@lunar_dust_463@mstdn.social
They want you to use an OS which doesn't provide firmware updates and therefore doesn't protect you from serious known vulnerabilities. The firmware is still present when using an OS not updating it. Pretending as if the hardware and firmware isn't closed source by not updating the firmware simply harms users. They're a group known for having nonsensical, inconsistent beliefs and spreading misinformation/spin to promote them. Stop getting info from charlatans.
They say that GNU is spreading misinformation and “stop getting info from charlatans”?
Graphene is against GNU ideals getting in the way of security,
Funny, Graphene’s obsession with security is getting in the way of my ideals.
Fuck Google and their proprietary security updates. I want no Google in my life and if that means a bit less security, I’m okay with that. In fact, I’d argue that running Google code that does who-knows-what for your security is itself not a very safe thing to do.
First, as nobody forces you to use graphene, they’re not getting in the way of your ideals, I’m saying some of the FSF’s ideals may compromise the security of their followers. When it comes to Google’s blobs, It’s not like they can release the source even if they wanted to, samsung wouldn’t even let them cuz google leases their IP and trade secrets for the tensor chips. I don’t like IP either, but I keep my feet on the ground, the blobs aren’t there for firmware-level who-knows-what, due to the hardware and software model themselves, most of what they’d do would be super detectable. Go read the edit of my prior comment, educate yourself on embedded devices, the pixel hardware model and graphene’s security model, then we might have a productive conversation and not uneducated conspiracy speculation.
So you really trust Google to release code that doesn’t do something it shouldn’t behind your back do you? How cute…
I am an embedded developer so please don’t patronize me. And I know enough about security to know that Google’s security model on the Pixel phones is the best yet. That’s not the issue. The issues are:
Google’s code is untrustworthy unless reviewed, and proprietary binary blobs can’t be reviewed. If Google codes anything, they have an ulterior motive and it’s rarely in your best interest. If that’s not a security shortcoming, I don’t know what is. Or said another way, there’s something deeply ironic in claiming to have the most secured deGoogled OS and the lynchpin of that security is Google itself.
Yes, using a phone other than a Pixel phone with a deGoogled OS other than GrapheneOS as I do (I use a FP4 with CalyxOS) is less secure than GrapheneOS on a Pixel phone - assuming you trust Google’s drivers aren’t doing other things unrelated to their driver function.
But as I said, my most important goal in anything technical I use is to not use Google. That’s my ideal. Some people have ideals and aren’t willing to compromise.
With that in mind, and considering that I’m a low-value target, I deem the security provided by CalyxOS on my FP4 more than adequate for my use case. Or said another way, GrapheneOS’ - short-sighted, in my opinion - obsession with security gets in the way of my main goal, which is to avoid Google.
Funny, Graphene’s obsession with security is getting in the way of my ideals.
Fuck Google and their proprietary security updates. I want no Google in my life and if that means a bit less security, I’m okay with that. In fact, I’d argue that running Google code that does who-knows-what for your security is itself not a very safe thing to do.
First, as nobody forces you to use graphene, they’re not getting in the way of your ideals, I’m saying some of the FSF’s ideals may compromise the security of their followers. When it comes to Google’s blobs, It’s not like they can release the source even if they wanted to, samsung wouldn’t even let them cuz google leases their IP and trade secrets for the tensor chips. I don’t like IP either, but I keep my feet on the ground, the blobs aren’t there for firmware-level who-knows-what, due to the hardware and software model themselves, most of what they’d do would be super detectable. Go read the edit of my prior comment, educate yourself on embedded devices, the pixel hardware model and graphene’s security model, then we might have a productive conversation and not uneducated conspiracy speculation.
So you really trust Google to release code that doesn’t do something it shouldn’t behind your back do you? How cute…
I am an embedded developer so please don’t patronize me. And I know enough about security to know that Google’s security model on the Pixel phones is the best yet. That’s not the issue. The issues are:
Google’s code is untrustworthy unless reviewed, and proprietary binary blobs can’t be reviewed. If Google codes anything, they have an ulterior motive and it’s rarely in your best interest. If that’s not a security shortcoming, I don’t know what is. Or said another way, there’s something deeply ironic in claiming to have the most secured deGoogled OS and the lynchpin of that security is Google itself.
Yes, using a phone other than a Pixel phone with a deGoogled OS other than GrapheneOS as I do (I use a FP4 with CalyxOS) is less secure than GrapheneOS on a Pixel phone - assuming you trust Google’s drivers aren’t doing other things unrelated to their driver function.
But as I said, my most important goal in anything technical I use is to not use Google. That’s my ideal. Some people have ideals and aren’t willing to compromise.
With that in mind, and considering that I’m a low-value target, I deem the security provided by CalyxOS on my FP4 more than adequate for my use case. Or said another way, GrapheneOS’ - short-sighted, in my opinion - obsession with security gets in the way of my main goal, which is to avoid Google.
You already bought the phone with Google code in it, that ship has sailed when you purchased the device