E2E do not prevent client side blocking. Whatsapp app can get image that it needs to block from a remote, then check the recieved message against the image it needs to block; then block the image when it needs to.
Obviously not trying to justify their behavior, but it is important to know that E2EE is not a elixir for privacy and security.
Whatsapp uses the signal protocol, hence end-to-end. https://en.m.wikipedia.org/wiki/WhatsApp#Technical
Indeed. Here is the section https://grapheneos.org/faq#anti-theft
TLDR: although it can be implemented to use a local authentication method, but that would easily cause bricking. Plus the limited thief deterrence potential it provides (Probably given the currently limited user base of graphene) hence it is low priority.
I still use an outlook email. Since most email (which is unencrypted during transmission) pass through microsoft server anyway; unless you are emailing another protonmail account, but I have yet to see another one of my contact using protonmail.
Also protonmail’s UX is honestly pretty bad, since I have a work email not from proton. So I will need two email client on my phone, unless I selfhost a bridge on a server that I can connect to from everywhere.
I think island is unmaintained https://github.com/oasisfeng/island shelter is the state of the art https://f-droid.org/packages/net.typeblog.shelter/
Source: https://www.chrisdcmoore.co.uk/post/oneplus-analytics/
Although OnePlus promise to change (https://www.theverge.com/2017/10/15/16479330/oneplus-privacy-complaints-oxygenos-cybersecurity), I dont like giving big company like OnePlus (which is owned by BBK) a second chance.
It is okay for privacy, especially if you dont have google app installed, but it is not security and privacy focused.
If you have google app installed I imagine it is probably as private as stock os on a pixel, but less secure. Graphene/calyx will definitely have better security and privacy than lineage with or without gapps.
But I understand there is other tradeoffs besides just security and privacy, like minimizng ewaste, cost, availability, etc.
This is for security concerns, because all the firmware and driver are maintained by first party, so once the first party stopped maintaining firmware, there is no way for graphene to make the device as secure as a phone that is still in its support period.
At that point, you can try to switch to lineage to increase the life of your device.
That being said, graphene do offer extended support for some devices like pixel 4(XL) is still supported right now, but it made it very clear that it is “extended support”, and it exist only to help user transition to their next device.
Graphene do not support fairphone, but you can use calyxos, which supports fairphone (with verified boot?), and it is more up to date.
In general, I think calyx is probably more up-to-date and secure, with vanilla android experience. /e/ has its own unique athetics, and a SSO cloud service powered by nextcloud (last time I checked, nextcloud dont have good E2EE support, so I personally avoid putting my stuff on a nextcloud server hosted by others. But it is your choice)
It even have a thunderbird plugin and works in all major editors.
You can self host it as well, which is how the editor plugins work by default.
AFAIK, they have a FOSS variant
To support a 100% free and auditable app, Molly comes in two flavors: one with proprietary blobs like Signal and one without. They are called Molly and Molly-FOSS, respectively. You can install the flavor of your choice at any time, and it will replace any previously installed version. The data and settings will be preserved so that you do not have to re-register.
Also the line right after your quote:
Versions
Molly, like Signal, uses Google’s proprietary code to support some features.
Molly-FOSS is the community effort to make it 100% free and open-source.
Theoretically, google camera can talk to play service, which can send telemetry through there. This is somewhat likely as play service do handle telemetry.
Another unlikely scenario is that it talks to another app’s proprietary play service library code. This means even if you don’t have play service installed as long ad there is any app that uses play service, like slack, outlook, teams, even signal; then google app can send/receive data through the internet without network premission. Although this is technically doable for google, it is highly unlikely that they will o this.
All of these are about sponsored content. AFAIK in the current model of sponsored content have to inlude some tracking as they need to keep track of how many click goea through, acvording to that they will charge their client.
I kind of wish there would be non-tracking based ads, like burned in mid-roll ads on youtube: Just give a shout out and collect money. But it is pertty hard to convince others to switch to that model without solid data.
Finally, everything they mentioned are sponsored content and pocket, both can be turned off with one click. I call that a win in the distopian modern internet. And obviously there are more privacy oriented fork that strips these tracking content by default.
it still seems to be actively developed https://github.com/NeoApplications/Neo-Launcher , just havent have a release for a year.
Oh, that is 6 user with 3 terabyte of storage. average to 50$ per user per year. In where I live, that is like 2 meals outside per year, and cheaper than office 365 personal.
To me this is pretty good value, but I understand people are different. However, I cannot get them yet, as proton drive still don’t have a linux client (or any client for that matter)…