or randos on the internet then?
I mean isn’t that practically everyone on the Internet that you don’t know personally? Or do you actually know the Firefox and/or Librewolf team, and audit their code as well?
If no to both…sounds like you are putting some measure of trust into “randos on the Internet.” Which is not abnormal. Trust is required at some point in most processes.
My thing against Firefox/Librewolf is lack of security…unless it’s improved?
Avoid Gecko-based browsers like Firefox as they’re currently much more vulnerable to exploitation and inherently add a huge amount of attack surface. Gecko doesn’t have a WebView implementation (GeckoView is not a WebView implementation), so it has to be used alongside the Chromium-based WebView rather than instead of Chromium, which means having the remote attack surface of two separate browser engines instead of only one. Firefox / Gecko also bypass or cripple a fair bit of the upstream and GrapheneOS hardening work for apps. Worst of all, Firefox does not have internal sandboxing on Android. This is despite the fact that Chromium semantic sandbox layer on Android is implemented via the OS isolatedProcess feature, which is a very easy to use boolean property for app service processes to provide strong isolation with only the ability to communicate with the app running them via the standard service API. Even in the desktop version, Firefox’s sandbox is still substantially weaker (especially on Linux) and lacks full support for isolating sites from each other rather than only containing content as a whole. The sandbox has been gradually improving on the desktop but it isn’t happening for their Android browser yet.
The Human Cannonball? He got launched out of the cannon and did one flip before getting caught by the net.
That’s what it looks like to the untrained eye. But they’re not really going to fire a person out of a cannon. That’s not safe. So he just huddles in the cannon, they light a decoy fuse, it makes a bang (with no projectile), and he spring out and jumps that distance by himself. Requires a lot of core and leg strength.
If I choose a US server, I want to know I’m going to get the US version of a site.
Which is not necessarily something that Proton (or any other VPN provider) can impact.
Thai article reminded me to buy (and hopefully beat) KCD before KCDII comes out in Feb 2025.
On the Xbox store, the DLC bundle (no game) was normally $20, but 75% off so it was only $5. The game+DLC bundle was normally $40, but it was 90% off so it was only $4. Easy choice, even if I already had the game and no DLC
I have no idea how to make beer…
Graphene OS is not a good source of information.
They’re not a good source of information on Android security? Granted, they’re not perfect, but they are one of the leading teams in terms of Android security. I call BS on anyone calling GrapheneOS a bad source of information for Android security lol.
News regarding vulnerabilities reported to Google and physical attack roadmap
Improvements to factory resets by Google due to reports by GrapheneOS
The main thing they have going against them is the currently small list of apps, and it won’t grow unless people become aware of it and ask devs to put their apps there.
As for “not as open,” can you clarify what you mean? Yes, Accrescent does have “certain minimum requirements for all apps submitted to it to ensure the privacy and security of its users.” Is that what you mean,to loosen that? https://accrescent.app/docs/guide/appendix/requirements.html
Or “just get it from Accrescent and be done with it?” Are you implying if you get it from Accrescent, you’re somehow not done with it? Sorry, I don’t follow your logic.
Also, no thanks on F-Droid as GrapheneOS recommends against and there are multiple security issues:
F-Droid has far too many security and trust issues for us to recommend it. The vast majority of apps in the official F-Droid repository are built on their sketchy infrastructure and signed with their own keys. We’re concerned about a future mass compromise of F-Droid users.
A grapheneos community member is just a random person
A random person that is mentioned specifically by the official GrapheneOS account, not to mention that GrapheneOS has said Accrescent is their recommended app store above F-Droid. Maybe Accrescent dev is not a GrapheneOS core dev, but still a step up, with more credibility, than just “a random person.”
Organic Maps is also available via https://accrescent.app/ which is developed by a GrapheneOS community member and even hosted in the GrapheneOS App Store.
Accrescent is a private and secure Android app store built with modern features in mind. It aims to provide a developer-friendly platform and pleasant user experience while enforcing modern security and privacy practices and offering robust validity guarantees for installed apps.
Accrescent comes from within the GrapheneOS community and we’re collaborating together.
Anker Prime Charger (250W, 6 Ports, GaNPrime): $169.99 but there’s a $30 code that shows up for me, which brings it to one penny below your $140 too steep threshold.
I don’t even use proprietary apps so most if the “security features” aren’t even useful to me
So only proprietary apps may have malware? Malware aside, only proprietary apps may have bugs that can be exploited? And all nonproprietary apps are perfectly safe? But seriously, there is so much wrong with that thinking.
Apps aside, GrapheneOS protects the actual OS and is kept up to date, much quicker than pretty much any other variant.
It is overly complex for no benefit to me.
What’s overly complex? Contact and storage scope I mentioned? You don’t have to use it. Separate profiles for work I mentioned? Again, don’t have to use it. GrapheneOS is one of the closest OSes to AOSP that I’ve seen. You could even just install the Play Store (which is in a sandbox by default, with no root, and you don’t have to do anything to specify that), only use the owner profile, and you get all of the security benefits with no extra work. You introducing F-Droid and using all nonproprietary apps is more complex than GrapheneOS out of the box.
Graphene sucks the life of android in my humble option.
What’s not “fun” or lifeless about it? It’s a phone. I use it exactly as I would a normal Pixel, with the exception of having the convenience of Google Wallet.
Everything is about security with anything else being second.
Would you rather it be all about fun/having life with everything else being second? That doesn’t sound safe. And I’m still confused about you saying it having no life.
I will say what I do differently vs a normal Pixel, is I use the storage scopes and lock certain apps to certain folders as well as contact scopes to lock certain apps to only see certain people. I don’t use my phone for work, but if I did, that would be a separate profile/user.
our team decided to make them mutually exclusive, therefore, at this moment you will not be able to utilize the Killswitch feature and have access to your LAN
Yeah, I got the same reason when I asked about that issue with Android (GrapheneOS). I didn’t run into this issue on Windows. I don’t recall Mullvad running into this issue, either.
ProtonVPN has also been the only known app impacting GrapheneOS shipping a DNS leak fix due to “Proton is doing something weird” that other apps aren’t doing. Proton is also convinced they’re programing their app correct and aren’t open to fixing it…whereas Mullvad did when prompted.
Lastly…if the Killswitch and LAN access are mutually exclusive, why does Proton let me turn both on and not explain it? You’d think if you turned on the Killswitch, it would grey out the LAN access with a note saying you can’t have both. And if you try to turn on the LAN access with Killswitch on? It should pop up with a notification saying you can’t have both with a yes/no prompt to take you to the Killswitch settings to turn that off if desired.
With Graphene, the recommended way is to use separate profiles, not Shelter or similar apps. Check out the official Graphene account on their forum:
https://discuss.grapheneos.org/d/12503-shelter-versus-native-gos-app-isolation-tradeoffs/10
They are expensive
Sometimes you get what you pay for, and…
I don’t want to give money to Google
I get that, but your purchase (the entire Pixel department, to be honest) is a drop in the ocean to their profits. They won’t notice you not buying one at all. You’re handicapping yourself in the mobile security arena (not being able to install GrapheneOS) to take the high ground and not effect a tech giant.
That aside, if you really don’t want to give Google, buy one from a reseller and not from the Google Store.
I know it does but you said “That kills the point of LibreTube bruh.” So if you can use a VPN, and there’s no point to slowing it down…it doesn’t sound like disabling it “kills the point” at all, like you first said.
Basically, your two messages contradict each other.
The sole point of LibreTube is to use piped proxies? Odd, you figure they wouldn’t include an option to make their entire app pointless.
And yet split tunneling and LAN access, combined with killswitch, are still broken on Android but work on Windows.