this post was submitted on 01 Dec 2024
1 points (100.0% liked)

Android

0 readers
5 users here now

Android news, reviews, tips, and discussions about rooting, tutorials, and apps.

General discussion about devices is welcome. Please direct technical support, upgrade questions, buy/sell, app recommendations, and carrier-related issues to other communities.

[email protected]

Rules

Rules

  1. Stay on topic: All posts should be related to the Android operating system or ecosystem.
  2. No support questions/rants/bug reports: All posts should benefit the community rather than the individual. Please refrain from posting individual support questions, rants, or bug reports.
  3. Describe images/videos: Please provide an explanation in the self-post body when sharing images or videos. Memes are not allowed.
  4. No self-promotional spam: Only active members of the community can post their apps, and they must participate in comments. Please do not post your own website, YouTube, or blog.
  5. No reposts/rehosted content: Submit original sources whenever possible, unless the content is not available in English. Reposts about the same content are not allowed.
  6. No editorializing titles: Do not change article titles when submitting. You may add the author if relevant.
  7. No piracy: Do not share or discuss pirated content.
  8. No unauthorized polls/bots/giveaways: Do not create unauthorized polls, use bots, or organize giveaways without proper authorization.
  9. No offensive/low-effort content: Avoid posting offensive or low-effort content that does not contribute positively to the community.
  10. No affiliate links: Posting affiliate links is not allowed.

founded 1 year ago
MODERATORS
 

Frage an euch: Viele zögern, #GraphenOS zu installieren, obwohl es eigentlich recht einfach ist. Wie wäre es, wenn der Kuketz-Blog eine Dienstleistung anbietet, die die Installation gegen eine Aufwandsentschädigung von etwa 50 € übernimmt? Was denkt ihr – gäbe es dafür Interesse?

#android #datenschutz #privacy #customrom

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 2 weeks ago (20 children)

@kuketzblog

"Im Prinzip" würde ich so einen Service gerne nutzen, auch wenn ich's selber flashen könnte (Stress, Arbeitszeit sparen).

Dass ich nicht #GrapheneOS verwende liegt an der Zwickmühle, dass nur die Google Pixels derzeit die nötige Sicherheitshardware dafür mitbringen und ich mich nicht so recht überwinden kann, ausgerechnet diesem Konzern Geld zu geben.

[–] [email protected] 0 points 2 weeks ago (2 children)
[–] [email protected] 1 points 2 weeks ago (1 children)

@[email protected] Other Android devices do not have reasonable security. Our official security requirements are listed at https://grapheneos.org/faq#future-devices. Everything there is a very basic and reasonable requirement. No other Android OEM takes security seriously. The next best choice after GrapheneOS is an iPhone and non-Pixel Android devices are nowhere close. None even stops commercial exploit tools widely available to police from successfully brute forcing a PIN in Before First Unlock state.

[–] [email protected] 1 points 2 weeks ago (2 children)

@[email protected] Which Android OEM do you think has better practices than Google? The idea that Google is a uniquely bad company is quite strange and not aligned with the reality of for-profit companies focusing on maximizing their profit and the vast majority not taking security seriously or even compromising between their interests and user privacy to even the extent Google does. Storing a bunch of data for targeted ads and not adding enough E2EE options is far from below average.

[–] [email protected] 1 points 2 weeks ago

@[email protected] We aren't ever going to support insecure devices, so as long as other Android devices are insecure we're never going to be supporting them. It's not simply that they are less secure but flat out insecure without basic security features needed to protect people's privacy/security. A device where it's impossible for us to even protect users from very widely used exploits routinely used at borders, protests, etc. is not acceptable. We have security standards and they're reasonable.

[–] [email protected] 1 points 2 weeks ago

@[email protected] We aren't ever going to support insecure devices, so as long as other Android devices are insecure we're never going to be supporting them. It is not simply that they are less secure but flat out insecure without basic security features needing to protect people's privacy and security. A device where it's impossible for us to even protect users from very widely used exploits routinely used at borders, protests, etc. is not acceptable. We have security standards and they're reasonable.

[–] [email protected] 0 points 2 weeks ago (2 children)
[–] [email protected] 1 points 2 weeks ago (1 children)

@[email protected] Other Android devices do not have reasonable security. Our official security requirements are listed at https://grapheneos.org/faq#future-devices. Everything there is a very basic and reasonable requirement. No other Android OEM takes security seriously. The next best choice after GrapheneOS is an iPhone and non-Pixel Android devices are nowhere close. None even stops commercial exploit tools widely available to police from successfully brute forcing a PIN in Before First Unlock state.

[–] [email protected] 1 points 2 weeks ago (2 children)

@[email protected] Which Android OEM do you think has better practices than Google? The idea that Google is a uniquely bad company is quite strange and not aligned with the reality of for-profit companies focusing on maximizing their profit and the vast majority not taking security seriously or even compromising between their interests and user privacy to even the extent Google does. Storing a bunch of data for targeted ads and not adding enough E2EE options is far from below average.

[–] [email protected] 1 points 2 weeks ago

@[email protected] We aren't ever going to support insecure devices, so as long as other Android devices are insecure we're never going to be supporting them. It is not simply that they are less secure but flat out insecure without basic security features needing to protect people's privacy and security. A device where it's impossible for us to even protect users from very widely used exploits routinely used at borders, protests, etc. is not acceptable. We have security standards and they're reasonable.

[–] [email protected] 1 points 2 weeks ago

@[email protected] We aren't ever going to support insecure devices, so as long as other Android devices are insecure we're never going to be supporting them. It's not simply that they are less secure but flat out insecure without basic security features needed to protect people's privacy/security. A device where it's impossible for us to even protect users from very widely used exploits routinely used at borders, protests, etc. is not acceptable. We have security standards and they're reasonable.

[–] [email protected] 0 points 2 weeks ago (1 children)

@nick @BafDyce @katzenberger Die Unterstützung eines anderen Herstellers würde _aktuell_ zulasten der Sicherheit gehen. Das wird GrapheneOS daher erst machen, wenn ein anderer Hersteller ein vergleichbares Sicherheitsniveau bietet: https://www.kuketz-blog.de/weshalb-grapheneos-aktuell-nur-google-pixel-geraete-unterstuetzt/

[–] [email protected] 0 points 2 weeks ago (1 children)

@mynacol
Das mit der angeblich besseren Sicherheit der Pixels kann ich nicht wirklich nachvollziehen. Auch Googles Geräte bringen proprietäre (Google (!), Qualcom, ...) BLOBs mit, auf die sich jedes OS stützen muss. Und dann hätten wir noch das Baseband. Da können überall hübsche Hintertüren versteckt sein, an denen das OS genau nichts retten kann. Man muss sich nur mal die Sicherheitsmitteilungen der FW-Hersteller ansehen.
@BafDyce @katzenberger @nick

[–] [email protected] 0 points 2 weeks ago (1 children)

@PC_Fluesterer @mynacol @BafDyce @katzenberger @nick Every ARM and x86_64 CPU is entirely closed source. CPU, GPU, MMU and everything else in them is closed source. This is not a negative or positive security property for this hardware but rather orthogonal to it. Even with reproducible builds, open source does not prevent a backdoor at all. That's clearly true based on the fact that unintentional, non-hidden critical vulnerabilities last for many years in open source projects. It's basic logic.

[–] [email protected] 1 points 2 weeks ago (1 children)

@PC_[email protected] @[email protected] @[email protected] @[email protected] @[email protected] CPU, GPU, MMU and all the other SoC components along with the RAM, SSD, cameras, Wi-Fi, Bluetooth, cellular, NFC, UWB and everything else in essentially any laptop, desktop, smartphone or tablet is closed source. What makes you think that your laptop has open source hardware and firmware? The highly inaccurate false marketing from companies like Purism? That's just false marketing misleading users into believing closed source hardware is open.

[–] [email protected] 1 points 2 weeks ago

@PC_[email protected] @[email protected] @[email protected] @[email protected] @[email protected] Cellular basebands are very comparable to the basebands for Wi-Fi, Bluetooth, UWB, GNSS and other radios. They are not particularly special and do not have privileged access on a modern smartphone. Pixels have a well isolated cellular radio with a lot of extra hardening (https://security.googleblog.com/2024/10/pixel-proactive-security-cellular-modems.html). Compromising cellular radio with an exploit is very difficult and does not provide control over the device. You'd need an OS exploit from there.

load more comments (17 replies)