366
you are viewing a single comment's thread
view the rest of the comments
[-] Infomatics90@lemmy.ca 12 points 6 days ago

The problem is that most phones don't support ROM's like Graphene or Linage, as people installing custom roms is a relic of years past. Next time you get a phone, think about if you want this option for yourself. Also, do keep in mind that some phones have HW backdoors on them, so even installing a stock rom/graphene does not save you from privacy.

[-] humble_pete_digger@lemm.ee 12 points 6 days ago

They made it very hard to install roms.

There is this orange warning on boot.

Then banking apps don't work.

[-] viking@infosec.pub 1 points 5 days ago

With a rooted phone you can install Zygisk (magisk + zygote) and then a bunch of modules that simulate system integrity.

What you need are "play integrity fix" and "playcurl_NEXT".

The first module lets you bypass the google play integrity check, the second one will download updated integrity fingerprint files every 5 minutes to ensure that the bypass never fails.

If you know how to install custom ROMs, this part is not a big challenge.

[-] humble_pete_digger@lemm.ee 0 points 5 days ago

Thank you. Yeah I was aware that there is magysk. Problem is - it's becoming too many hacks to deal with. And I bet it probably breaks from time to time and one has to hack/fix it again?

[-] viking@infosec.pub 1 points 5 days ago

With playcurl next I didn't experience any issues yet, it's polling a new device fingerprint every couple minutes to make sure your device never ends up on a blocklist, and you can trigger this manually in the magisk app as well.

Can't guarantee it's never going to be blocked if Google changes the algorithm, but that would just mean they have to adjust the fingerprinting as well.

[-] Cris16228@lemmy.today 5 points 6 days ago

HW backdoors

Tell me more!

And lil papa google now forces GPlay Integrity so custom Roms are fucked

[-] humble_pete_digger@lemm.ee 2 points 6 days ago

I'm gonna look into getting Huawei os

[-] Cris16228@lemmy.today 3 points 6 days ago
[-] humble_pete_digger@lemm.ee 2 points 6 days ago* (last edited 6 days ago)

It's android but without google . Given how much google fucks with me, I'm willing to say fuck u to google

[-] Cris16228@lemmy.today 2 points 6 days ago

Google fucks with everyone, now more than ever with this "recommended" (forced) play integrity. Look at the recent ban from Uber, Authy (thank god I switched a few days ago) and some other apps

I was curious why Hauwei and not LineageOS, GrapheneOS, Calyx, etc

[-] humble_pete_digger@lemm.ee 2 points 6 days ago

tbh recently I just don't have time to futs with roms.

Ive used lineage for many years. And would love to use it permanently but banking apps is a problem for me and having to hack things too much is a problem for me.
Obviously some linux mobile distro would have been ideal. but There isn't anything usable.

calyx/graphene - the model selection is just too limited. And I would never buy a google or apple device.
lineage os doesn't support oneplus 12R I use now (well there is unofficial rom).

so I would like to try huawei, the hope is - it's like android but naturally without google because its designed like that.

[-] viking@infosec.pub 1 points 5 days ago* (last edited 5 days ago)

Nah you can easily bypass play integrity on a rooted phone, see my comment above.

https://infosec.pub/comment/13265730

[-] Cris16228@lemmy.today 1 points 5 days ago

I'm using Grapheneos and rooting the room will make it less secure 🤷‍♂️ and I don't see why root my phone

[-] viking@infosec.pub 1 points 5 days ago

My primary use case was magisk to enable taking screenshots from otherwise protected apps. Was living in China for almost 7 years, and even though I speak it quite alright, reading is a whole other level. And there are quite a few apps there that I had to use on a regular basis that had this damned flag_secure enabled so I couldn't otherwise take screenshots to run them through a translation app.

The second one was system level adblock, since the alternative is for adblockers to install themselves as local VPNs routing traffic to 127.0.0.1; however being in China meant I actually had to use a real VPN to access the free internet, and I certainly didn't want to choose between ads or privacy. The latter still applies; I'm using a VPN on most days.

Lastly, being able to use magisk also gives me access to some advanced security apps such as Hibernator (freezes apps, meaning they are basically uninstalled and reactivated on press, so they can't use data, don't get updated etc.), Storage Isolation (lets you configure on a per-app basis which folders it might access), App Ops (advanced permission management, which also includes an ignore function that acts like as if a certain permission was granted, but would feed random data or zeros to the app).

Being able to uninstall everything including system apps is also nice, though that can still be achieved with adb. Browsing root folders when looking for specific data is also nice, but I used that twice in about 5 years, so it's probably not essential.

[-] Infomatics90@lemmy.ca -1 points 6 days ago

Well its known that SoC's have backdoors on them. Usually it calls home to China, so you can guess what that's for.

[-] lightnsfw@reddthat.com 4 points 6 days ago

Honestly I don't really give a shit if China invades my privacy I have nothing they'd care about anyway. I just don't want American corporations doing it to try to sell me more shit.

[-] Infomatics90@lemmy.ca 3 points 6 days ago
[-] humble_pete_digger@lemm.ee 6 points 6 days ago

Fuck em sure. But they can't reach me , us corporations that block US gdpr legislation year after year - they want to use my data and fuck me over

[-] Infomatics90@lemmy.ca 3 points 6 days ago

fuck the CIA and fuck PRISIM

[-] humble_pete_digger@lemm.ee 2 points 6 days ago

With u on this sentiment

[-] Cris16228@lemmy.today 1 points 6 days ago

So phone like Xiaomi? Sorry, I'm kinda dumb in this

[-] Infomatics90@lemmy.ca 1 points 6 days ago

Xiaomi is the biggest offender, but all of them do it.

[-] Cris16228@lemmy.today 1 points 6 days ago
[-] Infomatics90@lemmy.ca 1 points 6 days ago

why do you think richard stallman doesn't use a smartphone?

[-] kirk781@discuss.tchncs.de 2 points 5 days ago

That's true. Graphene is majorly Pixel limited, I guess. And even Lineage has a small set of devices when one considers the nos of OEMs and variants they manufacture per year.

[-] Rykzon@discuss.tchncs.de 1 points 6 days ago

Even pixel or Fairphone is fairly free of bloatware compared to Samsung and shitty Chinese brands as long as you are not privacy paranoid about Google services.

[-] Infomatics90@lemmy.ca 5 points 6 days ago
[-] Rykzon@discuss.tchncs.de 1 points 6 days ago

And that's fine, but first people like you (and me to some extent) are in the vast minority and that's also not an issue of bloatware per se.

[-] Infomatics90@lemmy.ca 2 points 6 days ago

yeah the only problem is that i have to participate in this hellhole capitalist society. Im trying to figure out what the best VPN is to use, along side if tor is worth using.

this post was submitted on 10 Dec 2024
366 points (97.7% liked)

Android

28140 readers
114 users here now

DROID DOES

Welcome to the droidymcdroidface-iest, Lemmyest (Lemmiest), test, bestest, phoniest, pluckiest, snarkiest, and spiciest Android community on Lemmy (Do not respond)! Here you can participate in amazing discussions and events relating to all things Android.

The rules for posting and commenting, besides the rules defined here for lemmy.world, are as follows:

Rules


1. All posts must be relevant to Android devices/operating system.


2. Posts cannot be illegal or NSFW material.


3. No spam, self promotion, or upvote farming. Sources engaging in these behavior will be added to the Blacklist.


4. Non-whitelisted bots will be banned.


5. Engage respectfully: Harassment, flamebaiting, bad faith engagement, or agenda posting will result in your posts being removed. Excessive violations will result in temporary or permanent ban, depending on severity.


6. Memes are not allowed to be posts, but are allowed in the comments.


7. Posts from clickbait sources are heavily discouraged. Please de-clickbait titles if it needs to be submitted.


8. Submission statements of any length composed of your own thoughts inside the post text field are mandatory for any microblog posts, and are optional but recommended for article/image/video posts.


Community Resources:


We are Android girls*,

In our Lemmy.world.

The back is plastic,

It's fantastic.

*Well, not just girls: people of all gender identities are welcomed here.


Our Partner Communities:

!android@lemmy.ml


founded 2 years ago
MODERATORS