From 89f83d49ad7d4cd8baa815993d3172ca72e5b30e Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Sat, 8 Apr 2023 12:32:25 +0300 Subject: Update content for html --- gemfeed/2023-01-23-why-grapheneos-rox.html | 32 +++++++++++++++--------------- 1 file changed, 16 insertions(+), 16 deletions(-) (limited to 'gemfeed/2023-01-23-why-grapheneos-rox.html') diff --git a/gemfeed/2023-01-23-why-grapheneos-rox.html b/gemfeed/2023-01-23-why-grapheneos-rox.html index ea28474e..515d2161 100644 --- a/gemfeed/2023-01-23-why-grapheneos-rox.html +++ b/gemfeed/2023-01-23-why-grapheneos-rox.html @@ -10,7 +10,7 @@

Why GrapheneOS rox



-Published at 2023-01-23T15:31:52+02:00
+Published at 2023-01-23T15:31:52+02:00

 Art by Joan Stark
@@ -37,16 +37,16 @@ Art by Joan Stark
 

 In 2021 I wrote "On Being Pedantic about Open-Source", and there was a section "What about mobile?" where I expressed the dilemma about the necessity of using proprietary mobile operating systems. With GrapheneOS, I found my perfect solution for personal mobile phone use. 

 

-On Being Pedantic about Open-Source

+On Being Pedantic about Open-Source

 

 What is GrapheneOS?

 

-GrapheneOS is a privacy and security-focused mobile OS with Android app compatibility developed as a non-profit open-source project. It's focused on the research and development of privacy and security technologies, including substantial improvements to sandboxing, exploits mitigations and the permission model.

+GrapheneOS is a privacy and security-focused mobile OS with Android app compatibility developed as a non-profit open-source project. It's focused on the research and development of privacy and security technologies, including substantial improvements to sandboxing, exploits mitigations and the permission model.

 

 GrapheneOS is an independent Android distribution based on the Android Open Source Project (AOSP) but hardened in multiple ways. Other independent Android distributions, like LineageOS, are also based on AOSP, but GrapheneOS takes it further so that it can be my daily driver on my phone.

 

-https://GrapheneOS.org

-https://LineageOS.org

+https://GrapheneOS.org

+https://LineageOS.org

 

 
User Profiles


 

@@ -62,7 +62,7 @@ Art by Joan Stark
 

 There's also the case that I am using an app from the Google Play store (as the app isn't available from F-Droid), which doesn't require Google Play Services to run in the background. Here's where I use the Aurora Android store. The Aurora store can be installed through F-Droid. Aurora acts as an anonymous proxy from your phone to the Google Play Store and lets you install apps from there. No Google credentials are required for that!

 

-https://f-droid.org

+https://f-droid.org

 

 There's a similar solution for watching videos on YouTube. You can use the NewPipe app (also from F-Droid), which acts as an anonymous proxy for watching videos from YouTube. So there isn't any need to install the official YouTube app, and there isn't any need to login to your Google account. What's so bad about the official app? You don't know which data it is sending about you to Google, so it is a privacy concern. 

 

@@ -72,7 +72,7 @@ Art by Joan Stark
 

 With GrapheneOS, it is different. Here, I do not just have a separate user profile, "Google", for various Google apps where Google Play runs, but Google Play also runs in a sandbox!!!

 

-GrapheneOS has a compatibility layer providing the option to install and use the official releases of Google Play in the standard app sandbox. Google Play receives no special access or privileges on GrapheneOS instead of bypassing the app sandbox and receiving a massive amount of highly privileged access. Instead, the compatibility layer teaches it how to work within the full app sandbox. It also isn't used as a backend for the OS services as it would be elsewhere since GrapheneOS doesn't use Google Play even when it's installed.

+GrapheneOS has a compatibility layer providing the option to install and use the official releases of Google Play in the standard app sandbox. Google Play receives no special access or privileges on GrapheneOS instead of bypassing the app sandbox and receiving a massive amount of highly privileged access. Instead, the compatibility layer teaches it how to work within the full app sandbox. It also isn't used as a backend for the OS services as it would be elsewhere since GrapheneOS doesn't use Google Play even when it's installed.

 

 When I need to access Google Play, I can switch to the "Google" profile. Even there, Google is sandboxed to the absolute minimum permissions required to be operational, which gives additional privacy protection.

 

@@ -88,7 +88,7 @@ Art by Joan Stark
 

 I really want my phone to shoot good looking pictures, so that I can later upload them to the Irregular Ninja:

 

-https://irregular.ninja

+https://irregular.ninja

 

 The stock camera app of the OASP could be better. Photos usually look washed out, and the app lacks features. With GrapheneOS, there are two options:

 

@@ -100,7 +100,7 @@ Art by Joan Stark
 

 For automatic backups of my photos, I am relying on a self-hosted instance of NextCloud (with a client app available via F-Droid). So there isn't any need to rely on any Google apps and services (Google Play Photos or Google Camera app) anymore, and that's great!

 

-https://nextcloud.com

+https://nextcloud.com

 

 I also use NextCloud to synchronize my notes (NextCloud Notes), my RSS news feeds (NextCloud News) and contacts (DAVx5). All apps required are available in the F-Droid store.

 

@@ -116,11 +116,11 @@ Art by Joan Stark
 

 Termux can be installed on any Android phone through F-Droid, so it doesn't need to be a GrapheneOS phone. But I have to mention Termux here as it significantly adds value to my phone experience. 

 

-Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically - additional packages are available using the APT package manager.

+Termux is an Android terminal emulator and Linux environment app that works directly with no rooting or setup required. A minimal base system is installed automatically - additional packages are available using the APT package manager.

 

-https://termux.dev

+https://termux.dev

 

-In short, Termux is an entire Linux environment running on your Android phone. Just pair your phone with a Bluetooth keyboard, and you will have the whole Linux experience. I am only using terminal Linux applications with Termux, though. What makes it especially great is that I could write on a new blog post (in Neovim through Termux on my phone) or do some coding whilst travelling (e.g. during a flight), or look up my passwords or some other personal documents (through my terminal-based password manager). All changes I commit to Git can be synced to the server with a simple git push once online (e.g. after the plane landed) again.

+In short, Termux is an entire Linux environment running on your Android phone. Just pair your phone with a Bluetooth keyboard, and you will have the whole Linux experience. I am only using terminal Linux applications with Termux, though. What makes it especially great is that I could write on a new blog post (in Neovim through Termux on my phone) or do some coding whilst travelling (e.g. during a flight), or look up my passwords or some other personal documents (through my terminal-based password manager). All changes I commit to Git can be synced to the server with a simple git push once online (e.g. after the plane landed) again.

 

 There are Pixel phones with a screen size of 6", and that's decent enough for occasional use like that, and everything (the phone, the BT keyboard, maybe an external battery pack) all fit nicely in a small travel pocket.

 

@@ -130,14 +130,14 @@ Art by Joan Stark
 

 A pure Linux phone, e.g. with Ubuntu Touch installed, e.g. on a PinePhone, Fairphone, the Librem 5 or the Volla phone, is very appealing to me. And they would also provide an even better Linux experience than Termux does. Some support running LineageOS within an Anbox, enabling you to run various proprietary Android apps occasionally within Linux.

 

-Ubuntu Touch

-More Linux distributions for mobile devices 

+Ubuntu Touch

+More Linux distributions for mobile devices 

 

 But here, Google Play would not be sandboxed; you could not configure individual network permissions and storage scopes like in GrapheneOS. Pure Linux-compatible phones usually come with a crappy camera, and the battery life is generally pretty bad (only a few hours). Also, no big tech company pushes the development of Linux phones. Everything relies on hobbyists, whereas multiple big tech companies put a lot of effort into the Android project, and a lot of code also goes into the Android Open-Source project.  

 

 Currently, pure Linux phones are only a nice toy to tinker with but are still not ready (will they ever?) to be the daily driver. SailfishOS may be an exception; I played around with it in the past. It is pretty usable, but it's not an option for me as it is partial a proprietary operating system.

 

-SailfishOS

+SailfishOS

 

 
Small GrapheneOS downsides 


 

@@ -149,7 +149,7 @@ Art by Joan Stark
 

 E-Mail your comments to hi@paul.cyou :-)

 

-Back to the main site

+Back to the main site

 

 Generated with Gemtexter |
 served by OpenBSD/httpd(8) |
-- 
cgit v1.2.3