[-] Andromxda@lemmy.dbzer0.com 84 points 1 month ago

Without all the features that actually made the Steam Controller great... yeah

[-] Andromxda@lemmy.dbzer0.com 78 points 2 months ago

Fixed that for you

[-] Andromxda@lemmy.dbzer0.com 69 points 3 months ago

Probably not the answer you're looking for, but switch to Linux and use Piper, a free & open source replacement for the Logitech software, that was created because they don't offer an official version for Linux

[-] Andromxda@lemmy.dbzer0.com 64 points 3 months ago

Wait but Hexbear said that China is a democracy? Did they lie?!??

[-] Andromxda@lemmy.dbzer0.com 65 points 3 months ago

You mean like this?

[-] Andromxda@lemmy.dbzer0.com 81 points 3 months ago

Could very well be possible. Apple did the same thing with macOS Catalina in 2019. Since then, there are no kernel extensions, meaning no third-party code running at kernel level. This greatly improves the security of macOS, and other desktop operating systems should do the same.

[-] Andromxda@lemmy.dbzer0.com 69 points 4 months ago* (last edited 4 months ago)

A lot of the security of Graphene OS comes from AOSP itself

GrapheneOS never claimed anything different, in fact, on their website, they say:

GrapheneOS is a private and secure mobile operating system with great functionality and usability. It starts from the strong baseline of the Android Open Source Project (AOSP) and takes great care to avoid increasing attack surface or hurting the strong security model.

GrapheneOS just adds to the already solid security of AOSP. The security improvements are listed at https://grapheneos.org/features. Also, a bunch of AOSP security features originate from the GrapheneOS project and were merged into the AOSP codebase. Just so you know.

If you get malware on your device, you most likely can just uninstall it.

This is not the kind of stuff GrapheneOS is defending against. GrapheneOS specifically focuses on persistant malware by improving Android Verified Boot along with other security mechanisms.

I think this is actually pretty useful but I haven’t seen a need for it much in the real world.

There is a real-world need for it. Hardening the system against attacks from commercial/state-sponsored spyware like NSO Group's Pegasus or Cytrox's Predator requires extensive defense-in-depth improvements to the entire operating system stack. If you want to see an instance of actual, real world kernel-level exploits against mobile devices, look no further than the case of UAE-based human rights activist Ahmed Mansoor. In 2016, his iPhone 6 was attacked by the UAE government, using the Pegasus spyware made by an Israeli cyber mercenary company known as NSO Group. The attack used a payload delivered via SMS, which contained a link to a malicious website. If Mansoor would have clicked on the link, a zero-day exploit in WebKit CVE-2016-4657 would have been triggered. The attack used the Trident exploit chain, which if successfully deployed, would have remotely jailbroken Mansoor's iPhone, using, CVE-2016-4655 and CVE-2016-4656, two kernel-level exploits present in iOS at the time. There are very good reasons for a security-focused OS like Graphene to make substantial improvements to all parts of the Android operating system, including the underlying Linux kernel.

However, from my perspective, you should not run apps that are bad for privacy. Running it in the web browser will be more secure than bare metal could ever be.

Some apps simply can't be run in a web browser, and they require you to install them on your device. GrapheneOS significantly helps with running untrusted applications in a safe manner, especially when using the hardened user profiles feature, which essentially makes you anonymous (in regard to device and profile identifiers, it is still important to use a VPN/Tor, etc.)

I think other ROMs such as Calyx OS take the ethical component much more seriously.

Claiming to be a secure OS while repeatedly missing important AOSP security patches is pretty misleading, and giving the user a false sense of security is not quite ethical. GrapheneOS is very minimalistic, and the user is free to choose how they want to get their apps. Although I support the fact that CalyxOS bundles apps like Signal and F-Droid, some other users might see it as unnecessary bloat. I prefer Graphene's approach of only including strictly necessary apps, and leaving the rest up to the user.

Graphene purely focuses on security while Calyx OS focuses on privacy and freedom.

A secure base device/OS is what enables privacy and user freedom. It's not like GrapheneOS is taking away any of your privacy or freedom, in fact, it is very private by default, due to its minimalistic nature: https://grapheneos.org/faq#default-connections

I realize that MicroG is not perfectly compatible, and some people need apps, but I think alternatives are going to always be better.

The main problem with microG is the fact that it needs to run as root, whereas Sandboxed Play Services uses a much more secure approach for getting Google services, while still preserving user privacy.

One of the most annoying parts about Graphene OS is the development team and some of the community.

Not quite sure what you mean. The GrapheneOS team just really cares about good, high-quality, secure and complete code, and they like to call out any projects that don't follow these principles. Just like Linus Torvalds has a history of rejecting poor, low-quality code, in order to keep the Linux kernel codebase clean and easy to maintain. They're just focused on quality, and if people are offended by that, they should really overthink their own approach to writing and maintaining code.

Here is a page that isn’t written by me that sums it up: https://opinionplatform.org/grapheneos/index.html

That website almost feels like a shitpost. Any source that tells you to "Avoid [GrapheneOS] like the plague", but claims that LineageOS is "Good to go!" shouldn't be taken seriously. Recommending people a highly insecure OS that doesn't even allow for locking the bootloader is straight-up user-hostile. I could go through each one of the "arguments" brought up against GrapheneOS, but they are so bad that I don't feel like wasting my time on a whole bunch of them. But let's just go through one example:

https://opinionplatform.org/grapheneos/strcat-tactical-licensing-20230409.html

This post suggests that GrapheneOS is somehow against open-source software, and shows the following chat log:

backpacklaptop: Do anybody know what happened to bromite?

Apr. 9, 12:59

joe: it's not actively maintained Apr. 9, 14:32

there's no proper announcement or notice, that's the bigger issue Apr. 9, 14:35

strcat: we're working on completing state partitioning including for cookies in Vanadium, and we'll be adding other features like content filtering

collaboration welcome

Bromite was using nearly all of our work on it and they decided to start disallowing us from using their work in return by strictly licensing it only as GPLv3 Apr. 9, 14:46

so we switched to using GPLv2-only with additional permissions (to make it more permissive) which blocked them using our code since GPLv2 forbids GPLv3's additional restrictions

may have something to do with it dying, don't know

it's possible we can switch back to MIT licensing if it's dead but I'm not going to do that yet

Apr. 9, 14:47

Bromite literally used Graphene's code and then changed the license to prevent GrapheneOS from using any of the Bromite code. In response to this anti open-source move, GrapheneOS changed the license for their Vanadium browser from MIT to the more restrictive (but still FOSS!) GPLv2 license. But apparently GrapheneOS is "using tactical licensing changes against bromite". What a stupid argument. Anyone who spreads such garbage on the internet can't be taken seriously. The chat log also shows the GrapheneOS main dev (strcat) saying:

collaboration welcome

But the exact same post on that troll website claims that GrapheneOS is "discouraging cooperation between developers". I think I gave more than enough examples why this shit can't be taken seriously. It also shows really well how hostile some parts of the community are against GrapheneOS, for no real reason and with absolutely no arguments.

Another example of this is Jonah Aragon, who posted a really stupid toot on Mastodon, comparing the GPLv2 license of GrapheneOS to FUTO's source-available license. This claim is so infinitely stupid, and by Jonah's definition, the Linux kernel isn't FOSS since it's also licensed under the GPLv2. These are the kinds of people that Graphene devs have to deal with all the time. A bunch of trolls and absolute morons.

202
submitted 5 months ago* (last edited 5 months ago) by Andromxda@lemmy.dbzer0.com to c/technology@beehaw.org
1549
14

cross-posted from: https://lemmy.dbzer0.com/post/22889071

hydroxide-push is a fork of hydroxide for receiving Proton Mail push notifications for via UnifiedPush created by @oranki@lemmy.world
Thanks a lot for creating this awesome project!

This is going to be very useful, until Proton finally implements native UP support in their Android apps. (They currently only support Google's proprietary FCM). Make sure to upvote this feature request: https://protonmail.uservoice.com/forums/284483-proton-mail/suggestions/47423924-support-unifiedpush-for-android-notifications

Consider contributing to the project and make sure to report any bugs that you find.

55
submitted 6 months ago* (last edited 6 months ago) by Andromxda@lemmy.dbzer0.com to c/newcommunities@lemmy.world

Hey guys,
I created this community to promote and talk about the UnifiedPush project. It aims to create a free and open source alternative to Google's proprietary Firebase Cloud Messaging (FCM). Quite a few apps have already adopted the UP protocol, but there are still many FOSS apps lacking support for it. I will post GitHub issue threads where UP integration in FOSS apps is being discussed. I will also post about new apps that gained UnifiedPush support, and other useful tools that help with using UP. If you want to stay up-to-date about ongoing developments in the Android FOSS ecosystem in regards to push notifications, consider subscribing to !unifiedpush@lemmy.dbzer0.com

I also recommend following the official Mastodon account, joining the Matrix room and donating to support development!

12
2
9

cross-posted from: https://lemm.ee/post/33919397

Here's a Video about this

1285
This is hilarious (lemmy.dbzer0.com)
370
Santa's dirty secret (lemmy.dbzer0.com)
595
Pencilvania (lemmy.dbzer0.com)
6

cross-posted from: https://lemmy.world/post/15959537

Hadn't seen this here yet, a co-worker of mine sent it my way so I'm just spreading the word. Looks interesting, to say the least! Anyone tried this out or had any other experience with it yet?

16
[-] Andromxda@lemmy.dbzer0.com 66 points 7 months ago

Capitalism ruins everything, news at 11.

[-] Andromxda@lemmy.dbzer0.com 79 points 7 months ago

The base version of IntelliJ is FOSS, and they kinda offer perpetual licenses for their paid applications. If you subscribe for an entire year, you get a perpetual fallback license. It's just a license for an older version of the software, but you get to keep it forever. https://sales.jetbrains.com/hc/en-gb/articles/207240845-What-is-a-perpetual-fallback-license

[-] Andromxda@lemmy.dbzer0.com 91 points 9 months ago

SMS used to be the standard way of messaging people on a cellphone. Since a European country is about the size of one US state, it's pretty common to have friends, family or other people you have to message in another European country. Many carriers still charge additional fees for sending SMS messages to other EU countries. So Europeans needed some way of messaging people in other countries for free. That's where WhatsApp came in, it's designed for phones and simpler to use than Email. In 2013, WhatsApp was bought by Facebook, which later became Meta. It's basically the same for other countries that rely on WhatsApp, they need to send messages to foreign countries frequently, which can become quite expensive when using SMS. Americans never needed WhatsApp, because they don't have to message people in foreign countries as often as Europeans, and they often have unlimited SMS included in their cell plans.

[-] Andromxda@lemmy.dbzer0.com 69 points 9 months ago* (last edited 9 months ago)
  • LibreWolf, a privacy-optimized fork of Firefox
  • Mull, hardened Firefox for Android.
  • EteSync with self-hosted Etebase, an end-to-end encrypted solution for syncing calendars and contacts.
  • Molly, a hardened Signal fork for Android.
  • Accrescent, a secure, alternative app store for Android. Still in an early stage of development though.
  • UnifiedPush, a privacy-friendly notification system.
  • LibRedirect, a browser extension that automatically redirects you to private frontends for privacy invasive websites.
  • movie-web, a web app that let's you watch any movie/tv show for free. I highly recommend it.
  • Seal, an amazing Android app for downloading videos. YTDLnis is an alternative.
  • Cobalt downloader, a website that let's you download basically everything imaginable from the internet. All kinds of posts, photos and videos from various social media platforms and many other websites.
  • Linkwarden, a bookmark manager that can be self-hosted. Also check out Omnivore and wallabag.
  • ArchiveBox, a self-hosted app for archiving websites.
  • Tube Archivist, a self-hosted app for archiving YouTube videos/playlists/channels.

(I love downloading and archiving stuff lol)

view more: ‹ prev next ›

Andromxda

joined 9 months ago