Privacy

39087 readers

581 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago

MODERATORS

GrapheneOS vs LineageOS vs iodéOS (lemmy.world)

submitted 1 day ago* (last edited 12 hours ago) by happeningtofry99158@lemmy.world to c/privacy@lemmy.ml

29 comments fedilink hide all child comments

GrapheneOS vs LineageOS vs iodéOS

According to Comparison of Android-based Operating Systems, GrapheneOS seems to be better than LineageOS and iodéOS in every aspect.

I'm wondering if there is any downside of GrapheneOS. What am I giving up for using GrapheneOS instead of LineageOS and iodéOS (besides GrapheneOS only support pixel)?

In terms of privacy, security, customizability and functionality, which OS would you recommend and on what device would you recommend using it?

Answered questions

Does LineageOS supports muti profile like GrapheneOS (I thought all AOSP supports multiprofile feature)
- yes https://lineageos.org/Introducing-the-LineageSDK/
Does LineageOS supports full device encryption using some open source app? (like veracrypt)
- @https://lemmy.world/u/who@feddit.org Yes, full-device encryption is built in to Android these days.
Can LineageOS supports Sandboxed Google Play with some tweaks?
- no

Some questions

If there is backdoor planted in pixel (which in my opinion is very likely), then I guess the “risk of an adversary gaining physical access to the phone” is quite equal for both of OS?
- https://lemmy.world/u/upstroke4448@lemmy.dbzer0.com - It is highly unlikely there is a backdoor in the Pixel. It’s just not worth the risk for Google. Not only are the phones highly scrutinized by experts but Google has a million other legal ways to get info off your phone for 99% of users who use the stock OS.
@benjaminoakes https://lemmy.world/u/benjaminoakes (how do I @ another user in lemmy???) and I qoute "Graphene is likely to run into issues soon. They were relying on the AOSP source tree including Pixel-specific files. Google isn’t releasing those anymore, so GrapheneOS would have to reverse engineer or extract the needed files somehow."
- should I be concerned about this issue? Will it affect my experience in the next 5 years ? (I usually update my device in 5 year cycle)

thanks a million

you are viewing a single comment's thread
view the rest of the comments

[–] happeningtofry99158@lemmy.world 2 points 17 hours ago* (last edited 16 hours ago) (2 children)

ManyThanks!

I still have a few questions:

Does LineageOS supports muti profile like GrapheneOS (I thought all AOSP supports multiprofile feature)
Can LineageOS supports Sandboxed Google Play with some tweaks?
Does LineageOS supports full device encryption using some open source app? (like veracrypt on windows)
If there is backdoor planted in pixel (which in my opinion is very likely), then I guess the “risk of an adversary gaining physical access to the phone” is quite equal for both of OS?

[–] Amaterasu@lemmy.world 1 points 1 hour ago

A significant security drawback with many alternative Android operating systems is that they either require or are commonly used with root access, which inherently weakens the device's security model. GrapheneOS, by contrast, is designed to be used without root access. Traditional root implementations fundamentally compromise Android's security mechanisms like verified boot, app sandboxing, and the principle of least privilege, making the device much more vulnerable to exploitation.

[–] who@feddit.org 0 points 16 hours ago* (last edited 15 hours ago) (1 children)

I don't know, but according to this page, it seems there is some kind of profile support. I assume it's part of the Android Open Source Project.
(Good thing I noticed that you edited your comment to insert this question.) I am not aware of an effective Google Play sandbox from any OS other than GrapheneOS. It doesn't affect me either way, since I don't use Google services.
Storage encryption is built in to Android these days. I don't remember whether the latest version does it with file-based encryption or full-device encryption. (Both have been used in the past.)
It depends on who your adversary is. For example, a Google employee or a government might have remote access to a back door planted in a Pixel, but not to your boot loader. On the other hand, a TSA employee might be able to pwn your phone if granted physical access, but unable to do anything remotely. Pixels are generally more resistant to to physical access attacks because they allow user-supplied keys and boot loader re-locking, but there are companies that sell tools aiming to bypass even these protections, so I wouldn't bet my life on them.

[–] happeningtofry99158@lemmy.world 1 points 16 hours ago

thanks a lot!