She’s really reachin’ to find that other ball

Not really, they’ve all had telemetry for probably 20 years.

The cars with satellite radio are even worse (which isn’t saying much, since they put modems in cars about 20 years ago)

Jeep/Chrysler have always been banned from my life.

Garbage. Worse than any other American car company. They even managed to screw up cars made for them by Mitsubishi.

Not just Europe, everywhere. Look at all the breaches, every day.

Until those breaches cost companies serious money, they won’t do anything about it.

I dunno, laptops have gotten tremendously better - can run most of a day without power anymore. I certainly have charged my phone 3x as much as my laptop. And I already carry an external 10k Wh battery for my phone.

OP actually raises a good point about power consumption that I hadn’t considered in a while.

NeoBackup only works if rooted, unfortunately. Well, unfortunately users don’t have full control over iOS and Android without having to sidestep stuff.

Laptops are arguably potentially far more secure. Most mobile apps collect every bit of data they can (and have internet access for no reason) , and mobile devices have standardized ways of enabling it - how often other apps are launched, what other apps are installed, etc, etc. PC OS’s don’t have that stuff built in, and apps rarely have that kind of code. Plus they’re just easier to firewall (as much of a nuisance as it is to do. Hell, GCM was built to do most of this stuff.

Paid $150 for a Pixel 5. Pixel 7 is $200.

I don’t waste money on new phones, or new cars.

Best part with JMP is SMS is piped into XMPP/JABBER. So you’re no longer tied to a phone/Sim card for sms.

If nothing else can you use the browser?

I’ve used Hermit for years to present websites like an app, and am using Native Alpha on my new phone.

Use a browser like Native Alpha or Hermit, which present a website like an app.

And if you use Bitwarden/Vaultwarden for your passwords, it can be pretty seamless.

Aren’t those VPNs isolated to that profile then? So only apps within that profile use the VPN in the profile?

Just trying to make sure I understand how Android does isolation. I guess if you run the apps that need each VPN in the appropriate profile and Island makes the isolation kind of transparent, it should work.

I’ve used Island for the app isolation, and a shortcut to an app will simply log in to the associated profile to launch the app. Just never tried with dual VPN.

Yet another argument for root. Then you can exclude the VPN app from OOM. Or even move it into /system.

I understand why this isn’t done (moving such apps to system), since mobile uses immutable OS concept. But we still need a way to manage such apps appropriately.

Right.

Because databases are never “hacked” and exfiltrated.

(By hacked, I mean most of the time it’s social engineering.)

And their bullshit excuse for dropping SMS support.

“It was too expensive from an engineering standpoint”. Nonsense, Android handled it, your app merely reads and writes to the SMS database via an API.

Or are you telling me the free SMS apps like Handcent, QuickSMS, etc, had a massive engineering team?

This is when I stopped using Signal, when this lie was so blatant, I can no longer trust them.

And being a Google app, which means it can access everything.

I’d sooner use a regular SMS app, and not reward their behaviour. Which is what I do. You want to use garbage like SMS or RCS? Then you suffer the issues that come with SMS.

For anyone who seems uninterested, ask if they’d like to be arrested for murder simply because they biked past a place every day.

For anyone looking for great talking points about this issue, I highly recommend “Taking Control of Your Personal Data” by prof. Jennifer Golbeck, published by The Teaching Company, ISBN:978-1629978390, likely available at your local library as a DVD or streaming.

Ah, yes, the ends justify the means, Dr. Mengele

It’s possible a smart TV will use its wifi to connect to another device of the same brand on its own. I’d read an article about it a couple years ago.

If I’m reading about it, that means a company has been working on it, and frankly it makes sense. If I were in their shoes I’d look into making it happen. It’s pretty trivial to do when you think about it.

Not that I think it’s happening in the wild, just an idea to keep in mind.

Also, those devices are always capturing data. So if/when they ever connect, that data will get uploaded.

As far as I recall, root has never been required to flash a phone.

This is because flashing occurs at the firmware level, while root, again, is a function of the installed OS.

Unlock has nothing at all to do with root.

Root is dependent on unlocking, not the reverse, as root is part of the installed OS.

At least one of the devs is an arrogant, condescending prick. Remember Nick the Computer Guy from SNL? He’s like 3 times worse than that. I’ve experienced it first hand - as in his second reply to me was to blame me: “you’re doing it wrong”. He’s exactly like some people I worked with 30 years ago. Smh.

There’s far more than that, though. In general, the Graphene team says everyone else is wrong. Classic idealist attitude.

I run DivestOS now because of that interaction, I will never use Graphene. That dev can go fuck himself with a pineapple - had enough of his kind of childishness decades ago.

It does, but it’s a step in the right direction.

I’m as guilty as anyone for allowing pursuit of perfection be the enemy of good.

As an older hobbyist, exactly.

I’m as guilty as anyone, but I promise I’m trying to be better.

Lineage and a fork, DivestOS are very close to Graphene, and run on far more devices.

The search for perfection is the enemy of good.

I’ve run Lineage for years on some spare devices. Battery life is so much better without Google Services.

My most recent device (Pixel 5 with DivestOS) is averaging 1.1% battery consumption per hour over the last day. That included an hour of navigation, using Google maps with microG services.

One old device runs longer with DivestOS than it ever did with stock, and the battery has lost 40% capacity. That’s how bad Google Services eat battery.

Plus Lineage permits you to use a number of old devices, unlike Graphene. It’s good, it gives you far more control than Google.

My final thought on Graphene - it needs to be taken over and lead by some professionals. Those folks act like stereotypical geeks of 30 years ago, arrogant, condescending (I worked with their type 30 years ago, and was a little like them then). They also denigrate anything less than what they deem “perfect”. The very definition of hubris.

Their attitude is “if you have a problem you must’ve done something wrong, why did you do something wrong”. Having that experience with them has put me off Graphene permanently.

Edit: I can re-lock the bootloader with Divest, so the condescending Graphene folks are just plain wrong about being the only OS that can do this. I don’t lock it, because my threat model doesn’t require it. The odds of my phone being grabbed by someone with state-actor-level skills being after me is non-existent, and there are easier ways to get the same data from me.

Didn’t you hear him? He said it’ll buff right out! 😆

(I’ll see myself out)

First, don’t buy new phones. You’re paying a massive premium to be first. Especially since you’re going to flash a rom, which has a little risk anyway (I’ve bricked phones by flashing, though not for years).

I just upgraded from a 2017 flagship to a Pixel 5 (only because my cell company decided to stop it working on their network, when I can throw a different Sim in and it works fine). I was able to buy 3 Pixel 5’s for less than you paid for your new phone. Which means I have a daily driver, a hot spare, and a test device for a little over $400.

If my daily breaks, I pickup my spare and swap the SIM, since I keep both phones synced with Syncthing. I don’t even have to login to anything because that’s all done. (I had 4 functional devices of my 2017 phone, they had become so cheap).

So pick a 1-2 year old model that you like the features, and pay far less for it.

Before (finally) coming to the pixel, I would look at the Lineage device list, then check those phones out at gsmarena.com and phonearena.com to see which I’d prefer, because Lineage has the broadest device support that I’ve seen.

Today I run DivestOS, a fork of Lineage with some changes to a few things. I forget now exactly what I preferred (I’d have to pull up my comparison spreadsheet), but average battery consumption is a staggering 0.5% per hour, with microg services installed and a couple apps using it. Consumption average increases to about 4% per hour when I’m doing a lot of intensive stuff - copying files over the network, using nav, watching a video, etc.

The databases at my company nearly 30 years ago were staggering at the time. I can only imagine.

Wow, great article, thanks for the link.

The moment I read the quote from Signal’s president, I called bullshit. I was there, working at a company that had massive records, probably of about 1/3 of Americans.

We were very much concerned with this data in private hands. We were concerned about this kind of data in anyone’s hands.

Such BS coming from Signal is part of why I no longer use or reccomend the app. I simply can’t trust them when they make such blatantly bullshit statements.

Like their reasononing for dropping SMS support because the “engineering costs”. There’s nothing your app does for SMS, other than to hand the message to the SMS system (technically, it reads and writes to the single SMS database on Android, which was a change implemented in about 2015), using a published API.

I’m starting to suspect the motives after reading such lies.

It also depends on your layering, or lack of. It’s the complexity issue you ran into.

Great post by the way.

Only by someone trying to do page layout with a document editing app.

Archive.is is your friend

If someone scanned that QR code, it means they have a copy. If they, or someone else then scanned it (or copied the text from it and pasted in a browser), it would function as if they scanned it.

I mean really, this is how QR codes work. It’s shorthand for text, typically used to URL’s.

You can easily get far more privacy with Android than iOS, even using a factory, unrooted, rom.

Though I’d say iOS is more private out of the gate than Android.

Once you start installing apps, it’s arguable which is worse - while Apple restricts a lot of stuff, I’ve had apps on iOS that eat battery to pull ads constantly (specifically one Solitaire game, but others too) and lots of Android apps are notorious for wanting every permission and to run at boot. “Free” games on both platforms are notably guilty.

At least with Android you can choose a lot of apps that don’t collect data, and don’t even want a network connection. Unrooted, you can use a VPN full time, that can block network access for apps, or even specific network connections (NoRoot Firewall is one, and ThinkDNS can do this too, IIRC). Like free games - on Android (even unrooted), I can block their network access. And I know it’s effective because it breaks some games.

I’ve used a stock, unrootable phone, and stripped down a lot of stuff using the Universal Android Debloat Utility. It can disable bloatware like all the Facebook components.

Though if OP wants to have a more private and more secure device, I’d go Android with a custom rom, especially Graphene, but Lineage and DivestOS can get you close to Graphene, especially is you manage your layers of privacy and security.

Yea, I’ve moved to DivestOS on a couple phones, and I really like it.

Some things it does differently, like allow you to choose your Internet Heartbeat provider, so your phone isn’t constantly pinging Google to check the internet connection is up. There are about 10 options, including none.

I give DivestOS a mention - it’s a Lineage fork with some security changes (such as sandboxing MicroG if you decide to install it).

As others have said, the Pixel line is the easiest if you want to have full control over the phone.

There are others, but it will take more effort to get there (I say this after flashing and rooting all my phones since 2010).

Take a look at lineageos.org/devices to see what devices they support, it’s a good approximation of which phones can be boot loader unlocked.

After lots of looking around, I decided to finally jump to Pixel, and I’m running DivestOS (a fork of Lineage with a little bit more tweaked, like sandboxing MicroG).

Once you decide to go down this road, I’d suggest downloading the factory rom image for your phone, and practice flashing it, before trying with a custom rom, just so you have some experience with a known-good image. Plus, sometimes you have to flash back to stock - I just did one the other day because I screwed up the custom rom flash.

You can enable Funnel, which doesn’t require others to have the TS client.

Hey, your upfront, honest, no-excuses post goes a long way, in my opinion.

Shit happens. We’ve all screwed things up - letting everyone know immediately what’s going on means we won’t guess when our shortcut doesn’t work, etc.

Also thanks for the effort you put into this. It’s really helpful.

For what OS?

Why not just run your own calendar server, then the sync issue is resolved by extant sync mechanism, rather than trying to make your own with Syncthing?

I use Syncthing to sync some stuff that doesn’t have standard server sync solutions, like some text files that may get updated at either end. But I don’t think it’s the way to sync calendar stuff, as calendaring is an established system.

And if you’re worried about getting to your calendar server, Mesh networks like Tailscale can provide an encrypted tunnel. You don’t even need the client on devices, if you use the Funnel feature (which funnels specific traffic from the internet into your tunnel, courtesy of Tailscale).

(That said, I’m curious to see what more knowledgeable people come up with, I can’t think of any calendar apps that auto import/export calendars).

Some are sensitive to upstream traffic, it really depends.