Yes I know, and I want to try DivestOS one time. But they do incomplete patches.
They cannot update the kernel themselves or even worse the firmware. The kernel needs to be built and patched for the specific hardware, GrapheneOS relies completely on Google here. And the firmware needs to be signed by the vendors, so no chance either.
And especially baseband, cellular stuff has extremely many vulnerabilities in the code.
I mean I already reported 2 issues, but it still works. I can use it without big problems, I use the beta Flatpak (as explained in my flatpak remotes list).
Using Wayland too, Idk about any problems but if it wouldnt work I would just disable Wayland for the Flatpak and the app automatically runs through XWayland
Dont use "stable" software people.
Gimp 3 is already very nice! Use it exclusively.
I think 3a is already too old. I think 4a is a better minimum, but this is still insecure of course.
I dont get why people would care for influencers
All Android phones have Google malware installed by default, as system apps, which means those apps can do whatever they want.
So every piece of data you put on there is possibly tracked and collected.
Then there are 2 more problems
This makes it vulnerable to Pegasus attacks and others. There are tons of secure practices to avoid getting it, like LTE-only, HTTPS only, encrypted and trustworthy DNS, sandboxed processes, blocked javascript execution from unknown websites...
But still if the phone is outdated there are unpatched and publicly known security issues. Just spamming them at all phones is likely to succeed as so many people run vulnerable versions, as vendors suck.
Then if you have pegasus, the only way for security is to reflash the A/B partitions, both. Factory reset is not secure as it will keep what is already in the system partitions.
The firmware is protected and signed by the vendors, so it is likely clean.
But Pegasus installs itself to the phone storage.
If you A cant obtain factory images or B cant flash the phone at all, you cannot wipe it clean.
So a good activism phone needs
This makes them poorly pretty expensive. I think a slightly outdated GrapheneOS phone is okay though.
Burner phones are a strange concept. If you want to store sensitive data on it, you shouldnt use some cheap android phone or even a dumbphone without encryption support.
Like.... the Intel ME?? And no BIOS seems to allow the switch to disable it, even though that was literally required after the NSA sued Intel?
They had this on their homepage, advertizing QKSMS and Bromite as if they were project apps. Which they are not.
So either A: they preinstall apps as system apps or B: they have some form of installer that installs them as normal user apps.
You should have as many apps as user apps as possible.
Maybe they changes this idk. But QKSMS is not a simple SMS app like the one that GrapheneOS implements (the old and hardly maintained AOSP one) and Bromite is an unmaintained Browser which is a huge problem. Cromite and Quik are maintained forks.
Some Archive when they still had Bromite on their page
Could not find QKSMS but that was somewhere
I disagree. But these improvements are often low level, so that Meta can save costs doing the shit they do
Crazyy!
Btw I am XWayland free since today!
I have a list of recommended apps here
Some apps need environment variables:
Qt:
GTK
Electron
You can use
xlsclients -lto detect apps using XWayland.Some may even want to run apps through XWayland on purpose, like KeepassXC for Clipboard access or autotype. Lets see how long it takes to implement all the needed protocols.