• Off Topic

  • Germen Pentester Kuketz: GrapheneOS Review

Kuketz isn't really a pentester. He is now a lil bit better than he used to be in the beginning regarding his blog. In the beginning he wrote a lot of Bs. I would not recommend taking any information from him.

    FlyingRacoon The icing on the cake would be if the obligation to use a Google device was lifted and GrapheneOS stuck to its plans to launch its own devices on the market.

    He doesn't understand the concept of "economies of scale" in tech.
    There is no way for a small company to offer a device with the same specs, price, and 7 years of software
    updates like the new Pixels. Add to it the supply chain and various legal requirements and you will end up
    with a gimmicky junk like "Fairphone" which doesn't add any meaningful value to anyone.

        23Sha-ger To be fair, he is just writing that off the back of an actual post GOS made about a potential phone/partnership in the works. That may or may not come to pass, but it's not something he invented, and so a little unfair to lay that at his door.

          sonicbackdrop

          The "8 years" is a fake promise by them. They are not able to deliver platform patches
          and security updates without the actual hardware vendor.

          https://discuss.grapheneos.org/d/2084-fairphone-4-support/4
          https://www.reddit.com/r/GrapheneOS/comments/10b5x4n/has_anyone_managed_to_install_grapheneos_on_a/j67pbny

          Daniel explained in that reddit post why such concept phones are garbage, full of empty promises.

              Nuttso To be fair, his review is nearly 100% a privacy check.
              He doesn't really test GOS' security, he's just valuing the security of different OS in reference to the release time of official security updates.
              "German pentester" in my opinion is a wrong chosen title for Mike Kuketz, as he doesn't provide pentest results.

                He is a serious and long-standing certified data protection officer.
                So I think the correct term is privacy activist.

                23Sha-ger
                I thought they could deliver firmware updates to the Fairphone 5 for a long time, because of them using an IoT component for SoC?

                  Regardless of his job title or qualifications - in my opinion, the blog posts offer a good starting point for people who are considering installing a custom ROM.

                    16 days later

                    Murcielago agree. Also he writes in very low barrier language and links everything.

                    The tests where privacy only, but really good.

                      bayesian
                      ROM means Read-Only Memory and is used in Android as such.
                      The ROM is the part of your system that is: able to run on its own, write protected and thus not changeable.
                      Many/All manufacturers implement a way to bypass Linux' restrictions/file system permissions to be able to update their ROM ie. write to /system.
                      The normal user is not able to write to that /system partition, which is independent form the /data partition, where all your apps and data is stored (/data is not needed to run Android).
                      The only thing those two partitions share is (not always) the same hardware/memory chip.

                      The contents stored on /system contain all software needed to run Android on that specific device including: drivers, configurations, scripts, applications, frameworks etc.
                      They are read-only for the user and only writable after remounting as a system user or superuser/root.
                      Therefore ROM can be considered a valid and correct term for the Android system's /system partition/ROM partition.

                      In other words, both OS & ROM are technically correct and this repeated meme needs to die. NOBODY in the history of referring to Android has ever used ROM to refer to Read Only Memory. However, the GrapheneOS image does in fact contain sections of ROM otherwise anybody could install or delete anything they felt like as if it was Windows 95 allowing users to delete System32 files

                          6 months later

                          I would like to thank Kuketz for the persistent GrapheneOS advertising. Now I am also a happy user.
                          I am amazed at the depth of technical knowledge here in the forum. I have never experienced this anywhere else.

                          Thanks Kuketz for the GrapheneOS recommendation

                          N3rdTek The contents stored on /system contain all software needed to run Android on that specific device including: drivers, configurations, scripts, applications, frameworks etc.
                          They are read-only for the user and only writable after remounting as a system user or superuser/root.
                          Therefore ROM can be considered a valid and correct term for the Android system's /system partition/ROM partition.

                          Then macOS is a ROM, Windows 11 is a ROM, Debian is a ROM, Arch Linux is a ROM, Raspberry PI OS is a ROM? Last week I upgraded my Ubuntu ROM?

                          What about operating systems that run on phones, and can execute some Android binaries, but are not actually Android variants, such as Sailfish OS? Should that be called a "ROM" because it can execute some Android binaries, or because it runs on phones, or for some other reason?

                          N3rdTek In other words, both OS & ROM are technically correct and this repeated meme needs to die.

                          I doubt that either the "ROM community" or the GrapheneOS community will crush the other in a linguistic sense.

                          Somehow the Android modder community decided to call their OS images "ROMs". Ok, but both before and after they started doing that lots and lots and lots of people weren't doing that and still don't do that. I don't think humanity would move forward if everybody agreed to replace all uses of "OS" and "system image" and "system partition" with ROM.

                          Probably the Android modder community will keep on referring to operating systems, and system images for those operating systems, as ROMs. And probably the GrapheneOS developers will keep objecting to GrapheneOS and GrapheneOS system images being referred to with that term. Whether or not it is "technically correct" to refer to macOS as a ROM, Mac users don't generally do that. Likewise, whether or not it is "technically correct" to refer to GrapheneOS as a ROM, GrapheneOS users don't generally do that. And, as background, the practice of the Android modder community is not the standard or normative practice when most users of most operating systems refer to those operating systems.

                              When I was looking for an alternate ROM (as some say) to install, I looked at several. The first one was LineageOS, it really didn't convince me at all. I then came across CalyxOS, and it seemed promising but it didn't quite feel right to me, so I kept looking, and that is when I came across GrapheneOS. The pages were interesting enough to keep my attention, and well, I kept reading, and decided that GoS was for me. It was exactly what I was looking for in terms of a hardened OS. I had a Pixel 5 for about a year and then some thieves stole it from me while I was eating at a restaurant outdoors. I finally bought a Pixel 8 now, and of course I installed GoS on it immediately.