this post was submitted on 21 Jul 2024
41 points (97.7% liked)

GrapheneOS [Unofficial]

311 readers
1 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 3 years ago
MODERATORS
 

GrapheneOS App Store now includes a mirror of Accrescent, which is a privacy and security focused alternative to the Play Store distributing developer builds of apps:

https://accrescent.app/

Accrescent comes from within the GrapheneOS community and we're collaborating together.

Accrescent is in alpha and isn't yet open to any developers uploading their apps. It will have a lot more apps available in the future. It will become a full alternative to Play Store permitting closed source apps too, but you'll be able to filter to show only open source apps.

Lead dev of Accrescent is a GrapheneOS user and contributor. It'll be a good place to publish apps for GrapheneOS users. AppVerifier, BeauTyXT and Transcribro are from the same person who wrote our Info app. Molly is a security-focused fork of Signal from another GrapheneOS user.

AppVerifier was based on a planned GrapheneOS feature for users to verify APK files based on their key fingerprint. The feature is currently stalled since relying on the clipboard isn't ideal. For now, users can use AppVerifier from Accrescent until we ship a built-in approach.

We'll be delegating distributing developer builds of apps signed by the developers to Accrescent rather than doing it in ourselves. Our App Store will be focused on our own apps and eventually hardened, rebranded builds of important third party apps widely used by our community.

you are viewing a single comment's thread
view the rest of the comments
[–] metaphortune 8 points 3 months ago (2 children)

So what's the main advantage of this over F-Droid? Theoretically more secure?

[–] [email protected] 8 points 3 months ago (1 children)

AFAIK the main difference is that on F-Droid (at least the main repo), all apps are signed by F-Droid. On Accrescent however, each app is signed by its developer. This can be seen as it being more secure.

If you're further interested in the topic, there's at least one discussion thread about the 'insecurity of F-Droid', I believe also directly comparing it to Accrescent, on the GrapheneOS forum.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)
[–] [email protected] 5 points 3 months ago (1 children)

While F-Droid has issues, most of the points in the article are minor inconveniences blown out of proportion. Slow updates because they're mostly community-funded. I kinda like their app approval and low level permission listing. It's a double edge sword because there's an additional level of audit, but also an additional layer for tampering. But that can also happen if devs turn malicious themselves.

Low target SDK lets me use apps that make old devices still usable. It keeps me from throwing them off on the landfill. Most browsers are fucked on old devices (no support for modern TLS) but youtube still works with newpipe forks. So at least I can carry it to watch youtube when travelling. Confusing UX is not a f-droid problem, there are already multiple alternatives.

The only problem they actually have is unstable leadership that has made some of the team leave and there are problems with key signing and they force devs to use old versions.

There's a lot of wannabe "privacy" sites popping up since a couple years and everyone's trying to start a big controversy off of small things. It's easy to complain than rather do the work to make things better and most of these authors can fuck right off.

[–] deafboy 3 points 3 months ago

It’s a double edge sword because there’s an additional level of audit, but also an additional layer for tampering

If I've learned one thing about computers, it's that you can't ever trust the developers to properly package their software. Sooner or later they will abuse this privilege by introducing unsafe defaults, or bundle some useless, stupid, or outright malicious stuff.

[–] [email protected] 0 points 3 months ago

Yeah, significantly more secure, while also being way more modern.