this post was submitted on 31 Oct 2023
85 points (96.7% liked)

Privacy

32740 readers
2844 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] Mikelius@lemmy.ml 19 points 1 year ago* (last edited 1 year ago) (6 children)

Only 2 problems I have with Graphene personally is the need to give Google money, which the irony is just too much, and no option for rooting. Otherwise it seems like a pretty good OS overall. In the meantime, while I wait for those options to be more flexible so I can have full control, I just use a rooted lineage os with all the extra Google stuff (ntp, DNS, etc) stripped and replaced with my own self hosted systems.

[–] darcy@sh.itjust.works 15 points 1 year ago (1 children)

u can buy a pixel second hand.

[–] Denatured@lemm.ee 2 points 1 year ago (1 children)

Money is still going to Google cuz I bet the person selling it is going to use it towards a new pixel from Google.

[–] darcy@sh.itjust.works 1 points 1 year ago

hmm. i see where youre coming from, but thats a bit of a stretch. you could use that logic for anything. imo its still much better than the alternative

[–] herrbaert42@infosec.exchange 9 points 1 year ago (3 children)

@Mikelius @Imprint9816 what do you need root for? it makes absolutely no sense to root GrapheneOS and they won't ever make that option available. It's a huge security risk and massively increases attack surface. If you want root so badly, stay with lineage. Giving Google money for a product they make isn't any different from buying a Samsung or Apple phone really.

[–] darcy@sh.itjust.works 10 points 1 year ago

there are some niche reasons to root, like just tweaking system things or using rooted-only apps

[–] Mikelius@lemmy.ml 10 points 1 year ago* (last edited 1 year ago)

I've heard and seen folks say rooting Android is a huge security risk and adds an attack surface, but haven't seen anything to support the claims, really. Yes it's less secure for the average person, who doesn't know anything about security, to root an Android, but to say it's completely insecure without any supporting explanation (not you in particular, just in general when this is said) doesn't help. I like to imagine it like installing Linux and being told to trust the distribution you installed, but they disabled root and removed sudo because it's insecure.

The reason I root is actually for both security and privacy. Without it, I can't use custom firewall rules to restrict apps and system processes from reaching out to the internet or local network devices (AFWall+), have a local hosts setup (Adaway), run a VPN to my home network (Wireguard), and monitor all app network process calls (PCAPdroid) at the exact same time. It also prevents me from being able to create custom cron jobs and custom system changes I need that have only root access.

Being that I am also home 95% of the time with my phone on my person at all times, physical attack surface is less concerning for me, too.

With that all being said, the (assumed) excuse that "malware" is the security risk with root makes no sense to me because whether or not I have root access, phone malware probably doesn't need it in most cases since they're exploiting non-root things so that they can target the majority, not minority. Not to mention I rarely ever even install apps on the phone and most of my web surfing is done on my laptop, not my phone.

[–] fl42v@lemmy.ml 4 points 1 year ago

I guess there's actually nothing stopping you from rooting: you say "nope" when they ask you to confirm re-locking the bootloader, and then do the usual shenanigans with patching and flashing boot partition.

However, it makes graphene a whole lot less grapheny since you can't re-lock the bootloader anymore (except if you sign modified stuff yourself and let vb know of your key, which sounds like too much of a hustle), which means you don't really need a pixel and graphene except for a few unique features mb.

[–] jackpot@lemmy.ml 1 points 1 year ago

whats rooted mean

[–] netchami@sh.itjust.works 1 points 1 year ago

You technically can root (https://xdaforums.com/t/guide-pixel-6-oriole-unlock-bootloader-update-root-pass-safetynet.4356233/), but I wouldn't recommend it. I wouldn't recommend rooting any version of Android, it unnecessarily increases attack surface.

[–] random65837@lemmy.world -3 points 1 year ago

There's no requirement to give money to Google, buy a phone from whoever you like. There's also nothing that stops you from rooting Graphene, some people do, why I don't know, because once you do you've spit in the face of the security aspect of the OS, which is it's main goal.