Here it comes... π
-
Worried I'm getting a bit too paranoid, but...
Why backdoor the messaging apps when you can just monitor the entire OS?
Having control over the OS doesn't help if the OS doesn't understand the app's data.
-
Firewalls are a great way to tell if new apps are secrely installed
Btw what is the key verifier thing?
Which FW could be recommended?
-
Having control over the OS doesn't help if the OS doesn't understand the app's data.
If only there was an AI that monitors everything going on on the device which they could force onto everyone
-
There are functional firewall apps for android? Is Rethink good?
Rethink is better than good. It's great.
-
Firewalls are a great way to tell if new apps are secrely installed
Btw what is the key verifier thing?
I uninstalled it on my Samsung last time and just checked but it hasn't reinstalled itself again (yet).
-
So glad I moved to GrapheneOS last month.
Got myself a Pixel 9 pro just to go Graphene... Sold my s24 ultra
-
Having control over the OS doesn't help if the OS doesn't understand the app's data.
... the OS doesn't understand the app's data.
I assume you are referring to End to End Encrypted (E2EE) messaging apps here. I'm no programmer/developer/software engineer and I'll be the first to admit that I don't know a ton about how most apps work on the backend. That being said, my understanding is that E2EE apps decrypt whatever is being transmitted to them when they get to your device (assuming phone here) (of course it would decrypt it, otherwise how would you make sense of the information?). Once the data is on your phone, it is decrypted. From what I understand, sandboxing apps is not all that robust on Android (at least on "mainstream" versions)
Therefore, the data that was Encrypted from End to End was decrypted at the End and therefore accessible by other applications and processes on your phone. Unless Android sandboxing has improved greatly in the last few weeks.
-
Which FW could be recommended?
LineageOS or /e/OS would be my picks. Graphene and Calyx are better, but likely don't support the device in question.
RIP DivestOS.
-
... the OS doesn't understand the app's data.
I assume you are referring to End to End Encrypted (E2EE) messaging apps here. I'm no programmer/developer/software engineer and I'll be the first to admit that I don't know a ton about how most apps work on the backend. That being said, my understanding is that E2EE apps decrypt whatever is being transmitted to them when they get to your device (assuming phone here) (of course it would decrypt it, otherwise how would you make sense of the information?). Once the data is on your phone, it is decrypted. From what I understand, sandboxing apps is not all that robust on Android (at least on "mainstream" versions)
Therefore, the data that was Encrypted from End to End was decrypted at the End and therefore accessible by other applications and processes on your phone. Unless Android sandboxing has improved greatly in the last few weeks.
Applications like signal are encrypted at rest on your device as well - https://security.stackexchange.com/questions/277330/how-does-signal-protect-data-on-the-device-from-unauthorized-access
-
Firewalls are a great way to tell if new apps are secrely installed
Btw what is the key verifier thing?
Bit out of the loop. What am I looking at?
-
Bit out of the loop. What am I looking at?
Google is automatically installing an app on you phone that analyzes your media βto prevent you accidentally viewing nudesβ
-
So glad I moved to GrapheneOS last month.
Does lichess work on graphene os? How is compatibility with classic stuff line firefox, signal, ...?
-
Does lichess work on graphene os? How is compatibility with classic stuff line firefox, signal, ...?
I play Lichess on my GrapheneOS Pixel6a, works well. Same with Signal, Firefox with several mobile browser extensions.
Bitwarden, NewPipe, Tailscale, Duolingo, Uber, Discord, Matrix Element, all the Proton mobile apps, Backblaze, etc etc.
Pretty much every app I try works flawlessly. On rare occasion I'll experience minor bugs, and twice I've had to use GOS's extra privilege mode to get an app to work.
Overall, Love GrapheneOS and I'll use them as long as they are around and making an awesome alternative to Google's garbage.
-
Worried I'm getting a bit too paranoid, but...
Why backdoor the messaging apps when you can just monitor the entire OS?
If the Apple security decision in the UK is anything to go by as well as the Trump administration in the US pushing hard for government backdoors in cloud storage and messaging apps, which has been asked for for a long time but didn't have much chance of getting past court oversight in the US until the Supreme Court was so corrupted, then likely this is going to be a way that governments can enforce the idea of having encrypted data transmissions to keep data out of the hands of foreign hackers, but still have corporate backdoors that allow governments to access the unencrypted data. That's exactly what the UK said the Apple thing was supposed to help with. Of course data is only as secure as the weakest link and corporations are often much easier targets than individual users anyway. So it has the same result, but it appeases the majority who don't get it.
-
Provides a single process that can be used by all message apps so that they don't need to implement backdoors into all of them?
And with it unified, it's easier to tie multiple online identities back to which one single person they all are.
-
I play Lichess on my GrapheneOS Pixel6a, works well. Same with Signal, Firefox with several mobile browser extensions.
Bitwarden, NewPipe, Tailscale, Duolingo, Uber, Discord, Matrix Element, all the Proton mobile apps, Backblaze, etc etc.
Pretty much every app I try works flawlessly. On rare occasion I'll experience minor bugs, and twice I've had to use GOS's extra privilege mode to get an app to work.
Overall, Love GrapheneOS and I'll use them as long as they are around and making an awesome alternative to Google's garbage.
Thanks!
Is graphene available on Xiaomi phones?
-
Bit out of the loop. What am I looking at?
Google's secret app that scans your photos for CSAM, but my firewall is configured to autoblock newly installed apps from internet access, thus the notification alerting me an app is trying to access the internet.
-
So glad I moved to GrapheneOS last month.
Yeah I'm super keen, but my lower-tier Samsung isn't supported. I really wish FairPhone would offer a cheaper option
-
LineageOS or /e/OS would be my picks. Graphene and Calyx are better, but likely don't support the device in question.
RIP DivestOS.
Lol, I think they asked for a firewall, not alternative OS
-
... the OS doesn't understand the app's data.
I assume you are referring to End to End Encrypted (E2EE) messaging apps here. I'm no programmer/developer/software engineer and I'll be the first to admit that I don't know a ton about how most apps work on the backend. That being said, my understanding is that E2EE apps decrypt whatever is being transmitted to them when they get to your device (assuming phone here) (of course it would decrypt it, otherwise how would you make sense of the information?). Once the data is on your phone, it is decrypted. From what I understand, sandboxing apps is not all that robust on Android (at least on "mainstream" versions)
Therefore, the data that was Encrypted from End to End was decrypted at the End and therefore accessible by other applications and processes on your phone. Unless Android sandboxing has improved greatly in the last few weeks.
You're right that the e2ee part is only about protecting the data while in transit, but that is because it's the hardest part. Apps can also store the data in an encrypted format so that other apps won't be able to read it.
