this post was submitted on 23 May 2024
261 points (92.2% liked)
Technology
59593 readers
2838 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
They should have also mentioned GrapheneOS
I just installed it yesterday and it was super easy. So far I'm liking it, and I now have two profiles: Owner (main, no Play services) and work (has Play services for work apps). I'm still moving all my crap over, so I guess we'll see over the next few weeks if I run into issues.
Enjoy your spyware-free degoogled experience! Feel free to dm me if you have any questions. I'd say I'm quite experienced with GrapheneOS, degoogling and Android in general.
Thanks, I might just do that!
I've only had it a day, and I haven't even swapped my SIM yet (waiting for my case to be delivered), so I'll give it a couple weeks to really get a feel for things. I'm going on a road trip soon, and may be going out of the country, so if I'm going to run into issues, it's going to be soon. I'm also going to try using the eSIM to trial Google Fi (international data FTW, free for 7 days), so it should be a rather complete experience.
Just be careful actually using that international data for too long cause I used it when I took a semester abroad and they shut off my data and account access literally on the day of my flight back home and kept billing me for months after when I didn't have access to my account to cancel billing for my (non-)service. They say the majority of your service should be spent in the US but they don't actually define anywhere what that means to them. They just tell you one day that you're shit out of luck and not eligible for service anymore (including domestically).
None of their support people were able to help by turning my service back on long enough to get back to the states or even just telling me how to get back into good standing. The only thing they were able to tell me is why it was shut off.
Anyways if you do need international data, airalo was really reasonably priced and easy to set up. Came in clutch. Fuck google up the ass for leaving me stranded like that.
Thanks, I'll check it out!
I'm with Tello, which has no international calls or data, and my wife is with Mint, which has a prepaid (really expensive) option for small amounts of credit. We're planning to go to Canada for a day or two, and I was planning on (ab)using the 7-day trial.
I plan to do other international trips, and getting Fi for a month or so each time was the plan. But if they suck, maybe I'll try something else for this trip.
Airalo looks decent ($6 for 1GB in Canada is reasonable). Thanks for the tip!
Google Fi is the one thing I have no experience with, as I'm not American. But all SIMs should work fine on Graphene, and eSIMs are supported through a compatibility layer, which enables Google's proprietary eSIM management tool (this is not the same as Sandboxed Google Play services, and you don't need Google Play for eSIMs). All the eSIMs and physical SIMs I tried work just fine. Google Fi seems to work, according to this thread on the Graphene Forum: https://discuss.grapheneos.org/d/7950-does-grapheneos-work-with-google-fi/6
Cool.
Since you're here, do you know if SIMs "just work" with different profiles? Can I restrict them to a specific profile? I'm guessing SIMs are a completely separate concept from profiles (which AFAIK just manages apps), but this is my first time with GrapheneOS.
As far as I can see, no. But what benefit would that really have? Network settings (including mobile networks) are global. The only thing that's profile-specific is your VPN setting. You can only disable a profile's ability to use the phone/SMS feature. Profiles generally manage apps, user data and some settings.
The benefit is that I could block apps installed to one profile from using my data (i.e. wifi only), while allow apps on the other to use it. I could install something like NetGuard, but I also use a VPN, and it's one or the other with that IIRC (at least on my old phone, I can only use one VPN at a time).
Ok that actually makes sense. I just realized that the fucking iPhone has this feature, but Android doesn't. GrapheneOS doesn't implement any custom features that aren't privacy/security related. And no, unfortunately you don't get a second VPN slot either.
Maybe I'll try to hack one in, how hard could it be? 😅
Pretty hard. If you don't have prior experience with the AOSP codebase, I'd say it's impossible. But if you want to get started, this is how to build GrapheneOS from source: https://grapheneos.org/build
I meant it more tongue-in-cheek :)
My threat model isn't such that I need it, it's just really annoying. GrapheneOS does allow blocking network per-app, which is a sufficient workaround. It's a bit tedious, but I can do the following:
I really wish there was a way to get VPNs and NetGuard playing nicely together. I want all traffic to be filtered by NetGuard, and then routed over the VPN. This is trivial on Linux, but apparently not so on Android, which is a shame.
There might be an easier way to accomplish this. The RethinkDNS app has a built-in Firewall and WireGuard VPN client. It also allows you to configure per-app Wifi and cellular data separately. The only caveat is that you would need to manually import the WireGuard profiles from your VPN provider.
Thanks, I'll check it out. :) That should do nicely.
You degoogled your phone and then want to route all of your mobile data through Google servers?
I want to route the data we use during our 1-2 day trip through Google servers, yes. It'll be on a fresh number, and then cancelled promptly after our trip, and it'll be a hotspot just for the trip so my wife can communicate w/ her friends. It'll also be used for any incidental calls we may need while there. I usually don't bother and just use wifi calling as needed, but I saw the free 7-day trial and was interested.
That said, someone else mentioned some inexpensive alternatives ranging from $3-6 (airelo, I also found these), so I'll probably just go that route instead. Most no-contract services I've found require buying international credit, so that would be $20+ just for the trip, and that seems a bit ridiculous. I'm willing to pay about $5 for data for the trip, I'm not willing to pay $20+.
This was my main concern about switching. I have to use MFA apps for work. So, it's possible to have different profiles, and I can back up my codes and retrieve on my new profile using GrapheneOS?
That's possible on most recent-ish Android phones, at least it was on my Moto G from 2020 running Android 11. To activate, you need to go to Settings > System > Multiple Users (may need to enable developer access first, not sure).
That allows you to have multiple logins on your phone, and you can switch between them.
What GrapheneOS adds is that you can have Google Play services sandboxed (no privileged access, it works like any other app) per profile. So my main profile has no Google Play services, and my "work" profile has Google Play services with only the handful of apps I need for work (MFA, work chat, etc). When you're in one profile, you have no access to anything from the other profile, though you have access to system stuff like wifi networks and SIM cards (e.g. you can make/receive calls from all profiles).
It's that sandboxing that I am most interested in. I rarely use apps from Google Play, but I do need them occasionally, so i separate them by concern. I'm probably going to end up with a "personal" profile for all of the Google Play apps that I need periodically.
This was just part 1 with probably the lowest hanging fruits :)
Still glad they mentioned this topic at all. I wouldn't have expected it from LTT.
I installed it one week ago after getting a new Pixel 8. Loving it so far.