this post was submitted on 19 Nov 2023
89 points (91.6% liked)
Privacy
32003 readers
1020 users here now
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
- Don't promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The only recommendation I can provide is a Google Pixel device with GrapheneOS. Graphene is only designed to work on Pixels because they are (allegedly) the most secure mobile phone hardware-wise. Once you flash Graphene, it's up to you to install any apps beyond the basic browser (Vanadium), gallery, camera, caller, SMS, PDF viewer, contacts, file manager, and security/system apps. No Google involved without your permission, though you will have to install Google services, available via a Graphene mirror and sandboxed for privacy, IF you want to install an eSIM after flashing Graphene. If you're interested in further information, please let me know. I use it, love it, and am happy to provide any information you may need to decide if it's a good fit for you or not.
What is the root scene on Graphene? I know the dev is pretty against it but I like having root access after being used to it. Is it possible to easily root it without any integrity issues later on?
It looks like the verified boot security feature of Graphene effectively prevents rooting the OS. I understand wanting root access, it does provide some nice features, but I don't have any need for it. I don't have any bloatware embedded to remove, and I don't need to mod any system apps, so I haven't looked into it much. I know the dev says it isn't planned because it massively increases attack surface, which I personally agree with, but it would be nice to have the option via a separate version of the OS or something. If you need root access, I would suggest looking into LineageOS. It's similar in privacy to Graphene and last I knew could be rooted. Graphene is very focused on security as well as privacy, and for me is a best of both worlds, but if you want to modify the system for various power-user type features, it might not be for you.
Yeah I'm currently running LineageOS. I wanted root mainly for adblock (modifying
/etc/hosts) and AppOps. Does Graphene have those features built in?Check out DivestOS. It's a fork of lineage with a focus on better security and privacy. Not restrictive like Graphene. Rootable via magisk.
So far I'm liking it. Great battery life (lowest I've ever seen) even on my 5 year old phone.
I'll try that thanks!
No, it doesn't. I use 95% FOSS software, so anything that might have ads just gets denied network permission entirely. As for AppOps, I just looked it up, and that would be something I'd like to see developed as a feature of Graphene. It seems like a genuinely useful, and at the very least privacy-protecting, app. I don't use copy/paste via keyboard, and despite it not having network permissions, I'd still deny it clipboard access simply because it doesn't need it.
Okay. Thanks a lot! :)
For security reasons GrapheneOS doesn't allow the modification of system files. You can achieve the same thing with DNS though. Either self-host a Pi-Hole or AdGuard Home, or use something like NextDNS.