Skorp

joined 1 week ago
sorted by: new top controversial old
Is there still any hope for privacy phones? 2025 and beyond in c/privacy@lemmy.ml
[–] Skorp@sh.itjust.works 1 points 1 day ago* (last edited 1 day ago)

This is definitely not true. GrapheneOS is focused on privacy, security, and usability. It has many features that are solely for increasing privacy and control and implemented in very robust ways. For a couple of examples, see the Contacts and Storage Scopes features.

This is a common misconception people have as a result of misinformation being spread.

Those of you who install non-google-play apps (aka: sideloading), what's your gameplan for the upcoming Google restrictions on Sideloading? in c/android@lemmy.world
[–] Skorp@sh.itjust.works 2 points 1 day ago (1 children)

They have officially stated that they can support the 10 now, but it will have to wait until after the port to QPR1. https://xcancel.com/GrapheneOS/status/1960792610114511190#m

Those of you who install non-google-play apps (aka: sideloading), what's your gameplan for the upcoming Google restrictions on Sideloading? in c/android@lemmy.world
[–] Skorp@sh.itjust.works 1 points 1 day ago

That device didn't meet the requirements for GrapheneOS even when it was supported by the OEM. As of now, it is an EOL device and is highly insecure. https://grapheneos.org/faq#future-devices

Google will block sideloading of unverified Android apps starting next year in c/technology@lemmy.world
[–] Skorp@sh.itjust.works 2 points 1 day ago

LineageOS also significantly regresses security compared to barebones AOSP.

  • Userdebug builds
  • No locked bootloader or verified boot
  • Incomplete backports of patches
GrapheneOS: Another contributor attacked & banned by Daniel Micay in c/cybersecurity@sh.itjust.works
[–] Skorp@sh.itjust.works 1 points 1 week ago* (last edited 1 week ago) (1 children)

This is a blatant and complete fabrication that you are spreading. The project is on good terms with Spender and you have no evidence to support what you are claiming.

It was after GRsecurity became private that they had an issue with people making upstream security contributions, particularly upstreaming anything from the GRsecurity patches. They had disagreements about that, and then moved past it and are on good terms now.

It's absolutely ridiculous to claim that Micay has anything to do with them making things private.

https://grsecurity.net/announce https://news.ycombinator.com/item?id=10126319

It was Wind River, owned by Intel, which was the main offender for upstreaming the patches. Micay was the one who introduced GRsecurity in Arch Linux and did all the integration it had for PaX exceptions and the start of RBAC support (systemd was an issue at the time). It was afterwards once it became private that it was awkward because they didn't want people upstreaming or maintaining ports of their work but at the time Micay was maintaining GRsecurity in Arch Linux and GrapheneOS (then called CopperheadOS) was using the PaX subset for kernel hardening, so there were existing uses of it to try to keep going in some way.