this post was submitted on 19 Nov 2023
90 points (91.7% liked)
Privacy
31998 readers
807 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The only recommendation I can provide is a Google Pixel device with GrapheneOS. Graphene is only designed to work on Pixels because they are (allegedly) the most secure mobile phone hardware-wise. Once you flash Graphene, it's up to you to install any apps beyond the basic browser (Vanadium), gallery, camera, caller, SMS, PDF viewer, contacts, file manager, and security/system apps. No Google involved without your permission, though you will have to install Google services, available via a Graphene mirror and sandboxed for privacy, IF you want to install an eSIM after flashing Graphene. If you're interested in further information, please let me know. I use it, love it, and am happy to provide any information you may need to decide if it's a good fit for you or not.
What is the root scene on Graphene? I know the dev is pretty against it but I like having root access after being used to it. Is it possible to easily root it without any integrity issues later on?
It's not supported. According to the devs rooting defeats the purpose of Graphene OS.
Yeah I have read that. And couldn't find any reason why. When I ask about root people only say "if you want root, graphene isn't for you"😅
Rooting defeats androids security model and allows for further exploitation. Graphene most likely does support it because any AOSP OS that is geared towards security isn't going to leave a big hole in their security allowing malware or bad actors to modify system files (or install a rootkit).
Desktop Linux allows root access and is still secure. Allowing root access doesn't make it insecure.
Desktop linux isn't the same as Android, which is why I said the "Android security model". Android is a mobile operating system and must protect against the fact that it will be in unknown environments all the time. It must protect against physical attacks, software attacks, and partially sandbox apps. Root breaks app sandboxing and allows for modifying system files and reading internal app storage. The system image is immutable and modifications/settings are made on top.
Linux desktop isn't more secure out of the box. The general user account shouldnt be a sudoer. Immutable OSes are more secure and help pervent rootkits and other attacks. PCs are most often stationary and stored in a private location. Laptops are weak against attacks because you can boot to a different OS from usb without passworded BIOS. Desktop OSes are the geared for the same kinds of protections.
There is good reason why Android is far more secure than Linux mobile.
Oh okay thanks!
GrapheneOS significantly increases security, rooting does the exact opposite