this post was submitted on 29 Sep 2024
1 points (100.0% liked)
Android
1 readers
7 users here now
Android news, reviews, tips, and discussions about rooting, tutorials, and apps.
General discussion about devices is welcome. Please direct technical support, upgrade questions, buy/sell, app recommendations, and carrier-related issues to other communities.
[email protected]
Rules
Rules
- Stay on topic: All posts should be related to the Android operating system or ecosystem.
- No support questions/rants/bug reports: All posts should benefit the community rather than the individual. Please refrain from posting individual support questions, rants, or bug reports.
- Describe images/videos: Please provide an explanation in the self-post body when sharing images or videos. Memes are not allowed.
- No self-promotional spam: Only active members of the community can post their apps, and they must participate in comments. Please do not post your own website, YouTube, or blog.
- No reposts/rehosted content: Submit original sources whenever possible, unless the content is not available in English. Reposts about the same content are not allowed.
- No editorializing titles: Do not change article titles when submitting. You may add the author if relevant.
- No piracy: Do not share or discuss pirated content.
- No unauthorized polls/bots/giveaways: Do not create unauthorized polls, use bots, or organize giveaways without proper authorization.
- No offensive/low-effort content: Avoid posting offensive or low-effort content that does not contribute positively to the community.
- No affiliate links: Posting affiliate links is not allowed.
founded 1 year ago
MODERATORS
@[email protected] @[email protected]
CalyxOS is not a hardened OS and doesn't have the kind of security requirements GrapheneOS does from hardware. CalyxOS reduces security overall compared to AOSP rather than improving it. They're very different kinds of projects and CalyxOS shares far more in common with LineageOS than GrapheneOS.
https://eylenburg.github.io/android_comparison.htm is a 3rd party comparison between different AOSP-based mobile operating systems. Could include many more privacy/security features but is a good starting point.
@[email protected] @[email protected]
Fairphone 4 uses publicly available private keys for signing the OS and parts of the firmware so verified boot and attestation don't work. CalyxOS acts as if it works since the verified boot screen appears. Similarly, the CalyxOS release notes consistently claim to have shipped all open source Android security patches despite not having them for non-Pixels and often being behind for Pixels. They also set an inaccurate Android security patch level in the OS like LineageOS does.
@[email protected] @[email protected]
The network toggles they've incorporated from LineageOS and presented as being their Datura firewall app are leaky.
The global VPN and tethering features they incorporated from LineageOS introduce new VPN leaks and even aside from the leaks reduce privacy compared to per-profile / per-device tunnels.
The USB toggle taken from LineageOS is based on the standard AOSP feature available via device admin apps leaving most attack surface enabled with an added LineageOS weakness.
@[email protected] @[email protected]
The panic toggle is based on the PanicKit app and integration which is unsafe and lacks reliable deletion across the board.
Each month, LineageOS and CalyxOS set an inaccurate Android security patch level across devices claiming to have shipped all Android security patches when they haven't. The CalyxOS release notes claim to have shipped all open source Android security patches when they haven't. This results in users not realizing they aren't receiving all ASB patches.