Also: control over network access, updates, community, and the strong belief I am not fed false promises and getting brainwashed by marketing
I value privacy (very high) over security (high), so here's mine:
Sandboxed Google Play Services (I use them in my work profile for certain apps via Shelter)
Daniel Micay's and the GOS team's expertise. They really make a difference.
The feeling that I am the absolute master of my device
All privacy and security aside for being obvious, I reinstalled Google/Stock in a moment of weakness and realized how much crap there was on there! There's just so much...Google. And everything comes with an algorithm/feed - something they can hook you in with. It's kind of obvious, but it's so overbearing once you've experienced the lack of it. That and every Google app is logged in all the time to your account, it's truly a suffocating experience. I came to my senses and moved back to GOS. The user experience of stock Pixel is not a good one for me.
So in a nutshell:
operation-casserole
You know, unfortunately using gos/pixel and moving to a "privacy" phone has a very tall learning curve. It was quite unpleasant even for a technical person like me.
I'll just say its really important to have a "fully functional base" to start from so that the phone becomes usable. This means having a full set of working "primary" apps that don't pain you.
This means apps for:
Sometime the look and feel of the OS is also critically important for the person so add "launcher" to the above list.
Once you have the above out of the way, the rest become much easier to deal with and you can take your time to deal with them since your base phone is working and not bothersome.
Replace any app that gets on your nerve. Don't neglect this.
As to your pain, you know, you just have to be clear about why you do this and what you are freeing yourself from. You have to be clear about the value of that for yourself. That the extreme surveillance built into regular phones is just not the future you want in your life and that the alternative has some pain and you are willing to endure that pain and cost. The cost gets lesser over time.
The reason this has dragged for you is cause you never committed. Though i'll say it took me a whole month of 8 hours a day to learn everything i needed, and that was really gruesome. Back then i thought "there is no way the average person could stomach this". So i totally get where you are coming from as well. I was there too.
But now i kind of don't even notice the phone anymore. Which is where you wanna be.
operation-casserole
Imagine:
That's why you got this phone.
That's why "I" got this phone, and i will endure some pain, but its part of being a responsible human being and saying no to a horrific future for my and other's children.
All the mitigations so I can use GPS as privacy friendly as possible:
Rerouting location requests to the OS.
GrapheneOS server or proxy for connectivity checks, SUPL and PSDS.
The ability to decide which permission I want to give to which app. Including GPS.
User2288 Moving to GrapheneOS does not require moving to a whole different set of apps. People can do that gradually over time. They can start out using the same apps as before. You chose to do this all at once. It wouldn't have been painful if you didn't unnecessarily tie those things together. You could have started moving to different apps on the stock Pixel OS, moved to GrapheneOS, then continued moving to different apps. It's not at all true that GrapheneOS is difficult to use or a huge shock unless you choose to make it hard by tying more things to it.
PIN Scrambling - One of the best features on GrapheneOS.
Auto Reboot - This feature, BFUing the device by selected time is just wonderful.
Network Permission - Big Techs will never include such feature in their proprietary operating systems.
The name itself, GrapheneOS.
I wonder how difficult it is to attack stock Android on a pixel, I doubt it's within everyone's reach. I watched an interview with the founder of VLC who talked about security and said that Chrome is extremely secure, so since many applications use Chrome an attack becomes virtually impossible. For privacy, there's an application called Android System Intelligence, which lets you retrieve personal information locally and process it without having access to the network. So Android stock is already very secure and privacy-friendly. Personally, the only (not pejorative) advantage I find in grapheneos is that it's a very streamlined operating system on which you can install whatever you want.
Itw of VLC : https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5hY2FzdC5jb20vcHVibGljL3Nob3dzLzQzMTYwYWRjLWZhZGQtNDc2NC1iOTNmLWFhMWNhOTNmMjJiZg/episode/NjU2MGQ0ODZhMGVjNzEwMDEyNzNhODk2?ep=14
[deleted] Personally, the only (not pejorative) advantage I find in grapheneos is that it's a very streamlined operating system on which you can install whatever you want.
True, it's streamlined. But the real super power is the privilege to uninstall any piece of software you don't want on your system, too. That is a big advantage over stock android (among others) where you're stuck with google stuff (which is, for the most part, not only privileged, but also cannot be uninstalled).
Phead The fact that it is privileged also has its advantages: automatic updates, a really effective advanced protection program (no sideloader), the obligation to use the play store, which is apparently the most secure solution... So I'd say we'll have to see.
-What is the danger of having a privileged application?
-Have any users ever been put at risk because of this?
-What's the danger of this privileged application having access to hardware identifiers?
That's a real question, and I'd like to know what the dangers are. To have a threat model you have to know the risks and I don't really see them. From what I've seen since yesterday, it's more like people tinkering with who knows what to get this or that application working again 🤣
1] Privacy
2] Security
3] Privacy & Security
I don't get the reason for PIN scrambling. If the numbers are scrambled, it means I have to type the PIN slowly. I would much rather rely on a quickly typed PIN that has a standard interface than a slowly typed PIN with a jumbled interface. If someone is shoulder surfing you, they will absolutely not be able to see what I type, as long as there are at least 4 unique numbers. My PIN is over a dozen digits, which I switched to after using a password of slightly more characters, because of the difficulty in someone being able to acquire the password from shoulder surfing. The password was just too error prone and I couldn't type it very fast.
I can type my PIN in less than half a second, way too fast for someone to see it. Even if the PIN is long, if it's jumbled, it just takes above average vision and memory for an attacker.
gk7ncklxlts99w1 I don't agree. Two banking apps that I have and one work phone have it mandatory to use scrambled PIN input. With a good reason. The only way someone can figure out your PIN is if the record you...but the same applies for your super fast PIN input which can be easily guessed just observing where you place your fingers.
gk7ncklxlts99w1 you can type over 12 digits in less than half a second?
I tend to agree that PIN scrambling is overkill for the majority of standard threat models, it's a good feature and it's good that it's available, but the majority of users probably don't need to add this complexity every time they want to use their PIN.
Also, if you trust SE, a random 6-digit PIN code is correct, Google Pixel generations 6 to 8 use the Titan M 2 which is a really robust security chip.
I personally find the PIN scrambling feature helpful for users whose threat model includes being spied on through shoulder surfing or surveillance cameras.
If you are often forced to enter your password in public places or near people (metro, etc.) - e.g. due to the fingerprint bug - a long PIN + scrambling could in some cases be a better option than a password.
