but nobody will be able to read it).

              Be aware that after reboots and updates you'll always have to unlock the owner profile before accessing any user profile. So you can't just set up a user profile for your clients and not give them access to the owner profile.

              Edit: Typos

                  N1b aware

                  N1b Be aware that after reboots and updates you'll always have to unlock the owner profile before accessing any user profile. So you can't just set up a user profile for your clients and not give them access to the owner profile.

                  And this is by design?

                  Allowing a user to only acces the user profile would allow us full control of the users abilities to "make a mistake". Is locking down the owner profile something that could be implemented/is being discussed or is it to integral to AOSP to be changed, or are there any other technical reasons this is not doable?

                        It's on my wishlist that owner is treated as sudo, and the other users are treated as regular linux users. Then on the other hand there is the question of who manages sudo, and if done by remote = oh no. Solutions could be explored with enough donations.

                        pixpot It's how AOSP works. It could potentially work differently, but currently doesn't. It might change upstream, but who knows.

                            pixpot Theoretically? Everything is possible. In reality, however, it would likely be a gigantic change to make; not for the faint of heart.

                            The reason why you have to unlock Owner before using other profile after a reboot is being Owner houses config options and settings that other profiles use. You can't keep Owner at rest while using other profiles, so you have to do the first unlock after a reboot to get it out of the "Before First Unlock" state.

                            Changing that would be fundamentally changing how user profiles work at their core and would be a gigantic change to port to other Android versions in the future. Like I said, theoretically possible, practically impossible.

                              Is there a documented list of what apps (and maybe services) that are prebundled with GOS and their perspective functionality?

                                pixpot have you read the grapheneos website and or used grapheneos first hand ?

                                    Skyway Yes. Im looking for a more technical description than just using the os.

                                    For example, when we build the OS, are the prebundled apps contained in a single folder?