The only recommendation I can provide is a Google Pixel device with GrapheneOS. Graphene is only designed to work on Pixels because they are (allegedly) the most secure mobile phone hardware-wise. Once you flash Graphene, it’s up to you to install any apps beyond the basic browser (Vanadium), gallery, camera, caller, SMS, PDF viewer, contacts, file manager, and security/system apps. No Google involved without your permission, though you will have to install Google services, available via a Graphene mirror and sandboxed for privacy, IF you want to install an eSIM after flashing Graphene. If you’re interested in further information, please let me know. I use it, love it, and am happy to provide any information you may need to decide if it’s a good fit for you or not.
What is the root scene on Graphene? I know the dev is pretty against it but I like having root access after being used to it. Is it possible to easily root it without any integrity issues later on?
Rooting defeats androids security model and allows for further exploitation. Graphene most likely does support it because any AOSP OS that is geared towards security isn’t going to leave a big hole in their security allowing malware or bad actors to modify system files (or install a rootkit).
Desktop linux isn’t the same as Android, which is why I said the “Android security model”. Android is a mobile operating system and must protect against the fact that it will be in unknown environments all the time. It must protect against physical attacks, software attacks, and partially sandbox apps. Root breaks app sandboxing and allows for modifying system files and reading internal app storage. The system image is immutable and modifications/settings are made on top.
Linux desktop isn’t more secure out of the box. The general user account shouldnt be a sudoer. Immutable OSes are more secure and help pervent rootkits and other attacks. PCs are most often stationary and stored in a private location. Laptops are weak against attacks because you can boot to a different OS from usb without passworded BIOS. Desktop OSes are the geared for the same kinds of protections.
There is good reason why Android is far more secure than Linux mobile.
You can root on GrapheneOS. You do it exactly the same way you’d do it for the stock Google ROM:
Have an unlocked bootloader. Yes, this means that it “”“defeats the purpose of GrapheneOS”“”, if the purpose of GrapheneOS isn’t for you to avoid Google’s privacy nightmare. I use GrapheneOS for privacy moreso than security, and not being able to block ads properly is irritating.
Install the Magisk app.
Extract the boot.img from the GrapheneOS image and patch within Magisk.
Flash the patched boot image in the bootloader.
The main annoyance with this is that you’ll have to do that dance every month when a security patch gets released, but for me, it’s better than vomiting from exposure to ads on mobile.
What is the patching process when running with Majisk, without OTA? It looked like quite a PITA to me, but I'm using Graphene for the same reason you are.
It looks like the verified boot security feature of Graphene effectively prevents rooting the OS. I understand wanting root access, it does provide some nice features, but I don’t have any need for it. I don’t have any bloatware embedded to remove, and I don’t need to mod any system apps, so I haven’t looked into it much. I know the dev says it isn’t planned because it massively increases attack surface, which I personally agree with, but it would be nice to have the option via a separate version of the OS or something. If you need root access, I would suggest looking into LineageOS. It’s similar in privacy to Graphene and last I knew could be rooted. Graphene is very focused on security as well as privacy, and for me is a best of both worlds, but if you want to modify the system for various power-user type features, it might not be for you.
No, it doesn’t. I use 95% FOSS software, so anything that might have ads just gets denied network permission entirely. As for AppOps, I just looked it up, and that would be something I’d like to see developed as a feature of Graphene. It seems like a genuinely useful, and at the very least privacy-protecting, app. I don’t use copy/paste via keyboard, and despite it not having network permissions, I’d still deny it clipboard access simply because it doesn’t need it.
For security reasons GrapheneOS doesn’t allow the modification of system files. You can achieve the same thing with DNS though. Either self-host a Pi-Hole or AdGuard Home, or use something like NextDNS.
Not OP but interested in both privacy and high-tech features. My current (stock) pixel 4a device has a worse camera than many other phones, but the software compensates a lot, netting better picture quality overall very often. I’m wondering how much of that is lost when using graphene instead of stock android, do you know?
Similarly with the latest gen pixels having AI features built in, I’m assuming much of that is software that’s not as easily installed somewhere else…
It’s been a couple years since I tried the graphene camera, but (at the time) it’s essentially trash in comparison to the Google camera. I just use the gCam without internet permissions and call it a day.
But I’m not hardcore tin-foil ‘the NSA will use your office mirrors reflection to precisely heat up a 2mm space on the side of your phone that somehow enables Bluetooth and with that the G + glowy bois will exfiltrate your data at 10Kb/s’. I want additional security hardening and some privacy additions, but I also use the play services and store, like a typical user. Yada yada threat model yada yada - I just want my phone to simply function at the end of the day. Middle of the road, if you will, between stock os users and the guy that’s now boarding up all his windows because of the 2mm Bluetooth mystery vulnerability.
Unknown about the claimed AI features - my 8 pro is in transit. But I can check in a few days, if interested.
I’m not sure what the GrapheneOS stock camera app does under the hood, but if it’s not enough for you, you have the option of installing Google’s Pixel Camera app from the Play/Aurora store if you want to compare. I don’t imagine it would require Google Play Services to run on devices older than 8 since they don’t have the AI integration, but I could be wrong. You can easily deny the app network permissions to ensure that the app isn’t sending your photos to Google. As far as the AI features go on newer devices, I could see those requiring Google Services installed to work, but again, they’re available through a Graphene mirror, run sandboxed for privacy, and can be denied network permissions. I’m satisfied with how my pictures turn out (7 Pro), but I may try Pixel Camera out just to see what the difference is.
It has a flagship SoC, but it also has a SD card slot, a headphone jack, no notch or cutout, front firing stereo speakers and a nice blocky look without a massive camera bump.
The downside is software support can be a bit spotty and the cameras are made for manual use, as opposed to being AI-driven point-and-shoot things. That last one could be a positive depending on your preference, though.
But overall? I'm very satisfied, and I went there specifically because I was tired of the ongoing Apple-ification of Samsung in the first place. You may want to consider coming to the dark side and incentivizing Sony to keep making a phone with a feature set, instead of copy-pasting Apple's or Samsung's playbook.
Same boat here, I have the 5 II and I absolutely love it. Great size, the camera is OK on auto but can do wonders in manual mode (depending on your skill).
The lack of software support is a bummer though. I was surprised it’s not in LineageOS’ official support anymore…
Nope. Honestly, I stopped tinkering with that stuff altogether ages ago. It's a candybar that gives me text messages and takes photos, I don't need to make it my own.
It is google Android but they do not pay for the name so they call it ‘FairphoneOS’.
That’s not how that works, they call it FairphoneOS because they added their own customizations. Default Android is pretty barebones nowadays so nobody uses that. You dont have to pay Google to use the Android name
Using the promoted /e/ results in loss of support (you habe to flash back FairphoneOS). Maybe this has changed as they are sellig phones with preinstalled /e/ by themselves
I have the fp5 and flashed e/os myself. Im very happy with it. You need to flash it back when you want to sent it in (they have the instructions on there own page). Build Quality is nice. Repairs are simple. The price for spareparts is reasonable. And they really try to make a difference here and that is why i support them. Are they perfect? No? But who is? And you need to start from somewhere i think.
They really need to sponsor graphene to get it officially supported on fairphone. Cant recommend fairphone when you are stuck with google tracking everything you do on stock android.
I like that too and I don’t understand why people are so very fundamentally against having stuff recommended to them based on what they’re already following.
I’m not keen on it, prefer to find things organically so I usually ignore or (if possible) hide recommendations. But I don’t understand getting mad about it and judging people who find it useful. People gonna people, I suppose.
I may accept an algorithm IF I can know what and why things have beem filtered. A private algorithm which could be observed and manipulated would have my vote.
I want to know what are the bubbles I am in snd and be able to remove them so see something perhaps less biased.
I used to like it, now I avoid it at all cost. The problem is that the algorithm is never neutral, even if it's made with good intentions it can be gamed and manipulated, and it traps you in a spiral where what you interact with is what it shows you is what you interact with is what it shows you...
I never really used Twitter or any similar service, so I never had this happen to information shaping my opinions. I did, however, feel that the music I was listening to became shaped by the Spotify algorithm, and that I ended up listening to less rather than more diverse music than when I was sticking to vinyl. That's absurd - you have all the music in the world at your fingertips, and you end up limiting yourself more. That was my experience of course, other people probably have different ones. Anyway, I cancelled my subscription.
If there's a risk for music streaming services narrowing your field of vision, platforms shaping your opinions are downright scary. Algorithms can be tricked into showing you content, which is what russian troll farms excelled at. Tech bros tend to believe the solution is in adding more and more complexity to the point where nobody understands how it works - this is the opposite of how I want the content that helps informing me about the world to be curated.
I'm obviously not diagonally opposed to algorithms. The choose your own algorithm approach might have some merit, and I look forward to seeing more experimentation with this in the fediverse. But I do not trust corporate interests with any of this - nor do I trust a bunch of tech-optimistic rich man's sons.
I used YouTube with the algorithm, mostly for educational stuff, like vsauce, kurgsat and tech stuff. I started showing some interest in politics and news, start watching tldr news, then it pulls me into Vox, as I showed some anti trump sentiment. To put it quickly, it didnt take too long for me to realise that I was being drawn to ever more left leaning content (obviously a lot further than merely Vox, second thought and deeper)
Which is why I left algorithmic YouTube by using alternative frontends
/e/ is very slow in terms of security updates and they rely on some google services.
The only point you can make: If you want it easy and you don’t care about security and less google but not degoogled is okay for you, /e/ is your choice.
But please stay away from Fairphone. They have several hardware issues even in more than one generation (for example ghost inputs in 3 and 4) but they do not accept them and try to solve with software update which surprisingly did not work. And if you use /e/ you don’t geht support from FP side.
Thank you for sharing your insights and valuable information. I appreciate the effort you put into your response. However, I sense a potential bias in your answer, particularly concerning the original question posed by the OP.
The OP was seeking advice on a smartphone without bloatware and with a high level of customizability, which I believe is the central focus of the discussion.
While I understand that security updates may be a concern for some users, it’s worth noting that as of the October release notes (gitlab.e.foundation/e/os/releases/-/…/v1.16-s), the integration of security fixes extends up to September.
Regarding support, I recommended the Murena phone, which comes with /e/OS out of the box and is based on the Fairphone + /e/OS combination. It’s important to clarify that Murena is a commercial French company, meaning that support comes from them rather than directly from Fairphone. However, this arrangement offers the benefit of commercial protection, including a 2-year warranty. I also feel a little bit unfair the comment about support, as I think that installing GrapheneOS on any device will probably cut you from support from hardware and you will rely one GrapheneOS, that I’m sure has a very good support, but doesn’t have any obligation to replace the device is a problem occur.
I also want to express my gratitude for the link you provided (divestos.org/misc/e.txt). Additionally, based on my personal experience, none of the mentioned bugs have affected me. This could be attributed to my use of the F-Droid store, allowing me to benefit from updates available there as well.
Once again, thank you for your input, and I hope this further clarifies the points discussed. I know that I have a specific usage of my phone, but I think the value of my proposal remains.
They don’t look the same though. I’ve only been to the Murena website and looked at their “phone 2”, that’s not the same hardware as Fairphone.
Edit: okay, I should have scrolled down a bit more. It looks like they made a " Murena Fairphone" too, where they’ve given a Fairphone the Murena treatment.
I replaced the Pixel 6 with the Pixel 8 257gb of storage, this solved my need for an SD card, I replaced the 3.5 headphone jack with an Ibasso DC03 pro DAC for the USB C port. Since I’ve been using phones with custom ROMs for years (also 2x Sony with SailfishOS) I was always looking for something that would be useful for me (the best choice would be the LG V50 if it could be loaded with GOS or DivestOS). The Pixeli8 is still an expensive phone (mine bought new from another user) but I like the GrapheneOS, compact design, camera and usability, and long-term support (hopefully I’ll have it for a long time). I only have FOSS applications on my profile, and my work profile contains Gplay and a few apps that I occasionally use. I have no comments, everything works as it should and I like the compact design and the camera. The keyboard is also finally FOSS, open board (fork) with swipe function. I much prefer using it than Gboard with internet blocked.
Just picked up a new Motorola phone myself, and it does install TikTok and a few other apps by default, so not sure if OP would like that. They were easy enough to uninstall though.
I kind of gagged a little at the sight of TikTok being installed, but really liking the phone so far. Coming from a one plus phone, I really appreciate the stock android
Many of these features are required by law in the US for cars that have ADAS (advanced driver assistance systems). The car has to monitor what’s happening and what it’s doing and record some of that in case there’s an accident. It also has to monitor your attentiveness so you don’t “accidentally” drift off to sleep while it’s in control.
Imagine if his son were driving and got into a crash with ADAS enabled and there weren’t any record of whose fault it was, the driver or the car. Ford would be like, “We’ll, I guess we’ll never know. Good luck with medical bills and a lifetime of suffering.”
Sounds like the speed limiter is a setting that can be disabled. As for the other stuff, sharing phone data, that’s pretty disgusting. I would guess what they’re actually after is whether you’re watching the road or playing with your device. Still not okay without explicit consent before you buy the car.
Despite the down voters I appreciate you sharing the context about USA law around ADAS. Not a fan of this, but understanding how we got to a place where cars have this kind of privacy violation baked in is helpful
Thanks! I work for a car company, so I thought I’d share what I know. I was sad to see the negative votes. Your comment made my day. Thank you for taking the time to write it.
You’re very welcome ❤️ I think understanding why things are the way they are is important if we want any agency over it, I always appreciate folks who share their material knowledge of a subject
the most honest reason I read about is probably that former Twitter user who felt out of place on Mastodon or other Activitypub servers because the “Nerds” who care about privacy and decentral systems which were already on it have a different microblogging culture and they didn’t want adept
so now a new competitor gets traction because the people who felt out of place on Mastodon can relife the Twitter experience from over a decade ago
the fake exclusivity even make you feel special despite the lack of features
i hope that everyone realises that the benefit of activitypub has nothing to do with mastodon taking to mastodon, lemmy talking to lemmy, etc but the strength is tooting a reply to a peertube video and having a discussion on lemmy in which all these comments are shared
… bluesky has none of this
however, what bluesky has:
(currently) the sign up process is easy: you don’t need to understand federation or why to choose a server - you just… register
honestly, more people interact in the circles that i’m in (no; it’s not furry: i hear though that their population has exploded though) critical mass is more important than anything for a social platform
custom feeds are legit cool af… i don’t have time to filter posts and we can’t expect people to add their own metadata; i want code to do it for me! its like “the algorithm” is now many and you can choose which one depending on your mood… also if you don’t like it you can choose a whole new one that some random 3rd party wrote, or make one yourself
none of that is intrinsic to bsky, or will remain in the long-term i think (federation implies needing a more complex sign-up process)
I expect it would be technically possible to have lemmy-like or peertube-like services built on top of the AT protocol Bluesky uses, like with ActivityPub. And I expect if/when that happens the communication across services would probably work too.
In fact, accounts being “portable” in the AT protocol can potentially make the integration more seamless across different services, not only might the posts be seen from different services, but you might be able to directly access those different services with the same account. Imagine if you could login in lemmy with a mastodon account or vice-versa.
Bluesky is just one of the possible services. But as long as the invites are private and you can’t host your own instance, I wouldn’t even consider it an alternative. I think it’s a bit early to judge, both its positives and its negatives.
I was going to say the same but don’t know enough about BlueSky’s ATProtocol to be sure about the possibilities.
In principle, you’d hope they’ve added enough flexibility on there for different platform types. If they have, next year could get interesting as they open up federation. There seems to be a bit of buzz and interest around BlueSky, and if they garner the interest of enough developers who feel like they can make new things on the platform/protocol, then new things could happen and, if they attract a sizeable Twitter migration, go kinda mainstream pretty quickly.
the strength is tooting a reply to a peertube video and having a discussion on lemmy in which all these comments are shared
I’m with you. The problem is that this promise is mostly empty, at least at the moment.
ActivityPub, from what I’ve gleaned, is too vague and open ended and under-developed in terms of software for this to be true. The result is that each platform is implementing a sub-set of the protocol and often adding their own custom twists/additions to it. Which means that just because two platforms use ActivityPub does not mean at all that those two platforms can communicate in anyway. And, even if they can communicate, there’s no guarantee at all that this will be usable.
The interaction between lemmy and mastodon is illustrative. Technically they can communicate, and at times this can work well. But the two platforms are hardly mutually enriching each other because the interactions between them are fairly limited in number. And that’s because they don’t talk to each other well. Some of that is because they’ve implemented different parts of the protocol. Some of it is also their differences in design and UI/UX that just add too much friction to consuming and meaningfully interacting with content from the other platform.
What’s more, this problem is fairly predictable and has been criticised as a false promise in the past. At the moment, I’d say it’s fair to say that ActivityPub has not been proven as a way to enable communication between substantially different platforms. That might change over time, though I suspect the load on developers to make that happen will remain high without some major foundational work.
But right now, unless there’s something I don’t know/understand, I don’t see the extra-platform capabilities of ActivityPub playin any role in the success of the fediverse in competition with BlueSky, at least as far as Mastodon is concerned which, as a platform, is relatively happy just doing its own thing.
I quite disagree. Of course interoperability is not going to be a perfect one to one - that's in the nature of these being different services. You don't want threads from a link aggregater taking over your microblogging feed.
Yet it's normal for Mastodon users to join in on the conversation here. From their perspective they never left Mastodon - from my perspective, I never left kbin - and you, for your part, think it's all happening within Lemmy. But it's really not. So these things happen all the time, it's just that you don't necessarily notice unless you check the domain of the person you're responding to. Mastodon users of course often leave in the @-tags, making them a bit easier to identify.
Lemmy is a bit more isolated than Kbin, as it is not integrating microblogs at all. That's a decision on the side of the developers, not a weakness of the ActivityPub protocol.
Yet it’s normal for Mastodon users to join in on the conversation here.
Well, as neither of us are presenting or citing data on this, we can’t be sure.
Personally I care about this and keep a bit of a lookout for it and have in the past tried to advocate for and create more cross-platform talk. In my experience, and from what I’ve heard from others, the UX friction from the mastodon end makes it mostly a dead end. So while some cross talk certainly happens, I’d estimate it’s quite minor and meaningless in so far as we’re talking about it as a salient strength of ActivityPub compared to its competitor ATProto.
That’s a decision on the side of the developers, not a weakness of the ActivityPub protocol.
What this misses is whether the protocol makes it easier or harder for developers to ”decide” to allow for more inter-platform cross talk. Part of my critique was that the protocol and its general design isn’t making this easier. Kbin, for instance, doesn’t truly support microblogging. And the lemmy devs have acknowledged that allowing users to be followed like communities would be good but is just too hard right now.
The question then is whether the protocol could have made this easier for platform devs, either through its design or through providing fundamental tooling that enables developers more and removed the need for constant wheel-reinvention. From what I’ve heard from actual developers working with the protocol, they’re real technical critiques to be made around how hard it is to work with. So I believe that it isn’t helping anyone interested in making something new and interesting with it (which has yet to be done IMO, though kbin gets close ).
What do you mean kbin doesn't really support microblogging?
The only real issue I can think of right now is that it does not display videos or polls yet, but for being an early version of a software developed primarily by one guy as a hobby project those are pretty minor omissions.
What do you mean kbin doesn’t really support microblogging?
I could be wrong about this … but as I understand, you can’t see a feed of microblogs/posts from people that you follow. Instead everything is viewed through magazines, which pickup microblogs but combine them with the ordinary threadiverse content posted to those magazines. Following people and viewing their personal posts is, I’d say, the essence of microblogging.
Not a criticism of kbin at all BTW … easily the youngest platform on the fediverse but doing quite well it seems with already a fork that’s doing well too (mbin).
Hi @maegul, actually you can track people you follow in the /sub feed at https://kbin.social/sub/microblog. It might seem a bit chaotic, with what looks like random posts, but in reality, each of them has a response from someone you follow (or an boost post/comment). But you're right, it's not perfect yet, and the presentation will be improved in the coming weeks/months to highlight specific comments from people you follow on front. I'll probably write about it in my devlog soon ;)
The option to keep followed users and subscribed communities separate in the feed will be great!
Really impressed by the pace of progress lately - it's very much appreciated. You're building something special here. :)
Could you maybe give users the ability to exclude certain communities/hashtags? Some hashtags associated with communities like #fediverse seem to be overused to the point that following it barely filters content.
Thanks Ernest!! Hope you’re going well and kbin development isn’t too much of a burden!!
I’ve seen that view before, and just checked it now again. It still feels like there’s more in the feed than should be. I’m probably missing some of the boosts etc that you cite, but it feels to me like some posts are coming in without it being clear why they’re there. My guess has always been that my subscriptions are playing a role somehow.
Anyway, hope the new changes go well!! And thanks for the response!
privacy
Oldest
This magazine is from a federated server and may be incomplete. Browse more on the original instance.