this post was submitted on 21 Jul 2024
41 points (97.7% liked)

GrapheneOS [Unofficial]

311 readers
1 users here now

Welcome to the GrapheneOS (Unofficial) community

This feed is currently only used for announcements and news.

Official support available on our forum and matrix chat rooms

GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.

Links

More Site links

Social Media

This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.

founded 3 years ago
MODERATORS
 

GrapheneOS App Store now includes a mirror of Accrescent, which is a privacy and security focused alternative to the Play Store distributing developer builds of apps:

https://accrescent.app/

Accrescent comes from within the GrapheneOS community and we're collaborating together.

Accrescent is in alpha and isn't yet open to any developers uploading their apps. It will have a lot more apps available in the future. It will become a full alternative to Play Store permitting closed source apps too, but you'll be able to filter to show only open source apps.

Lead dev of Accrescent is a GrapheneOS user and contributor. It'll be a good place to publish apps for GrapheneOS users. AppVerifier, BeauTyXT and Transcribro are from the same person who wrote our Info app. Molly is a security-focused fork of Signal from another GrapheneOS user.

AppVerifier was based on a planned GrapheneOS feature for users to verify APK files based on their key fingerprint. The feature is currently stalled since relying on the clipboard isn't ideal. For now, users can use AppVerifier from Accrescent until we ship a built-in approach.

We'll be delegating distributing developer builds of apps signed by the developers to Accrescent rather than doing it in ourselves. Our App Store will be focused on our own apps and eventually hardened, rebranded builds of important third party apps widely used by our community.

top 10 comments
sorted by: hot top controversial new old
[–] metaphortune 8 points 3 months ago (2 children)

So what's the main advantage of this over F-Droid? Theoretically more secure?

[–] [email protected] 8 points 3 months ago (1 children)

AFAIK the main difference is that on F-Droid (at least the main repo), all apps are signed by F-Droid. On Accrescent however, each app is signed by its developer. This can be seen as it being more secure.

If you're further interested in the topic, there's at least one discussion thread about the 'insecurity of F-Droid', I believe also directly comparing it to Accrescent, on the GrapheneOS forum.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (1 children)
[–] [email protected] 5 points 3 months ago (1 children)

While F-Droid has issues, most of the points in the article are minor inconveniences blown out of proportion. Slow updates because they're mostly community-funded. I kinda like their app approval and low level permission listing. It's a double edge sword because there's an additional level of audit, but also an additional layer for tampering. But that can also happen if devs turn malicious themselves.

Low target SDK lets me use apps that make old devices still usable. It keeps me from throwing them off on the landfill. Most browsers are fucked on old devices (no support for modern TLS) but youtube still works with newpipe forks. So at least I can carry it to watch youtube when travelling. Confusing UX is not a f-droid problem, there are already multiple alternatives.

The only problem they actually have is unstable leadership that has made some of the team leave and there are problems with key signing and they force devs to use old versions.

There's a lot of wannabe "privacy" sites popping up since a couple years and everyone's trying to start a big controversy off of small things. It's easy to complain than rather do the work to make things better and most of these authors can fuck right off.

[–] deafboy 3 points 3 months ago

It’s a double edge sword because there’s an additional level of audit, but also an additional layer for tampering

If I've learned one thing about computers, it's that you can't ever trust the developers to properly package their software. Sooner or later they will abuse this privilege by introducing unsafe defaults, or bundle some useless, stupid, or outright malicious stuff.

[–] [email protected] 0 points 3 months ago

Yeah, significantly more secure, while also being way more modern.

[–] [email protected] 3 points 3 months ago* (last edited 3 months ago) (2 children)

What's the difference between Accrescent and Obtainium?

[–] babeuh 6 points 3 months ago* (last edited 3 months ago) (1 children)

Accrescent is a store where developers can publish their software (will be able to, it's in alpha), just like F-Droid but more secure. It's trying to be an alternative to the Play Store.

Obtainium is a tool that can fetch and check the versions of APKs from different sources.

[–] [email protected] 2 points 3 months ago

ah kk, thx for clarifying

[–] [email protected] 2 points 3 months ago

Accrescent has a list of apps that can be easily installed, unlike Obtainium, Accrescent doesn't require the user to spend a lot of time adding each app they want to auto update/install to Accrescent as the apps are aleeady there. Similar to playstore.

Obtainiums only advantage to me is that you can add almost any app source, while Accrescent still is in development and as such lacks lots of apps at the moment.