No, the maintainer of syncthing fork deleted their account and the repos out of the blue. There's a lengthy forum post about it here.
prism
joined 7 months ago
You don't have to compile GrapheneOS from source thanks to avbroot which can take a release zip, patch it with root and sign it using a custom avb key. This lets you root while keeping the bootloader locked.
The rooted-graphene project automates this completely using GitHub actions. It even lets you do OTA updates like normal GrapheneOS.
Yet the source code still isn't public. It's been at "As we're rolling it out gradually to ensure a bug free experience, source code will be available at a later time on our GitHub repo." for the last 2 months. Later time probably means in a year at this point.
In a way, yes. The more things that have your credentials the greater the attack surface. However the code is open source, you could inspect it and build it from source if you'd like to. Additionally if you use a mailbox password then the app won't be able to read email content as the mailbox password is used to decrypt the actual content while the main password is for accessing the account. The app doesn't need your mailbox password for its functionality so it can't decrypt email content (except the header which is not encrypted by PGP).
Yes I have been using this for a year now and it works great. You can customise the poll duration (how long it waits before checking for new emails) and the notifications have quick actions like mark as read and trash.
Chat control and any sort of good are fundamentally incompatible.
I am able to access the data folder which is located in Internal storage/Android/media/com.whatsapp. This is without root using the AOSP files app, not sure if that's what you meant.
For a second I thought this was The Onion. This is so dark and invasive but I can't stop myself from laughing. It's like they don't even care to pretend anymore.
Great!
I'm sick of this. We have to defeat it every time it comes up, and there is no doubt it'll come up again in 2-3 months. They only have to win once and when they do it'll be in our lives forever.
KernelSU has something like this called app profiles where you can set the capabilities that each app gets when it uses su. And if you are a SELinux wizard you can also set a custom domain for each app which would give you the fine grained control you're looking for. I doubt the average KernelSU user wants to delve into SELinux details so some tool to automate this would be cool. Sadly doesn't look like Magisk supports this.
Rooting devices breaks the principle of sandboxing: one app shouldn't be able to access or modify another app or its data, or system files. If you give an app root, it can do whatever it wants to the system. It could install a keylogger to steal credentials, extract login tokens from another app's storage or just nuke system files to make your device unbootable.
Let's say you don't give any apps root. Even having a rooting platform on the phone (e.g. Magisk) is still a vulnerability. Most rooting platforms will ask the user whether an app should get root when the app requests it. But there could be code execution vulnerabilities (e.g. buffer overflows) in the rooting platform that let you add an app to the list of apps allowed to use root without user confirmation.
TLDR: Root gives an app full access to the device, it could do anything with that. Even if you're careful with what you give root to, it still adds a lot of attack surface that could be exploited.
view more: next ›
Ultimately that is your choice. I personally will not use researchxxl's version considering they appeared out of nowhere and there was 0 communication about the transition. For now I will continue to use Catfriend's version and perhaps switch to nel0x's in the future.