[-] Mahonia@lemmy.world 1 points 8 months ago

Much of your data can just be subpoenaed and then provided to law enforcement without physical access however. Apple complies 90% of the time.

https://www.theguardian.com/technology/2022/sep/23/apple-user-data-law-enforcement-falling-short

Also, there are ways that LE can bypass your iphone's encryption. Just doesn't work all the time.

https://www.vice.com/en/article/4ag5yj/unlock-apple-iphone-database-for-police

GrapheneOS, based on AOSP, is really the only truly private and secure option. Android offering interoperability is not a downside and Apple having a walled garden does not mean it provides increased security. Apple is decidedly not transparent and this is ultimately not a good thing.

[-] Mahonia@lemmy.world 11 points 8 months ago

Isn't the whole legacy of its creator pretty firmly embedded in the content itself? Like it's disturbing and without much substance.

[-] Mahonia@lemmy.world 8 points 8 months ago

I've been using GrapheneOS for about 5 years.

Google pay won't work, but everything else should. I've never experienced any of the issues the other commenter had, and I've installed Graphene on 4 devices (not dismissing you BTW, just saying I think your experience is quite uncommon).

I don't think third-party launchers are a good idea (you're giving full device permission to an unneeded app) but it should work.

Almost every app I wanted to use worked with Graphene before they introduced their sandboxed google services, and now everything I've tested works with Google push notifications. The only exception is Google pay, and there are upstream reasons for that. Keep in mind, on a very rare occasion the hardened memory allocator breaks compatibility (again this is very rare), but there is an app-specific setting toggle to turn this off so it's kind of a non-issue.

[-] Mahonia@lemmy.world 12 points 8 months ago

This is insanely moralistic and just a bad idea, but also... of all the things going on, how can this possibly be a priority?

[-] Mahonia@lemmy.world 18 points 8 months ago

Nevermind the infringement on human rights and the conservatives' historical tendency to cater to corporate interests. Affordable housing wasn't a priority under Harper either.

[-] Mahonia@lemmy.world 5 points 8 months ago

I don't understand the format of this. Why put a dictator/murderer/war criminal and shitty capitalist/conservative talking head having this detailed and interesting conversation. These two in no way deserve any of the positive association this meme implies.

[-] Mahonia@lemmy.world 6 points 8 months ago

If you're using a stock android device, the OS on your phone still has permissions to read and write to storage, by necessity. If what you're concerned about is privacy, you have very limited ability to set storage scopes if you don't trust the OS, and this doesn't really change if you install an app.

If you're using fossify file manager or any other file manager, you've given that app+the default Files app access to your storage. This is not more private. Most of those similar apps are essentially just skins on top of the default manager (which I suppose could be useful). This only really adds attack surface and doesn't have any meaningful privacy benefits, and potentially some detractors depending on the app you use.

If you don't trust the operating system and its utilities, the best option is to find an operating system you trust, and not to just install new skins on top of existing apps.

[-] Mahonia@lemmy.world 6 points 8 months ago

Fuck people are dumb. There's no thinking here.

The overdose crisis worsened when there were border restrictions, because contamination was more widespread. Also fuck me, the real problem is obviously mostly legal opiate distributors.

[-] Mahonia@lemmy.world 1 points 8 months ago* (last edited 8 months ago)

I don't get these arguments. These tools aren't weapons, and limiting legal access to pentesting tools will decrease corp's and individuals' ability to be proactive about security.

These devices can be manufactured relatively easily and making them illegal will essentially mean the only people doing security tests are criminals. Large tech companies, correctly, run bug bounties where independent security researchers can make income by reporting reproducible and exploitable bugs. The concept here is called offensive security and it's extremely important for building better and more secure platforms. This situation will never be improved by limiting legal access to useful testing tools.

The responsibility should be on automakers and other companies that have massively insecure products, not on open source developers who are making products for security researchers.

view more: next ›

Mahonia

joined 11 months ago