dazinism forum.xda-developers.com/galaxy-s10…eos-17-1-beta0-s10e-update-t4076585

This claims to work on S10e. It says it's a security ROM, but the instructions are garbage

Looks like a terribly put together ROM, but if his claim is correct it looks like Samsung Galaxy S Exynos is technically a very viable candidate for GrapheneOS

Monthly security updates for 3 years, not completely horrific HSM, custom verified boot keys

It can boot a GSI with no major issues so AOSP compatibility is not a mark against it

It's also supported by Auditor

@aeon

whoops i can't use irc. aeonsolution[m] saw your message on github, what kinds of things need help on vanadium?

alternatively what's high priority and also not requiring security knowledge?

Riot is a good client too

gcbrown: i would start small first, if Vanadium sounds interesting to you try building it first

if not, exploring the issue tracker github.com/GrapheneOS/os_issue_tracker/issues would be your best bet

yeah that's where i found the gallery fix, my main issue is i don't wanna waste time fixing things that aren't urgent/important in general

i can't tell you what is high priority because i'm not in charge of the project

gotcha

Is there a way to open tabs in incognito always like in bromite but for vanadium?

if there is something you can contribute to and also lets you understand the project

even if it doesnt get merged, you'll learn two things

1. how those issues are related to the project overall

2. how we communicate and fix issues

anytime you as a new contributor add more work thats not easy to understand, it most probably wont get merged

because the developers are already juggling their schedules with maintenance

gcbrown: the gallery is a good issue and lets you see how everyone communicates fixes issues

* [correction] gcbrown: the gallery is a good issue and lets you see how everyone communicates fixes for similar issues

in order to help with that, in my opinion you need to be able to build the development branch and test your changes

contributing changes and putting it on the developers to test the change also probably won't get the change merged either

is the CTS the thing to use?

yes

<bonerdose[m] "Is there a way to open tabs in i"> i think that's an option issue for Vanadium

bromite has that option?

if you find where bromite added that feature on github.com/bromite/bromite, please hit me up

that is something i can help bring to Vanadium

* [correction] that is something i can help create a pull request so we can bring it to Vanadium

do you really need 100 GB to build?

>100GiB+ of additional free storage space for a typical build of the entire OS for a multiarch device

the only supported devices are on grapheneos.org/faq#supported-devices

alex-a-soto there is a built in VoIP client

<gcbrown "do you really need 100 GB to bui"> yes

Part of aosp

You can probably use linphone instead, or others

"Google in its FAQ list also tells you how to configure SIP calling on Android (they call it Wi-Fi calling)."

personally I like using a voip app so I can shut it off easily

bonerdose: if you find the commit for that feature please send me a message

gcbrown: if you need help with installing the project, the channel is really good at helping you troubleshoot the issue

gcbrown: if you have specific development question for Vanadium, please feel free to send me a message and i'll try to help you out

* bonerdose: if you find the commit for that feature please send me a message

[correction] gcbrown: if you need help with building a project, the channel is really good at helping you troubleshoot the issue

I use Voip.ms and Linphone

Are PRISM members required to put backdoors in their products?

<alex-a-soto[m] "Yeah, I'm looking to use somethi"> I went with jmp.chat, it's a pretty great service. Very private, too.

cn3m: strcat if you guys don't mind

what?

why ping

About jmp.chat and the conversation app it's just me or this jabber client use almost no battery??

<strcat[m] "why ping"> Probably about their PRISM question

@Icy-Sprite ;^): you have a serious misunderstanding about what PRISM is

and it applies to every US company

any company with a presence in the US really

if you have a presence in the US you are subject to the laws there

like any other country

<greenmoon[m] "About jmp.chat and the conversat"> Yea, I find it great on battery use. I pair it with orbot and everything through conversations goes through Tor.

and PRISM is part of the legal mechanisms they have put in place to request data from companies

which apply to every US company

not specific ones

So it's just about data requests? No backdoors or whatsoever?

@Icy-Sprite ;^): here's my suggestion: read and research

@Icy-Sprite ;^): read

and research

don't ping me for no reason

Alright, alright! Thanks btw.

<jiibus[m] "Yea, I find it great on battery "> Yea its crazy how the battery usage is low for that app compared to signal which is pretty bad on battery even with the recent battery fix or even compared to whatapps which use a less battery than signal.

Also, did you see their script to import a .vcf to your jabber account? Quite handy

Not i have just the sms trial thing with jmpchat

Ah! Well I can dig it up for you if you're interested

I dont need that but tanks

Alrighty

there a way to stop app run at startup?

want app only run when needed

force stop

second question, accessing tor on graphene unique?

proof_jr: startup is not the only thing that's relevant

dunno what you mean by that second question

doesn't make sense

if you force stop an app it can't run into you launch it again

stopping an app from running at startup wouldn't stop it from running, so you were asking the wrong question

tor recommends not changing screen size to blend in, pixel phones have somehwat unique screen resolutions

* tor recommends not changing window size to blend in, pixel phones have somehwat unique screen resolutions

proof_jr: are you talking about tor or browser privacy

tor

then why are you talking about browser privacy

I think there's likely an XY problem. Why do you want to control which apps start with the phone?

the Tor Browser doesn't hide the hardware that the browser is running on if JS is enabled - it doesn't successfully do that

jiibus: I answered the real question

already

strcat: what else should i worry about other than start at boot?

proof_jr: you shouldn't worry about it you should use force stop

proof_jr: force stops works

apps can start based on broadcasts, alarms, jobs, and other things

if you don't want an app running, force stop it

starting at boot is just an example to listening to ONE kind of broadcast

use force stop

can summarize to force stop is kill switch?

force stop kills the app and stops it from running again until launched manually

as I explained

jiibus: using most default apps, but some don't have good alternatives or web app

got it!

asking how to stop an app from running at startup is just not a relevant questionb

* asking how to stop an app from running at startup is just not a relevant question

what if the app runs every 15 minutes via a job?

or an alarm?

or listens to other kinds of broadcasts?

it's just the wrong question based on misunderstanding how stuff works

the answer to the real question is using force stop

that's all I'm saying

which AMONG EVERY OTHER WAY THE APP CAN RUN stops it from starting based on the startup broadcasts

and it is force stopped until you launch it again

also apps are force stopped after you install them - that's the initial state before launching them

Did not know that force stopping was preventing them from being triggered by others kind of brodcasts, it must ne a récent feature, Nice!

* Did not know that force stopping was preventing them from being triggered by others kind of brodcasts, it must ne a recent feature, Nice!

Force Stop's been around since as long as I can remember...

Damn i removed my message

Yea but i remember that before it did not prevented them from restarting when triggered by an brodcast thing

On the IRC side of things, our clients don't actually see the flags for removing a message, any edits are just appended as another message prepended by an Asterisk, and the deletion flags are ignored entirely.

I tried to removed the first message for people using the old riot app that don't display edits but 2 messages but it removed both 😕

So the superfreeze app from fdroid do that exactly, either you have to click force stop manually or you can enable the feature to register it as accessibility service to do that automatically

and then how are you going to use anything that needs to deliver notifications etc

or run jobs

I just don't add them to the list of app to stop

* I just don't add them to the list of apps to stop

Just a quick question about connectivity. If the device is on GrapheneOS in WiFi only mode and assuming all traffic from the device is encrypted but the network is hostile or compromised, what kind of attack surface does that open the device up to as far as execution of malicious code etc?

<marquisderad[m] "Just a quick question about conn"> https greatly reduces attack surface. Use a trusted VPN or TOR with https attack surface is minimal

> <@marquisderad:matrix.org> Just a quick question about connectivity. If the device is on GrapheneOS in WiFi only mode and assuming all traffic from the device is encrypted but the network is hostile or compromised, what kind of attack surface does that open the device up to as far as execution of malicious code etc?

* https greatly reduces attack surface. Use a trusted VPN or TOR with https and attack surface is minimal

So by using a VPN or TOR to filter all device traffic with a kill switch so that the network is not accessed without it, even on a hostile network the device would essentially remain secure yes?

One more thing also, if manufacturing a device with the idea of porting GrapheneOS or having it manufactured with security in mind, would a micro sd hardware security module be a suitable replacement for something like the Titan M?

Something like this

no

not at all...

Is there only OpenTitan or are there other suitable equivalents?

don't know what you mean but some random HSM like that doesn't have comparable functionality or security

you can't just drop in some random component offering a crappy HSM for RSA/ECC keys

that's not what the security chip provides

marquisderad: the whole point of the security chip is that it provides high quality hardware-based implementations of APIs used by the OS

it is not a random security chip dropped in and available for use

marquisderad: if you want to make an equivalent, that involves designing and implementing a chip providing the same APIs

can use the same open source drivers / HAL

the OS has no use for a random HSM, it has specific APIs that need to be implemented, you have the way it works backwards

AOSP has a specification

chip has to implement that

no use in one that doesn't and does not make sense to add some new half-baked, drastically inferior keystore that's not actually used by apps along with missing all the other stuff

I hope we don't have to ask NXP Semiconductors to make it. Or they'll tell us that we should ask our retailer for the documentation on those functions, then the retailer will tell us that the OEM needs to provide the documentation on those functions, then the OEM will tell us that NXP Semiconductors needs to provide the documentation on those functions.

T_T

Thank you for the in depth answer. I have a better understanding of it now. Will designing the chip to suit the AOSP specifications be a major hurdle in developing a security oriented device designed for GrapheneOS then?

marquisderad[m]: consider that chip design is expensive. Very expensive. As in, a multimillion-dollar company like Intel has to gamble its existence on a chip doing well.

AMD is starting to eat their lunch </joke>

Hehehehe.

Tasty

Apple is breaking up with Intel.

Now if only Tim Cook would break up with Xi Jinping... But I'm getting off topic.

heh.

Anyway, it might help with security on Macs

<TheJollyRoger "marquisderad: consider that chip"> Okay should I consider the idea of having a suitable device manufactured not feasible? It would be more beneficial to focus on existing hardware?

My thoughts is they're going to move closer to the iDevice platform over time

So that's entirely possible

I wouldn't say it's not feasible, just, it's going to be expensive and would require much more resources and manpower than the project has available at this point.

Need to focus on existing hardware the next few years.

Okay understood.

Grow the project, get more resources, then think about it again

How far off in the future is getting to the point of virtualization? Is it something that is accomplishable with hardware available today or is it a question of resources and manpower again?

Or for example the idea of using a microkernel

If people complain about anything less than twelve hour battery life, I don't think virtualization would be a viable approach for phones.

for a microkernel, I'm pretty sure the project can start looking into that when we've got a ready supply of maintainers for all its devices and a surplus of manpower and volunteers.

> 22:04 <@TheJollyRoger> If people complain about anything less than twelve hour battery life, I don't think virtualization would be a viable approach for phones.

I don't complain. There are also some workarounds and solutions for that issue, but I'm also somewhat of a vocal minority these days.

<TheJollyRoger "If people complain about anythin"> Not really much of an issue with fast charging though

<sheruleeya[m] "Not really much of an issue with"> Fast Wireless charging is a big issue with Google phones

Fast charging when wired is a non issue. To increase the charging have the phone in Airplane Mode. The estimated time tells me that it will be done in 3 hours but it usually takes 1 hour and 15 minutes.

This is all based on estimation but next time I can time it if you want.

The key is to have nothing running on in the background. At least this how I do it. It really is a non issue if the phone is dead though. Mainly talking about if you want to charge the phone while it is alive.

Netguard + Superfreeze

unlimited power

<AdventureCommuni "Netguard + Superfreeze"> NwtGuard is great. Would love to be able to run more than one active VPN connection though

* NetGuard is great. Would love to be able to run more than one active VPN connection though

Adguard has one in the works

so that you get filtering+firewall+vpn

though I dont really care for a vpn on my phone

all I do on it is browse reddit and riot

Adventure Communist: On a netguard issue is there a way for them to unblacklist your IP? They caught me running another VPN.

<AdventureCommuni "so that you get filtering+firewa"> Interesting

But yeah for my use netguard is more than adequate

<defconanon12[m] "Adventure Communist: On a netgua"> I dont know what you mean

<AdventureCommuni "But yeah for my use netguard is "> Its great that you can even add a host file into NetGuard blocking certain IPs.

NetGuard is garbage

k

<cn3m[m] "NetGuard is garbage "> Elaborate

It is bypassable as a firewall and as a blocker

GrapheneOS has built in features that are better for both

<cn3m[m] "GrapheneOS has built in features"> I mainly use NetGuard to block certain apps apps from the internet when I'm on mobile. Can I archive the same with Graphenes build-in features?

<sixBit[m] "I mainly use NetGuard to block c"> Yes, the network permissions revoke is far stronger(still weak, but much stronger)

From what I seen I really like Adguard. Though not that strong when it comes to blocking certain ads.

you can always had custom lists/domains

Use PrivateDNS for all blocking

It's far more secure and robust

This is all covered in the FAQ

It's there for a reason and it is more reliable than anyone here

If it's in the FAQ that's what you do

Netguard allows you to distinguish between mobile and wifi for each app and gives the option to only enable when the screen is on

vs just revoking network access completely

<cn3m[m] "Yes, the network permissions rev"> Wdym by the network permission being weak?

* Not really much of an issue with fast charging though

Edit: I meant wired charging.

<AdventureCommuni "Netguard allows you to distingui"> That's not secure

Yeah Im really worried spotify is gonna brick my phone

<sheruleeya[m] "Wdym by the network permission b"> Content providers, clipboard management, intents, and storage drops could bypass it without an exploit. Even a direct browser intent.

Vastly harder to pull off than normal firewall bypases, but GrapheneOS firewall will benefit from scoped apps when support for that is added

Adventure Communist: Spotify as far as I know doesn't brick phones. Now my only worry with Spotify is that they may switch to fully Google API which means no access when you get rid of Google services.

Anyone got the aurora working?

Firewalls aren't meant to keep data out when you're dealing with untrusted software

I was being sarcastic lol

defconanon12:

GrapheneOS does a good job of course

I can't tell with text. :P

It's far from perfect when it comes to firewalls. Check OS issues to see proposals

<defconanon12[m] "I can't tell with text. :P"> Yeah I just meant I wasnt worried about spotify trying to bypass the restrictions I put on it

<worldwideworld[m "Anyone got the aurora working?"> According to XDA thread it should be up and running again soon'ish. If you use a real/throwaway Google account then it works fine right now.

Hello everyone. Can we share files via nfc on grapheneos?

Yes

Hi anup

How can we do that. Can you please help

When I click on share I dont see any nfc option

h3rb_: Bluetooth, or USB C to USB C works. Never tried nfc

Hi Dazinism

Actually I tried sharing with Bluetooth and it works but I dont see an option for nfc

cn3m: had a pretty good look at the XDA post, unless i missed it/misunderstand (lots of replies, but i searched) couldnt see anything suggesting that they get verified boot working with the S10e

Hi guys, does someone know what are these strange requests vanadium is doing on every start? e.g http request to wiotuzj, kjkaldkaj and so on?

<dazinism "cn3m: had a pretty good look at "> I searched the comments

x0axff I think those are Google domains? Not sure what their exact purpose is. Might be more info on the Github/docs (if Vanadium has docs).

<x0axff "Hi guys, does someone know what "> Removed Google domains

They won't resolve

Ah

cn3m: whats the magic search term? Or got a link to the comment?

cn3m Ah so basically it changes the google links to something else?

<dallemon[m] "According to XDA thread it shoul"> Okay thanks

"Verified boot"dazinism

cn3m: what the fuck dude

I've been waiting on that log for a week now

I can't fix issues like this

Thought it uploaded

Looks like it worked

cn3m: I'm getting no results for that???

anupritaisno1: can you confirm?

dazinism: I'll check again

<cn3m[m] "anupritaisno1: can you confirm?"> Not there

anupritaisno1: encryption failure I invited you to another chat

Is their a safe way to use micro G?

worldwideworld: yes

Use it on a friend's phone

Your friend will resent you

But you'll be safe

I have a one plus as well download it the apk and send to my graphene?

worldwideworld: get glassrom on the oneplus

What is that?

I have a oneplus 6t seems it's not supported

Which oneplus though?

6t

Its not supported is it?

Hello everyone, if I factory reset my google pixel 3a with grapheneos installed, will it remove grapheneos? I want to keep using grapheneos, but I’m someone who likes to reset my phones or computers every few months or so,just to keep things fresh and optimal. I also don’t want to re flash the phone after a reset. Thank you.

<fire-water56 "Hello everyone, if I factory res"> as the other user said, it will keep the OS.. and wipe out any data.. back to square 1.. you will have to apply any patches since it was released

* No.

<fire-water56 "Hello everyone, if I factory res"> Nk.

<faheem5[m] "as the other user said, it will "> And patches are applied through graphenos update service, correct?

<fire-water56[m] "And patches are applied through "> correct!! if u want to avoid all that.. as u said before u can re-flash the latest ROM as it will do the same.. wipe any data and reinstall the OS.. or wipe within phone and go back to whatever version of the OS you had flashed initially

Thank you faheem5 and sheruleya. I appreciate your feedback.

Anybody tested Pixel 4 in GOS?

<sheruleeya[m] "Anybody tested Pixel 4 in GOS?"> Maybe check the log first

Can I not create custom tokens in network settings? I can't seem to save anything?

Is it advisable to enable a secondary dispensary for a temporary fix?

Oh wait I don't want it. It is coming from an http site.

<mxnorvak[m] "Maybe check the log first"> Never seen that much of info since the experimental releasem

I was just looking at a fix for Aurora Store and you can create a custom token in network settings and it works. But if it is coming from an http site I don't want it.

* Never seen that much of info again since the experimental release. It's not even talked about here that much after it was dome.

So I have a question when any of you search a setting in the developer options does that setting turn on and off? Once. Have I been compromised or just a bug?

* Never seen that much of info again since the experimental release. It's not even talked about here that much after it was done.

I meant it is on the "stable" release and all, and seemed to be not much of a topic and issue.

> <@sheruleeya:matrix.org> Never seen that much of info again since the experimental release. It's not even talked about here that much after it was done.

> I meant it is on the "stable" release and all, and seemed to be not much of a topic and issue.

It's somehow a big deal for the 4a

* (Deleted, and the delete function here in RiotX isnt an option)

> * (Deleted, and the delete function here in RiotX isnt an option)

This is a IRC channel first and foremost (bridged to Matrix). There is no deleting or altering once you sent something

You can delete your messages if you want through Riot.im in this chat room. Keep in mind though that your "mistake" will forever be logged since this channel is logged. Even your edits.

rip

<defconanon12[m] "You can delete your messages if "> Only deleted for RIOT users. Doesn't get deleted on IRC, or as you mentioned, the logs.

What is the difference from personal apps and work? What does it do

worldwideworld: hub.libranet.de/wiki/and-priv-sec/wiki/user-profiles

> @appservice-irc:matrix.org changed the power level of @freenode_TheJollyRoger:matrix.org from Moderator to Default.

TheJollyRoger strcat was this a bridge bug?

<dazinism "worldwideworld: hub.libr"> Thank you

@ DannyWorkOrderPr my IRC bouncer croaked.

Eighty hours and counting... I have a feeling that the CTS is running some tests over again because I elected to run everything. I think what I'll have to do is figure out a better test plan rather than taking the sledgehammer approach.

<defconanon12[m] "So I have a question when any of"> i just checked this on mine.. searching works.. i click on the item and it takes me to it ..but does NOT turn the option on or off

^^ i'm on the latest release if that helps

faheem5: I am on the latest beta release. So I believe it is a bug for now.

<TheJollyRoger "Eighty hours and counting... I h"> Wow

<defconanon12[m] "faheem5: I am on the latest beta"> as am I (version -- QQ3A.200605.002.2020.06.22.21) ..sorry to hear, but i'm not able to replicate the issue

Yeah. I just chose to run everything.

5jd92: can't confirm, never tried. You're on your own if you want to cut up an expensive phone.

<faheem5[m] "as am I (version -- QQ3A.200605."> i should clarify.. i am able to search for items and able to turn them off/on.. but it's not automatically turning it off/on when i click on the search item

Money is relativ, and for some security is worth some dollas.

* @JollyRoger Money is relativ, and for some security is worth some dollas.

5jd92: I suggest you look into repair and disassembly videos on YouTube if you want any guidance on how to physically modify your phone.

Since you won't find it here.

We don't provide software support for booting GrapheneOS without initialization of components assumed to be present and functioning on your phone. Each instance of GrapheneOS on a given device is bitwise identical for devices of its type.

JollyRoger: I am sorry i doasnt not want to get personal but you are only wasting my time, i please you to ignore all my message in future. Thank you!

I got forwareded already to by reddit to here

M5jd92[m]: you're welcome to download, fork, and modify the sources as you see fit, self-build, and self-sign your own builds and provision your own OTA infrastructure, but at that point you're not really running GrapheneOS.

I don`t understand why incompatant people don`t get hobbys instead of wasting others time. This OS is a securty os and this is his matrix channel, where the f you want me to ask arround? If not in the security OS channel then where ???

Last warning.

this for software, you asking about hardware

yeah like that is not living in symbios

i want to know it the software will ignore the missing parts?

* i want to know if the software will ignore the missing parts?

you can be our first test subject

try it and report results

now how to disable..

There is a guy on github issues that removed his WiFi chip and now his phone is broken he don't have cellular anymore 😹

If you want to find out, you will need to build a debugging cable using a Serial TTL UART cable to debug the phone over UART.

It's very likely that the phone won't boot if it doesn't find what it needs, and you'll need to self-build.

This means maintaining your own fork.

* not how to disable..

faheem5: Which device on you on? Pixel 3a XL here.

ahh k.. I am on Pixel 3a

Interesting as of now I am not able to replicate the issue. It must be rare.

> There is a guy on github issues that removed his WiFi chip and now his phone is broken he don't have cellular anymore 😹

So cellular doens`t work implicates that OS is starting even with removed Wifi Chip (wich is by the parallel the cell chip, of course it wont have cellular since it was removed to)

* > There is a guy on github issues that removed his WiFi chip and now his phone is broken he don't have cellular anymore 😹

So cellular doens`t work implicates that OS is starting even with removed Wifi Chip (wich is by the way parallel the cellular chip, of course it wont have cellular since it was removed to)

or open phone and put paper slip between lens and glass

^^ I think what folks are to say is this channel (support) is for the product as is.. if you want to modify/customize it.. ur more than free to do so.. but won't find much help here afterwards

guarantee phone turn on and camera don't take pic

> If you want to find out, you will need to build a debugging cable using a Serial TTL UART cable to debug the phone over UART.

I do not understand why would I have to debug?

faheem5[m] 's said it.

M5jd92[m]: if you excise the hardware components and your phone has trouble booting, using a Serial TTL to UART cable to retrieve the kernel logs encountered during boot is about the only way to tell conclusively where it's failing.

> ^^ I think what folks are to say is this channel (support) is for the product as is.. if you want to modify/customize it.. ur more than free to do so.. but won't find much help here afterwards

I never will modify, i have no time for that, i just want one simple thing, removed sensors. And I pay for it and I know many more people who will and are already paying for.

5jd92: open phone, disconnect cable and boot. if not boot, reconnect cable. Report results

but do at own risk

Has anyone tried casting on Graphene OS? I used to cast and I am just wondering how insecure casting really is?

Hey defconanon12[m], I haven't tried using screencast.

its as secure as the wifi hotspot of your display device

if it connects without any password, then its just over a unsecured wifi network

WiFi hotspots usually aren't that secure.

unless you configure your tv or whatever and put up a password

privacy_based_lifeform: Well I would be casting to a device. Not directly to the TV.

<TheJollyRoger "5jd92: if you excise the hardwar"> Are you so kind andl send me a link of a example cable when i google i find only fancy once, or imaging it diffrent/wrong? :P

<defconanon12[m] "privacy_based_lifeform: Well I w"> Casting always works over a wifi network

I have a complete start-to-finish walkthrough and itemized list of materials posted on my github, in fact. github.com/Peter-Easton/android-debug-cable-howto

what device do you want to cast it to

privacy_based_lifeform: Correct. I don't know if there really is a way to cast it.

<greenmoon[m] "> <@5jd92:matrix.org> > There is"> Can I have link to that github issu? So like I asked the OS seems to starting. Yeah doesn`t really which one he intended to rempve, since wlan and celluar are on same single chip xD

You don't need to know the device. All you need to know it is a device that supports DLNA connectivity.

for casting your phone and the display device should be connected to the same wifi network. Make it secure by putting up a WPA2 password on it. thats it

Am I wrong that GraphaneOS has its own sensors disable feature? Or does it use the official one?

GrapheneOS indeed has its own sensors permission toggle.

This is per-app, so for instance, if you have a fitness app that you use while running to count the number of steps you've taken, and an app that you don't want to have feeling the movements of your phone, you can turn sensors for one off, while leaving the other unaffected.

There is no user-facing sensors permission on the vendor operating system. It is not a part of the Android specification.

The same goes for the Network permission toggle; the Android specification does not have it, it is unique to GrapheneOS.

privacy_based_lifeform: Oh well that is already done. If I don't have to do any other hardening configurations and just that layer of protection then I might be good.

<defconanon12[m] "You don't need to know the devic"> > As you might expect, DLNA hardware is designed to work on a home network. It doesn't matter whether that network is wired or wireless, although with Wi-Fi you'll need to ensure that your network has sufficient bandwidth for what you want to do. We'd recommend 802.11n Wi-Fi for serious home sharing.

<TheJollyRoger "GrapheneOS indeed has its own se"> How do they act? My orginal thought is who ever coded sensors permission toggle, has a high posibilty to can imagine how the phone will behave when sensors where physcaly removed.

It just zeros out the input, correct?

If you were to switch the "Sensors" permission to "Off" then what it does is it zeroes out sensor input to the app.

<defconanon12[m] "privacy_based_lifeform: Oh well "> yeah, just make sure to put up a very strong password

This will give the app the impression that the phone is lying perfectly level, and perfectly still.

privacy_based_lifeform: Yep. Now I just need to worry about the app.

Note though that this will cause some apps, most notably SuperTuxKart, to stop functioning properly, because SuperTuxKart uses the sensors on your phone to act as your Go-Kart's steering wheel.

As well as some step-counting apps that use the accelerometer on your phone to measure when you've taken a step.

<TheJollyRoger "This will give the app the impre"> Ahh i see kinda emulating it, instead of removing it making a noise or stand photo. So as example if app forces active cam, it can start, but will dark, instead of crashing as example.

<TheJollyRoger "Note though that this will cause"> By default =D I use the touch-steering

DannyWorkOrderPr: ahahaha got it X3.

<defconanon12[m] "privacy_based_lifeform: Yep. Now"> what app? are you using a seperate app to host the casting? or the media player app?

Couldn't lay down as good of best laps with the g-sensors hahaha

privacy_based_lifeform: Host the casting. Not sure what app. Aurora Store is still down. I don't know of any open source ones. When I checked Aurora Droid I don't see anything of the casting nature.

I will use this phone only for secure communication, nothing else.

<defconanon12[m] "privacy_based_lifeform: Host the"> why not use the system screen casting?

Will the sensors permission disable while boot ? I am mean can`t it since it zeros out the input also get in place of phiscal sensor?

Hi is their a way make every app dark mode like u can with one plus it overrides apps and is there a way to double tap the screen to turn it off, thanks

<privacy_based_li "why not use the system screen ca"> Is there usable screen casting in AOSP/GrapheneOS? I haven't even bothered to check, have just been used to not being able to "Chrome-casting" stuff for some time

<M5jd92[m] " Can I have link to that github"> GrapheneOS/os_issue_tracker #29

privacy_based_lifeform: Device doesn't show up. Do I have to enable anything or is it active by default?

Danny@WorkOrderPro: Usable. Debatable but I can't find any of my devices.

<defconanon12[m] "privacy_based_lifeform: Device d"> is the display in discover/cast/screen mirroring mode?

just delete the camera app

Can't really delete the camera app. They can disable it though.

yeah that

<privacy_based_li "> <@5jd92:matrix.org> Can I remo"> Shit, there's been people here who have accidentally knocked the ribbon cable out just by dropping the phone on the table the wrong way, try that 🤣

<privacy_based_li "is the display in discover/cast/"> Hmm ok, and this will prevent what? Check for camera at booting?

it will check for the camera and it wont be able to find it, so it will throw an internal error and ignore it

> <@privacy_based_lifeform:matrix.org> is the display in discover/cast/screen mirroring mode?

* Hmm ok, and this will prevent what? Check for camera at booting? EDIT: Read first now the red collored part.

Ok perfect, so since wlan/celluar chip can be fried, and camera can be taken out, and OS will start fine. So then i guess the microphone should make least problems at least i hope so.

yeah

But once you removed all that stuff the phone will be useless lol

not sure about the wlan/cellular chips tho, thats your joyride

would love to know your experiment results for that one :)

A friend of mine knows a crazy nomad kind guy, who takes sensors out for shady people. He is hard to catch and not easy to speak i heard he told something like there is a 3 Sensors max failure tolerance.

takes notes vigorously

Yeah i will need wlan chip, so i will not burn it, but i meant the guy und github kinda made a stress test for me already xD when it comes to the topic "taking" frieing parts out. xD

5jd92: In your case the more you know about security hardware solutions the better off you will be.

Daniel shared a link to Google describing fixing the MAC address leak. Does anyone have that link? Can't find it

you can take a heatgun and de-solder you chip, that shouldn't harm it

if the phone fails to boot then simply solder it back

cn3m: Here is the timestamp freenode.logbot.info/grapheneos/20200603#c4044233

<worldwideworld[m "Hi is their a way make every app"> Anything guy's?

Some launchers have that double tap feature

<worldwideworld[m "Anything guy's?"> the developer options has a "override/force dark mode to all apps" option i guess

<M5jd92[m] " A friend of mine knows a crazy "> He doesn't sound very crazy to me. Without knowing the resistance etc involved in each part, doesn't sound like a bulletproof rule, either. There's calculations involved.

If you had the right kind of documentation you could solder in resistors to compensate.

<privacy_based_li "the developer options has a "ove"> It doesn't override all apps

Do you need to? I have this lenovo that I have tore down and poked alot on it, took off the notification led, camera, viberation motor, headphone jack and powered it on with motherboard in my hand and still it works

<worldwideworld[m "It doesn't override all apps"> edit the app and build it?

privacy_based_lifeform: Oh to answer your question my display device doesn't receive anything. Usually I accomplish this by using third party apps.

<privacy_based_li "Do you need to? I have this leno"> Sometimes yes, sometimes no. Without testing everything max power, it's tough to tell if you'll fry your board.

Read the full usage pages, and this paragraph makes me just wet and horny :P

MAC randomization is always performed for Wi-Fi scanning. Pixel phones have firmware support for scanning MAC randomization going significantly beyond a naive implementation. On many other devices, there are identifiers exposed by Wi-Fi scanning beyond the MAC address such as the packet sequence number and assorted identifying information in the probe requests.

<DannyWorkOrderPr "Sometimes yes, sometimes no. Wit"> These days, shit being broken but still in place seems fine, removing things is where you get into trouble if you're gonna find any. But, still unlikely to have trouble.

<defconanon12[m] "privacy_based_lifeform: Oh to an"> ohkay

Fun real world example: I crushed the shit out of the voice chip in a Fire TV remote. Worked exactly as expected - not at all.

<DannyWorkOrderPr "Sometimes yes, sometimes no. Wit"> what do you mean max power?

<DannyWorkOrderPr "Fun real world example: I crushe"> you crushed it, not removed it properly. It must be shorting

<privacy_based_li "what do you mean max power?"> As in, all of the devices pulling as many amps as they're able to simultaneously

<privacy_based_li "you crushed it, not removed it p"> That is correct.

<DannyWorkOrderPr "As in, all of the devices pullin"> yeah it works normally, no problem

Has anyone in here used Image Pipe to remove the EXCIF metadata? It is terrible at changing the file path and not exactly sure how.

What is more advisable to do when it comes to preserving battery life? Should I always have battery saver turned on? I already am on Airplane mode for the most part. Is it more advisable to charge the phone as soon as it hits one percent or let it die? If anyone knows elaborate please thanks.

I utilize battery saver a lot by the way.

<privacy_based_li "edit the app and build it?"> How do you do that?

<defconanon12[m] "I utilize battery saver a lot by"> thought I read with newer phones (battery type) cycling is not needed at anymore.. u can charge at 1% or 50%.. over the life of battery it wont make much difference.. not a SME on this topic though

Don't let it die, there's no "life" to get it used to like old nickel-based batteries, but definitely try not to charge it a little bit over and over, there are a limited number of cycles (no matter the size) before the battery degrades.

the biggest benefit to battery saver is it turns off background data.. so if ur in airplane mode.. maybe it's not making that much of an impact (unless ur wifi all day)

<mrmanpants[m] "is this a good place to ask/disc"> media.giphy.com/media/3og0IN2YJFptu9DQAw/giphy.gif

jk.. sup? i can help if i know the answer

faheem5: WiFi all day heh.

Danny@WorkOrderPro: Thanks for the info there is a reason they say let it die so they can make more chi chang! $v$

<defconanon12[m] "faheem5: WiFi all day heh."> makes sense.. battery saver vs disabling each app permission (background data)

faheem5: I limit the background data as much as possible.

<mrmanpants[m] "i'd prefer to keep my phone in a"> hmm good questions.. back in the day, when i was naive.. i had GV.. i suppose if there are pre-paid vendors willing to accept BitCoin that would be ideal.. i personally use Mint (its' cheap and uses T-Mobile's network) along with Signal

<mrmanpants[m] "I plan to use wifi 95% of the ti"> So leave VoIP calls receive ONwhile on wifi

Not completely eliminating cause that will be inconvenient really.

sorry I don't have any good recommendations for VOIP ..other than NetTalk (mainly for home services for last 5 years)

i'm not as hard core as i once was.. so i keep the celluar radio on at all times to recieve calls/txt from people.. but i try my best to get those closest to me on Signal

each their own.. i

i've settled on a balance.. bit of privacy and not giving up too much conveniences

still have folks in my circle who use fb messenger/apps from their phones (+ IG, whatsapp etc) ..i've learned not to preach anymore.. if they ask.. ill do my best to explain my stance and reasoning behind it.. but many just don't care or understand

think it's great to be aware of the downfalls (some call it paranoia) but u gota balance it out with ur individual lifestyle

makes sense.. it would be great research on finding a secure/privacy friendly voip provider.. i'd be interesting in learning what u come up with

the native dailer app does have SIP settings

far as the OS/app supporting it

<faheem5[m] "makes sense.. it would be great "> I'm assuming Twilio is out, for one reason or another?

u can type in ur voip provider info (server address, u/n - p/w ) to connect to ur provider

without using another app.. or so i think

I have not heard info one way or another - but they're the biggest/most popular, which is why I was wondering why you hadn't decided to use them.

Would be interested in info either direction.

Do the grapheneOS Internet toggle also prevent the Intent Filter Verification Service system app from sending data for the app?

voip is pretty easy, there is a built in voip client in AOSP

What kinda name is that lol

Signal uses Twilio to send out the SMS verification PIN codes, for whatever that's worth

implying that they vetted them somehow

android open source project

what graphene is based on

android open source project

<nickcalyx[m] "Signal uses Twilio to send out t"> and ton of fortune 500 companies.. plus they have certification behind em too.. hippa etc

SIP = voip

my only thing is does twilio offer their products/services to individuals or companies

<faheem5[m] "and ton of fortune 500 companies"> Is that like a fatter version of HIPAA? 🤣

Anybody get a gcam apk to run on graphene?

just bustin, carry on =]

i read once.. and it

* i read once.. and it's true.. whenever u rely on a provider (i use nextdns instead of pihole) u r assuming they r gona do right by u (guard ur privacy etc) vs building ur own infra

goes true for anything voip.. dns etc

worldwideworld: usually you want to use separate user profiles. The work profile isn't really meant to be used like that

<faheem5[m] "my only thing is does twilio off"> I used to work for them. You register and pay, you can use their service, or at least the most basic layers. To the extent that I remember, however, there isn't a "VoIP phone service" they offered — it was more low level.

anyone previously used easer for automation?

Never worked right for me.

I switched to WiFi Manager for WiFi, but that doesn't work either. GREAT! 😖

Greentooth works fine tho.

mrmanpants: There is voip.ms and jmp.chat as well

Getting SMS with Twilio is a little more complicated afaik, also they do not support receiving short-codes, so if u wanna use it for verification codes I would avoid them

Voip.ms says they cannot guarantee shortcodes, but I can receive them. Only thing is there are a little more strict with using a VPN to pay, but if u r nice to customer support they usually allow u to bypass. Jmp.chat is more "private" and they fully support sending to and receiving short-codes. Also, they use XMPP for registration and u can pay with any crypto thru shapeshift iirc if u want that

Voip.ms is fine for my needs, I just wanted a Google Voice alternative, really

What do you mean exactly?

Oh ok, yeah I am not aware of those. Maybe someone else can help there :)

Well, what is your use case/reason to get VoIP?

SIM is for data I presume(?)

And no problem, I somewhat recently spent some time looking at different providers ha

I mean JMP.chat is just $35/year, and it would also provide some compartmentalization between ur sim and VoIP provider. Voip.ms has two different options for pricing. U.S. rates: voip.ms/en/rates/united-states

Also for SMS, would you mainly be receiving or both sending and receiving, as that changes things somewhat

Yeah then Voip.ms/JMP.chat is a great solution

Yep!

Fair enough, yeah.

Is there no sharing button in the default Gallery app?

Did Jolly Roger do something?

<concat[m] "Did Jolly Roger do something?"> Happened a few times today, nah

<defconanon12[m] "Is there no sharing button in th"> I have one

Tap & hold an image

Android is frustrating in its inconsistency sometimes

Danny@WorkOrderPro: Uh you mean in the file manager cause I see it there. Just not in gallery. But I see what to do now instead of using a 3rd party app.