I recently bought a new phone, so my old phone, a Pixel 4 xl is now sitting around collecting dust. I thought it could be fun to install an actual non-Google Linux OS on it. Any suggestions?

  • CHEF-KOCH
    link
    -1
    edit-2
    2 years ago
    • You are not even a target if you are a power user. Because you know how to handle things, starts with knowledge and not the promises of a developer. I also can put sim card out, enable airplane mode and never store data on the device that can compromise me in the first place, this is not what this is about, usability starts with the average user, that is not you or me.
    • I disagree with the sandbox argument, as I recently leaked that you can break out of sandboxes, the promises here are worth nothing and security is not gained by trusting or choosing the - what you think - right tool, it starts and ends with knowledge and the relationship between community and developer. There is overwhelming examples that promises are worth nothing, see heartbleed, no one inspected the source code until someone actually did and look how insecure it is and this will always be the case because security promises are worth nothing until verified so far only handful of projects could hold that for long time of period and the game always, or often changes once there are platform updates which makes it less interesting for attackers to start over if there is no guarantee that previous exploit work or that you gain something out of it, i is more profitable to exploit servers with user data on it.

    Most apps that not depend on Googles infrastructure are very quickly outdated, keyword - dead leftover apps - in the f-droid store and your example does not scale since you compare millions apps vs handful of f-droid apps usually coming already from privacy oriented people and not average developer who copy and paste their app together in the hope to make some money. F-Droid is not even a target because they have no paid app model, so its attractive or attackers to exploit apps since you find no credentials. Play Store is not perfect but offers reasonable compromise and security model if you do not tamper with your phone that break tose features.

    All I wanted to say here, and no I do not use GrapheneOS and CalyxOS, I only teste then here and then. Since I think both devs scam their users to make cash out of it with questionable promises. I do not believe in opsec to begin with.

    • I do not believe in opsec to begin with.

      ???

      I will say most of my apps are from F-Droid and they’re pretty well updated. I wouldn’t discount FOSS out of hand so much, a couple years ago it was pretty bad but the entire ecosystem has really progressed beautifully.

      • CHEF-KOCH
        link
        -52 years ago

        You are delusional I find you 20 apps within seconds that got their last update in 2018.

        • Delusional is a bit mean, and yeah there’s old stuff but there’s tons of old software on the play store but that doesn’t discount it. What I mean is that although there’s software not updated I’ve encountered and use plenty of F-Droid apps that are updated as often as is needed. I just wouldn’t discount it is what I’m saying

          • krolden
            link
            42 years ago

            Same here. Yes battery life suffers when running multiple profiles but that is a meaningless argument since any other device would be affected the same. Just don’t keep the second profile running if you’re not using it.

            I have seen no other battery life issues with graphene. It is solid.

          • CHEF-KOCH
            link
            -42 years ago

            There is old stuff there which is one of the reasons grapheneos does not directly deliver their apps trough the store, there are many other reasons, you quickly find the reddit thread to that.

            I do not need to defend nor shit-talk f-droid, someone else did that for me already, just check my community I linked the f-droid article myself + wrote my own article about f-droid insecurity.