pull down to refresh
64 sats \ 3 replies \ @79c9095526 30 Sep \ on: GrapheneOS: The Purpose, The Strategy, and The Why [Article] tech
Thanks for the wonderful post, I really enjoyed reading it and learned a lot!
I have a few questions if you don't mind:
-
You mentioned having multiple profiles. Do you leave them running concurrently or just use one at a time? I've left everything in owner for simplicity but am thinking about exploring profiles soon.
-
I used an iPhone for over a decade and I still have an iPhone along with my GrapheneOS phone. I'll admit, the transition hasn't been easy, but I think it has more to do with iOS to Android vs. anything to do with Graphene. You mentioned that an iPhone with Signal is probably good enough, I wanted to see if you could elaborate on that. I'll likely always keep a Graphene phone just because I like having it and tinkering and also in case Apple ever goes nuts again (CSAM, walled garden restrictions, etc...). But I'm thinking of daily driving just an iPhone with signal and voip apps...
-
Do you have suggestions on what to do about legacy calls/sms? On my iPhone I have a couple of decent options like mysudo and even google voice for throwaway use. Without play services on my graphene device, VoIP is a little harder to pull off (outside of jmp.chat). Due to business needs, I can't rely solely on molly/signal and heavily use legacy calling/sms. I prefer to use VoIP vs. many people knowing my 'real' SIM card number, but I haven't found an adequate solution on graphene (without play services). On the iPhone, it just seems 'easier' to solve because mysudo "just works" and even google voice on the iPhone feels more 'isolated' from the system than when I install google voice on graphene (because the google account at least appears like a "system wide account" and needs google play services so who knows what data google gathers from me).
Thanks in advance, I know those a lot of long rambling questions!
Do you leave them running concurrently or just use one at a time?
I use the feature to automatically end a secondary user profile when you leave it. Considering it like turning it off, you wont get notifications from it and it won't run in the background, but it keeps data safer.
You mentioned that an iPhone with Signal is probably good enough, I wanted to see if you could elaborate on that.
I meant that in my own requirements, I am a simple person with not a lot to target for. Some GrapheneOS users may use iPhones for miscellaneous low-risk use like corporate things and use a GrapheneOS phone for other higher-risk activities instead. I own Apple devices but they aren't used in any meaningful ways. iPhones are predominantly a target by sophisticated actors with moderate success, but the scope of who they target is also extremely limited and not a concern for most. GrapheneOS should be a choice for people who could be a victim for that, but obviously GrapheneOS isn't exclusively for them... else I wouldn't be using it.
Do you have suggestions on what to do about legacy calls/sms?
Don't use them if you can help this. I don't use my number beyond when it is forced to be used like for accounts, although your use case is a lot different to mine so I can't really stop you. Project doesn't recommend using SMS for communications and cellular networks aren't designed with privacy in mind and cannot be fixe, a user using mobile data would usually be aware of the privacy shortcomings and use it anyway, like I do.
On the iPhone, it just seems 'easier' to solve because mysudo "just works" and even google voice on the iPhone feels more 'isolated' from the system than when I install google voice on graphene (because the google account at least appears like a "system wide account" and needs google play services so who knows what data google gathers from me).
The play services on GrapheneOS are unprivileged and only access what you allow them to, and what you do in the Google apps themselves (for example searching an app in Play Store may be in your account activity history somewhere). It appears that way because that's originally designed that way, but a compatibility layer essentially tricks Google Play services into believing it is running with privileged access when it isn't.
You can use an additional user profile to contain the play services and apps dependent on it into just that profile, and allow it to run and share notifications to other profiles to get alerts like texts from a text app you use? This is just a suggestion and it may not fit your use case though.
reply
Thanks for the thoughtful response.
My concern with the iPhone has always been similar to that of an ISP. I use a VPN because I don't want a single point (ISP) that gathers up all of my website traffic and knows every site I've visited. I assume they store/sell this data either now or in the future.
I figured apple may do something similar. My understanding (could be wrong) is they track and send back to the mothership every screen wake, touch screen interaction, app download, (perhaps internet traffic?) etc... you do with your phone.
I don't know if these claims are true or not and I don't know if they apply if you don't use iCloud (I do not).
But that is the main draw I had to grapheneos, there is no logging into the phone and no mothership that is hoovering up all of your phone data.
reply
My concern with the iPhone has always been similar to that of an ISP. I use a VPN because I don't want a single point (ISP) that gathers up all of my website traffic and knows every site I've visited. I assume they store/sell this data either now or in the future.
Most developed countries typically have retention policies for ISPs, although they aren't usually very long because the scope of data to store is humongous, around over a year. If an ISP says they don't sell or share this data other than in law enforcement, I would trust it since it's a legal obligation, but I know others won't trust that. Think it would be a very controversial move and data selling is more common in social media / marketing firms.
I figured apple may do something similar. My understanding (could be wrong) is they track and send back to the mothership every screen wake, touch screen interaction, app download, (perhaps internet traffic?) etc... you do with your phone.
That's excessive and unnecessary and information like that isn't valuable enough to build infrastructure to collect of it's billions of users. Important information is what is identifiable or provides details on key events of the person / device, and having a full chronological timeline down to the press is bloated intelligence.
You should expect Apple to know what information you provide on your Apple ID and activities on Apple's services that are not end-to-end encrypted. iCloud provides an end-to-end encryption option but it's not a default so the content (files, contacts, messages) can be accessed on there. E2EE is default for iMessage but if iCloud backups are enabled for iMessage then Apple could provide decryption keys for the content if that backup isn't end-to-end encrypted.
If you are using an Apple service like iCloud Email, Apple Music, App Store and more, you should also expect the activities you do on those apps to have relevant data collected like purchase / download history, track history, email history etc.
Apple's privacy policy is generally well in comparison to many other companies, the flaws is the lack of end-to-end encryption and the large scope of information they collect: https://privacyspy.org/product/apple/ - Apple provide VERY personalized services which in-turn require a lot of information, many of these features are stored and managed on-device as they say.
For Private Relay you could expect Apple knows who is connecting to it and that's about it: https://support.apple.com/en-us/102602
I don't know if these claims are true or not and I don't know if they apply if you don't use iCloud (I do not).
Then the scope they collect is much less, core Apple ID information, app store purchase / download history and device information would come to mind.
reply