S
sycamore

  • Joined Jul 8, 2022
  • No worries, it's just my speculation... Not a fact... Molly for instance diverged from Signal enough to have a different fingerprint in their api calls to the server.

    Another possibility they may decide to refuse clients unless signed by signal... Please note this is NOT the case today and they never even hinted that they will ever do something like that... Still technically possible.

    Again none of that should be a reason not to use a fork. Other reasons like trusting another part are way more important... I bought it up just so people have full picture

  • Hi everyone,

    need to know how much german speaking members we have. I nearly finished the translation of the website and need people to double check and maintain it later. Also the strings for the apps.

    • BringForthTheHolyWater Hello there!

      How you set up user profiles on your device largely depending on your situation, the apps you use, your threat model, as well as your overall needs.

      It is important to keep in mind that even if you were only utilize one profile (Owner), all of your apps are still sandboxed and isolated from one another. For most people, user profiles is not something that's even needed or desirable.

      User profiles, however, do provide meaningful isolation beyond what the Android sandbox provides. It makes it so apps that could otherwise communicate via mutual consent (that is where both apps explicitly agree to talk to one another) can no longer do so.

      It also makes it so you can isolate your data, in case you need to use an app that requires some permission that you wouldn't like to grant it, such as files/storage access or access to your contacts, for example.

      You may also elect to install Sandboxed Google Play in one or some of your user profiles, instead of all of them.

      What I'm getting at is that user profiles are a very powerful feature that GrapheneOS keeps improving and expanding on, but it may or may not make sense for you to utilize it. How you separate your apps/usage between profiles (if at all) is something that you'll have to evaluate on your end, based on your individual needs.

      Edit: Regarding your question about calls and texts - You can make calls and texts from any user profile, as long as you've toggled that option on for that given profile. It's unlikely to matter which profile you make calls from, however I suppose that it would make the most sense to do it from the user profile that has your contacts stored (if not all of them do). It is important to note that user profiles that have calling and texting enabled also have access to your SMS and call history, so if that is a concern for a given profile, you shouldn't grant it that access.

    • over the years, it has been my own personal experience that it is easier to misplace (and occassionally lose) a phone than a sec key on a keyring. ymmv. though if supported by the service, leveraging the titanm as an extra key is certainly useful. i just would not count that as part of a two key model, but rather as a third key preferring to hold at least two sec keys in addition to the phone.