GrapheneOs Apps

This might be interesting for one or the other: https://www.xda-developers.com/grapheneos-camera-pdf-viewer-google-play-store/

2 Likes

Since GrapheneOS is extremely security-conscious, it would be consistent if they also hosted an f-droid repo. Do they do this? Instead of just offering the apps in the Goolag Store.
I can’t find anything about this.

1 Like

GrapheneOS refuses to publish to F-Droid. They claim this is because F-Droid “makes underhanded attacks” on the GrapheneOS project. Their claims, however, do not fit my interpretation.

In fact, my first interaction with the GrapheneOS project was telling them they were mistaken in something they said about F-Droid, to which their first response was to state that F-Droid is ran by a “known malicious actor”: archive.ph

Since then, GrapheneOS has gone to insane efforts to try to silence me (by threatening to sue me), deleting any proof of their behaviour and keeping track of every place I say anything and loudly scream “fake news”. All because I told them they made a mistake about F-Droid.

While that is just the explanation of why it’s not on F-Droid I personally consider trying to silence people showing any disagreement a huge red flag and extremely ironic given security researchers often deal with getting threatened to sue when reporting security issues.

7 Likes

Well, that’s a huge :triangular_flag_on_post:
I’m sorry you had to deal with that :unamused:

1 Like

I’ve really been dealing with de-Google and secure custom ROMs for quite a while now.
I’m looking at all the ROMs. The apps that they install. The philosophy they follow, etc…
However, I’ve been feeling all three big top dogs (GrapheneOS, CalyxOS, DivestOS) and the community behind them all along that you’re either for them or against them. It’s quite religious and almost sectarian. There is only black or white. And Privacy Guides dot org is in the same vein.
They do a really good job. There is no doubt about that. But the corridor in which they think is extremely narrow.

Your experiences only confirm my opinion.

I myself use iodèOS, which is no secret.
The only thing you can accuse them of is that the iodèAPP (firewall) is not open source.The FP4 with iodè supports verified boot. The OS itself is completely Google free. The preinstalled apps are secure. Nothing leaks to the outside. No trackers, etc… No unnecessary ballast. Nothing. But there goes real bashing about it.
The ROM is rated as “Not Recommended”, etc…

But anyway, that’s my opinion. I have found my way and the three big players should do what they want.

Security come hell or high water. Just no agreement from the “true” way. F**k it. It has now times shades of gray

2 Likes

@FairphoneHulk

Full disclosure: DivestOS is my project. Hopefully I’ll have FP4 support sometime in the future.

iodeOS is far from open source.
The only repositories on their GitHub and GitLab are some forked apps and the device trees.
They do not publish their platform repositories, their repo manifests or their kernels.
Their big feature, the adblocker thing, is also proprietary.

iode · GitLab < forks and device trees
iodeOS · GitHub < used for hosting their OTA images and fdroid repo

Their Firefox fork is currently missing at least 2 known critical security patches.
And I can’t even tell you how far behind their Chromium version is, because no public repos.

I can only post 2 links, the PrivacyGuides discussion is #616.

github.com/privacyguides/privacyguides.org/discussions/616

And my Firefox dates comparison is on my site, linked from the our apps page.

divestos.org/misc/ffa-dates.txt
divestos.org/misc/ch-dates.txt

that you’re either for them or against them

Personally I’ve tried to repeatedly collaborate with many projects.
The goal of DivestOS is to bring as much benefit to all users, not just those who can afford a Pixel.
You can see this for example with my CVE patcher, I’ve reached out to over a dozen projects to offer integration help (to sad response).

I actually emailed Fairphone a while back with regards to missing CVEs on the FP2 to zero response. :frowning:

8 Likes

You can post more links if you don’t make them hyperlinks, for example with code formatting: `code`→code.
Or othewise just post them in a second post and I’ll add them.
(I myself didn’t find the privacy guides issue you’re talking about)

Edit: Thanks :slight_smile:

2 Likes

Not any longer. Patched to 98.1.1

Hah , you are right!
So they pushed a new version 27 here: https://github.com/iodeOS/fdroid/commit/19ffc9c7376cdf2336fec09d930e48c514ef962e

But didn’t yet publish the source here: Commits · master · iode / os / apps / Iode Browser · GitLab

Not very inspiring.

2 Likes