168
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 17 Apr 2024
168 points (100.0% liked)
technology
23275 readers
42 users here now
On the road to fully automated luxury gay space communism.
Spreading Linux propaganda since 2020
- Ways to run Microsoft/Adobe and more on Linux
- The Ultimate FOSS Guide For Android
- Great libre software on Windows
- Hey you, the lib still using Chrome. Read this post!
Rules:
- 1. Obviously abide by the sitewide code of conduct. Bigotry will be met with an immediate ban
- 2. This community is about technology. Offtopic is permitted as long as it is kept in the comment sections
- 3. Although this is not /c/libre, FOSS related posting is tolerated, and even welcome in the case of effort posts
- 4. We believe technology should be liberating. As such, avoid promoting proprietary and/or bourgeois technology
- 5. Explanatory posts to correct the potential mistakes a comrade made in a post of their own are allowed, as long as they remain respectful
- 6. No crypto (Bitcoin, NFT, etc.) speculation, unless it is purely informative and not too cringe
- 7. Absolutely no tech bro shit. If you have a good opinion of Silicon Valley billionaires please manifest yourself so we can ban you.
founded 4 years ago
MODERATORS
Lineageos is as secure* as stock android. If you're going to be using stock might as well just use your normal phone, the NSA definitely has shit worse than NSO Pegasus for stock android devices
Shouldn't we assume the same for Huawei devices?
Yes, we shouldn't trust, but the devices that run Harmony OS are significantly rarer than stock Android phones (meaning less interest/pressure to develop malware for them) and are also distinct from stock Android (so malware that could infect stock/LOS/OneUI/other Android "flavours" might not infect Harmony OS). I don't know about hardening on Harmony OS, but I doubt it implements any hardening, so yeah it is technically as secure as stock Android, but considering the time horizon for threat actors to develop malware, it's less likely to be successfully targeted. Not good enough to rely on.
oh also it's developed in China which doesn't have any incentive to "accidentally leave" vulnerabilities
I understand. My concern with the security of say a Huawei device is, that while domestic surveillance and NSA backdoors into American tech is a significant portion of the state's security apparatus, I imagine the majority of effort spent by our spy agencies is in compromising and penetrating foreign tech. Yes, its easier for the state to coerce our tech industry into cooperating, but that's why most of the offensive cybersecurity funding goes towards breaching non-US tech.
Where can I read more about that? Because lineage and eos were my go to digital self defense solutions
Search up "lineageos vs grapheneos" for some reading. Basically the difference is in hardening and the magnitude of the attack surface vector - a truly secure OS would try to minimize the potential for every type of breach even at the expense of usability. While I do use grapheneos on one phone, I personally don't put any faith in it either as A Truly Secure™ solution simply because it's American and vulnerable to many attacks outside of the phone (even if we assume it was built perfectly as of now, which it isn't).