87
Comparison of Android ROMs
(eylenburg.github.io)
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 31 Oct 2023
87 points (100.0% liked)
Privacy
43640 readers
361 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
much thanks to @gary_host_laptop for the logo design :)
founded 6 years ago
MODERATORS
Getting a Pixel just to have Graphene is not always an option. At least not a sensible one that factors in everything that's important when buying something.
My current phone still runs perfectly fine, so getting a new one feels like a massive waste, too.
Doesn't Android have file based encryption by default since a while now?
Didn't they get some grant from twitter or something like that? Cuz calyxos did get a million dollar grant last year from that jak dorsie guy.
I never really understood how this kind of attack happens. Can it simply be done in any phone? What are the required conditions?
Ah I see, does that mean that in terms of security, switching to another ROM on a phone with non re-lockable bootloader is a downgrade from the stock ROM?
Don't you think it's easier, due to inattention when installing a compromised app, a privilege escalation attack through root or actually an invasion due to the amount of bloatware from companies that take their piece of the pie in the Stock ROM (even though they do would cleaning via ADB) and even worse rooted to block these suspicious traffic be something more harmful for the user?
Because the ability to steal the decryption password in RAM memory due to the unlocked bootloader is a little less likely for the thief to have.
I use LineageOS and I feel much better, since my cell phone is Xiaomi, than using MIUI, which is from a chinese big tech company and has proprietary code.
Tell you what: I agree with you on this. If one is truly paranoid and takes physical security into account, a rooted stock OS is a far better option in terms of restricting access to system files (not saying the CIA/MOSSAD can't do it, but your random reddit-informed script kiddie definitely can't). Indeed, rooting your stock OS, firewalling everything and deleting telemetry might be a decent idea (there are ways to install security patches on rooted mobiles, not to worry).
Edit: on the matter of CalyxOS, I wouldn't go as far as to fault them on it. Grapehene has taken a resolution to either block/use their own almanac servers. This requires a fair bit of work. Oh, and what domain do Google chips use for almanacs anyway?
One could argue about funding/interest when there are other things to fix. Essentially, when someone develops FOSS, people don't get to order them around on what to do. I'm very pleased with what Calyx and Graphene have achieved till date and support them wholeheartedly (speaking of which, I should get back to donating, money is a bit tight though). But yes, perhaps a disclaimer for the paranoid people on Calyx's website could be a decent idea.
I think the industry/market generally realises that Graphene is the most secure Android OS there is. I'm interested in trying to understand how they implemented locking the bootloader and why other ROMs aren't picking this up yet. Maybe it's just a lot of work.
I think people who go on to flash Calyx definitely know the advantages of locking one's bootloader and that using Calyx doesn't let you do that. I think ROMs such as these also explicitly mention that the bootloader cannot be locked once said ROM is installed. I understand if someone doesn't have the time but if they had enough time to understand how to flash a ROM on their mobile one would think they'd be interested in such details too (well, if they aren't, then they likely don't care).
Bootloader is relocked after flashing Calyx on an FP4. Are you saying that isn't actually the case?
Ok. My understanding is that Calyx only supports devices that allows relocking, which essentially means Pixels, FP4 and some Shift-device (according to their documentation). So I become a bit confused when it is claimed that it cannot be done at all in Calyx, and that this is some big truth that its users (me included) are not privvy to.
https://calyxos.org/docs/guide/device-support/
Thanks for the info! I agree, without being able to outright change phone, you can only choose your tradeoffs
I'll be sad about that, but neither can I afford a new phone, nor would it be sustainable to buy one
Brazilian here, used to people being robbed all the time:
Almost 100% of the time, robbers just want quick cash, ant they will either 1: steal the phone and try to sell it (most robberies simply fall into this first category) or 2: point you a gun and force you to unlock the phone in order to 2a: force you to transfer money from all your banking apps or 2b: take it unlocked in order to send messages to your contacts asking for money.
Most robbers don't have enough tech skills to even understand what a bootloader is. We live in techy social circles and we tend to think everyone has similar skills, while in reality, most people can barely use their devices. Just to illustrate how low are most people skills, if you format a drive with something like ext4, most of the population will be unable to access it.
The kind of situations where criminals will have high skills tend to be when they target specific people or companies, usually paid by crime lords or rivals. Such scenario is very unlikely to happen to the average joe.
Don't get me wrong here, I'm not saying that security measures are unnecessary. I'm just telling how most criminals operate around here, and highlighting how we tend to overestimate people's tech skills.
I'm in the same boat as you. Totally agree!
Did you consider that I don't give a fuck?