zlacker

>>joseph+(OP)
This story with restricting users is a similar one to Manifest V3 in Chromium.

But we don't have anything like FF as an alternative to go from Android. Especially considering banks require "certified OS".

>>zx8080+E7
I switched to a Linux smartphone because I've had enough of the duopoly.

I also switched banks so I can use my bank card as the 2FA device, similar to CAP. [0]

[0]: https://en.wikipedia.org/wiki/Chip_Authentication_Program

>>Hackbr+Wd
Which one?

>>russne+7h
It’s a Librem 5. I’m looking for a more powerful model that can also run mainline(-ish) Linux.

>>Hackbr+si
Seeing as GrapheneOS appear to be recommended on the newest Pixel models, I wonder if it shouldn't be too difficult to get Arch Linux running on them with the AUR plasma-mobile?

>>russne+9k
Run away from Graphene, it is suspicious at best scenario and dangerous at worst.

Just observe that the key factor is to be independent from Google and then the only recommended devices from their side are exactly google devices where nobody here can have an idea of what is modified inside them.

You'd be better off supporting other distributions like Calyx, which have no problems in supporting other devices like the fairphone and so on.

>>nunobr+gl
I was very interested in Graphene, do you have other grounds for your suspicions?

>>duesab+Ml
I agree with the parent. GrapheneOS puts security above freedom, which is wrong. It forces you to give your money to Google and rely on Google hardware, which is questionable in the long term. They refuse to support different hardware "for your security". Their developers are constantly attacking GNU/Linux phones, which are the actual long-term solution for both freedom and security.

>>44680624

>>43675380

>>fsflov+1y
I don't think I've ever read any solid refutation of the technical choices of the project, mostly just character attacks, the basis of which are dodgy at best. They're completely up-front about the limitations and catches of their choices, too.

Those links don't really help your case, to be frank. Nothing strcat says reads as incorrect or even particularly controversial, they have personal beef with CalyxOS but their criticisms of the choices of the project are largely on point. They're justifiably upset by the mental health accusations too, it's kind of a joke that one of those people in the thread tried to gaslight strcat about how these accusations are somehow not a recurring issue when I, as a third party observer, have seen it come up all the fucking time.

Meanwhile, you're imagining "attacks" on GNU/Linux phones, when most of what I read from them regarding those was sober and reasonable, if not particularly positive, but they're allowed to do that. Their priorities are clearly security and none of those phones really have any.

>>schees+BD
This is another project that knows what you need better than yourself. People are constantly asking them to add support to other hardware, but the answer is "it's insecure". This is completely wrong and forces everybody without a(n expensive!) Pixel to abandon reasonable security. Even Qubes OS allows installing itself on hardware without VT-d, with respective warnings, and plans to enable GPU acceleration in VMs on demand. Their priority clearly isn't to make as many people as possible more secure but to force Google on you.

Are you calling the above a "character attack"?

I would love to use GrapheneOS on my Librem 5 and Pinephone. No proprietary drivers are required. Yes, some security features are lacking. Yet it would be a win for everybody.

I didn't say anything about CalyxOS: I don't care about this.

>>fsflov+cH
> the answer is "it's insecure".

Can you give me a quote where they outright say this? Because my hunch is that what they actually say is something along the lines of 'because it doesn't have the security requirements that we desire' which would be true. Whatever their reasons for those choices, it also makes sense to limit scope given the extreme constraints they're working under and that scope is best limited to phones with the widest security feature support for their security-focus Android OS.

> Are you calling the above a "character attack"?

Grow up.

>>schees+4N
'because it doesn't have the security requirements that we desire'

aka, insecure.

>>Ghoeli+ij1
No, those don't mean the same thing.

All phones are insecure to some extent, most phones compared to GrapheneOS/Pixels are less secure and this has largely proven out whenever there's been leaks of the capabilities of law enforcement phone cracking tools.

>>schees+Ed3
I just don't see how it refutes any of my arguments. See the example of Qubes OS in my above reply.

>>fsflov+U44
QubesOS is an OS for PCs which have a standardized hardware interface. Support for older systems is basically "free". Smartphones aren't standardized in the same way and the amount of effort it takes to properly support other phones has a considerably higher cost on developer bandwidth.

Anyone can fork GrapheneOS and build it for other phones if they want, instead of doing this the developers instead focus their time and effort on the most suitable hardware for their needs. This isn't a part of some agenda or a swipe at Linux, open source or Stallman's cholesterol filled heart, it's just pragmatism.

>>schees+oA6
GrapheneOS has to do substantial work on each supported device to integrate the hardening features and fix the issues those uncover. Supporting other devices is not easy and involves a lot of resources. Those devices also need to provide the hardware-based features heavily used by GrapheneOS including hardware memory tagging, pointer authentication, verified boot, etc. which those devices don't provide.

>>strcat+6Yx
Can you support these devices without listed features with a low effort?