Privacy

31182 readers

573 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

Chat rooms

[Matrix/Element]Dead
Discord

much thanks to @gary_host_laptop for the logo design :)

founded 4 years ago

MODERATORS

278

Switched to GrapheneOS today (grapheneos.org)

submitted 3 weeks ago by PullPantsUnsworn@lemmy.ml to c/privacy@lemmy.ml

105 comments fedilink hide all child comments

After using LineageOS for long time, I have finally moved to GrapheneOS. I use a lot of banking and financial apps which I never felt comfortable using on LineageOS due to lack of proper sandboxing, unlocked bootloader etc.

GrapheneOS works flawlessly just like Android. You don't even notice there's hardening underneath. Also it protects from Google's evil location tracking using WiFi/Bluetooth or even when the Location is turned off. I don't understand how people in general are comfortable with Google tracking all the time. You can use Google Play and Play Services in a sandbox that works just like regular installation, but without deep tracking.

If you haven't tried GrapheneOS, try it. You won't go back to regular Android.

you are viewing a single comment's thread
view the rest of the comments

[–] cmhe@lemmy.world 27 points 3 weeks ago* (last edited 3 weeks ago) (15 children)

I would like to switch, but there are a couple of points that are still holding me back right now:

Charge limits, on LOS I can root the phone, install ACC and still use the OTA updates, if I apply the patch afterwards. (Will be resolved in A15)
Option for sandboxed MicroG, IMO privacy is also very important for security, and people should be able to decide if they like more privacy or more security.
Option for rooting sandboxed apps from outside. IMO I, and a person, like to have full control over my phone. Trust often comes with control. If I choose to trust one app to have root access to another app in order to inspect it, then this should be possible. Sandboxing could allow one app to have root access to individually chosen other apps, thus limiting the impact compared to system-wide root access. Maybe offer rooting gated behind a separate hardware token authentication. (sudo like) A lot there can be improved IMO, while still providing it and making it more secure in general.

I know that my understanding of security and privacy might be different from what GrapheneOS understands, but as a long time Linux Admin, I don't like black boxes, I like to peek into them, modify or patch them, when they do something I don't want them to do, etc. So that when I enter personal information into them, I am still in control what happens to them, at least that is my desire.

Taking control away from the user in order to "improve security" might be a valid approach to some, but it is not something I have much trust in.

[–] possiblylinux127@lemmy.zip 1 points 3 weeks ago (2 children)

What's ACC? Anyway I would strongly discourage using root under Android as it breaks the security model. You should find ways around using root and if you can't you probably shouldn't be doing on your phone anyway. Root is very dangerous as it can survive a factory reset.

As for MicroG, it is sandboxed but it does require device admin for full functionality. It isn't running as root but it requires a lot of device permissions. You can turn off the permissions you don't need but that could break things.

[–] cmhe@lemmy.world 7 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

What’s ACC?

ACC - Advanced Charging Controller, which allows to set charge limits, thus extending the battery life, which should have been part of Android from the beginning,

Anyway I would strongly discourage using root under Android as it breaks the security model.

Security isn't a binary, security works like an onion, you have multiple layers of security and multiple decisions to make on every level. Currently you might be right, that having root access to a device might compromise it in some ways, but that isn't necessarily so and depends on how it is done.

You should find ways around using root and if you can’t you probably shouldn’t be doing on your phone anyway.

This kind of thinking is the 'I know better than you' mentality, that I sometimes see around people advertising GrapheneOS. Having 'root' permissions to the device is owing it, I want to decide what to do with it, not the vendor of the ROM, or who ever else. They aren't me, they don't know what I want to do with it.

The goal of security models is allowing me, the owner, to do what ever I want with my device, while preventing others, non-owners, un-trusted applications or the internet from doing what they want with my device. If the security model doesn't allow me, the owner, to do what I want, then it failed its job at least partially.

Root is very dangerous as it can survive a factory reset.

Why is that dangerous? The first thing I do, when I get a new phone is boot into the boot loader, and overwrite the whole partition, then the system is trusted again, at least if I trust the vendor of the boot loader. When I want to do a factory reset, I do the same, overwrite the flash with a fresh OS image.

IMO, there are other reasons why the current implementation of root are dangerous: They currently considered binary and I think they could be implemented more gradually. Like one application having root over individual other applications, e.g. accessing their files. Allowing/Disallowing individual privileged system calls, or access to specific system files, etc. All of this could be hidden behind a switch in the developers menu. Maybe only allow applications to gain root access when using a registered hardware token, etc.

As for MicroG, it is sandboxed but it does require device admin for full functionality. It isn’t running as root but it requires a lot of device permissions. You can turn off the permissions you don’t need but that could break things.

In order for MicroG to work full, you need to fake the signature, which requires a patch to the system, or root privileges.

[–] possiblylinux127@lemmy.zip 2 points 3 weeks ago

You can make changes to the OS when it isn't booted. You can even compile your own image. The problem is having root in the application layer. You are exposing yourself to unnecessary risk. Ideally you should flash a overlay in the Lineage OS recovery or TWRP. You can do this for a few other things such as the F-droid privileged extension.

load more comments (12 replies)