WingNews logo WingNews
top | item 46178407

(no title)

kahnclusions | 2 months ago

I would not trust any of these. They are a security disaster, lacking even basic features for securing your device against tampering and hacking.

There is a reason GrapheneOS is number one and a reason why they only run on Pixels (for now).

discuss

order

fsflover|2 months ago

> security disaster, lacking even basic features for securing your device against tampering and hacking

Indeed the GrapheneOS community is known for attacking the GNU/Linux mobile with false claims, https://news.ycombinator.com/item?id=45562484.

Security is a meaningless word without defining a threat model. Try to defend your GrapheneOS against Google, especially these two problems: https://news.ycombinator.com/item?id=45208925 and https://news.ycombinator.com/item?id=45017028.

See also good replies by other people here comparing GOS with Pinephone: https://news.ycombinator.com/item?id=32496220

tranq_cassowary|2 months ago

GrapheneOS doesnt really proactively attack GNU/Linux. What happens is that there are posts on the internet about GrapheneOS or mentioning GrapheneOS in which or under which completely wrong comparisons between GrapheneOS and GNU/Linux get posted. It makes sense that you care to clarify or correct if you spot people are talking about your project and are (intentionally or unintentionally) spreading wrong information about it by making comparisons based on misconceptions or falsehoods.

The thing you link about restricting network traffic doesnt make much sense. GrapheneOS has a proper network permission which other OSes dont have. The outbound traffic restrictions to certain destinations which are being referred to are just a bad approach. You can send the traffic to one server and just process it there and send out to other servers.

You also say :

> Also, if I explicitly don't trust Google with anything, GOS is extraordinarily insecure for me until a new vendor

If thats the case, dont opt for GNU/Linux either given the large code contributions made by Google. Also avoid any software built with LLVM, written in Go, written in Flutter, using Angular, ...

The two "problems" you link arent really huge security issues. How is GrapheneOS having access to the embargoed patches and being able to ship them a security issue? Also the planned sideloading restrictions dont even apply to GrapheneOS. It would only apply to certified OS that license Google Mobile Services. Also, that isnt even a security issue. Its a freedom issue.

DANmode|2 months ago

Depends on your threat model, but yes.

udev4096|2 months ago

[deleted]