Hi everyone,
Currently looking at either a Pixel 8 or a S23 as a replacement for my Zenfone 8 that is slowly becoming a hindrence due to (primarily) the battery. I would replace it, but as it costs a lot to do that here and I have needs for a non-compromised water protection DIY feels like a dangerous option.
So S23 vs Pixel 8, what would you guys recommend assuming I can get either for the same price?
I like the S23 hardware a bit better on paper, but as Pixel phones generally are very flashable my anti-Google sentiments might (ironically) push me there.
I would get a fairphone 5 for the hot-swappable battery etc if they weren’t so expensive for what you get, and as Im buying second hand reuse is better for the environment anyways.
Hey, sorry is I got rude.
Its just really frustrating to name so many points and in the end getting the same statements again that I said where incompatible.
The problem is, this is the typical “Linux is user friendly” perspective too. An OS has to work for anyone. And poorly there are shitty people out there that dont care about privacy and make users depend on Google.
Examples:
These apps dont work if something in the play service stack is broken, and nobody of us can fix that.
MicroG is waay more prone to errors because they begin at the wrong end in my opinion. It is great how they liberate Android by offering alternative providers, but GrapheneOS’ses approach to use the android builtin way of isolation, making the Play services run as user apps, makes so much more sense.
Its a basic method of security I learned a short time ago, from this blog post about bad security ideas
microG is doing some form of badness enumeration. Badness enumeration is what Adblockers use, you list all the bad stuff and allow all the rest. This is inherently flawed because it uses up a ton of resources (which get more and more over time) but the moment a new Domain comes in, you need to patch again.
MicroG does this by disabling random play Service parts. The thing is they still keep the functionality so it is not private at all.
GrapheneOS does it the other way around, instead of allowing everything and blocking some things, they confine the app as a user app. It is used to do what it wants, so to restore that they use gmscompat which is a system app that channels the calls.
What this app then does is the opposite of badness enumeration, it only allows certain calls to be made. And due to the basic Android security model, user apps are already not allowed to read critical identifiable data etc., what I said.
This was never my piont. It is about hardware security features of the Devices, and their compatibility with the OS.
https://grapheneos.org/faq#future-devices
They have to match those requirements, and Fairphone does not.
Afaik Fairphone would be the critical piece between the manifacturers and the custom OS. So if they are late, I suppose any OS can only be late. At least that is how its done with GrapheneOS.
Android has security updates recommended for all devices. But there are more, and Google Pixel integrates all of them. GrapheneOS then uses that AOSP code of the google Pixels and builds GrapheneOS from it.
This means updates are about a day or so delayed, while Fairphone delayed updates for months, even though they get early access, as I said.
Dont confuse Fairphone and Murena here again. Fairphone ships a tracking Google OS. Murena has this appstore which should use modern Libraries etc, as they only support up to date Devices (different than F-Droid).
Still, to be exact you should not use F-Droid builds as a base of your appstore. Look at Obtainium, it is a good base (their UI sucks and is overcomplicated) for a secure appstore.
The Android security models builds on the fact that Developers sign their APKs themselves. Its about trust, and here you need to only trust the Dev. F-Droid takes the code (that nobody really reads) and compiles it. All the apps have the same key.
If F-Droid got hacked, you would have a huge breach, unlike if one Developer got hacked.
But that is just a thing on the side.
No idea what that should mean. I had many points?
They complain about the hardware. But nobody knows about all that low level security stuff. Do you know what hardware memory tagging is? Or what version of ARM the Fairphone 5 uses?
I have no idea so I trust GrapheneOS developers if they repeatedly answer questions over questions with valid points.
Wtf is evidence?? You this “evidence”, this is open source code, anyone can look at it. GrapheneOS is way more secure than LineageOS, period.
jerboah deleted my draft, writing again… luckily had a copy
Please just look at the code. Some killer features are
Its all under the hood stuff you dont easily notice.
Fairphone ships a Google OS and massively delays updates. Murena advertizes privacy features that are insecure and untrue, because microG is a security risk and privacy invasive. Fairphones will not get firmware updates for their supposedly supported lifetime.
Comment 2, Lemmy had a limit I guess
They are not transparent about the fact that they include actual, unrestricted Play services, but call it “private”.
GrapheneOS is ENTIRELY open source. Look at their Github. Every site, even every Server configuration is there. Every app they do, everything.
You said you flashed phones, and I dont get thid scentence? These apps are all just apps, you can install them anywhere.
The other way around, (learned this after discussions with GOS devs), if you preinstall random apps, they are yours. You need to maintain them. If you remove them, with an update, data may be lost!
They ship Bromite and QKSMS which are both unmaintained projects.
Also, these are possibly system apps. Those have no permissions, they can do everything, which is crazy insecure.
GrapheneOS is bad at guiding users what apps they should use, and where to get them. Basically because F-Droid is insecure and recommending apps could make them be liable for them.
But GrapheneOS ships minimum apps. There is no good AOSP calendar, so they extracted the core of the AOSP calendar and only ship that, its needed to make other apps work. Their other apps can all be disabled, they are in the system partition and dont take up usable space.
Daniel Mikay is not the lead of the project for quite some time. He is still active and doing very very valuable work (that nobody else does) but he is not head anymore.
You dont live with an OS developer, you dont even see them. Also you dont have to fear they increase cost because GrapheneOS is free software (that really needs funding). If you have issues, you have issues with a gift you get by them for free.
This comparison makes no sense. But as I said, the devs may always sound a bit similar in their way they think, but its for the best of the project.
Wtf it is free software and will alway be. This makes no sense but is actively accusing of untrue stuff.
Yeah I dont need to read source code to you. Take what I wrote above, research the things, look what the difference is.
This “give me evidence” makes no sense. It is open source code, you just have to look.
MicroG is play services. They connect to Google and send them lots of data inaccessible to for example sandboxed play.
It is preinstalled and cannot be removed, unlike sandboxed play.
Every app from the playstore basically uses them, and many more. Chat apps will use it automatically for push notifications.
Not using Google Apps to mitigate that is very naive.
These are monthly security updates. No idea what feature updates you are talking about, this is not Samsung.
This is also not about biweekly, but delayed for months and probably still incomplete, as I mentioned already, Pixels get all Patches, other OSses only need to implement the minimum requirements.
The kernel may get updates until then. But the firmware not. I dont have numbers, but they used some IOT part that gets longer updates, but it was already a year old and it will not get updates for 10 years.
Many security patches are firmware, and this will not get updates.
So a Google Pixel 8 is way more expensive and only gets updates for 8 years, but they are actually and fully 8 years, for every component.
Internet search engines are really bad nowadays. You need to get the specs of every part of the phone and then check how many years they will get updates.
https://calyxos.org/docs/guide/microg/#:~:text=The long answer%3A microG does,Services in the app itself).
I can’t find out how micro g is a security risk unless you use Google apps.
If I’m not using any Google apps, how is micro g a security risk?
Because certain parts, not apps, of e/OS use micro g?
Fairphone ships a Google os or an e/os.
Lineageos says that the micro g security risk is only present if you explicitly give permission:
“The signature spoofing could be an unsafe feature only if the user blindly gives any permission to any app, as this permission can’t be obtained automatically by the apps. Moreover, to further strengthen the security of our ROM, we modified the signature spoofing permission so that only system privileged apps can obtain it, and no security threat is posed to our users.”
If I keep this pixel, I can always try grapheneos on it.
Evidence would be if reports come out that something is insecure.
Since there are no reports of murena or fairphone being more insecure than many other OSs, and any reports or user discussions I can find talk about it being more secure, I just don’t see the point of worrying about problems that haven’t occurred yet or unrelated to my situation (I don’t use Google apps or the Play store, so I worry about issues that affect Google apps are the Play store for instance).
I think you’re getting the same points because you’re concerns and mine are not the same.
Can you show me the updates that are delayed for months by fairphone? I can’t find any evidence of that.
I’m not sure I understand that process either, why are updates delayed by months?
I see, I was conflating the fairphone and murena companies.