he's an anthropologist, he doesn't make predictions or be a prophet.
only Foucault, and not even on his research, only when being a rock star and giving interviews.
anyway, deleuze there is showing how society already is. how the phone company used privilege information since the 1890 or so etc.
now whatsapp and and apple replaced the phone company in that data collection, and scales are larger, but it's still the same, just intensified.
anyway, you must read the foundations. on anthropology every banal looking word carries a whole complex concept that is not clearly shown in bibliography or other means. losing that context seriously harms the understanding.
I agree with you, but I also find that in this particular essay, Deleuze manages to explain his ideas very clearly, making it easier to follow and understand without getting lost in his complex concepts.
knowing where the window is, you can generate something the user will click on a known position and then at the right time you trigger something like an administrator escalation privilege confirmation dialog and the user clicks that instead.
people forget lesson from recent past. i don't know when google strong armed w3c to include this back... but we had this since ie4 days and then disabled everywhere since it was abused left and right for click jacking attacks.
Not until Mozilla stops telling websites that I want a light color scheme if I turn it on. privacy.resistFingerprinting does too many things and you shouldn't need to use that sledgehammer to prevent the browser from leaking information that no website should know.
for me i feel bad for solomon, always missing the mark (docker, dagger) yet profiting must be a sobering reminder of how low the bar really is in modern tech (i'm sure he consoles himself just fine with a blanket of $ though!)
Can you elaborate? I was personally so happy with Pixel4 that I've decided to buy a new version when my phone lost support. I didn't have any specific problems, I didn't feel like I was forced by Google to do things I don't like, and when I started caring about privacy even more, I changed my OS to Graphene (something you can't easily do on Apple owned device, I believe). They're not perfect, but I'm genuinely interested what was the show stopper for you.
I wouldn't hold up GrapheneOS as a good example of more freedom compared to Apple or Google tbh.
Their device depreciation policy is literally just Google, they refuse to support anything that isn't a Pixel (because of the security chip, although as I understand it, there's other manufacturers who could probably work as well - Pixel is simply chosen because Google promised to open up the microcode on the security chip, which hasn't happened yet) and their stance on user privacy is so extreme that it gets in the way of user freedom - they literally offer their own SafetyNet implementation and are aggressively against rooting whilst refusing to understand why people root to begin with (the most common reasons is by far hosts based adblocking and their recommendation, VPN based adblocking, gets in the way of a normal day-to-day VPN or something like Tailscale).
(Relatedly - the toxicity problems of their community against criticism of GOS or even being interested in non-GrapheneOS privacy projects are well known at this point and with a smaller community, you're bound to run into something that isn't answered on the general internet at some point. This makes that component somewhat unavoidable. I've never seen a non-corporate, non-FSF run community be such extreme NIH types.)
For freedom, I'd moreso point towards projects like LineageOS.
> I wouldn't hold up GrapheneOS as a good example of more freedom compared to Apple or Google tbh.
I don't see why we can't have both, but this doesn't really a fair criticism of GP's comment. The specific word GP used was 'privacy', not 'freedom', and you are attacking GrapheneOS's stance on the latter, not the former.
GrapheneOS is more focused on privacy over freedom, as you said ("their stance on user privacy is so extreme that it gets in the way of user freedom"). They have chosen to prioritize one over the other.
> For freedom, I'd moreso point towards projects like LineageOS.
This might be true, but LineageOS doesn't have access to microcode either, and certainly GrapheneOS is more 'private' than Lineage, assuming that GrapheneOS hasn't been compromised either internally or at some point in the AOSS supply chain. Except for niche mfgs like PinePhone et al, Google is probably the most free of the major manufacturers (ironically, less private but more free).
I agree that we should aim for both freedom (as in free speech, not necessarily as in free beer although it'd be nice!) and privacy.
Both are critically important, and the efficacy of the latter depends in large part on the former.
Android security model does not allow root users. If you allow root users, you destroy the security model. GrapheneOS has people working on it that are real security researchers. You can't patch your way up into security out of shit foundations, the foundation being an user existing that breaks the OS' security model.
If you hadn't noticed, we get a zero click RCE on phones basically couple every years. That's the type of stuff GrapheneOS worries about, not whether its users can block ads, however nice that is.
That is almost the exact argument from the toxic Graphene community GP complained about.
Only the anti-user part of the security model is really destroyed, and rightly so. The part that considers the user to be the attacker and wants to protect the app and their developer's evil intentions from the user.
An RCE that only affects a non-root component or a component that ran with system privileges anyway will not be enabled or facilitated by this.
Of course current root implementation may be not be as secure or convenient as they could be. For example after each update they must be re-applied, from a downloaded app, leading to people updating later and opening another problematic supply chain. But that could be remedied if they were better integrated into ROMs.
To be more exact - the comment you're replying to is exactly the type of GOS dogma that makes it hard to recommend.
The problem is that GOS is taking a privacy approach that's so niche that it borders on being useless[0]. If you're the type who is at threat of say, state actors (or has convinced themselves they are), then it makes complete and total sense to use GOS with all the anti-user crap it entails. You get a completely secured fortress of a phone out of it.
What makes the GOS community toxic is the subsequent attitude taken by developers to other privacy models. Most people aren't "state actor" degrees of paranoid, they just don't want Google enabling hidden settings and pass the users photos onto their servers; they might want to reign in Play Services (without abandoning it entirely) or take advantage of GOS' anti-background GPS capabilities. These are all legitimate features that aren't undermined by having root. Google isn't generally a malicious actor with these things (you're not worth enough to them to do these tactics) and if someone is capable enough to install GOS they are also likely capable of maintaining decent app installation hygiene which limits that too.
The response from the GOS community when these things are brought up amount to 1. Fork Off (not happening because user != developer), 2. "You're holding it wrong" or 3. Ban the user for being a Calyx/Divest shill or whatever else (not endorsing either project).
There's also the projects noted history of using license trickery to prevent non-Vanadium browsers from implementing a System WebView that are why I'm considering them toxic to Android privacy as a whole. (And general trademark nonsense to prevent people from achieving the fork off bit) The GOS community is extremely "GOS or nothing" and it sucks because GOS itself is genuinely a technical achievement.
[0]: Which to be clear - multiple online privacy communities have this specific issue, that's not just on the GOS community.
Graphene isn't a 'privacy' project. It's a security project. It just manages to be the most privacy friendly there can be; but it's not a design goal.
You cannot have 'privacy' without 'security', because your privacy measures can easily be circumvented and defeated otherwise. That's why calyx os or other grift projects are useless on both.
The design goal IS security. And each decision is motivated by such design goal. An unconstrained system user that circumvents the security model just to allow some users to intercept network requests to do adblocking is irreconcilable with the design goal of having a secure OS. What's stopping the adversary from terminating TLS requests and snooping on your plaintext traffic when such privileged API access is possible?
If you really want some adblocking, you can set-up to use a DNS server that does that. Such measure is not the best there can be, obviously.
Finally, if an user can bypass the security model, so can the attacker. The security boundary between "adversary user" and "not hostile user" is hard to define and enforce.
GrapheneOS is a security and privacy project, and puts significant effort into advancing both. Security is a prerequisite for privacy, and getting that right is extremely important, but all of that is exactly so that you can then safeguard privacy.
GrapheneOS has many features which are heavily towards the "privacy" side of the scale, rather than the security one. Features such as Storage and Contact scopes are features which allow you to preserve privacy by granting apps just the information you need, instead of giving them bulk access to your data. The network permission is as much as a privacy feature as it is a security feature. Being able to deny sensors access from apps so that they can't access them is a privacy feature etc.
I'm mentioning the above because it seems like people tend to split security and privacy into completely different camps in a way that doesn't make sense. Those two things play off each other, and one needs the other to be effective. GrapheneOS focuses on both.
It defeats the purpose of using it. There's plenty of unlocked bootloader OS that make root easier. Calyx or lineage work better for root. If it works well for you though, great!
Not entirely, there would be a bit more security during bootup.
However, the risks and problems are probably not worth it.
Other benefits Graphene advertizes: they are much better and quicker applying updates (that's easy because they only support pixels), they allegedly support much more and better exploitation mitigation mechanisms, and have a Google Services sandbox that looks quite interesting.
Though, after the conversations I had with them I really do not want to trust those people :(
The usual: Voice some opinion that doesn't exactly match theirs, Ina friendly way, get insulted, get accused to be part of another group that allegedly is conspiring to harm them...
Later found this is apparently a pattern and happened to others in a very similar way, e.g. https://m.youtube.com/watch?v=4To-F6W1NT0
Hey there. GrapheneOS community moderator here. In case you haven't taken a look, I would recommend reading through https://grapheneos.org/features to get a better sense of what GrapheneOS provides beyond what you mention above.
I also wanted to address a few things:
Applying updates quickly is extremely important. You seem to consider GrapheneOS supporting devices that get timely updates and make developing for them easier to be "cheating", for some reason. Regardless, every GrapheneOS change has to be ported to each monthly, quarterly and yearly release of Android, which isn't a trivial task, as I'm sure you can imagine, but it's done correctly and quickly, because it's important.
Now, I also wanted to address the last part of your comment here, because judging from your other comments in these thread, you seem to have a bone to pick with the project and its team. It's unfortunate that a lot of the time, project members and community members taking the time to properly answer questions and explaining how things work is seen as a bad thing because it is not the thing that you (or anyone else, I'm just using you as an example here) wanted to hear. The team considers it very important to help people understand how things work, as there is unfortunately a lot of misinformation about these topics. The fact that we're passionate about explaining how these things work, and the fact that it clashes with people's preconceived notions about things often means they're hostile in return, which is unfortunate, but still, it is important.
> They're not perfect, but I'm genuinely interested what was the show stopper for you.
Not OP, but: Google. I don't believe Google can be trusted with Android. I'm stuck with the iPhone, or getting a phone that can run CalyxOS, because I basically only need apps that a solely available in the Play Store. The thing is, I don't care for messing around and trying to make my phone work and flashing alternative operating system. So I'm stuck on the iPhone, because I trust Apple slightly more than Google.
Can you elaborate? I was personally so happy with Pixel4 that I've decided to buy a new version when my phone lost support.
I still use Android, but the lifespan of every Android device I've ever owned is two years or less. They just don't survive that long. Whether it was the old Nexus 7 tablet that hit a boot loop issue, or charging issues that I've run into on most Pixel phones. My previous pixel even had to be repaired (thankfully under warranty) because of the charge port failing. But again it died 6 months later right around the 2 year mark.
The only saving grace is that I'm usually spending around $300 for the Pixel phones, so it's still likely cheaper than if a bought a higher end Samsung that lasted longer.
Funnily enough, the longest lasting "Google" device I've owned is a ChromeOS Lenovo Duet that I purchased back in 2020. The tablet is decidely sluggish these days, so I don't really use it anymore, but at least it still functions.
I don't think that the OP was talking about the cell network changes when they said that the phone had lost support. GNU/Linux phones (Librem 5 and Pinephone) will never loose software support, since they run mainline Linux. Also, Librem 5 has a replaceable modem.
Oh, Purism. The guys who included a separate chip to deny the user the ability to upgrade the firmware, so that they could meet FSF's completely arbitrary requirements for a honorary badge of freedom (see the hypocrisy?), but neglected an IOMMU, so the baseband (or any other device on the bus) can wreak unlimited havoc (see the irony?). Great alternative indeed.
> neglected an IOMMU, so the baseband (or any other device on the bus) can wreak unlimited havoc
The Librem 5 doesn't need an IOMMU, because it uses separated components, and it uses serial buses (USB 2.0/3.0, SDIO, I2C and I2S) that don't allow direct memory access, so there is absolute no chance of the WiFi/BT, cellular modem, GNSS and USB controller being able to access the RAM or the SoC's cache
The USB URB structure have a field named 'dma_addr_t transfer_dma',
used for DMA access. I've abused that to chain vulnerabilities. To boot, it is possible to develop an I2C-B2C or SPI bus master which is capable of DMA toward the host memory. Linux 2.5 kernels and later, USB device drivers have additional control over how DMA may be used to perform I/O operations.
Do any of these guys actually read the hardware specs or do any real hardware hacking?
I don't know, Google integrated the mainline Linux kernel a while ago. Probably most of the modern ones.
PostmarketOS fills the plaything niche like the Librium 5 and pinephone do but much cheaper with much better old hardware. Aside from a checkmark of running the latest kernel and hardware switches what can the librem 5 do an Android phone can't do much better? They aren't good phones.
Lifetime updates, no proprietary drivers, support of tens of different operating systems, schematics, openPGP card, desktop apps and convergence, verifiable security.
Those are features but not descriptions of good uses. Running a small laptop or steam deck fulfills all of that and much more and I've yet to see an instance where it's a good use. Again it sounds like a plaything to tinker with, with no real world use as a phone or computer.
> Running a small laptop or steam deck fulfills all of that
Why on earth do you need two separate devices (phone and laptop), when you can use one for both use cases (phone with convergence)? No synchronization or double-backups and maintenance required. Also, decreasing the amount of e-waste is a good thing as well as fighting with the user-restricting duopoly.
It looks like for you Linux itself is also just for tinkering, since you can already do everything with Windows and MacOS, isn't it?
Coming home, connecting my phone to keyboard and screen and continuing using it as a desktop. Using it as a thin client for any Linux server with the full access to desktop tools while on the go. Open your email/ssh session with authorization by the smart card, so that even if the phone is stolen or hacked, nobody else will have access to it. 100% defense against the corporate surveillance included in Android and iOS.
Of the three Pixel6a phones I bought for family members less than a year ago two have had their eSIM support mysteriously and permanently stop working, and one has had its physical SIM stop working. Unfortunately, those failures were not evenly spread and now one phone is completely without cell service. Google's tech support response is basically "Wow, sucks to be you". Was quite the 180 compared to taking an iPhone into the Apple store.
installing crap on dev machines is as bad as recommending "curl -k ownme.wtf/install.sh | sudo bash"
just DOCUMENT things. if the requirements section is not trivial to satisfy, your dependencies suck or you suck at writing docs.