this post was submitted on 21 May 2021
22 points (100.0% liked)
Privacy
33192 readers
244 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I can agree on Fairphone, but all other vendors... Are you joking?
No, and I would not trust GrapheneOS solely because its dev somehow only trusts Google. Ask him why (I did) and https://teddit.net/r/privacytoolsIO/comments/gs4uv7/i_dont_fully_trust_grapheneos/fs82fdv/
Also, if technical support for a custom firmware does not exist post installation, it ID abandonware. GrapheneOS for most people is usually abandonware, considering the kind of nut Daniel Micay is.
The Graphene group account actually gave some good replies to that thread - you just don't have a clue what you are talking about. The dev doesn't solely trust Google just because - as they've stated many times - there just aren't good alternative phones with decent security baselines.
I'm not even sure what you mean by "technical support for custom firmware" - Graphene pushes firmware updates with their OTAs.
Well, one of my friends owns a Fairphone, and they told me that the worst thing about it is that Android updates take a age to be released: https://forum.fairphone.com/t/android-11-has-arrived-when-will-we-see-it-on-our-3s-and-3-s/64273/6
Whereas I had Android 11 on my graphene phone a few weeks after it was released by Google.
IMHO, until the actual version is supported and security updates are on par, there is absolutely no reasons to rush a major update (or even release it, actually). I will be more than happy to stay on a stable version for a longer time and having a phone actually supported for more than a blink, instead of a phone who bring one major update and kill support after 2 weeks.
Almost every single phone recommendation or custom ROM thread on just about all privacy communities on the internet is derailed like this by GrapheneOS users and sockpuppets. They have a very clear, defined way of spreading propaganda from their Matrix, IRC and Telegram groups. And they are slowly, gradually going private so it becomes hard for people to notice the stuff they do.
spoiler
It does not deal with it. There is only memory hardening, majorly. And while I can agree that GrapheneOS is secure and even private as a ROM, its controversial single device lineup support as well as the toxic and unhelpful community behind it is quite bad for most users who obviously do not know the issues and quirks with the no microG or GSF apps working, and the lack of OPSEC and misleading 101 teachings in their community for new users.
CalyxOS is way better for a "security" ROM, although I still stand with best security practices coming from firewalling, app permissions that can also inhibit the intent issues with apps, and basic strong user security practices applied in daily life. So LineageOS will work just as well.
There exists no evidence that somehow LineageOS or CalyxOS or Resurrection Remix users get hacked more than GrapheneOS users.
The other ROM is Copperhead. Honestly, avoiding it is better since Daniel Micay destroyed the verification keys for the ROM before he left Copperhead company.
spoiler for GrapheneOS lovers
Copperhead CEO Donaldson once contacted me to "team up" against Micay, an offer which I stalled and ghosted him because I do not like to do such nasty things, even though Micay has called me a concern troll like the idiot he is.Technical support also means if somebody asks questions on their subreddit, Matrix rooms or Telegram groups, they do not get bashed or banned for "targeted harassment" and "concern trolling". https://invidious.snopyta.org/watch?v=Dx7CZ-2Bajg
You are the one trolling people with GrapheneOS security theater here.
Funny how you instantly recognised the "group account", when it is run by Micay himself. It has been very evident between u/DanielMicay, u/GrapheneOS, u/madaidan and all such accounts how they operate.
I think it's reasonable to presume that the founder of GrapheneOS would own the official GrapheneOS account on reddit. You're the one that literally linked us to the discussion, so I'm not sure what point you're trying to make with this.
Are you Daniel Micay or his friend? Are you on GrapheneOS team?
Nope, just a Graphene user, and in case it wasn't clear to you; I meant "linked us" as in you put a hyperlink into this Lemmy thread to give to us.
That is fine, I guess. I am often skeptical of that community considering the things that have been attempted at me and many people.
What should I use?
Pick a Fairphone, Xiaomi or Moto (check popular models on XDA for latter two). You can manage permissions, firewall apps off internet and install suspicious apps less, and you will have plenty security.
If you want to increase your security further, make use of the Private Lock app on F-Droid, which instantly locks your phone based on accelerometer sensitivity you set, in case of someone snatching your phone.
If you want to increase further security, learn OPSEC. https://lemmy.ml/post/34223 Do not get memed thinking this ROM with negligible post installation support can magically solve your privacy, security and anonymity woes.
Security does not work like GrapheneOS maker thinks. Memory hardening and forced no GAPPS/microG sounds good from afar but what these people get memed into is called security theater, often an insecurity GrapheneOS users project onto others. There are multiple facets to privacy and anonymity as well, but I am not sure most of their userbase can even differentiate between the 3 terms now.
I thought xiaomi is a chinese phone. is it safe?
Ignore them, they don't have a clue what they're talking about.
Chinese phone has American hardware and Chinese software, the latter which you will remove. Will you be able to get rid of the greater hardware threat? This is a game these people will trap you into.
I suggest getting familiar with OPSEC and educating yourselves with 101 security and privacy instead of playing into this geopolitics, contemporary xenophobia and security theater.
hmm. what phone do you use personally then? I haven't dipped much into privacy on phones. but I think you know more than I do. I'll read your article later, I just want a good answer for now.
My personal threat model is avoiding 14 Eyes surveillance, so I use Huawei P30 Lite, as I noted in my smartphone guide (link I shared in a parent comment).
Huawei's hardware according to BlackHat Pwn2Own 2017-2020, has been largely safe on par with "secure" Pixels. See page 5 of PDF for phonemaker brands. https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices/raw/master/us-20-Gong-TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices.pdf
I have de-corporation-ified it and the closed source apps WhatsApp and Discord are sandboxed into Work Profile. All other apps I use are FOSS, and the whole phone is tunneled through NetGuard with 1.3M HOSTS rules blocking. Android/AOSP's VPN Lockdown feature stays on to prevent any traffic leakage.
For VPN, I am part of Riseup Collective so I use that.
This is not a comment to tell you that you should use Huawei, just an answer to your first question. As for your query here...
I suggest going through my OPSEC and smartphone guides so that you can formulate your own threat model and enjoy a secure, private life without falling for FUD.