|
|
Subscribe / Log in / New account

Clearing up some things

Clearing up some things

Posted Sep 3, 2025 14:32 UTC (Wed) by lemming54 (guest, #179149)
In reply to: Improved user profiles by rjones
Parent article: Graphene OS: a security-enhanced Android build

Hello there, generally I agree with your post and found it very joyful to read. But I want to clear up some misconceptions.

> The storage scopes feature can put apps into a sandbox where they believe they have full access to the device's shared storage, but they can only access the files they have created themselves.

This is not correct, "scopes" make apps that are not requesting normal permissions compatible, by poking a hole in their sandbox that the user controls. Scopes are a compatibility tool for filesystem access, as many apps just request "all media" "all music" or even "all files" even though they only need a few folders (galleries, syncthing-fork, random apps). Contact scopes allows granular access to contacts, where there is no Android-native alternative like there is with the filesystem access portal.

All apps can access files they created themselves, in Downloads, Pictures, Music, Movies, Documents. That way for example you can add pictures on Signal where you cant use the "share" portal, share to the app then save with the app, now the app can access that file.

> installed GrapheneOS systems update aggressively

not really, can be configured like "only on charge"

> The documentation says that logging into the Play Store is not required, but it insisted on a login for me, re-establishing the umbilical connection to Google that installing GrapheneOS had cut.

You can use work profile, "Private space" and user profiles (which grapheneOs works hard to make more usable) to separate that out.

> The keyboard does not support "swipe" typing; users who want that will likely end up installing GBoard, which poses privacy risks of its own.

The preinstalled Keyboard is really bad and outdated. This was the version that Google made before making it proprietary as "GBoard". All the apps were abandoned in different Android versions, which is pretty obvious when looking at it (like the SMS or Gallery app having different UI styles)

Keyboard apps as user apps can input stuff and read the clipboard, thats it. You can (and should) deny keyboard permission. All apps can communicate on a voluntary basis via IPC even across the sandboxes, so if you have GBoard and another youtube app on the same user profile, one having internet access, stuff might go to Google. Otherwise, GBoard works fine.

But Keyboards like FUTO Keyboard, Heliboard and Florisboard exist, so this is not true.

> The GrapheneOS messaging app works, but Google's app can filter out some spam, one might as well toss it on.

As the spamfiltering will require internet permission, bundling the "Google Messages" app with "Gboard" means 2 potential partners communicating via IPC will be installed, one having internet access, the other knowing everything you type.

The writer will not have thought about this, so these easy comments can be quite dangerous.

There are alternative databases and methods to detect spam callers, like the now discontinued "Carrion" from DivestOS or ACRPhone's service.

> There are some reasonable, privacy-respecting weather apps on F-Droid these days, but the proprietary, privacy-trashing ones have better access to weather alerts (at least in countries that still have functioning weather agencies) and red-flag warnings.

Very vague statement. There are tons of providers, many of which are supported by apps like Breezy Weather.

The DWD in germany was forbidden to give out their app for free in a courtcase against weather.com, which is a shame. But "kleine wettervorschau" uses the exact same data, for free and being free software.

The Project "FOSS Warn" which now has bundled with KDE, allows to get official emergency alerts for germany and in the future a lot more countries.

> Android Auto is highly useful, and it works fine in GrapheneOS, but it requires its own level of special access permissions.

True, but (while I wouldnt trust it with my data, let alone trust a car), GrapheneOS allows to at least sandbox the app from a lot of confidential information.

> [...] banking apps, ride-share apps, airline apps, and so on that, seemingly, are indispensable in modern life. Each of these pokes another hole [...]

They can be isolated in user profiles, work profile, private space. They can be behind Orbot/TorVPN, a different VPN, or a different way to isolate them. They have no access to much private information. As these apps are a requirement, GrapheneOS has worked a lot on improving existing sandboxing systems to make them less invasive.

GrapheneOS is very barebones, as they focus on OS improvements instead of fancy apps (they are developing apps though, and look for developers who know Android app development). Assume that you will disable many preinstalled apps and replace them with better ones.

If you are looking for app recommendations, here is a list: https://alternativeto.net/lists/41859/grapheneos-starterpack

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds