this post was submitted on 16 Jul 2024
89 points (97.8% liked)
Privacy
31866 readers
247 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Saw this question posted elsewhere, so I'm paraphrasing somebody else, but the privacy benefits of Graphene OS are ESPECIALLY impactful if you're using invasive apps. The whole point of setting up all of the extra sandboxing, storage limits, network restrictions, yadda yadda yadda, is specifically for people who might need or want to still leverage some apps from bigger, less trusted providers.
I'll flip the question, if you're only using trusted, vetted, open source applications, do you even need GrapheneOS? Why not LineageOS, which also comes free of gapps?
And this also fully neglects the inherent distinction between privacy and security. Maybe you trust google knowing you called your mom last night, but you don't want your oppressive conservative government accessing your phone to view your Signal messages to your Grinder date. There's more to privacy than just the number of times your phone pings Google Telemetry servers.
Honestly, this resonated with me very well. This excerpt alone motivates me to keep using and committing to GOS because it just makes sense. Now, I don't know the technical aspects of these kinds of things, but I imagine using Facebook Messenger on GOS is preferable to using it on a regular iPhone. Perhaps. Meh, whatever, I like the feel of GOS and its community, so I suppose it doesn't matter that much.
Great comment! You've earned yourself a piece of cheese 🧀.
I'm mostly on board with this, but even with using only trusted, vetted... apps (which is already a huge challenge for some) I wouldn't go for sure that none of those are going rouge (as we saw before: some adv company buying a decent SW and making it a bloatware).
Getting back to my first point: I just had a situation where I had to install Viber for example, and I can't stress enough how grateful I was for the Storage and Contact scopes features.
Plus Lineage OS nicer (personal opinion)
It also removes much less google proprietary code blobs when compared to DivestOS or GrapheneOS. See a basic comparison table here: https://eylenburg.github.io/android_comparison.htm
I find that website kind of useless for me. Lineage OS does have drawbacks (like any OS) but it is pretty much a clean slate that you can tweak and customize. It has the latest updates and the best stock apps I've seen. You can setup private DNS for encrypted DNS and change settings as needed.
I don't use any proprietary apps nor do I use Android auto. (modern cars are surveillance tools made of cheap unrepairable plastic) I see a lot of people complain that they need some banking app or streaming service but for me all of those have been replaced or were never needed. Lineage OS may not work for everyone but assuming everyone needs Graphene OS and a Pixel is kind of unfair. I don't like pixels and my current device works fine and will continue to work until it dies.
My point was that regardless of what apps you use, much of googles proprietary code is retained which increases attack surface and could be spyware. The website was just a neat overview comparison between ROMs. DivestOS has details on what it removes (and prob why it removes it). I am not saying that lineage is a bad ROM, just that there is more degoogling possible. DivestOS is a soft-fork of lineage that goes much further than it in an effort to deblob and harden Android. Security often can come at the cost of some usability.
Edit:
An example of a real disadvantage of lineage regardless of what apps you use is what webview it uses. Its webview is (likely) unhardened for Security and therefore poses some risk to the user if used in an attack. Webview provider cannot be changed without root.
Lineage OS doesn't ship with Google proprietary code. There are ways to install GSF but that would turn it into Google Android.
It certainly doesn't encourage as much proprietary software as Graphene os
I may have been incorrect, but I was pretty sure the deblobbing is why DivestOS doesn't support some of Android's features (along side the greater reason of security/privacy). Lineage, like any ROM, depends on binary blobs. DivestOS (and GOS) more thoroughly deblob than Lineage, which I think is a quite important metric when considering a ROM.
Blobs removed by DivestOS: https://codeberg.org/divested-mobile/divestos-build/src/branch/master/Scripts/Common/Deblob.sh