Are you sure you're talking about the Linux Terminal app that's available in developer options and not Termux? For me, all Gnome things and Xfce things are present in the repos (and it's using the deb.debian.org default Debian repos, so it makes sense)
mikey
joined 2 years ago
I mean... This is kinda close. The "Linux Terminal" app is running a full Debian install in a KVM VM. On the newest version of the app (like on Android beta or on GrapheneOS), you even have a full GUI that you can use.
In theory, we should be able to boot any mainline Linux distro in a VM, if someone writes an app for it, as AVF (Android Virtualization Framework) is just a wrapper around Linux KVM with some restrictions. (for now the built-in app only supports Debian)
in the latest preview build
i assume you didn't install today's beta release a month ago 😉
EDIT: nevermind, i re-read your comment... it's mandatory in some regions, I know for sure it's mandatory in the US and in Hungary (EU).
One other thing is that if you created the installer with Rufus, that adds some magic optionally that can bypass it. I wonder if that still works with this beta.
still water
This is the reason I set my phone's language to Irish English... I needed an English language option that uses sane measurements for everything.
Oh wow, cool story about Yasuke. Is that where Yakuake got its name from?
Most people dont use dark mode on Linux because most apps look horrible in Linux under dark mode
Among my friends, dark mode users hugely outnumber light mode users, I really don't have any apps that struggle to support it. LibreOffice used to be really bad, but I don't really edit documents anymore, so I don't use it often, but when I do, I don't see issues (although the document background is white, because paper, so the contrast is a bit weird). I'm curious about which apps didn't work for you.
Unfortunately, this is probably because of the apps started using the Play Integrity API, which is a hardware-based attestation and can only be faked in two ways that GrapheneOS isn't interested in:
- you can fake an older device that didn't support hardware attestation yet, or had a broken implementation
- or you can try getting leaked vendor keys and emulate the crypto with those until they get revoked
It's only backwards because you're looking at it from the outside from the front. When it's in you, the left is on your left.
Have you heard of social engineering and phishing? I consider those to be analogous to uploading new rules for ChatGPT, but since humans are still smarter, phishing and social engineering seems more advanced.
Whew, there's a lot to unpack here.
First, microkernels being the future: This is a sentence that was said time and time again, but while microkernels definitely have some advantages in separating components which could yield better security, in practice it also introduces other security concerns, not present with monolithic kernels, mostly with the communication between the kernel services.
Second, about the no secure Linux distros thing: As many others have mentioned, there are security-conscious Linux distros, mostly the "immutable" distros. You can use Fedore Silverblue (or even better, SecureBlue) as a daily driver, with Flatpak for your apps. That way, your main OS is read-only, thus harder to infect and all system updates are signed and verified. Using Flatpak helps enforce permissions on apps in a manner similar to Android permission (you can deny an app the right to see your files, for example).
Third, I don't really understand what you mean by "Linux's security holes". Of course it's not bug free, but no kernel of this magnitude is. Also, GrapheneOS uses Linux as well, albeit with a hardening patchset, but you can also get that with desktop Linux distros. If you think Linux (being a monolithic kernel) is automatically less secure than microkernel and hybrid kernel based systems, take a look at Windows and macOS, which both use non-monolithic kernels, but most security experts will tell you that you're better off using Linux.
Fourth, about all the niche, mostly hobby OSes you listed: A big part of security is about having more eyes on the source code. Even if you write a kernel in a "safe" programming language, there will be bugs. Something as advanced as a kernel that's ready for daily desktop use and provides advanced isolation between processes is going to be so complex that you won't be able to see what bugs arised from the different parts interacting with each other. Safe programming languages make it easier to write safe code, but don't stop you from messing up the logic that defines what apps have which permissions. Your best bet is to stick to software that has had time to mature and had more people and companies look through it. Linux is regularly audited by all tech giants, because all clouds use Linux to some extent. If it's secure enough to isolate the workloads in Google Cloud, and Amazon's AWS, it's going to be secure enough for your desktop, provided you use it well (make use of it's security features and don't shoot yourself in the foot by disabling mitigations and the like). This is partly why I think the idea that OpenBSD is more secure than Linux is somewhat outdated. Yes, they advertise it as such, but it has seen much-much less auditing than Linux did in the cloud era.
Of course, there's nothing wrong with playing around with alternatives operating systems, just don't think you'll be more secure just because something is written in Rust, or is a microkernel. Those can help, but there's much more to security than the guardrails a programming language or software architecture can provide, especially with something as complex as a modern kernel.
For me, as an SRE:
- Mullvad VPN
- Google Drive (until I set up my NAS)
- YouTube Premium
- ChatGPT (but I am thinking of trying out Claude 3 instead)
Other, non-tech subscriptions:
- Public transport
- Public bike sharing
- Food delivery
Things I might pay for if my employer didn't:
- IntelliJ Ultimate
- GitHub Copilot
Random IT-adjacent services I occasionally donate to:
- Codeberg
- Wikipedia
view more: next ›
On Pixel 8 and above, you can plug in external displays, but it will only mirror your phone screen. Supposedly, Android 16 will allow you to "extend" the screen, ie. treat it as a separate screen. Also, the GUI stuff for the Linux Terminal will only drop in Android 16, so yeah, I'm stoked for that release.