this post was submitted on 17 Aug 2024
554 points (98.9% liked)

OpenStreetMap community

4245 readers
8 users here now

Everything #OpenStreetMap related is welcome: software releases, showing of your work, questions about how to tag something, as long as it has to do with OpenStreetMap or OpenStreetMap-related software.

OpenStreetMap is a map of the world, created by people like you and free to use under an open license.

Join OpenStreetMap and start mapping: https://www.openstreetmap.org/.

There are many communication channels about OSM, many organized around a certain country or region. Discover them on https://openstreetmap.community/

https://mapcomplete.org/ is an easy-to-use website to view, edit and add points (such as shops, restaurants and others)

https://learnosm.org/en/ has a lot of information for beginners too.

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] possiblylinux127@lemmy.zip 2 points 4 months ago (2 children)

Graphene OS is not a good source of information. I call BS on anyone calling F-droid insecure. If you have a better option that is fine but Graphene does not have a better offering. F-droid is the best we have.

[–] FutileRecipe@lemmy.world 2 points 4 months ago

Graphene OS is not a good source of information.

They're not a good source of information on Android security? Granted, they're not perfect, but they are one of the leading teams in terms of Android security. I call BS on anyone calling GrapheneOS a bad source of information for Android security lol.

News regarding vulnerabilities reported to Google and physical attack roadmap

Improvements to factory resets by Google due to reports by GrapheneOS

[–] KLISHDFSDF@lemmy.ml 2 points 4 months ago

I would trust GrapheneOS, but understand that everyone has their own tolerances for security and the Graphene project is probably at the highest levels.

The GrapheneOS devs were right about F-Droid being less secure when they would sign other dev's apps. This meant that if anyone were to hack F-Droid, they would get full access to every device using an app installed by them. This issue was fixed just last September.

Now that F-Droid fixed this issue, the responsibility falls on each individual developer to secure their signing keys. Should an app's signing key be compromised, it would now only impact users with that app installed. Security is about layers, not 100% foolproof solutions.