https://lemmy.ml/post/128667

Lemmy unfortunately has a word limit for posts, and I had to break my post into 5 parts, 4 as comments, to be able to post it. So, comments and questions can be put here.

  • krolden
    link
    fedilink
    42 years ago

    If youre worried about microcode blobs in the pixel security chip then why bother recommending anything that uses microcode blobs elsewhere?

    • @[email protected]OPM
      link
      fedilink
      -22 years ago

      Because the issue is trusting an entity like Google, of all entities, that lies quite a lot. Android and Chromium codebases are open, which is precisely why there is trust in them. Titan M is all marketing until it its hardware can be inspected by an independent competent party. Also, Apple’s T2 was a fortress, until it was not. Same goes for all Snapdragon chips back to 2006 when Hexagon DSD got hacked. Intel ME? Really secure. Having extra proprietary attack surface in the name of security, when it is closed source security, is a bullet one should dodge.

      As I always say, closed source security is not security, but a disaster waiting to happen.

      • krolden
        link
        fedilink
        1
        edit-2
        2 years ago

        But my point here is all of the devices you recommend use proprietary microcode at some level or another. Why trust a security chip any less than the radio firmware when it comes to nefarious vendor backdoors?

        As far as google devices go, they’re the only ones (except for some oneplus phones AFAIK) that allow you to use custom signed keys and relock your bootloader. As far as attack surfaces go, that allows you to plug a pretty big one if you want to use a hardened android release like graphene. If you’re worried about security and privacy this is your best bet as long as android rules the mobile device world.

        I’m optimistic for the future of native linux mobile devices,but I have been saying that since I bought a brand new N900 15 years ago. Hopefully graphene follows their roadmap to abandon android for native linux when it becomes more feasible. I just wouldn’t trust any vendor supplied firmware, no matter how degoogled you make it, and try to use devices which allow you to relock the bootloader with your own keys.

        • @[email protected]OPM
          link
          fedilink
          -1
          edit-2
          2 years ago

          hardened android release like graphene. If you’re worried about security and privacy this is your best bet as long as android rules the mobile device world

          I do not agree with GrapheneOS’ lead developer’s vision, his attitude towards community or any of his supporters who are a toxic cult at this point. He and his minions more often than simply lie and grift about how, since there is enough proprietary blobs, we should add a whole piece of proprietary blackbox in the name of security chip on top of it, made by Google. This is a NSA slave that provides for USA military’s inhuman activities using the smartphone metadata they collect on us, as admitted by CIA former head Hayden.

          Also, this masterlist comment, that I formulated over 3 years of interaction, should reveal to you the reality of madaidan, cn3m and all kinds of sockpuppets that originate from GrapheneOS community that claim in third person they are security experts https://lemmy.ml/post/73800/comment/66676

          Edit: forgot this one, nobody talks about this for a supposed ROM for activist level threat model https://np.reddit.com/r/privacytoolsIO/comments/pjl4bh/what_is_your_opinion_of_grapheneos_conforming_to/

          • krolden
            link
            fedilink
            0
            edit-2
            2 years ago

            What does the dev not being a nice guy have to do with device security?

            How is google collecting my metadata if they have no acesss to my device? Pixel+graphene is still a much better option than any stock firmware.

            Feel free to crack it open and prove me wrong. I’m sure they have some good bounties you can collect on.

            Also oh no camera noise boo hoo that proves graphene is in the pocket of Japanese government? You’re really reaching with that one.

            • @[email protected]OPM
              link
              fedilink
              -22 years ago

              I think I already showed you the issues above, but it is upto you to acknowledge them. Some do, some do not. Many get driven away from GrapheneOS on a regular basis due to receiving no technical support, and only hostility from community upon asking for support. And Pixels with GrapheneOS are not audited by any independent authority for those big claims of big security and best combo and all that marketing buzzwords.

              Unless you are willing to purposely reduce it to a mere behaviour issue, you could easily see what all is wrong here. Micay bans and blocks people and leaves his minions and sockpuppet army to harass people that criticise him as well, no matter what social media platform.

              some good bounties you can collect

              I see a madaidan-tier argument, I flick it in the bin. Not going to engage in this kind of intellectual dishonesty.

              graphene is in the pocket of Japanese government

              I have not seen ONE open source community custom ROM in my life that implements such kind of functionality that caters to a government’s rules, let alone a security/anonymity ROM with a niche audience that hates such shenanigans in the first place. Even if it may nit be conspiratorial, it makes me very suspicious in even thinking of touching it with a 10 foot pole, and then people come to bash me just for pointing out this nonsense vision of the developer. Cultist stuff is not meant for an open community, it belongs to cults that obey instead of thinking.

              • krolden
                link
                fedilink
                0
                edit-2
                2 years ago

                Yeah I would have banned you too. It seems like you simply have a bone to pick with strcat since you got banned.

                Your arguments are cyclical and you have not given any valid evidence towards pixel devices being backdoorerd or graphene being google/NSA/CIA/etc shills.

                Also I’m pretty sure most of the stock ROMs you recommend keeping all have cameras with shutter sounds.

                If you hate google so much then why are you recommending ANY android devices?

                EDIT: just to test it, I muted all sounds on my phone and tried taking a picture. Guess what? No shutter sounds.

                • @[email protected]OPM
                  link
                  fedilink
                  -42 years ago

                  Sure, I am picking a bone. Go express your love to strcat, I have no time for trolls that worship him and his grifty cult that bans any people that question him.

                  If you hate google so much then why are you recommending ANY android devices?

                  Want to be a mental gymnast? 2022 Olympics are coming soon. I am not one, so I no longer want to compete with you.

                  In case you want to delete your comments…

                  screenshot

  • Cyclohexane
    link
    fedilink
    12 years ago

    What do you think of ungoogled chromium instead of Firefox?

    I use Fennec currently, but I’ve been thinking to switching to something chromium based. Unfortunately, so many websites don’t work properly on Firefox at this point. Some don’t open at all.

    • @[email protected]OPM
      link
      fedilink
      -32 years ago

      Empowers Google’s monopoly on the web gateway that is browsers. I use Mull/Firefox primarily, and my secondary browsers are Kiwi, Firefox Klar and few WebView based FOSS browsers.

      • @[email protected]
        link
        fedilink
        12 years ago

        Kiwi is Chromium-based (even if the author says something about WebKit which I think he already realized he was wrong) and WebView is also Chromium.