Yes but depending on how you use your phone, I think there is too much emphasis on security vs privacy. I’m starting from the principle that phones are inherently insecure. And especially vs computers. There’s no Whonix or Tails or Qubes with phones. Basically, you are carrying a surveillance device that tracks your movements, your interactions with the phones, etc. and reports back to the Surveillance Company hundreds of times per hour. Why the hell would I install bank apps or Google Pay or any other app that further compromises my privacy? So I have very few apps, only browse a few select websites, and generally minimize my use of this inherently flawed device. So my approach guarantees my security. Zero days mostly impact users who click on everything, have full javascript, basically people who have no clue.
I think us 2% are extremely valuable, to the contrary. We are a threat to Google. Building our profile is critical to understanding our true intentions, if we vote Trump, if we support war against Russia or not, etc etc. We are absolutely on their radar.
Yes, Wireshark can help, but why should I “trust” the grapheneos developers? From my perspective, the lack of toggle for google.psds.graphenesorg and more importantly, supl.google.com, is concerning. I want my phone to have zero automatic connections. As in zero. But even then that might not be enough for long. With BLE and the Apple mesh network, Apple can now track all users, so even if one prevents communications to Apple servers, the device location is still known to APple thanks to all the Johns and Janes of this world who couldn’t care less about privacy. That’s why privacy is such an uphill battle.
I went the minimalist route (used a LightPhone 2) for a couple years - great experience. I just got tired fighting the minimalist ‘war’… (yeah - I lost).
The biggest upside of being minimized was with no apps, no browser and basically only phone/text functions - privacy and security were a de facto feature.
I would offer that minimizing is the only real way to gain privacy and security. If you have a smartphone - it is just not possible.
When I moved from my LP2 to my p6p on GOS - at least it feels like I’m able to control the flood a little bit - but I"m likely just fooling myself. I stay on GOS partly to help stay as minimal as possible but still on a smart device.
Bingo. I got used to the minimalist approach. Besides, the minimalist approach helps ensure I spend more time in the real world than trapped in the Matrix. Happier that way
You don’t seem to have any idea what the profile actually is, it’s a data set that tries to predict how like you are to make a given purchase. It’s not some crazy psychoanalysis trying to predict your deepest thoughts, it is a lot of data points related to your purchase history and purchase intent.
Please, read up on Project Redirect then we can talk. Also, Google shifted millions of votes in 2016 and later elections. Big Tech is now 100% influencing the political landscape. If you think their mission today is just limited to predicting what purchases we make, I’m sorry.
You make up all the anecdotal evidence you want, when people talk about the profile they refer to the dataset google uses when they do ad auctions, and this is all pretty well understood.
Do push notifications work yet on GrapheneOS?
After enabling sandboxed Google Play in GrapheneOS, I am receiving push notifications, including for Google Voice.
It’s the opposite infact. Phones are infinitely more secure than a desktop or a laptop. Phones have verified boot, desktops* do not.
*desktop here don’t refer to Apple Macbooks or Chromebooks. They do have verified boot and are quite secure.
GrapheneOS is actually quite close to Qubes in terms of security and privacy. Sure it lacks some features such as Split GPG and Whonix integration, but in general does give a strong competition.
Both are endorsed and used by Snowden.
See the above issues for context.
Prob not for security, I think android is holding GOS back.
Why? Android and IOS are the only operating systems to have a sane security model.
Android(GrapheneOS) isolates all apps from each other by sandboxing and has profiles to seperate instances, Qubes does it through VMs and AppVMs. Android has Verified Boot, Qubes does not, qubes does have mitigations for evil maid attacks and such, although Android doesn’t have Split GPG for emails and Whonix integrarion. This post isn’t a complete breakdown and comparison for Qubes vs GOS, I lack the time to do such thing. These just came on top of my head, to dive deeper do to their official websites and other resources.
Android sandboxing isn’t more secure or efficient compare to iOS. That is why I said android is holding GOS back.
Couldn’t disagree more. There’s no IMEI or IMSI in computers. There’s no “Find My” in computers. No BLE mesh network. And of course no Qubes. Or Whonix Come on. You take over my Workstation? Fine, I’ll create a new one. Phones are meant to be carried, GPS-located, forgotten, lost somewhere, etc. Computers are not. I can load a Win98 VM or Kodachi distro. Or dozens of others, then throw them away if there’s any issue. There is no way in hell a phone is more secure than a computer.
Yes, and the google.supl.com is unresolved (after years of ppl noting the problem), and a toggle won’t be provided. End of story. You know how many automatic communications come out of my laptop? None. Zero.
To claim that phones are more secure than computers is spurious at best.
Everything you mentioned there is privacy, not security. Modern mobile OSs have much better security models than any desktop OS.
Which mobile OS is more secure than Qubes OS?
Taking over a workstation is privacy, not security? Forgotten phone at the local pub is a privacy problem, not a security problem? Being able to accurately locate a device in order to steal is not first and foremost a security problem?
I rest my case!
Security isn’t just the bootloader. Security is a surface. I don’t understand how a device that is meant to be carried on an individual, that can tracked down to the square inch - which introduces a huge vulnerability to the bearer of the device - that can be lost, easily stolen, easily swapped for another identical model etc etc. is somehow more secure than a computer sitting in a high-rise apartment, in which entry to the building is controlled. How?
Google/Big Tech won’t likely do that.
Also GrapheneOS doesn’t come preinstalled with “Find My Device” app.
GrapheneOS extends the password limit than AOSP to prevent curious bystanders. Screen lock passwords are also encrypted by Trusty and hardware encrypted. Even full kernel compromise bug won’t reveal the password.
And yes, Graphene didn’t have the screen lock bypass bug. They fixed it wayyy before than Google.
Why are you taking accounts of the physical security that you will implement to protect your device?
I didn’t say any of those things.
What I said was in your previous post, the things you mentioned were all privacy related, not security.
Please do not make up things I did not say.