Hi thanks for responding, these threads are not pointless. I discovered ubuntu touch through this thread. I’m noticing that forum culture is a bit toxic and doomerish. I’m not a regular forum user, so for me this was a nice way to get to information that might have been difficult to find through search engines. I apologize for not being able to find the previous thread that already was addressing my idea. At the same time I think the point of threads is to just ask, being annoyed that a question has already been addressed multiple times seems a bit pointless to me.
This has nothing to do with if it’s degoogled or not, or which specific custom ROM it is. Fairphone is late there, no question, but this is completely decoupled.
If this is the case, then for sure you can name me a lot of cases with sources, where thieves unlocked phones where the binaries where not compiled secure enough.
But I can’t imagine thieves usually exploit this. It’s just (as said before) so that intelligence agencies have more difficulty accessing the phone. I would agree that this is a good thing to have the possibility for people to secure their data as good as possible.
But this won’t influence if thieves can access your data if they steal your phone.
3 Likes
You’re going into too many directions at once and making conversation difficult. You brought the de-Googled factor into this - and I think that’s a misconception about GrapheneOS. My own use case for GrapheneOS is to use it with the sandboxed Google Play and all the apps I want from the Play Store.
You can use GrapheneOS to de-Google, but that’s not required. GOS is only de-Googled if you want it to be.
As for how thieves unlock Androids, the simplest way they operate is to involve workers at legitimate phone service shops with access to tools like ChimeraTool. They also use any tool they can get their hands on from various online and offline sources.
You can find your own sources for this information by using whatever your favourite search engine is.
1 Like
Another option is to go for Jolla’s new smartphone with SailfishOS Jolla Phone Pre-order Voucher – Jolla Shop
It can’t. Any actor who is determined and has physical access to your house, work, travel can get access to your phone. There are a couple of ways around this:
-
Don’t do illegal things (aka stuff which pisses off the local authorities), seriously.
-
Don’t take your smartphone with you if you go to foreign countries with questionable legal standards (China, for example). Use a burner device. Reset and sell the burner afterwards on the second hand market.
-
Now, say you are some subversive activist. Rule #1 doesn’t apply, right? Well, the same as rule #2 applies: the question arises if it is clever to take your smartphone with you while on a tour of duty.
-
Intelligence agencies have the goal to collect intelligence; police have the goal to catch criminals. It is a very different goal in every Western jurisdiction. Intelligence agencies normally (exceptions apply) won’t let targets know they are targeted. Police, it is generally in your interest to cooperate (unless you didn’t follow rule #1).
What remains is criminals, hackers, nefarious software devs, hacked software devs, and all that. GrapheneOS can protect against all of that.
1 Like
Exactly right. Anyone who thinks GrapheneOS would be anything more than just a nuisance for a capable state actor should read this recent article.
To Summarise:
If you do not want to get owned by Predator or other malware → Do not open links!!! Do not use Chrome, take Firefox instead and Block Ads!
If you got infected, Graphenes sandboxing and memory protection will keep up some security on your device…
Because that it was Graphene is mostly made for: Keep rogue Apps at bay!
It is usually a reference website frequently used by GrapheneOS (GOS) users, as well as echo chambers such as Privacyguides and related media.
What it actually does is list the features of GOS, many of which are unique, to make the alternatives seem mediocre.
In this way, we can see who is making the most requests to the website to have them added:
https://github.com/eylenburg/eylenburg.github.io/issues?q=author%3Athestinger (Daniel Micay)
This allows them to promote themselves as the only option, since the others are ridiculously inferior.
Another way they operate is by attacking these alternatives, anyone who could compete with them, usually under the premise of security. Firefox, LineageOS, CalyxOS, /e/, Fairphone, and so on:
On that website, we can see angry GOS users doing what many of them normally do, criticizing other options so that GOS is the only one.
The others have no right to exist because they are terribly insecure, almost a fraud.
Of course, it’s easy to criticize security patches for taking so long to arrive when Google Pixels are the first to receive them.
I find this behavior by GOS totally unethical, coupled with the fact that we have to finance Google, another company whose conduct is the opposite of ethical, values that many of us seek in brands such as Fairphone, with their flaws and virtues, and in systems that are more honest than GOS, whose development involves constantly stepping on and attacking others.
Anyway, I would like to talk a little about the aforementioned website that GOS followers love to show off, and discuss the different sections in the Degoogling section.
I’m going to do this from LineageOS, which is what I use, and how to reduce and even eliminate connections to the Big G.
-eSIM activation-
If you want to avoid automatic Google connections, you only have to deny network access to system app, Sim Manager or com.google.android.euicc.
Or you may disable it with root.
-Provider for network-based location-
That needs Microg and could be disabled easily. It used to be Mozilla location but I don’t know what it is now.
-SUPL and PDS/EXTRA.
Disable “Use assisted GPS” and “location services” in Settings, Locations.
The first time it will take a while to establish a connection, as it is not network-based. A couple of minutes.
Use GPSTest from F-Droid in the background while using your GPS app, such as Comaps, to speed up the process.
If you don’t move too far from your current location, it will take about 30 seconds the next few times.
-Connectivity check/captive portal-
Deny access to internet to com.android.captiveportallogin and/or disable it.
With adb (rooted debugging, adb shell) or a Terminal like Termux (root) write this:
settings put global captive_portal_mode 0
You can change if you really need to connect to a captive portal:
settings put global captive_portal_https_url https://captiveportal.kuketz.de
settings put global captive_portal_https_url https://e.foundation/net_204/
reboot
-DNS connectivity check-
A connection to random-dnsotls-ds.metric.gstatic.com that can be avoided as follows:
Settings, Network & internet, Private DNS, Off
Adding a private DNS or even in automatic (default) makes a connection to Google.
-DNS server fallback-
Very rarely used. Many ROMS change this.
With LineageOS could be change only with root:
-Network time-
Go to System, date & time and uncheck “Automatic date and time” and “Automatic time zone”
Then, change to a fake value this way:
settings put global ntp_server dsf.dskdsfsnds.retrfs.dfs.dfsodfs
So you can check them again and may update using NITZ with no internet connection required.
Another possibility is using ntp.pool.org (not https, not recommended):
settings put global ntp_server x.xx.pool.ntp.org
-Hardware attestation provisioning-
com.android.rkpdapp (RemoteProvisioner)
Could be useful for secured apps.
Only deny network access.
-DRM (Widevine) provisioning-
Used by apps that use DRM like Netflix and so on. Connection to googleapis.com
Can’t be disabled but avoided using this magisk module in LIGHT mode:
Also select “Never check” in “Set HDCP checking behavior” in Developers options.
Anyway, with root, you can add this list to your hosts file:
And only consider the DNS connectivity check and DNS fallback (with LineageOS)
4 Likes
GrapheneOS seems to become the Arch of Android, where people have to constantly point out how superior they are.
What surprises me is that people seem to find it less important that they support Google with buying their device, instead of an ethical alternative, but apparently it’s super important that a hypothetical thief noone has ever heard of can maybe access their data.
Because of course this is the first thing a thief would think of when stealing a phone: They don’t want to resell the phone, they want to read your messages.
And of course they have more technical knowledge than everyone in this forum, where there is absolutely no indication of a tutorial on how to access a device’s data that has something like a pin
Btw. and a bit off-topic:
If you look at ChimeraTool, they can only unlock Vivo phones (https://chimeratool.com/en/models?f=remove-device-lock) and I doubt than any tool will ever support Fairphone, the market is much too small for the hassle.
I like what GrapheneOS is doing feature-wise, but this toxic downtalking of alternatives and not caring for ethics by its community members pisses me of.
7 Likes
Speaking as much as you do about ethics, I find it puzzling that you think writing a tutorial on how to access the data on an Android device (or linking to one) on a public forum would be acceptable or responsible.
You seem to have a gripe with the GrapheneOS project and users, which is fine, but it fails to constitute the basis of an adult discussion.
I’ve ignored GrapheneOS until this year, after I bought a Fairphone 6 in good faith. I was willing to put up with the clearly very inadequate placement of volume buttons that kept taking screenshots, its subpar cover that prevents the thumb to properly unlock the device via fingerprint, the frame rate stutters, the fact that it got hot when charging and it ignored the ECO / slow charging settings, and even that it clearly lagged way behind others with the security updates. I took my $100 from Google because my old Pixel 6a’s battery was garbage, and decided to do the “ethical” thing, and bought the Fairphone 6 almost as soon as it came out.
Then one day, my Fairphone 6 just shut down. It wasn’t charging, I was out. Battery was around 70% when I left my house. And just then, somebody in our group had a medical emergency and I was unable to call emergency services.
Those are the moments where you wonder if the “ethical” thing means that you need to suffer abysmal quality and risk life and limb when something as essential as your phone fails. Is it ethical of Fairphone to sell this obviously very low quality device, hardware and software? Is it ethical for Fairphone to claim that an obviously inferior device will last you 8 years? It’s only usable as a secondary phone, but then just not using a secondary phone and having a reliable primary phone is more ethical, no?
I’ve since then bought a newer Pixel, put my Fairphone 6 on ice until I figure out a use for it, and set the 6a up with Graphene OS, which has so far worked flawlessly for months.
Ethics is a complicated subject.
There are actually a lot of “ethical” ways this could be helpfull. I saw a lot of posts, where peoples phone/display etc. broke and they were asking if there is a way to save the pictures taken with it.
The spirit of open source is, that every method that can be used to help should be openly known, and potentially fixed if it can causes harm. But this could be material for another thread.
I stated several times that I in principle like how they try to improve android.
All of this is fixed
Not the case for me and all the people I know. Maybe register your fingerprint again?
This sounds very unfortunate and there seem to be some users that report this behaviour. Should be discussed in the according threat. We know Fairphone is working on this and of course Fairphone is not as big as Google so some bugs slip through.
This is just not true. I know a lot of people that use the FP6 and are very happy with it, noone I know is suffering. So very subjective and overexaggerated statement of you. And I use it as my primary phone of course.
In the end Fairphone afaik the company that is doing this the best out of all companies. There is only one other company that tries to produce smartphones ethically and repairable (Shift) but they suffer much more from all this (bugs, irregular updates) than Fairphone. It seems to be difficult as a smaller competitor to catch up with the big ones.
2 Likes
As a person seriously involved with Free Software and Open Source for decades, I disagree with your assesment of what its spirit is, and do not appreciate the condescension.
As for the perpetual “they’re a small team and doing their best” so-called argument, after doing a bit of research on Fairphone’s history it looks like they’ve been doing their best but still not delivering robust devices ever since FP1. That’s too many years to still accept this as a reasonable explanation.
GrapheneOS is a small team as well, and they don’t make money selling anything either, yet that ROM has much, much less issues than what FP is rolling out (which, if I am not mistaken, is entirely outsorced to the Chinese T2Mobile company).
Another small company that still manages to deliver robust devices (putting aside somewhat delayed security updates) is Nothing.
It is possible. Fairphone just doesn’t seem to know how to do it.
I would say the FP6 is pretty robust. This is just your reception.
GrapheneOS doesn’t have to pass Google certification and can build up upon what Google gives them from their Pixels, which is mostly bug free
Nothing is more than an order of magnitude bigger than fairphone if you look at sold devices. And as you said they still have delayed security updates.
I don’t even want to defend fairphone too much, they deserve to be critised for delayed security updates, but not like this
1 Like
That’s wrong. GrapheneOS builds on the AOSP (which stands for the Android Open Source Project), which everyone is able to get. Literally everyone. Fairphone uses the AOSP as well, so they start from the same base.
The only part that’s different for each manufacturer is the device tree, but if you’re saying that the Pixel device tree is mostly bug free, but it’s normal that T2Mobile’s device tree is buggy then I don’t know what to tell you.
I especially don’t understand how being much buggier is acceptable. If it’s buggy, don’t release it. If testing takes a long time, take a longer time (and publish security updates only, for a while).
And even getting the Pixel device trees seems to be on shaky ground now, with Google resisting publishing them more and more, which I assume is what has led to GrapheneOS striving to move away from Pixels, or at least have an alternative to them.
Yes, they start from the same base.
And that is a very big difference.
1 Like