Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
SockThief 3 hours ago

Consider this (by Graphene OS): https://discuss.grapheneos.org/d/24134-devices-lacking-stand...

/e/OS community talking about it: https://community.e.foundation/t/article-from-grapheneos-abo...

And then maybe this: https://eylenburg.github.io/android_comparison.htm

Hope that helps.

realusername 3 hours ago | parent [-]

I like GrapheneOS but they fail to understand in this post that the #1 security concern an android user face is the lack of privacy.

Sure they have hardened everything but realistically, that's not the main threat for your average user.

Their top contribution to android is the sandboxed Google Play, by far.

palata 2 hours ago | parent | next [-]

I think it's more of a marketing claim from less secure systems that "privacy is not security, and GrapheneOS focuses on security while we focus on privacy".

GrapheneOS does care about both, quite obviously. And GrapheneOS tends to say that if your security is bad, then it is affecting your privacy too. Whereas others say "sure, we break the Android security model by unlocking the bootloader and signing our system with the Google test keys, but your apps will contact Google through microG instead of the Play Services, so it's more private". Which is worth what it is worth...

gf000 2 hours ago | parent | prev [-]

privacy != security.

And sandboxed Google Play services serve both goals -- it runs the service as a regular android service, not an exceptional one that has a bunch of extra permissions. So you can allow/restrict it as you seem fit, while not "getting behind" on features/apps that mandate it.

realusername 2 hours ago | parent [-]

I disagree, privacy is an essential part of security, if there's no privacy, then there's no security.

That's also why I don't keep anything important on my phone as I don't trust what's going on there despite having all the secure features that you would want.

scheeseman486 2 hours ago | parent [-]

Other way around, actually. It's possible to make concessions to privacy, like providing crash reports, or running applications in sandboxes which limits what they can harvest, while keeping the platform secure.

Any privacy you have on a system is reliant on no one tampering with that system and on software behaving itself. Without security, you can't trust the system to implement any privacy.

realusername 2 hours ago | parent [-]

I also disagree with that, I trust my Linux distribution to behave well much more than I trust any Android platform and it doesn't even have much app sandboxing at all.

You can't fix a lack of trust like you have in Android with technical solutions. The flaw in Android is fundamentally a social problem.

scheeseman486 2 hours ago | parent [-]

That reads more as sports team flag wavey thoughts and feelings trust than anything actually backed by objective data.

realusername 2 hours ago | parent [-]

That's the difference between trusted computing (Linux distribution) and untrusted computing (Android).

If you want something backed by objective data, my phone has an advertising ID built in the OS and my laptop doesn't. My phone had 100s of privacy scandals and my laptop doesn't have one.

I do applaud GrapheneOS don't get me wrong but I have a feeling that they are fighting a losing battle.