|
| ▲ | armadyl 14 hours ago | parent | next [-] |
| > The developers also appear to believe that the apps have a right to inspect the trustworthiness of the user's device, by offering to support apps that would trust their keys [1], locking out users who maintain their freedom by building their own forks. That is not a bad thing. The alternative is not having apps that do these checks available on the platform at all. It’s ridiculous that someone should expect that every fork of it should have that capability (because the average developer is not going to accept the keys of someone’s one off fork). If there’s anyone to blame, it should be the app developers choosing to do that (benefits of attestation aside). Attestation is also a security feature, which is one of the points of GOS. People are free to use any other distribution of Android if they take issue with it. Obviously I could be wrong here, this is just the general sentiment that I get from reading GOS documentation and its developer’s comments. |
| |
| ▲ | digiown 13 hours ago | parent [-] | | > Attestation is also a security feature I don't actually disagree with this. The auditor is a perfectly valid use of it. It's good to be able to verify cryptographically your device is running what it's supposed to. The problem is when it transcends ownership boundaries and becomes a mechanism to exert control over things someone doesn't own, like your bank or government controlling your phone. It is one of the biggest threats to ownership worldwide. Note also that getting "trusted" comes at the cost of other security features, such as spoofing your location securely to apps: https://news.ycombinator.com/item?id=44685283 |
|
|
| ▲ | zb3 14 hours ago | parent | prev | next [-] |
| For some reason they don't release userdebug versions which was a dealbreaker for me.. (the device should be secure, but not against me) But if you wish to build it from source, it could probably be a good option. |
| |
| ▲ | digiown 14 hours ago | parent [-] | | You can re-sign it using https://github.com/chenxiaolong/avbroot I don't currently have any root on the phone, but I reserve the right to add it or run the userdebug build at a later date | | |
| ▲ | zb3 8 hours ago | parent [-] | | We could use it to install magisk, but that wouldn't make the build proper "userdebug" one. I fully agree with your original comment - AOSP security model is NOT a proper solution to the security problem, and I'd add to it that it was also designed to be anticompetitive - Google can do what third party apps can't. Android architecture is tainted by Google's business model and it shouldn't be used as an example of a secure operating system.. |
|
|
|
| ▲ | surajrmal 14 hours ago | parent | prev [-] |
| You were not going to be able to use those apps anyways, so what does it matter to you? I, and I suspect many, agree with the purpose of attestation. The problems around it are strictly around establishing good ways to teach apps who they should trust, not around attestation itself. By putting your head in the sand, you'll never improve the situation. |
| |
| ▲ | digiown 13 hours ago | parent [-] | | > teach apps who they should trust Ah, the apps^Wgovernment (look at that page, most of it is government IDs) should be able to discriminate against me for daring to assert control over my own device. And GrapheneOS is saying: Hey government! We pinky promise to oppress the user just the same, but even more securely and competently than Google/Samsung! > what does it matter to you It shows that the developers maybe don't fully have your best interests at heart? |
|
