And their bullshit excuse for dropping SMS support.
“It was too expensive from an engineering standpoint”. Nonsense, Android handled it, your app merely reads and writes to the SMS database via an API.
Or are you telling me the free SMS apps like Handcent, QuickSMS, etc, had a massive engineering team?
This is when I stopped using Signal, when this lie was so blatant, I can no longer trust them.
For anyone who seems uninterested, ask if they’d like to be arrested for murder simply because they biked past a place every day.
For anyone looking for great talking points about this issue, I highly recommend “Taking Control of Your Personal Data” by prof. Jennifer Golbeck, published by The Teaching Company, ISBN:978-1629978390, likely available at your local library as a DVD or streaming.
It’s possible a smart TV will use its wifi to connect to another device of the same brand on its own. I’d read an article about it a couple years ago.
If I’m reading about it, that means a company has been working on it, and frankly it makes sense. If I were in their shoes I’d look into making it happen. It’s pretty trivial to do when you think about it.
Not that I think it’s happening in the wild, just an idea to keep in mind.
Also, those devices are always capturing data. So if/when they ever connect, that data will get uploaded.
At least one of the devs is an arrogant, condescending prick. Remember Nick the Computer Guy from SNL? He’s like 3 times worse than that. I’ve experienced it first hand - as in his second reply to me was to blame me: “you’re doing it wrong”. He’s exactly like some people I worked with 30 years ago. Smh.
There’s far more than that, though. In general, the Graphene team says everyone else is wrong. Classic idealist attitude.
I run DivestOS now because of that interaction, I will never use Graphene. That dev can go fuck himself with a pineapple - had enough of his kind of childishness decades ago.
Lineage and a fork, DivestOS are very close to Graphene, and run on far more devices.
The search for perfection is the enemy of good.
I’ve run Lineage for years on some spare devices. Battery life is so much better without Google Services.
My most recent device (Pixel 5 with DivestOS) is averaging 1.1% battery consumption per hour over the last day. That included an hour of navigation, using Google maps with microG services.
One old device runs longer with DivestOS than it ever did with stock, and the battery has lost 40% capacity. That’s how bad Google Services eat battery.
Plus Lineage permits you to use a number of old devices, unlike Graphene. It’s good, it gives you far more control than Google.
My final thought on Graphene - it needs to be taken over and lead by some professionals. Those folks act like stereotypical geeks of 30 years ago, arrogant, condescending (I worked with their type 30 years ago, and was a little like them then). They also denigrate anything less than what they deem “perfect”. The very definition of hubris.
Their attitude is “if you have a problem you must’ve done something wrong, why did you do something wrong”. Having that experience with them has put me off Graphene permanently.
Edit: I can re-lock the bootloader with Divest, so the condescending Graphene folks are just plain wrong about being the only OS that can do this. I don’t lock it, because my threat model doesn’t require it. The odds of my phone being grabbed by someone with state-actor-level skills being after me is non-existent, and there are easier ways to get the same data from me.
First, don’t buy new phones. You’re paying a massive premium to be first. Especially since you’re going to flash a rom, which has a little risk anyway (I’ve bricked phones by flashing, though not for years).
I just upgraded from a 2017 flagship to a Pixel 5 (only because my cell company decided to stop it working on their network, when I can throw a different Sim in and it works fine). I was able to buy 3 Pixel 5’s for less than you paid for your new phone. Which means I have a daily driver, a hot spare, and a test device for a little over $400.
If my daily breaks, I pickup my spare and swap the SIM, since I keep both phones synced with Syncthing. I don’t even have to login to anything because that’s all done. (I had 4 functional devices of my 2017 phone, they had become so cheap).
So pick a 1-2 year old model that you like the features, and pay far less for it.
Before (finally) coming to the pixel, I would look at the Lineage device list, then check those phones out at gsmarena.com and phonearena.com to see which I’d prefer, because Lineage has the broadest device support that I’ve seen.
Today I run DivestOS, a fork of Lineage with some changes to a few things. I forget now exactly what I preferred (I’d have to pull up my comparison spreadsheet), but average battery consumption is a staggering 0.5% per hour, with microg services installed and a couple apps using it. Consumption average increases to about 4% per hour when I’m doing a lot of intensive stuff - copying files over the network, using nav, watching a video, etc.
Wow, great article, thanks for the link.
The moment I read the quote from Signal’s president, I called bullshit. I was there, working at a company that had massive records, probably of about 1/3 of Americans.
We were very much concerned with this data in private hands. We were concerned about this kind of data in anyone’s hands.
Such BS coming from Signal is part of why I no longer use or reccomend the app. I simply can’t trust them when they make such blatantly bullshit statements.
Like their reasononing for dropping SMS support because the “engineering costs”. There’s nothing your app does for SMS, other than to hand the message to the SMS system (technically, it reads and writes to the single SMS database on Android, which was a change implemented in about 2015), using a published API.
I’m starting to suspect the motives after reading such lies.
You can easily get far more privacy with Android than iOS, even using a factory, unrooted, rom.
Though I’d say iOS is more private out of the gate than Android.
Once you start installing apps, it’s arguable which is worse - while Apple restricts a lot of stuff, I’ve had apps on iOS that eat battery to pull ads constantly (specifically one Solitaire game, but others too) and lots of Android apps are notorious for wanting every permission and to run at boot. “Free” games on both platforms are notably guilty.
At least with Android you can choose a lot of apps that don’t collect data, and don’t even want a network connection. Unrooted, you can use a VPN full time, that can block network access for apps, or even specific network connections (NoRoot Firewall is one, and ThinkDNS can do this too, IIRC). Like free games - on Android (even unrooted), I can block their network access. And I know it’s effective because it breaks some games.
I’ve used a stock, unrootable phone, and stripped down a lot of stuff using the Universal Android Debloat Utility. It can disable bloatware like all the Facebook components.
Though if OP wants to have a more private and more secure device, I’d go Android with a custom rom, especially Graphene, but Lineage and DivestOS can get you close to Graphene, especially is you manage your layers of privacy and security.
As others have said, the Pixel line is the easiest if you want to have full control over the phone.
There are others, but it will take more effort to get there (I say this after flashing and rooting all my phones since 2010).
Take a look at lineageos.org/devices to see what devices they support, it’s a good approximation of which phones can be boot loader unlocked.
After lots of looking around, I decided to finally jump to Pixel, and I’m running DivestOS (a fork of Lineage with a little bit more tweaked, like sandboxing MicroG).
Once you decide to go down this road, I’d suggest downloading the factory rom image for your phone, and practice flashing it, before trying with a custom rom, just so you have some experience with a known-good image. Plus, sometimes you have to flash back to stock - I just did one the other day because I screwed up the custom rom flash.
For what OS?
Why not just run your own calendar server, then the sync issue is resolved by extant sync mechanism, rather than trying to make your own with Syncthing?
I use Syncthing to sync some stuff that doesn’t have standard server sync solutions, like some text files that may get updated at either end. But I don’t think it’s the way to sync calendar stuff, as calendaring is an established system.
And if you’re worried about getting to your calendar server, Mesh networks like Tailscale can provide an encrypted tunnel. You don’t even need the client on devices, if you use the Funnel feature (which funnels specific traffic from the internet into your tunnel, courtesy of Tailscale).
(That said, I’m curious to see what more knowledgeable people come up with, I can’t think of any calendar apps that auto import/export calendars).
I generally agree.
But any decent code review process would’ve exposed this, or at least a data surveillance system that checks this stuff. I’ve received a few notifications about my logs storing inappropriate data, as a result of a scanning system.
Some manager knew about this during a code review, and signed off on the risk because it was only in-house.
Aren’t those VPNs isolated to that profile then? So only apps within that profile use the VPN in the profile?
Just trying to make sure I understand how Android does isolation. I guess if you run the apps that need each VPN in the appropriate profile and Island makes the isolation kind of transparent, it should work.
I’ve used Island for the app isolation, and a shortcut to an app will simply log in to the associated profile to launch the app. Just never tried with dual VPN.