this post was submitted on 30 Aug 2024
158 points (99.4% liked)

Privacy Guides

16270 readers
7 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS
all 45 comments
sorted by: hot top controversial new old
[–] [email protected] 37 points 2 months ago* (last edited 2 months ago) (9 children)

And it still doesn't support anything that isn't a Pixel phone.

I respect GrapheneOS very much. But the fact that you need a Google phone to install a deGoogled Android ROM is one contradiction I just can't get past. I hate Google and I'm never going to buy their hardware and give them money for the privilege of escaping the Google corporate surveillance.

I'm aware of the technical reason why GrapheneOS only supports Pixel phones, but that irony is just too rich for me. So I use CalyxOS on a very much non-Google FairPhone4, and while it's formally slightly less secure than GrapheneOS, at least Google got none of my money and that's a lot more important than security to me.

[–] [email protected] 25 points 2 months ago (2 children)

It is quite ironic. "I don't like Google, let me free myself from all of Google. But to do that first let me buy that $500-$1,000 phone made by Google to then get rid of all the Google software on it".

[–] PirateMike94 1 points 2 months ago

To be fair, there's an argument to be made that "I'll just pay Google one last time in order to get my privacy back."

[–] [email protected] 19 points 2 months ago* (last edited 2 months ago) (2 children)

Their hardware requirements are pretty clear. Samsung is the only one with comparably secure devices, but they use nonstandard tools like Odin and lock down many security features to the stock OS only.

Other companies are supposedly not making anything as secure.

https://grapheneos.org/faq#future-devices

Also, only Google can really ship updates that quickly and fully, as Android is literally their OS. They are also a huge company, so yeah they have way more resources than a random other company you might prefer.

Example Fairphone, which has horrible update schedules

[–] [email protected] 7 points 2 months ago* (last edited 2 months ago) (4 children)

I am aware of the shortcomings of my choice.

But my priority is to not give a cent to Google: what am I supposed to do then?

I argue that GrapheneOS gives Pixel phones more value, thereby supporting Google. That is not great.

[–] [email protected] 15 points 2 months ago

Buy a used Pixel phone.

[–] [email protected] 10 points 2 months ago (2 children)

If your priority is to not give a cent to Google then don't use GrapheneOS. There are other degoogled OSes for people whose priority is that. If your priority is security then you'd be willing to sacrifice on avoiding anything Google by getting GrapheneOS.

In any case, technically if you wanted to avoid anything primarily made by Google you'd have a Linux phone. The degoogled Android OSes are still based on Google's open-source code.

[–] [email protected] 4 points 2 months ago* (last edited 2 months ago) (1 children)

if you wanted to avoid anything primarily made by Google you’d have a Linux phone

That's true.

Unfortunately that's not possible: I live in a country that delegates secure authentication to banks, and banks only supply 2FA apps that work in Android or iOS. If I had a Linux phone, I'd still need another phone with Android just for the purpose of banking, interacting with social services, logging in my work hours, getting notifications from the post office...

That's the misery of Android: Google is such a pervasive monopoly that even if you want a fully deGoogled OS, the basis of it has to be 95% made by Google anyway because the rest of society goes along and reinforces their monopoly. And at some point, even someone like me has to make compromises to simply live normally.

I would gladly buy a Linux phone and I'd even put up with their quirks (I tried one once so I know they're not as polished an experience as Android). But I am also a practocal man and it's just not an option.

[–] [email protected] 8 points 2 months ago

I'm sorry to hear that, but also, what does that mean for people in your country who don't have smartphones? I know that sometimes people aren't allowed to own smartphones (refugees, or sometimes imposed on a defendant as part of criminal proceedings)—if you don't own a smartphone can you just not participate in society there?

Tbh when I've been required to install some kind of dodgy proprietary app that doesn't work well with GrapheneOS I just tell them I don't have a smartphone and they seem to be fine with that and offer me a "low-tech" alternative for whatever it is (usually some kind of 2FA app). It's concerning when important things are inaccessible to people without a smartphone, because of course that's the baseline for things being accessible for everyone regardless of their phone situation, e.g. people with degoogled phones etc.

[–] [email protected] 2 points 2 months ago

I also dont think you give Google a lot of money when just leeching on their services with lots of fake accounts.

I use Youtube with adblock / custom apps since 6 years or something, so that should be equal to the market value I gave their phones on the used market

[–] [email protected] 9 points 2 months ago

The phones are good. Yes it is a lot of money, and they do silly stuff with these phones, like removing everything or using glass everywhere

I just buy used. Way cheaper, never gonna pay more than for my Laptop

[–] [email protected] 1 points 2 months ago

It is funny, pixel phones gaining popularity due to de-googling. Something seems very wrong with that haha

[–] [email protected] 5 points 2 months ago* (last edited 2 months ago) (1 children)

Example Fairphone, which has horrible update schedules

Fairphone's release schedule and Calix' release schedules are two different things. CalyxOS is updated less often than GrapheneOS for sure, but it's updated a lot more often than Fairphone OS.

[–] [email protected] 4 points 2 months ago (1 children)

Nobody talked about Calyx, but yeah, Fairphone is the worst XD

Others like /e/OS are similar to Fairphone (it runs on Fairphones)

[–] [email protected] 5 points 2 months ago (1 children)

Nobody talked about Calyx

I did, and you replied to me 🙂

[–] [email protected] 3 points 2 months ago

And now I am replying back, just like that!

[–] [email protected] 12 points 2 months ago (1 children)

Are you using a vibes-based threat model?

[–] [email protected] 12 points 2 months ago

Not every threat model requires the security level GrapheneOS provides. My threat model ends with Google and other big corporation shouldn't spy on me and if I lose my phone anyone finding it shouldn't get in and be able to steal my identity. I think DivestOS and CalyxOS do a fine job with that.

[–] phoneymouse 5 points 2 months ago (1 children)

It would be nice if the GrapheneOS dev would work it out with the FairPhone folks to make a device that could be supported. I don’t know why any company would hesitate to work with him, he is obviously doing good stuff, but I agree, Pixel only is kind of a turn off because it doesn’t seem like a long term path to building something sustainable in terms of both hardware and software. It’s a workaround.

[–] [email protected] 6 points 2 months ago* (last edited 2 months ago)

I think GrapheneOS should come with a no-compromise-security branch that only supports Google Pixel phones and an "ordinary security" branch that supports a wide variety of less-secure but non-Google hardware for people who can't stomach the idea of buying a Google phone.

GrapheneOS would reach a much wider audience, and not everybody needs perfect security. I for instance am a low-value target and I have no need for GrapheneOS-level security.

[–] [email protected] 5 points 2 months ago

Buy used? Pixel 8s are on a fire sale now

[–] [email protected] 2 points 2 months ago

Which phone on the market has the best hardware sexurity?

[–] [email protected] 1 points 2 months ago

I hear you. And it is ironic, I agree. The way I deal with it in my head is: I use nothing google in my life. (Except for YouTube via NewPipe). And I purchase a Pixel pro used from eBay when it is 1 year old, and keep it until I feel the need to upgrade. New pixel pro's here in the UK sell for £900-£1000, but you can pick up a used one on eBay only 1 year old for £300, and the money does not go directly to google. So my contribution to google is tiny compared to most people. If GrapheneOS ever do support another flagship phone with good cameras then I will gladly swap. But for now I don't see an option where I can have it all. There has to be a compromise somewhere. But I applaud your anti-googleism!

[–] Cyberjin 1 points 2 months ago

Pixel phone also uses modified Exynos chips, that Samsung themselves stopped using in Europe because they suck.

[–] [email protected] 6 points 2 months ago

Damn that was fast.

[–] [email protected] 2 points 2 months ago* (last edited 2 months ago) (1 children)

Is android auto still broken?

What are you losing by going to this?

[–] [email protected] 9 points 2 months ago (1 children)
[–] [email protected] 6 points 2 months ago

Oh cool! Auto is working?? I may give this a try since I don't give a shit about Google pay

[–] [email protected] 2 points 2 months ago

I think early last year they hyped some potential partnership to have a custom grapheneOS device, anyone know what happened to that?