this post was submitted on 21 Jul 2024
41 points (97.7% liked)

GrapheneOS [Unofficial]

311 readers
1 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 3 years ago
MODERATORS
 

GrapheneOS App Store now includes a mirror of Accrescent, which is a privacy and security focused alternative to the Play Store distributing developer builds of apps:

https://accrescent.app/

Accrescent comes from within the GrapheneOS community and we're collaborating together.

Accrescent is in alpha and isn't yet open to any developers uploading their apps. It will have a lot more apps available in the future. It will become a full alternative to Play Store permitting closed source apps too, but you'll be able to filter to show only open source apps.

Lead dev of Accrescent is a GrapheneOS user and contributor. It'll be a good place to publish apps for GrapheneOS users. AppVerifier, BeauTyXT and Transcribro are from the same person who wrote our Info app. Molly is a security-focused fork of Signal from another GrapheneOS user.

AppVerifier was based on a planned GrapheneOS feature for users to verify APK files based on their key fingerprint. The feature is currently stalled since relying on the clipboard isn't ideal. For now, users can use AppVerifier from Accrescent until we ship a built-in approach.

We'll be delegating distributing developer builds of apps signed by the developers to Accrescent rather than doing it in ourselves. Our App Store will be focused on our own apps and eventually hardened, rebranded builds of important third party apps widely used by our community.

you are viewing a single comment's thread
view the rest of the comments
[–] deafboy 3 points 3 months ago

It’s a double edge sword because there’s an additional level of audit, but also an additional layer for tampering

If I've learned one thing about computers, it's that you can't ever trust the developers to properly package their software. Sooner or later they will abuse this privilege by introducing unsafe defaults, or bundle some useless, stupid, or outright malicious stuff.