This.
It’s weird how a particular GrapheneOS supporter keeps arguing how awful /e/ and CalyxOS are/were, and how microG is the worst thing ever. But then offers only native Google or nothing for Play Services (sandboxed mind you). The very first fallacy you learn in Cybersecurity is that if it can’t do what someone needs, it’s not secure because it’s not viable. Having nothing for Play Services is often not an option for many people. And when Google itself is one of your threat actors, literally the world’s worst solution that provides the barest modicum of protection against Google is by definition more secure.
Just allow Sandboxing MicroG as an option already for those of us with a bigger threat surface from Google than from Cellebrite-using nation-state actors.
Full disclosure: I’ve looked at using their absolutely excellent build tools to create a fork with MicroG allowed. But it turns out to be non-trivial to add the signature spoofing permission to the system and grant it to only MicroG, and conflicts with the custom Google Play config that allows Sandboxing.
I’ve done something similar trying to get root on Graphene OS, since I’m more far more concerned about corporations than nation-state actors. It can be done, but isn’t worth the trouble, especially since it doesn’t completely work and GOS updates may break it. Long story short, GOS wasn’t for me.
For anyone else who might be interested in trying to root GOS, take a look here: https://github.com/schnatterer/rooted-graphene
I believe this to be likely the most comprehensive source for getting started.
Doesn’t rooting GOS feel counter intuitive? If you’re looking for security rooting GOS circumvents its security policy. May as well download some other OS at that point?
With the discontinuation of Disroot(?) A couple years ago, and now CalyxOS on a hiatus that’s going to require reimaging if they ever do come back, GrapheneOS is currently the only project that is supporting Android within the last 3-ish generations and us a fully put together OS. Lineage is at least 2 versions back currently, and only that new on a couple devices. Additionally it’s not really a fully fleshed OS so much as it’s the basis for custom ROMs, which frequently see no security awareness or concern at all, and only get a couple releases before disappearing.
/e/ is really one of the only alternatives, and is just based on Lineage but with some security awareness and an actual update history.
So sure it’s not the original intent of GrapheneOS, but they have some of the best build tools I’ve ever seen, and are one of the few actually put together OSes.
Yes, that’s right, so I did. I wanted to have a go to see what it was about, though, and I found that root was more important for me than the security that GOS purports to offer.
And when Google itself is one of your threat actors, literally the world’s worst solution that provides the barest modicum of protection against Google is by definition more secure.
Thank you for writing my thoughts into words in such a beautiful and understandable way. I’ve been trying to figure out how to say exactly this for months. As someone who was using CalyxOS until the hiatus, ive found it hard to find a proper home on any other ROM.
I mean /e/ isn’t fantastic but its better than stock as long as you don’t use their built in open ai stt.
This. It’s weird how a particular GrapheneOS supporter keeps arguing how awful /e/ and CalyxOS are/were, and how microG is the worst thing ever. But then offers only native Google or nothing for Play Services (sandboxed mind you). The very first fallacy you learn in Cybersecurity is that if it can’t do what someone needs, it’s not secure because it’s not viable. Having nothing for Play Services is often not an option for many people. And when Google itself is one of your threat actors, literally the world’s worst solution that provides the barest modicum of protection against Google is by definition more secure. Just allow Sandboxing MicroG as an option already for those of us with a bigger threat surface from Google than from Cellebrite-using nation-state actors.
Full disclosure: I’ve looked at using their absolutely excellent build tools to create a fork with MicroG allowed. But it turns out to be non-trivial to add the signature spoofing permission to the system and grant it to only MicroG, and conflicts with the custom Google Play config that allows Sandboxing.
I’ve done something similar trying to get root on Graphene OS, since I’m more far more concerned about corporations than nation-state actors. It can be done, but isn’t worth the trouble, especially since it doesn’t completely work and GOS updates may break it. Long story short, GOS wasn’t for me.
For anyone else who might be interested in trying to root GOS, take a look here: https://github.com/schnatterer/rooted-graphene I believe this to be likely the most comprehensive source for getting started.
Doesn’t rooting GOS feel counter intuitive? If you’re looking for security rooting GOS circumvents its security policy. May as well download some other OS at that point?
With the discontinuation of Disroot(?) A couple years ago, and now CalyxOS on a hiatus that’s going to require reimaging if they ever do come back, GrapheneOS is currently the only project that is supporting Android within the last 3-ish generations and us a fully put together OS. Lineage is at least 2 versions back currently, and only that new on a couple devices. Additionally it’s not really a fully fleshed OS so much as it’s the basis for custom ROMs, which frequently see no security awareness or concern at all, and only get a couple releases before disappearing. /e/ is really one of the only alternatives, and is just based on Lineage but with some security awareness and an actual update history.
So sure it’s not the original intent of GrapheneOS, but they have some of the best build tools I’ve ever seen, and are one of the few actually put together OSes.
Yes, that’s right, so I did. I wanted to have a go to see what it was about, though, and I found that root was more important for me than the security that GOS purports to offer.
This was what I learned.
I replied to the wrong comment 🤐
Thank you for writing my thoughts into words in such a beautiful and understandable way. I’ve been trying to figure out how to say exactly this for months. As someone who was using CalyxOS until the hiatus, ive found it hard to find a proper home on any other ROM.