this post was submitted on 11 Aug 2024
1250 points (99.1% liked)

Technology

59495 readers
3110 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
 

TL;DR

  • Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
  • The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
  • Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
you are viewing a single comment's thread
view the rest of the comments
[–] lupec@lemm.ee 95 points 3 months ago (7 children)

Wow, I legit just ordered a used pixel yesterday to give graphene a try lol. Uncanny timing!

Anyhow, that's great news! I can really see the EU sinking its teeth into this if nothing else.

[–] Andromxda@lemmy.dbzer0.com 29 points 3 months ago (1 children)

Thankfully there are FOSS alternatives for apps like Authy. I recommend Aegis

For your banking app, you can use this list to check if it's compatible: https://privsec.dev/posts/android/banking-applications-compatibility-with-grapheneos/

Using the web app might also be an option.

[–] lupec@lemm.ee 8 points 3 months ago

Thanks for the tips, I'm a happy Aegis user already! Thankfully, my main bank explicitly doesn't care about custom roms and I'm thinking I'll just cut ties with the ones who do and let them know that was the reason at this point. Worst case scenario, I still have my locked down old phone.

[–] Wildly_Utilize@infosec.pub 11 points 3 months ago

Welcome! I've been on it for a month or so and I'm still so thrilled

[–] newproph@sh.itjust.works 10 points 3 months ago* (last edited 3 months ago)

I've been using graphene for years at this point and it's the best operating system I've ever had on a phone. Before this my favorite phone was a jail broken iPhone 5c. I even got a pixel tablet to take notes on for college recently and put graphene on it as well.

Only thing Google has right atm is leaving the bootloader on their phones unlockable.

[–] queasy@lemmy.world 6 points 3 months ago (4 children)

I plan on doing the same thing, any tips on finding cheap recent-ish Pixels?

[–] Andromxda@lemmy.dbzer0.com 8 points 3 months ago* (last edited 3 months ago)

The Pixel 6a is really cheap on the used market, and it still gets updates for at least 3 years.

The 7a isn't that expensive either. I recommend staying away from Fairphones, Murena or /e/OS as these are highly insecure, and the companies behind them have repeatedly proven that they don't give even the slightest fuck about the security of their users. They don't publish important Android security patches on time, and Fairphone even managed to fully break Android Verified Boot, by signing their ROM with the publicly available (!!!) AOSP test private signing keys. It should have been impossible to pass verification, but the vendor conducting the verification seems to be just as incompetent.

A used Pixel with GrapheneOS is your best option, while still being affordable.

[–] Burn_The_Right@lemmy.world 5 points 3 months ago (2 children)

A brand new Murena Fairphone 4 (North America) is about $600 brand new, IIRC. I've been on one for the last 6 months and it's excellent.

[–] TheLastOfHisName@lemmy.world 6 points 3 months ago (1 children)

I'm planning on flashing my One Plus 9 Pro with Murena's ROM. I'm working on getting de-googlefied.

[–] lupec@lemm.ee 4 points 3 months ago (1 children)

Perhaps consider DivestOS as well if it's supported, seems to be a way tidier package when it comes to security and privacy.

[–] TheLastOfHisName@lemmy.world 2 points 3 months ago

Thanks for the recommendation!

[–] Andromxda@lemmy.dbzer0.com 3 points 3 months ago (1 children)

Stay away from both Fairphone and /e/OS/Murena. Fairphone fails hardware security in the most miserable way, and fundamentally breaks Android Verified Boot, while /e/OS is based on the highly insecure LineageOS, and it further rolls back security, while also repeatedly missing important security patches.

Also, 600 dollars is absolutely not cheap for a smartphone, and it's especially not with it considering that both the hardware and software are highly insecure.

A Pixel can be purchased for much less, while being superior in every way.

[–] JohnnyWishbone@lemmy.world 2 points 3 months ago (1 children)

Lineage OS is highly insecure ?

[–] Andromxda@lemmy.dbzer0.com 3 points 3 months ago (1 children)
[–] JohnnyWishbone@lemmy.world 2 points 3 months ago (1 children)

Thanks, I'll check it out. I've installed lineage since it was Cyanogenmod on secondary devices for years. I dedicate them for audiobook playback and music playback. I'll look in to it.

[–] Andromxda@lemmy.dbzer0.com 2 points 3 months ago* (last edited 3 months ago)

That kind of usage should be fine, it doesn't really matter. Just wouldn't use it for my primary mobile device.

[–] lupec@lemm.ee 3 points 3 months ago* (last edited 3 months ago) (1 children)

I'm in an unsupported region so I'm afraid I can't help much :(

In my case I just looked around a local eBay-like site and went with a reputable enough seller, fairly standard procedure there.

[–] EngineerGaming@feddit.nl 3 points 3 months ago (1 children)

Where I am, Pixels are not sold officially either. I got a 7a for around $300. I picked a store with a physical office and made an order not through the site, but through said office. And at least could inspect the phone before buying.

[–] lupec@lemm.ee 2 points 3 months ago

Ah, that's a nice way to go about it! I'd have loved to inspect mine beforehand as well but the only real way to grab one around here is importing yourself and paying 60%+ import fees on the damn thing or purchasing a preowned one. My living in a remote area also means there are none close by.

[–] newproph@sh.itjust.works 1 points 3 months ago

I would recommend buying a used phone from the most recent generation. I had my pixel 5 die on me about 7 months after I got it used due to a major Android update. Phone crashed hard and bricked, so don't get a 5 (even though it was my favorite design of the pixels). I have an 8 right now I bought it refurbished on Amazon. It works great and I know it will last a while being the most recent model. Also check FB marketplace if you have a Facebook account. People in my area are selling phones often.

[–] marcuslee@pawb.social 2 points 3 months ago (1 children)

I would totally buy a Pixel too but apparently most Pixels here are black market and the IMEIs are banned so I don't wanna risk getting one that can't connect to cell networks

[–] lupec@lemm.ee 2 points 3 months ago

Oof that's scary. Good thing I have a decent enough return window to at least make sure stuff like that isn't the case, at least.

[–] marcuslee@pawb.social 1 points 3 months ago

I would totally buy a Pixel too but apparently most Pixels here are black market and the IMEIs are banned so I don't wanna risk getting one that can't connect to cell networks.

[–] communism@lemmy.ml -3 points 3 months ago (2 children)

Enjoy! For future reference I'd recommend just getting the latest Pixel as you'll get the longest software support. E.g. a Pixel 8a is supported till May 2031, which is plenty of time to get a lot of usage out of your phone.

[–] lupec@lemm.ee 4 points 3 months ago (1 children)

Right, I'd love to spring up for a 8th gen pixel but I live in an unsupported region and my currency is worth fuck all so I'll have to make do with a secondhand 7 pro lol. Still fantastic longevity all things considered.

[–] FutileRecipe@lemmy.world 3 points 3 months ago (1 children)

I'll have to make do with a secondhand 7 pro

Ouch, that hits me right in the 7Pro feels lol. Make do, indeed, lolol.

[–] lupec@lemm.ee 2 points 3 months ago (1 children)

Honestly, I don't really need my phone for much so as long as the battery hasn't degraded too much I'll be more than happy!

[–] FutileRecipe@lemmy.world 1 points 3 months ago (1 children)

I'm holding out for the 10. The 8 added mirrored display (so you can mirror your screen on a monitor... I'd rather this come with the Pixel Tablet 2 and the Pixel Tablet skipped it form some reason) and MTE, which GrapheneOS says is the most significant addition to security since they've started the OS. If those come with the 10, not to mention the 10 is supposed to have Google's inhouse chip and not Samsung's...yep, I'm upgrading.

[–] lupec@lemm.ee 1 points 3 months ago

Great points, I'll definitely keep an eye on the 10! Should fit in nicely within the time I'll be due an upgrade, give or take.

[–] JCreazy@midwest.social 2 points 3 months ago (2 children)

At the price of the Pixel 8a, I would suggest getting the Pixel 8 instead.

[–] communism@lemmy.ml 2 points 3 months ago

Personally I'm fine with 8as' specs and don't need any of the extra features of the Pixel 8 so I'd prefer to save the money and get an 8a. Plus 8as are supported for longer. Nothing wrong with getting an 8 instead if that's what you want though

[–] EngineerGaming@feddit.nl 1 points 3 months ago

All of the 8th are VERY expensive now. Only the 7th Pixels are approaching sane prices.

I got a 7a even though 7 was only a little bit pricier, because it is smaller - already on the edge of what I can use with one hand, 7 would probably cross that invisible boundary. And, just as importantly - has a plastic back instead of glass.