- cron ( @cron@feddit.org ) English76•1 month ago
The site provides a nice TL,DR:
- Efforts like Graphene OS face increasing pressure from apps that refuse to run on non-standard Android.
- The custom ROM project characterizes Google’s approach to device attestation as incomplete and flawed.
- Graphene OS is prepared to take legal action if Google won’t let it pass Play Integrity checks.
- Possibly linux ( @possiblylinux127@lemmy.zip ) English7•1 month ago
Thanks
- ReversalHatchery ( @ReversalHatchery@beehaw.org ) English5•1 month ago
The whole idea of device attestation is flawed. Majority of apps shouldn’t be dealing with it at all, but minding their own business.
- cron ( @cron@feddit.org ) English44•1 month ago
On a personal note, I’m annoyed that our national ID app doesn’t work with graphene OS.
There are workarounds by patching out the security check from the app and sideloading the newly created app, but that is just annoying and has to be repeated for every update.
I just don’t see how rigorose device checks that lock out graphene users, but allow any Android 8.0+ device (where security support ended more than 3 years ago) make ANY sense.
Edit: I tried it again today, it now lets me skip with a warning about the bootloader.
- Որբունի ( @vorpuni@jlai.lu ) English24•1 month ago
It isn’t a security feature, more like a backdoor checkbox.
- helenslunch ( @helenslunch@feddit.nl ) English10•1 month ago
It only makes sense when you look at it from the perspective of a greedy corporation with a fake “open source” ideology.
- Possibly linux ( @possiblylinux127@lemmy.zip ) English6•1 month ago
“National ID app” sounds like something from 1984. I personally would never agree to something like that.
- cron ( @cron@feddit.org ) English7•1 month ago
I understand that even the concept is scary to some, especially to our friends on the other side of the atlantic.
However, it isn’t really anything else than a 2FA app, similar to most banking apps. When you interact with a government service (like taxes, social security), you have to approve the login on your phone.
- Possibly linux ( @possiblylinux127@lemmy.zip ) English1•1 month ago
Is it libre? Can I opt out and use physical ID? If the answer is no to any of those you shouldn’t use it.
- cron ( @cron@feddit.org ) English7•1 month ago
The app is not Libre, sadly. But it is possible to use a yubikey instead, then you need noting else than a web browser.
Using physical ID is possible, but this would mean that I would need to walk to some office.
- JustEnoughDucks ( @JustEnoughDucks@feddit.nl ) English1•1 month ago
What national ID is it? I hope it isn’t the Belgian ItsMe app because I want to try putting lineage on my xperia 5 ii since it has a flaky fingerprint scanner now (software problem it seems)
- cron ( @cron@feddit.org ) English2•1 month ago
ID Austria
- limerod ( @limerod@reddthat.com ) English39•1 month ago
It’s high time Custom ROMs and users alike did this. I cannot run a custom ROM on my primary device due to play integrity shenanigans some apps may have.
- 𝒍𝒆𝒎𝒂𝒏𝒏 ( @lemann@lemmy.dbzer0.com ) English20•1 month ago
Looking forward to this. I don’t run a custom ROM myself but I am rooted, primarily to revoke permissions from Google apps and to back up my OS and app data as I desire.
However I’d much prefer to be able to run something like GrapheneOS on a Pixel if it meant I could run apps that are picky about Safetynet/Play Integrity, such as banking apps and the like
- sabreW4K3 ( @sabreW4K3@lazysoci.al ) English16•1 month ago
Not gonna like. This is interesting. Who knew that messing with the ROM community could put Google in trouble.
- Possibly linux ( @possiblylinux127@lemmy.zip ) English2•1 month ago
“Trouble”
I think they will be fine as they have a huge market share in Android
- sabreW4K3 ( @sabreW4K3@lazysoci.al ) English2•1 month ago
I think you’d be surprised. CalyxOS are making massive claims. If the US or the EU investigate, Google could be fined or worse.
- cron ( @cron@feddit.org ) English2•1 month ago
Seems at least plausible, given the whole “gatekeeper” regulations (EU).
- rem26_art ( @rem26_art@fedia.io ) 13•1 month ago
Device attestation is pretty annoying fr. It’s a constant game of cat and mouse to get it to work on a Custom ROM, whether its on the devs of the ROM, or whoever maintains the magisk modules if you’re rooted. I do hope things change about this
- Possibly linux ( @possiblylinux127@lemmy.zip ) English12•1 month ago
It would be interesting to see if Graphene OS actually takes legal action. I hope if they do they get other projects involved including Lineage OS and maybe F-droid.
- dosse91 ( @dosse91@lemmy.trippy.pizza ) English11•1 month ago
Wow, I never thought I’d agree with the devs of GrapheneOS on something
- Possibly linux ( @possiblylinux127@lemmy.zip ) English7•1 month ago
Honestly Lineage OS deserves some love. It can serve as both a daily driver and as a base for other systems. It could even been used by companies.
- dosse91 ( @dosse91@lemmy.trippy.pizza ) English7•1 month ago
I know, I’ve been using it since 2010, when it was still called CyanogenMod :)
- Azzu ( @Azzu@lemm.ee ) English9•1 month ago
According to Graphene OS, the Compatibility Test Suite and Compatibility Definition Document requirements Google says are key to Play Integrity compliance are in practice routinely ignored, and the system easily bypassed.
Just wanted to say, I use a custom ROM with software on it to circumvent the Play integrity stuff.
Oh no, my device is insecure, there could be malware on it. But people use Windows PCs to access their banking website. I’m sure there can’t be any malware on PCs!
- shekau ( @shekau@lemmy.today ) English1•1 month ago
Does anyone have experience with Fairphone? Im gonna buy new phone and need recommendation
- Ilandar ( @Ilandar@aussie.zone ) English1•1 month ago
It’s hard not to feel a tiny bit of schadenfreude, given this project has shilled extremely hard for Google from day one. I will wait to see if the threats of legal action actually amount to anything. GrapheneOS has a history of putting out very aggressive and threatening public statements and never actually backing them up with action. How much of that was down to the founder being a completely unhinged individual is yet to be seen.