293
Switched to GrapheneOS today
(grapheneos.org)
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
much thanks to @gary_host_laptop for the logo design :)
ACC - Advanced Charging Controller, which allows to set charge limits, thus extending the battery life, which should have been part of Android from the beginning,
Security isn't a binary, security works like an onion, you have multiple layers of security and multiple decisions to make on every level. Currently you might be right, that having root access to a device might compromise it in some ways, but that isn't necessarily so and depends on how it is done.
This kind of thinking is the 'I know better than you' mentality, that I sometimes see around people advertising GrapheneOS. Having 'root' permissions to the device is owing it, I want to decide what to do with it, not the vendor of the ROM, or who ever else. They aren't me, they don't know what I want to do with it.
The goal of security models is allowing me, the owner, to do what ever I want with my device, while preventing others, non-owners, un-trusted applications or the internet from doing what they want with my device. If the security model doesn't allow me, the owner, to do what I want, then it failed its job at least partially.
Why is that dangerous? The first thing I do, when I get a new phone is boot into the boot loader, and overwrite the whole partition, then the system is trusted again, at least if I trust the vendor of the boot loader. When I want to do a factory reset, I do the same, overwrite the flash with a fresh OS image.
IMO, there are other reasons why the current implementation of root are dangerous: They currently considered binary and I think they could be implemented more gradually. Like one application having root over individual other applications, e.g. accessing their files. Allowing/Disallowing individual privileged system calls, or access to specific system files, etc. All of this could be hidden behind a switch in the developers menu. Maybe only allow applications to gain root access when using a registered hardware token, etc.
In order for MicroG to work full, you need to fake the signature, which requires a patch to the system, or root privileges.
You can make changes to the OS when it isn't booted. You can even compile your own image. The problem is having root in the application layer. You are exposing yourself to unnecessary risk. Ideally you should flash a overlay in the Lineage OS recovery or TWRP. You can do this for a few other things such as the F-droid privileged extension.