undefined

points

[-]

That completely goes against what they're working towards. I understand why you would want to root your own phone, but GOS is targeting highest security standards and root ain't one of them (for good reason).

by flexxxxxxxxxer10 hours ago|

prev|

[-]

But in that case why you would need to use GrapheneOS at all? Without security you cant have privacy and OS with security as priority cant just add hole in the system because it would allow to bypass all security features added on top of AOSP and AOSP features too. Most features people use root for can be achieved without root by modifying Android Framework itself with SystemUI/Settings app

If you wish so you can gain root privileges on your own in your own build or with modifying GrapheneOS existing builds. It wont be compatible with GrapheneOS provided updates because of signature mismatch

by preisschild10 hours ago|

prev|

[-]

They value privacy and security. Allowing userspace apps to completely circumvent Android's permission system massively weakens both.

by fsflover7 hours ago|

prev|

[-]

If you value freedom to do what you want on your devices, then you may want to consider Librem 5 instead. It runs a desktop Debian derivative with full root access.

by skorp012 hours ago|

parent|

[-]

You have the ability to do what you want on your device. Root access in AOSP is just used as a hacky shortcut to achieving specific functionality. To do it properly while maintaining the security model would be to build it into the OS itself. The same concept applies to desktop platforms and the Librem 5. This isn't related to freedom.

That device, and the Debian derivative it runs, are not private or secure.

by fsflover2 hours ago|

parent|

[-]

What do you mean when you say "not private"? Are you accusing the company of sending private data to their servers, as Google and Apple do?

Freedom of computing on Librem 5 doesn't end with the root account. It also allows to natively run any desktop software and develop it in any language, without reliance on Google's decision on how one must use the phone, how your OS must evolve and when you may get your updates. Or install a completely different OS from different developers, because there is no reliance on anything proprietary at all.

How you can call a device with a ton of opaque binary blobs more private and secure without mentioning this fact is beyond me. I do not call Librem 5 more secure. But its security depends on what I choose to run on it. And I only run trusted software, so it can be secure.

by skorp011 hours ago|

parent|

[-]

Maintaining one's data as private requires that it is protected as a baseline. Privacy violations do not solely exist as telemetry or data offered up by the platform to some other party.

The protection is achieved through security. The major goal of something like GrapheneOS is privacy, which needs solid security as a prerequisite.

The blobs, while proprietary, are not opaque. They are able to be examined and they are.

The security of a device should not be dependent on what you choose to run on it. You should trust and be able to verify that the platform on which you are running the software prevents something malicious from accessing data which doesn't belong to it or otherwise violates the rules set by the platform (OS).

In this respect, the Librem 5 would do a horrible job compared to even stock AOSP. Thinking that you are secure because you only run "trusted" software on an insecure platform is cope.