<nickcalyx[m] "Yeah but whats wrong with GPL3"> too restrictive for the project

it's in the FAQ one sec let me find it

never mind my bad it is not in the faq or the contribution section of the build guide

nickcalyx: we want it to be permitted to make devices with GrapheneOS that don't support unlocking the bootloader

nickcalyx: so we can't include any GPLv3 code since then people couldn't do that with GrapheneOS

nickcalyx: we can certainly distribute builds of GPLv3 apps via a first party repository

they just can't be preinstalled

nickcalyx: so what I want to do is just hide the sample calendar app and keep that around for the CTS

and if people want to install Etar they can do that

and when we have a first party repo it's one of the apps that could be in there

JollyRoger signal it's imports

* JollyRoger signal it's important

Does anyone know if Graphene OS has a built in read aloud feature or recommend a read aloud app?

Does anyone know if Graphene OS can take live pictures?

<RiotElement[m] "Does anyone know if Graphene OS "> TTSUtil with Google Text to Speech works for me

I have been told here that force stopping an app would prevent it from starting again if you don't explicitly start by clicking on the icon but it's false I have an app using sdk29 (user land) that still randomly start even when force stopped.

* I have been told here that force stopping an app would prevent it from starting again if you don't explicitly start by clicking on the icon but it's false I have an app using sdk29 (Userland) that still randomly start even when force stopped.

Apps can start even if force stopped

Other apps can wake them up

GCM, although not present on graphene is an example

Their alarm clocks can also wake them up

Yea I see

Was mislead by that, probably wrongly understand

RiotElement: force stopping an app removes jobs/alarms

and a fresh installed app cannot have those anyway

greenmoon: you're probably doing something wrong

per the security model an app that is force stopped can't start itself

if you find a way to bypass that report the vulnerability for a bounty

you probably didn't.

greenmoon: perhaps you're confusing 'force close' for an unresponsive app with force stopping it

I found out what was starting the stopped app, it is the file app.

File manager

greenmoon: yeah, I'd been a bit confused, but came to conclusion apps could be started by other apps.

Wondering when file manager is starting apps? Guessing its when you tap a file type which only that app supports?

greenmoon: That a bit weird.

I'd come to my conclusion by using apps_Packages info

Using that to launch some activities of an app

When the pixel 5 releases how long do you guys think it will take GrapheneOS to support?

I'd noticed that force stop doesnt work reliably with apps running in a Shelter created work profile

Syrillic: it needs someone to step up to work on porting Garphene to any new device.

Makes sense but currently graphene supports all pixel devices?

Also unlikely a new device will be added while its on a different version of AOSP

What’s AOSP?

Android Open Source Project

Ahh makes sense

So what device do you guys recommend for GrapheneOS

Currently

the FAQ covers it very well

<dazinism "I'd noticed that force stop does"> I use his freeze feature for shelter its more powerful I think, you can add an icon to do it

<greenmoon[m] "I use his freeze feature for she"> it is really crap actually

using client side checks

Not u

<cn3m[m] "the FAQ covers it very well"> Thanks

if you want to actually disable an app in shelter use the switch in the launcher to log off the whole profile

Pixel 4 is the most secure with the longer support. 3a is really reliable and great for value and support

New devices start on a different aosp branch and it tends to be a few months until all existing devices move to the same branch.

<cn3m[m] "using client side checks"> You say bs, the app is actually disabled you can see it in Settings-Applications-see all apps-work apps

* Thats bs, the app is actually disabled you can see it in Settings-Applications-see all apps-work apps

So the quickest it will happen is about 3 months from a device being launched. If someone (or company)works on porting GrapheneOS and someone commits to being the maintainer of the device.

Yeah, using shelter to freeze apps apparently does do a really strong shutdown.

Can't see them from settings>apps anymore

Or app launcher

Other apps can no longer see them

I will give it a test might have been thinking of the other one

what is that one called?

Theres Super Freezz

Never tried it

wait no I am thinking of greenify and one called Freez

<dazinism "Theres Super Freezz"> oh that

I got the idea that Super Freezz may be a way to more easily 'force stop' apps. But I could be completely wrong as I've not tried it.

We were speaking about the freeze feature of shelter

Superfreeze is just force stopping

greenify is a stupid way too

and there is another

Dazim all those apps are freezed i made a folder on desktop to turn them on quickly

Dazinism*

Yeah I get the idea Super Freezz is the open source answer to Greenify. Imagine they work the same way, but I could be wrong

Anyone know if the VPN leak has been fixed?

my bad on shelter good catch guys

greenmoon: yeah, I make homescreen icons to unfreeze apps that I freeze in shelter

That includes signal, as I dont use it much and it can, under some conditions, eat a whole load of battery real quick.

Ya signal is battery hungry sadly even with the recent battery fix

Apps really vanish from the device when they are froozen in shelter. Without the unfreeze shortcuts the only way to find a trace of them is looking in the shelter app. And they are hidden right at the bottom of the work tab.

Hi I'm kind of new to using customROM's and I have a question

If I understand it correctly, installing GraphenOS will delete any memory on my device. This isn't a concern for me, because I'll be using an out-of-the-box new phone.

I am however unsure what to do with my SIM card. Is it best to just pop it in, after I get Graphene up and running? Or should my SIM already be inserted during the installation and should I back up for example my contacts on it?

tvg: it should be fine to stick it in after

you've installed GrapheneOS

I wish Etar had a widget though :(

<dazinism "tvg: it should be fine to stick "> Thank you so much!

tvg: no problem

Yea but don't the 3a require internet access to unlock the bootloader? I think I have read that somewhere

Unlike precious models

Previous*

greenmoon: oh yeah, think my 3XL did.

:/

Can you just use WiFi?

Without sim

So just connect my device to our WiFi before installing Graphene and still insert the SIM afterwards?

Like that?

Idk, I was asking also

Yeah I just used WiFi

Well, it was a while ago, but I'm pretty sure

May I ask how much of a ram does system takes on your pixel 3a. I think out of box mine was around 1,5gb and while iddle the battery wouldn't drop a single %. Now on 2gb it drains faster, not sure if I caused it be downloading some fishy app or just switching to unstable beta.

Check the battery stats but ram usage isn't what is draining your battery

May turn on battery saver but no app runs in background anyway

Usually I've experience things like airplane, battery saver mode not turning off sensors doesn't help at all

Based on usage the top is launcher

From my experience low/poor signal strength drain faster also

I have also read that on the internet, not sure if true but I think it is

Hm that may be it, constantly turning on and off the Wi-Fi

Is there a way of changing the refresh rate in adb?

I'm slowly losing my mind with the green flickering and I'm not a fan of dark mode, so battery saver is a no go at the mo.

And I'm not a full brightness type of guy.

Poor cell reception definately uses more battery. Particularly if you are changing 4g to 3g a lot

Damn this flickering thing is really bad

Can't u get a replacement? All phones are affected? Its not covered by warranty?

It only seems to be on the 4XL (iirc). It is to do with the gamma calibration at 90hz. 60hz is fine. Yesterday, I tried the stock ROM, AOSiP, LineageOS GSI, and phhusson's GSI ROM. All but stock had the flickering. I tested the CleanSlate kernel and used the corresponding app, but I don't trust it.

:/

someone posted a custom kernel page that fixes the flickering

So, Google have issued a fix, but it just isn't implemented in AOSP ROMs yet

wait, it’s fixed upstream?

<travankor_ "someone posted a custom kernel p"> Yeah, CleanSlate? Used it. It is okay, but a hacky fix and I don't want to use any other kernel.

Yea that's a pretty bad idea

It must be fixed upstream, as I don't get flickering using the stock ROM.

hmm so graphene just needs to update their build, then

unless the stock build uses proprietary stuff

I'd kill, donate, pay, reach around, rusty trombone or anything to have the option to enable or disable 90hz, tbh.

Without having to opt for battery saving and the dark mode. Dunno why dark mode themes are so popular, I've never got into it.

90hz seems like a mistake in general

Don't get me wrong, it is smooth as silk and there is a noticeable difference if you have two devices side by side. But for day to day usage, it doesn't make a great deal of sense

Some new phones have 120hz 👀

<SchismXL[m] "I'd kill, donate, pay, reach aro"> It's not possible. Hope that answers your question

Google did something to the rotation control app

It no longer works

At least not on custom roms

srs??

Yes

Saw the ASUS Rog reviews yesterday. Gaming, yes. Everything else, no.

They also refuse to fix it

hello, i have asked about this before, but if choosing a new phone was determined between imessages and maybe app selection, would a iphone or pixel be better? i keep seeing plenty about how iphones are "bad" now, or not quite as good for security

<SchismXL[m] "Saw the ASUS Rog reviews yesterd"> Tbh I don't have any problem whatsoever with 90hz

app selection being access to some apps not available to non google play services apps

<Jimmehh[m] "hello, i have asked about this b"> here one sec the lead dev has a good writeup

you can't go wrong with either a pixel or iphone but read this

<anupritaisno1[m] "Tbh I don't have any problem wha"> Luck of the draw, then?

i've read some of those, but i'm just so indecisive, probably get it from my mom lol

i'm kind of drunk too, so sorry if i spelt anything wrong

or sounded completely insane

oh wait

cn3rm

or whoever

you are on the

mod on the subreddit correct?

I use both platforms just pick what your gut says

Better to get an iPhone for your mom than a grapheneos or a google android filled with adware apps

well ok, problem is. all my friend use ios, so imessages would be nice, but family uses android, so it doesn't matter

> <@jimmehh:matrix.org> you are on the

> mod on the subreddit correct?

yes

And I phones have longer updates support

most of my gaming uses facebook and shit

<cn3m[m] "> <@jimmehh:matrix.org> you are "> good to talk!, i haven't spoke to you yet and i really wanna support the project

greenmoon: support is a major thing too

<Jimmehh[m] "good to talk!, i haven't spoke t"> :)

i'll check that post out some more

i'd love to get into security research mainly ios, but hopefully arm in general if possible. so if i can contribute to the project i'd love to

ios just seems so convenient over android

I'd get an iPhone as a daily and a used Pixel for development?

but id love to support graphene if possible

i got an 8 plus as of now

and id like a phone that isn't vulnerable to checkm8 and i won't jailbreak lol

Oh a phone for you, not for your mom lol I have read it wrongly.

checkm8 is not a big concern. You have the SEP. Whenever you leave your device unattended reboot it

oh yeah, like i said i'm kinda drunk lol

the bigger thing it is missing is PAC, but not the end of the world either

well i have concerns now of sep being bypassed and i don't know the extent of the big

* well i have concerns now of sep being bypassed and i don't know the extent of the bug

SEP is very secure I wouldn't worry about them bypassing verified boot

i wouldn't mind staying on an iphone 8 plus(arm64) but i would like to have this jailbroken at all times cause i do jailbreak development and app development and i don't have a mac yet

checkm8 isn't that practical to pull off. Someone needs to take your phone, put it in DFU, and get it back to you and hope you don't reboot it

yeah i understand that, but the concerns above are the problem

well sounds like you know what you want it is just budget

imessages, access to apps, and jailbreaking

not so much access to apps

but maybe a little

i can live without snapchat and stuff if i have other apps, or even a phone number

jailbreaking is a security concern almost as bad as rooting Android

I would not recommend it

but i would prefer imessages

yeah that's why i would like a pixel or an se if they are not vulnerable to the sep bug or exploit

more so pixel cause i love android

yeah then get an iPhone and a used Pixel(for dev)

but the main concern is getting people to use signal or something

My PC from 2001 is not vulnerable to SEP pls buy it from me

there is no sep bug

that is a bootrom issue

It's collecting dust

and signal even seems to be having questionable decisions recently

even the iPhone 5s from 7 years ago the SEP is just fine. The iPhone 5 is the only one with the major checkm8 issues

cn3m: Jimmehh reminder that this is not iPhone chat

since no SEP

<cn3m[m] "there is no sep bug"> cn3m: no there is one from like as of today, checkra1n devs mentioned before but it's bing brought up WAY more today

<anupritaisno1[m] "My PC from 2001 is not vulnerabl"> I will give you 200

cents

<anupritaisno1[m] "cn3m: Jimmehh reminder that this"> yes but iphone vs pixel is a major thing i'd say, not trying to flood the chat. just trying to get some advice

<Jimmehh[m] "cn3m: no there is one from like "> right same goes for Titan M or anything

<Jimmehh[m] "yes but iphone vs pixel is a maj"> It is well covered is the point

you have your answer

Tbh both are overpriced bricks

you can't go wrong with either

Toss a coin

hmmm, maybe i'm too decisive

Buy whatever the coin says

i feel like i'll always pick the wrong decision

flip a coin yes

Regardless of what it says you'll be buying an overpriced brick so don't worry about it

<cn3m[m] "right same goes for Titan M or a"> titan m hasn't had any public vulnerabilities to my knowledge yet

well i think problem is means of communication

ios has imessages

android has well, signal that's about it

I like the pixel A series

i've had a hard time getting people to use signal

am i just too needy? lmao

the SEP and Titan M are both great either could fall but probably won't. Outside of 99% of people's threat models

Jimmehh: you probably should ask the offtopic chat this is not relevant anymore

ohhh thread model, good point. always forget that

you got everything you need to answer that question yourself

where's the off topic. mobile element is weird

always found it to be a pain to join other chats

especially find them

tbh your PC is way more insecure and less private than either of these phones. Neither would be a weakpoint. Just use what you want. GrapheneOS has more freedom

i actually don't have a pc as of now lol, but i understand

#freenode_#grapheneos-offtopic:matrix.org

cn3m: brb gonna deblob kernel

Will run it on my enemy's PC

thank you

<anupritaisno1[m] "cn3m: brb gonna deblob kernel "> add a little in the kernel instead

flappy bird kernel game

this has been something in the back of my head for a while tbh, that's why i ask so many stupid questions

i love android, but i wanna get in into ios development mainly

keep you 8 plus and play with Android in the development emulator(maybe build GrapheneOS)

see what you fall for

your iPhone 8 Plus is perfectly fine don't worry about checkm8 just reboot your device whenever you leave it unattended. That is always good advice though

well even going back to my old android(still gets custom rom support) i wanna switch lol

you can build and use GrapheneOS in a VM get a feel for it

mess around with Android dev

one of the main things about graphene that kind makes me not wanna switch is there is no "anti-theft" protection

but i understand why

it just isn't the goal of the project

anti theft is bullshit

I mean there is anti theft protection

i do only keep my phone in my hand or pocket though

it's herd immunity which is good, but no thief is going to know you don't have it

<anupritaisno1[m] "I mean there is anti theft prote"> i don't remember there being any or even any half anti theft protection

<Jimmehh[m] "i do only keep my phone in my ha"> Amateur

<Jimmehh[m] "i do only keep my phone in my ha"> keep your phone and spend your money on PC. If you want to be a dev you need a PC

this is just weird

you have a perfectly fine flagship from not too long ago and you have no PC and want to develop?

yeah i need a pc, i'm probably just gonna get a pinebook pro for the time being, it seems to be able to do anything i need and some

what?

and is quite affordable

i develop on my phone lol

as much as a hassle it is

I'd get a refurbished PC or maybe a used one

Speaking of anti-theft, how does iOS compare to GrapheneOS

and i can see how it limits and makes me unproductive

Thinkpad

<Jimmehh[m] "i develop on my phone lol"> that is just a bad idea

<za_vilfp8kn0pcyh "Speaking of anti-theft, how does"> don't worry about anti theft

at all

well thinkpad was a consideration, but i'd probably need to upgrade it either way so a pinebook pro seems fine for my needs

it is a misnomer

<cn3m[m] "that is just a bad idea"> it really is, but it works for now

search anti theft in the logs

anti theft is to destroy the value of the device. It doesn't help you. The theif has no idea you don't use it

makes no difference to him

don't have anything too major i'm working on besides an app, but i doubt imma finish it on my phone, i'll probably get a laptop before then

iOS technically has anti theft, but I don't use it

it is moot

<cn3m[m] "iOS technically has anti theft, "> If I remember correctly, you can also reformat iOS to factory

Right?

remotely ? yes

not bypassing the lock no

* If I remember correctly, you can also reformat iOS to factory defaults

anti theft is destroying the value of the device

Not even their recovery?

yeah if you have the passcode you can

that does no good for me

<za_vilfp8kn0pcyh "Not even their recovery?"> no the lock is permanent

you could recover but you'd still need a passcode

GrapheneOS tried it out once irrc, but people forgot their passwords and lost money.

iirc the passcode is stored on the device itself

not cloud

it is just a terrible idea

don't worry about it

Yeah that

so the passcode needs to match the last one entered or set on the device

<cn3m[m] "GrapheneOS tried it out once irr"> Whoa, alright. iOS parts is valuable anyways so yeah lol

it never gets wiped

no thief is going to know if you use it or not

it isn't going to stop him

don't use anti theft and don't ask for it

Yeah just curious tbh

that is kind true, and to think of about it no one would steal a pixel around here lmao

people only have iphones

it is fine on iOS or Stock Android but

you still run a risk

Kinda true lol

if you get locked out of your account(more of an Android concern)

<cn3m[m] "you still run a risk"> I'm all ears

anti theft is designed to destory the value of the device

that can happen to you

i think the only things i'd miss from ios is a few apps, mainly stardew valley and some music production apps like garageband and such

not to get too off track again

get an iPad and have a Pixel that is where I am at

you can even iMessage with your email address

i was thinking i could remake some apps, like this app called chordology, basically shows how to play chords for piano, guitar, and ukulele

and almost all positions for them

i have yet to find something like that for android or fdroid more specifically

<cn3m[m] "you can even iMessage with your "> android doesn't have an easy way to send them though, correct?

no

hmmm, that kinda sucks. like a lot lol

damnit apple

<cn3m[m] "that can happen to you"> In short, double-edged sword, got it

<Jimmehh[m] "damnit apple"> iMessage wouldn't work on Android even if they wanted it too iirc

why's that?

The whole number integration and how they do the crypto

It wouldn't be easy at least, probably impossible

to my knowledge i guess it's completely possible, but i've only read into the papers they have on it and looked into some of the headers for frameworks and the app

so idk

Not a feature request but how feasible is this to be translated on Android

* reddit.com/gallery/hw0gyi

Not a feature request but how feasible is this to have an equivalent implementatiom on Android

It feels like overhauling some SELinux policies (not sure) and having to restrict the storage permissions

i saw a mention in the channel that there's no fix for the pixel 4 XL flicker issues, well apart from whacking the brightness up to max

i guess i'll just use dark mode at night on high brightness

i should have done some more research before buying this this model for grapheneos

there was a mention of a fix in the R beta 2.5 release

cdesai: oh cool

that's good news

"The screen no longer flickers on some devices when the screen is set to a low brightness level. (Issue #156051413)"

i'll take a look

also does anyone use orbot on grapheneos ?

didn't work for me

i guess that's the apps fault and not grapheneos

s/apps/app's

moin

I am having a problem with my lycamobile sim, I cannot send sms

I can recive without problems, but can't send

any idea?

I have a Pixel 3a with the lastest

𝚐𝚘𝚗𝚣𝚊𝚕𝚘: Best thing to do in this instance is to contact your carrier's technical support and have them verify your SIM settings. Strangely I lost mine after a recent upgrade and had to do the same. I'm sure they'll help.

<x61[m] "I am having a problem with my ly"> is your phone carrier locked?

nop

there is a way to set the SMS gateway?

mh, maybe its your sim then, is it working otherwise on another phone'

they call it: Message Centre Number (MCN)

𝚐𝚘𝚗𝚣𝚊𝚕𝚘: By "SIM settings", I meant APN settings. It's late...🙂

plus I think anoter bug I found while trying to fix this, is if you modifiy an APN MCC and MNC it doesnt save the APN

<g65434-2[m] "mh, maybe its your sim then, is "> I dont have another to try, buut I could

chaology: I've been using orbot for years with GrapheneOS, generally without issues. When there has been problems its due to orbot. Try a different build.

Version.

Guess you may have problems if you are running it in VPN mode, while also running another app using androids VPN functionality

<dazinism "chaology: I've been using orbot "> I haven’t been able to run Tor from F-Droid, Aurora, nor the Android APK directly from the Tor website

Running the other app, which used VPN functionality, in another user or work profile

*which uses VPN functionality

I may have an apk that works for me...hang on.

Can also show you how to vetify

Would be very welcome, thank you

I am quite unexperienced in all this; just so you know xD

I'm running Windows 10 and I watchted Techlore's tutorial on YouTube, but his guide seemed pretty much the same as the official one

nope, Techlore's video is out of date

people keep coming here because of it

Oh sorry, I didn't know

Ok, does that mean you edited the `flash-all.bat` script?

to remove the version check

I did, because it kept saying fastboot was out-dated

the check was meant to prevent the exact scenario you currently have

have you tried entering fastboot mode on your phone?

and what device do you have

Pixel 3a

you can try getting to fastboot mode by powering off completely and press power + vol down keys

if you can get to fastboot we can try reflashing properly

I'm here now on my phone

It's in fastbood mode and the device state is currently locked

ok first we need to fix the environment on your pc

did you download and unzip the platform tools from google?

I did, yes

ok

<overheadscallop[ "nope, Techlore's video is out of"> Also use the new program that’s linked on the Graphene OS download website. The “simple” program from TechLore’s video gave me this issue too.

So open up a new powershell and navigate to the folder right above the unzipped platform tools folder

like `C\Downloads` if platform-tools is in there

* like `C:\Downloads` if platform-tools is in there

Done

enter `$env:Path = "$pwd\platform-tools;$env:Path"` into the powershell window

then try `fastboot --version` and please paste the entire output here

fastboot version 30.0.3-6597393

Installed as C:\Users\thoma\Desktop\platform-tools\fastboot.exe

ok very good

you can plug in your phone to the pc

and run `fastboot flashing unlock` in powershell

Confirm on my phone as usual, too?

yep

Done

ok, do you still have the zip file for the grapheneos factory image?

I would like you to delete the unzipped files you edited and unzip it again

to get a fresh version of the scripts

then in your powershell window you can navigate to the newly unzipped files and run the `flash-all.bat` script

It's going

I'm getting a fastbootd screen on my phone

"GraphenOS Fastboot"

don't do anything

Okay

wait until your powershell window says it's done

I'm waiting

it shouldn't take too long

It says "press any key to exit..."; this means it's done, yes?

yes

if your phone is in fastboot mode you can relock it now `fastboot flashing lock`

then try booting the phone normally

Now locked

Is it good to go? Can I press Start?

yeah

you'll get a yellow warning screen that the phone is loading a different OS, that's OK and expected

Jesus Christ it actually works

Thanks you sooo much

you're welcome

*Thank

might want to uninstall the "minimal adb" or whatever Techlore recommended installing

Yeah good idea, thanks

I've said it before and I'll say it again: this community is amazing

I thank you again and wish you a good day xx

Hope you enjoy the GOS experience

I'm sure I will

I'm over the moon, because I've been at it all day trying

this is a fairly common problem, I'm glad it didn't really take too long this time

the last time it took a couple hours to walk the person through

<tvg[m] "I'm over the moon, because I've "> Took me 12 hours until I figured out the error in my ways. I hear you brother 😭

oof

I followed a youtube video and it took me maybe 20min lol

chaology: RiotElement can definately get the latest orbot apk from github.com/guardianproject/orbot

And to verify hub.libranet.de/wiki/graphene-os/wi…i/Apps#Verifying_apk_files_and_apps

The github, Play & Guardian Project Fdroid repo versions are all signed with the same keys

I wouldnt advise using element app on android (at least from fdroid repo)

it gets slower and slower overtime until it freezes so you need to kill the app and launch it again

use riot.im app in the meantime

yeah riotx/element have been great so far

I have had the same experience with Element, it eventually freezes until you need to kill it

interesting. I haven't experienced that at all g65434-2

Yeah element starts to lag heavy then freezes for me also.

Think it may depend on how many rooms and how many other people in those rooms?

I mainly use minivector from Fdroid - riot.im with analytics and stuff stripped out (also no calls)

Sometimes it gets stuck on start screen when you reopen app though

Which can also be annoying.

Been meaning to try fluffy chat. They got their own Fdroid repo

No end to end encryption yet though, but maybe good for public rooms

Tried it, but ditched it since there's an annoying message about missing Play Services every single time the app starts, at a terrible spot for at least a few seconds.

I could handle that better than the app locking up just when you are in the middle of a quick fire conversation. Can be really annoying

dazinism: i tried fluffychat recently. not quite ready for usage, it bugs when trying to authenticate from a different client.

Sometimes i leave Riot.im / minivector to fetch a link to share and when I switch back it instantly dies then gets stuck on the startup screen for a very long time

dallemon: guess if end to end encryption isnt finished there is no point in authenticating?

Well it did show a prompt with emoji, just only 1 repeated several times

Going from what it says on the readme on github, dont know the state of development

Has there been any thought to adding some of the FLOSS projecs that are viewed as more essential to operation of a phone into GrapheneOS, or is it simply going to be more of a Pure AOSP experience allowing individual users to get the apps themselves

Just asking since the removal of the busted email app, as well as the fact that the Calendar app is also unusable because Google wants to make sure you get that GSM license and use their apps. And with Daniel now calling for a replacement for the Gallery app as well

Will we see the likes of K9-Mail, Konele, Flite TTS, Simple Calendar, Silence, etc included in a default install of GrapheneOS?

BalooRJ: There is a issue regarding making a GrapheneOS app store. But it is still far off as no one is working on it, too busy with the current things.

BalooRJ: check the log, Etar and some other apps use an incompatible license freenode.logbot.info/grapheneos/20200723#c4477212

so they can't be preinstalled

<BalooRJ "Will we see the likes of K9-Mail"> I doubt it. However you can roll your own builds with whatever you like.

but they can be distributed through a first-party app store

I see, so basically the GPLv3 license bars them from being included with the project overall

Defaut program to be included in GrapheneOS : F-Droid, Simple Calendar, Simple Gallery, K9Mail, Signal, Osmand, Open Camera, VLC, Bromite

dallemon: I don't mind using the F-Droid store, was just thinking in the context of maybe a more inexperienced user who doesn't know exactly which apps to get

overheadscallop: thanks for sending that link

yes, there's a lot to be done to make GOS easier to people to use

s/easier to/easier for/

I was just reading about that Tivoization clause

NewPipe (youtube)

Etc

makes sense that Daniel from a security perspective would want to be able to have a hardware manufacturer be allowed to lock the bootloader on a GrapheneOS device

Thanks for the info all

prisonplanet: Think I have almost every single one of those apps on my GrapheneOS phone, heh

Binary Eye, NotePad (on Fdroid), Element (Riot), GPSTest, KeepassDX, Scrambled Exif, Unit Converter, Your Local Weather (formidable widget)

Etc etc

I remember there being an issue with Your Local Weather during one of the previous updates with GrapheneOS and I deleted it, wonder if it got fixed

F-Droid has gotten just so much more expansive than even a few years ago

İt work perfeclty (i set refresh rate every 6h, no battery consumption at all)

I'll have to try it again

BalooRJ: a few of the apps you mentioned arent getting updates any more which is problematic. Apps need to be updated for security issues and to target the latest SDK

...make use of the new security and privacy features being introduced to AOSP

See hub.libranet.de/wiki/graphene-os/wiki/Apps for a load of info about apps

Yeah, I think the main one not getting updates is Flite TTS but I haven't found an alternative for a FLOSS TTS.

Silence as well has shaky development. Though I haven't used it in a while since it is not compatible with KDE Connect's SMS feature.

thanks for that link dazinism

Daniel also doesnt like the 'Simple' family of apps.

eg. The file manager giving the impression it can restrict access to files

When it cant really

<dazinism "Daniel also doesnt like the 'Sim"> İ use Simple Gallery which is very good and beautiful.opensource app

Any better gallery app recommanded ?

I mainly use the built in one

Not open source sadly but Google's gallery go is super nice

For security the best bet is to use the built in apps

Unless they are broken for the way you use them

Works ok for me

yeah the built in gallery I havent had a problem with so far, but apparently there is a glitch that causes it to freeze requiring a replacement

Have to open gallery app then images from there to edit them. Rather than from another app via gallery

There was another very good one called Camera Roll on F-Droid but I believed that was discontinued

there is also Leafpic I think it was called

hello

I'm running flash-all.sh on Linux for the Pixel 3a and fastboot appears to hang indefinitely on the flash bootloader command, but every other command in the flash-all script works, meaning that the phone now has everything but the updated bootloader. Is it safe to boot into GrapheneOS and then run a system OTA update to resolve this, or should I wait to resolve the issue flashing the newer bootloader?

"Fixed Dialling Numbers" in phone settings. What is this feature for?

Sorry thufie, didn't scroll down before posting.

and I am not qualified to answer but I would try the OTA update and use Attestation.app/Auditor, if something ain't right it should report

nevermind it seems that most of my USB ports were just bad, works now

<prisonplanet[m] "Any better gallery app recommand"> I have yet to find anything better than simple gallery, its very nice. I have their calculator and flashlight too, great stuff

<thufie[m] "nevermind it seems that most of "> great :)

nearly every problem i had was down to bad cable. eventually i took the hint and bought a high quality cable and stopped buying cheap junk, all went smoothly after that!

I was using the stock cable its just my laptop's usb ports are all cruddy I guess.

I've got that sweet GrapheneOS boot screen on my girlfriend's phone now though, so it worked!

<thufie[m] "I've got that sweet GrapheneOS b"> Gg

<thufie[m] "I've got that sweet GrapheneOS b"> pretty isn't it!

It is pretty

Good day guys

I'm planning to use shelter for my 2 non-foss apps and maybe aurora too. Any major drawbacks I should be aware of?

strcat how do I stop signal from restoring my chats

Protecting chats behind a pin is a bad idea

ura: Shelter didn't work well for me at all, not sure its still supported is it?

Island I heard was better alternative, or second user

I'll try island. Is that on fdroid?

<anupritaisno1[m] "strcat how do I stop signal from"> How about using Disappearing messages?

yes i think so

<brenneke[m] "How about using Disappearing mes"> Don't think that's a good workaround. I use it, but also wish I could stop it restoring chats

anupritaisno1: what do you mean restoring

But if they are disappeared than they can't restore right?

anupritaisno1: just don't use backups?

anupritaisno1: not really sure what you mean

the local encrypted backup feature uses a strong key

not a pin

<strcat[m] "anupritaisno1: just don't use ba"> You are right, just looked and there is a toggle for that.

strcat: signal app auto backup, encrypt with pin

island isn't on fdroid :/

dont see option turn off signal auto backup

rover1: no, it doesn't backup messages with that

that's contacts / groups / settings only and I recommend disabling it

<ura[m] "island isn't on fdroid :/"> Insular#

or setting a strong passphrase

* Insular

you're confused

oh

<rover1[m] "dont see option turn off signal "> Advanced, disable PIM

only the local backup feature which generates a strong key for you and has you write it down as a series of numbers backs up messages

* Advanced, disable PIN

insular aint on there either

<ura[m] "insular aint on there either"> Oh, didn't know. User profiles are more robust and recommended way of isolating apps.

But it still depends on user-case (esp. if you need notifs for multiple accounts)

or want convenience, reboot device after profile switch not most convenient

Still protects and slashes some attack vectors

start second guess which app can live without

Is iOS still the superior choice for the average dude? If not, what are the advantages of GrapheneOS?

<sikisoki[m] "Is iOS still the superior choice"> Precisely what I’ve been trying to decide on for the last few days 😭

Either is better than your PC setups

use what you want

app selection can go either way

pick off of that

that is it

if you want to develop and make GrapheneOS better please get a Pixel ;-P

ios more restrictive

<cn3m[m] "Either is better than your PC se"> Isn’t Linux Mint with Whonix or Tails the best for security and privacy? I typically hear that PC is more complete and secure than mobile

<rover1[m] "ios more restrictive"> which is good for privacy and security bad for freedom

<RiotElement[m] "Isn’t Linux Mint with Whonix or "> hell no

Linux Mint is probably the worst

<cn3m[m] "Either is better than your PC se"> Currently using Mac and QubesOS on desktop. Is mobile OS above desktop/laptop PC's?

GrapheneOS is much stronger than both

so is iOS obviously

if only grapheneos have desktop version

Windows 10 is pretty good if you make good use of WDAG, UWP, have core isolation, and use Windows Sandbox

> Linux Mint is probably the worst

Why is that so?

but no

<cn3m[m] "GrapheneOS is much stronger than"> Would you explain more? I thought QubesOS was the best OS out there right now and GrapheneOS I working towards something along those lines

we should switch to offtopic

#freenode_#grapheneos-offtopic:matrix.org

<sikisoki[m] "Is iOS still the superior choice"> usb c versus not standard connector

<sikisoki[m] "Would you explain more? I though"> Qubes is less secure than GrapheneOS. This is an on topic question so I will answer it here

I am curious...

First Qubes doesn't have verified boot. A compromise is permanent. Verified Boot + Remote attestation(this is important) will do very well on GrapheneOS

GrapheneOS has far fewer trusted parties

You trust Daniel building it on an offline machine and signing it. The only person with access to the final product

Are those chips in the pixels open as in source?

Qubes you trust everyone in the Fedora and Qubes repos which is a lot

<cn3m[m] "First Qubes doesn't have verifie"> Isn't verified boot only for physical attacks and not remote?

<cn3m[m] "You trust Daniel building it on "> But then again Graphene OS also has a lot less fewer eyes reviewing it than Linux, no?

Qubes also has very insecure guests(Desktop Linux is pretty terrible for security)

* > <@cn3m:privacytools.io> You trust Daniel building it on an offline machine and signing it. The only person with access to the final product

But then again Graphene OS also has a lot less fewer eyes reviewing it than Linux, no? (Linux has thousands of devs in its community)

<sikisoki[m] "Isn't verified boot only for phy"> no it is far more important for remote. If you get hacked the system rolls back

<RiotElement[m] "But then again Graphene OS also "> GrapheneOS is a very light patchset that is not changing AOSP really

<cn3m[m] "You trust Daniel building it on "> This is NOT an attack on Daniel. But is there ANY way to prove the code running on my device is the same he posted on GitHub?

it is essentially all additive on top

<sikisoki[m] "This is NOT an attack on Daniel."> Yes, built it yourself he makes everything open source. Even the attestation server

<cn3m[m] "First Qubes doesn't have verifie"> I'm not an expert so I'm not sure of the difference between the Verified boot and the Attestation done using HOTP in a Qubes + Heads installation. How is the former more secure?

or just trust him since he has stared down the military going after the keys before

<cn3m[m] "or just trust him since he has s"> What? Please explain

<justchill[m] "I'm not an expert so I'm not sur"> Verified boot on GrapheneOS is built from the ground with hardware and software working together. It is one of the best setups. Heads is not even close Qubes isn't designed for it either

<sikisoki[m] "What? Please explain"> CopperheadOS? The company sponsoring Daniel for a while tried to force him to turn over keys to the military for "auditing"

Daniel left and the project was renamed GrapheneOS

CopperheadOS as we know it is dead, and a scammer is hanging onto the name

<cn3m[m] "GrapheneOS is a very light patch"> Does this refer to its current state or future plans too? Assuming current development is about getting back to a certain standard before Copperhead died, it's still in the future plans to completely rework some elements of AOSP isn't it?

<hypokeimenon[m] "Does this refer to its current s"> From my understanding the goal is to stay pretty modular

makes development easier and less issues arise

the project adds a ton for security

without giving up much

the patchsets for linux-hardened and even the hardened_malloc "just work" on regular linux too

that is the goal

cn3m: you are so knowledgeable, are you a dev in the graphene is project? Excuse my personal question...

Qubes is a cool research project, but it is definitely not as secure as a Pixel

or an iPhone

justchill[m]: With respect to Verified boot, there's a big difference:

<cn3m[m] "Verified boot on GrapheneOS is b"> I've read this from experts before. I'm interested in why though. What points in particular would you say are the biggest differences from a security perspective? If the answer's too long to post here, could you point me at appropriate references?

<tencarsb[m] "cn3m: you are so knowledgeable, "> I am not, I just read a lot of research papers and have a background in breaking stuff(working in ad tech). Mobile is my specialty.

I like tinkering

Ok

Android Verified Boot uses the late stage Qualcomm bootloader (which, tada, is actually open source!) to ensure that the entire system image, kernel, system partition, all the privileged components of the operating system (all of them!) are bitwise identical and valid to the keys that signed them, which only your developers should own.

It does this every time the operating system boots.

<cn3m[m] "CopperheadOS? The company sponso"> I have read about the story, but never seen anyone mention the military.

<justchill[m] "I've read this from experts befo"> Yeah, Apple did a great talk on this actually. Behind iOS and MacOS security at BlackHat 2019. They talk about the differences in secure boot, T2 chip verified boot on macOS, and iOS verified boot. It is a decent primer

Apple is extremely good and trustworthy on verified boot

they even made their own secure by design filesystem to better support it

justchill[m]: Every time your Pixel 2 or a later reboots, what it will be doing is verifying the entire system image, to that digital signature, with the key set in the bootloader. If the signature doesn't match, then the bootloader will use parity blocks to try to revert the damage until it will.

Their research is excellent and Krstic is very knowledgeable

The breakdown between the current implementations on Windows and Linux vs how macOS does it are great. However do keep in mind Microsoft has the Secured Core PCs which are slightly better than the macOS verified boot. The video is a year old

still a good primer

This essentially removes persistence from the system partition and means that should someone find an exploit for your phone, root the operating system, and modify your system partition, as soon as you reboot the phone, those modifications will either A) be undone, or B) your phone will catch it, warn you that something's not right, and stop you from using an operating system that's been

modified beyond repair.

The thing to keep in mind with Android Verified Boot is if someone can get full access they can install accessibility services or device managers for effective spyware. Remote attestation with Auditor is effective at catching this

Use Auditor

use remote attestation

there is no reason not too

it is wonderful and my favorite GrapheneOS project

hands down

Pixel 3s and later (3a, 4 et al) utilize the hardware security module for doing this, which is a huge reduction of the attack surface with specially created hardware and presents less attack surface than the previous generation of devices, which just used a commercial off the shelf NXP smartcard chip.

Auditor is wonderful even without GrapheneOS

In general nothing will come close to GrapheneOS or iOS on PC. If you want something close you can do what I do and use a Pixel and an iPad(if you get a good setup it can do most of what a PC can for me)

<cn3m[m] "Yeah, Apple did a great talk on "> Thanks. I've found the relevant video on youtube. I'll definitely check it out!

but yeah definitely trust your GrapheneOS Pixel over your PC

x86 is not robust for verified boot

What cn3m[m] said. Even if we had some way to verify the boot partition, and even if we assume that this way of verifying the boot partition is secure and perfectly trustworthy...

definitely not paired with Linux Desktops

...the issue is that the chain of trust ends there because there's no further way to verify the system partition.

Will the shift to Arm help macOS I terms of verified boot

<hypokeimenon[m] "Will the shift to Arm help macOS"> 110%

Apple Silicon will have a better solution than Windows Secured Core PCs and less attack surface for sure

Simply slapping on Full Disk Encryption doesn't change that fact either, because even if you were to use an authenticated mode of encryption to prevent offline tampering, it doesn't end up being as robust as verified boot anyways because there's still no signature validation on the system partition anyways.

<cn3m[m] "The thing to keep in mind with A"> From my understanding, you need 2 android phones to use Auditor though. Also, wouldn't verified boot catch this? Or do you mean someone installing a different OS altogether and adding a different verified boot while they had physical access to the device?

<cn3m[m] "definitely not paired with Linux"> What about ChromeOS? Is it still the case that those random Mediatek chip Chromebooks are a better idea than a modern Pixelbook Go?

<justchill[m] "From my understanding, you need "> no verified boot doesn't check for accessibility

justchill[m]: If you don't have a second Android phone, you can use the GrapheneOS attestation server. You'll be trusting TLS, and the attestation server, and the device you use to display the audit data, but that's preferable to no attestation at all.

<cn3m[m] "no verified boot doesn't check f"> On a tangential note, will rebooting to Safe Mode help in undoing and removing the said accessibility/device admin app?

<hypokeimenon[m] "What about ChromeOS? Is it still"> ChromeOS is too locked down. iPad makes way more sense for a secure locked down device

<TheJollyRoger "justchill: If you don't have a s"> this ^

* On a tangential note, will rebooting to Safe Mode help in undoing and removing the said accessibility/device admin app, on the assumption some accessibility app has been installed unknowingly?

za_vilfp8kn0pcyh-tfcfvapg77a: think this is the state of things hub.libranet.de/wiki/graphene-os/wiki/Apps#Accessibility_services

* On a tangential note, will rebooting to Safe Mode (not sure how this works on GrapheneOS) help in undoing and removing the said accessibility/device admin app, on the assumption some accessibility app has been installed unknowingly?

Actually I've got a newer version of that info elsewhere....

The other problem is Xen is anything but defensively coded. It isn't even near the top

Xen is fine, but it is not ideal to rely entirely on

Qubes lacks defense in depth

Need to sort that out, link one to the other, so dont need to update both.

does the attestation need a second graphene os device or just android?

<rridley[m] "does the attestation need a seco"> ideally two, but 1 works

How can I verify my Graphene OS if I only have 1 Android and 1 iPhone? Is verification through PC complicated?

<dazinism "za_vilfp8kn0pcyh-tfcfvapg77a: th"> Nice, thanks

<dazinism "hub.libranet.de/wiki/and"> I did not know this wiki existed. Thanks for that.

OOC, is the wiki an unofficial one?

yes unofficial

the official sites are grapheneos.org and attestation.app

Is there a way to make keyboard shortcuts for Graphene OS? The personal dictionary setting doesn’t seem to for example autocorrect “gos” with “Graphene OS”

the seamless update site is now rolled into GrapheneOS site

* Is there a way to make keyboard shortcuts for Graphene OS? The personal dictionary setting doesn’t seem to for example autocorrect “gos” with “Graphene OS” when adding those terms

Are Aurora apps any less secure/private than their F-Droid counterparts?

<RiotElement[m] "Are Aurora apps any less secure/"> they are technically more secure

<RiotElement[m] "Are Aurora apps any less secure/"> Aurora is from my understanding just a way to install stuff available from the play store

F-Droid acts as a trusted third party.

for two reasons v2/v3 signing and distributed signing

apps are sandboxed

they don't need to share keys

it is actually bad

F-Droid security is a downgrade

<cn3m[m] "they are technically more secure"> Which one are you referring to by “they”?

Auror a

<cn3m[m] "F-Droid security is a downgrade "> Gotcha, never mind

Ideally for security you would use Google Play Store, but not compatible

Many of the apps on F-Droid as well end up lagging significantly behind upstream, and end up missing security patches. Not only that, but unless the app is built reproducibly /and/ uses the developer's signature, it's going to be signed with the F-Droid release keys, which are common to all the apps that F-Droid releases.

Do you guys recommend any way to use swipe on keyboard?

the auto updates, the distributed trust, and much higher security standard help a lot

On Distributed trust: the Android Security Model assumes that each app will be signed with its own developer's keys.

<TheJollyRoger "Many of the apps on F-Droid as w"> yeah you trust the devs to make the app you should trust them to build and sign them. Adding another party is questionable at best

In miniature: let's assume that Tom develops iChat, Dick develops MessageNow, and Harry develops the FacePage app.

<RiotElement[m] "Do you guys recommend any way to"> Any one of them. Just block network access.

<RiotElement[m] "Do you guys recommend any way to"> Gboard is good

No

<SchismXL[m] "Any one of them. Just block netw"> If you distrust the app that much that might not be a good solution

I've been told gboard is the best

Since Android will pin the certificates and assume that they won't change for the lifetime of the app, if you install iChat, MessageNow, and FacePage, this means that they'll trust Tom, Dick, and Harry's keys for only their respective apps on first contact.

So Tom can push updates for iChat, Dick can push updates for MessageNow, and Harry can push updates for FacePage.

TheJollyRoger: keys can change

anupritaisno1[m]: yeah?

Apk signature v3 allows you to change signing keys

he is talking about F-Droid but ofc

But Tom can't push updates for MessageNow or FacePage without compromising /both/ Dick and Harry's keys.

<cn3m[m] "If you distrust the app that muc"> True, but the option is there.

anupritaisno1[m]: ah I see.

Older schemes require you to sign with all the keys

<SchismXL[m] "True, but the option is there."> network permission is not robust enough if you fully distrust an app

<TheJollyRoger "But Tom can't push updates for M"> s/both/either

F-Droid undermines the Android security model in so many ways

Ok, lemme reword that: Tom can't push updates for both Messagenow and Facepage without compromising both Dick and Harry's Keys.

Handy bot.

the whole point of sandboxing is other apps are fully seperated. If F-Droid is compromised and you use it a lot you are toast

it is a single point of failure(which is good when that is an OS that is privileged) bad for deprivileged things like apps

Yeah. Since F-Droid bypasses Tom, Dick, and Harry at the same time and just serves their own build.

Do you compare F-Droid wirh aurora droid or with aurora store ?

<cn3m[m] "yeah you trust the devs to make "> I read in the linked wiki that Google has recently been asking devs to upload the signing keys and let Google sign on their behalf. Doesn't this add an extra required level of trust?

Which may or may not be up to date with upstream.

<justchill[m] "I read in the linked wiki that G"> yes, but you trust Google to build AOSP

justchill[m]: Not really. Individual developers can still choose to take charge of their own apps.

they are part of the trust model of your OS to some degree

<TheJollyRoger "justchill: Not really. Individua"> soon not anymore iirc

Aw that's a pity.

Google is part of the trust model or your system F-Droid is not

Is there a chat room where we can discuss general cyber security other than solely Graphene OS related?

<RiotElement[m] "Is there a chat room where we ca"> graphene off topic room might be up your street

<cn3m[m] "yes, but you trust Google to bui"> I see. I guess I misunderstood that a bit. In a GOS device, I was under the impression that we primarily trusted w.r.t. the hardware checks since we were using the GOS builds.

<pikey[m] "graphene off topic room might be"> Thanks!

You can discuss Fdroid here, right?

<justchill[m] "I see. I guess I misunderstood t"> s/trusted/trusted google

<justchill[m] "I see. I guess I misunderstood t"> Google writes code for almost everything and they build your device

<pikey[m] "graphene off topic room might be"> These are the only ones that come up

Google writes a lot of code for open source

it is essentially a given to trust them

#freenode_#grapheneos-offtopic:matrix.org

<ura[m] "You can discuss Fdroid here, rig"> kinda depends on the discussion really. since this room has all the brains in it (devs), i tend to think the off topic room is best place for general stuff, anything not specific to Graphene installation/usage issues and dev stuff. but thats just my opinion.

<RiotElement[m] "These are the only ones that com"> trying to get you a link but i am struggling! sec

matrix.to/#/#freenode_#grapheneos-offtopic:matrix.org this should do it

<cn3m[m] "matrix.to/#/#freenode_#g"> How did you get it to appear like that? When I clicked share room, the link I posted came up.

<justchill[m] "How did you get it to appear lik"> I copied the part of the url

and then pasted it here

it turned into a link I could copy as that

I have never ever had a problem with my VPN on graphene. I have it on since day one and 24/7/365

Though I have this huge issue with charging which was discussed here yesterday by someone. I thought it was my OEM charger yet I see it is not

<joshman[m] "I have never ever had a problem "> Which vpn do you use

VPN and hotspot are far superior stability wise on graphene than on iOS. It's a deal breaker for me

I use various. Nord, proton, express

I have no VPN troubles on GrapheneOS or iOS do I get a prize?

<joshman[m] "VPN and hotspot are far superior"> But since you have to choose, isn’t NetGuard preferable over using a VPN?

yes you get the VPN prize

Free pizza from pizza planet

a free life subscription to super fast private ultra vpn

But only if you buy a coke with it

<RiotElement[m] "But since you have to choose, is"> How do I do Switzerland, Sweden, Japan, Vietnam, Russia connections on netguard?

<interceptingfist "Which vpn do you use"> Mullvad. And thats because of wireguard on my router for the speed. On the phone I have absolutely no issues with it.

Or use tor? Not sure on the usecase

<RiotElement[m] "But since you have to choose, is"> NetGuard is terrible

use the default options

they are less bad

Exactly. Netguard is crap

Tor is irrelevant to vpn

<Metro[m] "Mullvad. And thats because of wi"> All the current tip services provide wireguard. Mulvad is not a unicorn

* All the current top VPN services provide wireguard. Mulvad is not a unicorn

Having vpn on a router is a limitation. I prefer on-device option. Full control

<cn3m[m] "use the default options"> So denying the “network permission” for an app in settings will do the same as denying its network and WiFi permission on NetGuard?

<RiotElement[m] "So denying the “network permissi"> much much stronger

It will do better

the network permission is not fully robust though

it is better than the alternatives

<cn3m[m] "the network permission is not fu"> If that’s the case, is it still a good idea to use Gboard?

<joshman[m] "Having vpn on a router is a limi"> Not sure I van agree, in this way I can place all my IOT behind the VPN. Damn difficult to do that individual.

<RiotElement[m] "If that’s the case, is it still "> Google is not malicious they won't try anything funky

<RiotElement[m] "If that’s the case, is it still "> I do use it. Daily. Truth is I doubt it leaks data through other

<Metro[m] "Not sure I van agree, in this wa"> My Android TV uses USA Netflix, my laptop is connecting through a country away from 14 eyes, my phone is in the country my banking app is from. How do you do all that with single IP address and how much data you are putting through this single basket full of eggs?

If I had to use one ip Id never paid for a vpn. Host your own on a server somewhere in Belize or Panama

* My Android TV is on USA Netflix, my laptop is connecting through a country away from 14 eyes, my phone is in the country my banking app is from. How do you do all that with single IP address and how much data you are putting through this single basket full of eggs?

* My Android TV is on USA Netflix, my laptop is connecting through a country away from 14 eyes, my phone is in the country my banking app is from. How do you do all that with a single IP address and how much data you are putting through this single basket full of eggs?

* My Android TV is on USA Netflix, my laptop is connecting through a country away from 14 eyes, my phone is in the country my banking app is from. How do you do all that with a single IP address and how much data are you putting through this single basket full of eggs?

<joshman[m] "My Android TV uses USA Netflix, "> With the 2000 people on the same server with the same IP I do not really care about that... 😀

<Metro[m] "With the 2000 people on the same"> Try to download a movie on a torrent tracker if you're from Germany than chances are you'll get a pretty fat ticket within few weeks

* Try to download a movie on a torrent tracker if you're from Germany chances are you'll get a pretty fat ticket within few weeks

Does anyone know how I can do this?

“vanadium can block ads if you use DoT via private DNS like adguard”

> <@userrioter:matrix.org> Does anyone know how I can do this?

> “vanadium can block ads if you use DoT via private DNS like adguard”

Network and internet, private DNS.

> <@userrioter:matrix.org> Does anyone know how I can do this?

> “vanadium can block ads if you use DoT via private DNS like adguard”

check the FAQ on adblocking

for AdGaurd you should set it to `dns.adguard.com`

<joshman[m] "Try to download a movie on a tor"> Just set up a Freifunk router from a community that still tunnels ;)

And help your neighbours in the process :D

<LinusSexTips[m]2 "for AdGaurd you should set it to"> I set it to adguard but YouTube on Vandium is still giving ads 😐

youtube is a special case

😭

for that you should use invidio.us

Brave used to block YT ads until yesterday

<RiotElement[m] "Brave used to block YT ads until"> brave bad

<LinusSexTips[m]2 "for that you should use invidio."> So that seems to be blocking ads but no full screen option and goes up to 720p.

Yes

You can use NewPipe too

NewPipe is awesome but has ads. The Only downside 😕

Oh really?

I thought it took them out

Invidio.US can play with 1080 just toggle resolution "dash" in the settings and now you can go up to full reaulution

Is it safe/good idea to get Firefox with hardening extensions on my admin profile or should I do that in a guest profile?

And as recommended for Windows, should I use a guest profile as a daily driver and leave Admin only for when I need it?

* And as is recommended for Windows, should I use a guest profile as a daily driver on Graphene OS and leave Admin only for when I need it?

<RiotElement[m] "NewPipe is awesome but has ads. "> I am using NewPipe and have not encounter a single ad. Don't really have any system ad blocker turn on when I use NewPipe.

Yeah I've never had ads

I’m not seeing any now. Maybe I mistook it for using Vanadium

<RiotElement[m] "Is it safe/good idea to get Fire"> Don't use Firefox for anything

<geritol[m] "Don't use Firefox for anything"> Why not?

And not even for PC browsing?

RiotElement: It is advisable not to due to browser fingerprinting.

What makes you unique is the extensions you use.

* RiotElement: It is not advisable to due to browser fingerprinting.

* RiotElement: It is not advisable due to browser fingerprinting.

Sorry and thanks for replies. Which vpn is not relevant. I have used a ton of them. Same connection issues whichever I use. Proton calyx mullvad pia air ... All same problems.

I now hear my relative who used graohene for several months but went back to iPhone recently had same issues which he only noticed by signal messages failing to send. That's the main problem i have too. Signal msgs seem to cause the issue or emails but only sending. Receiving seems fine as does browsing until either an email or signal msg gets 'stuck'. Then its like every app gets stuck in the pipe behind the stuck

outgoing email/SIG msg

Nobody else ever seen signal messages spinning and failing to send?

<RiotElement[m] "NewPipe is awesome but has ads. "> ?

I have never seen ads in newpipe either

get from fdroid or github

pikey yes, when connected thru a VPN with SMS-over-WiFi on Verizon, signal may not send until momentarily disconnecting VPN

Otherwise, Signal works well for me with a good data connection.

hello

Im newbie and Im having an issue installing the os in my phone

+ $version=fastboot --version; try { $verNum = $version[0].substring(17 ...

i could unlock it but when I try to execute flash-all.bat appears that error

im using last version of platform tools

30.0.3

someone could help me please?

what os are you using on your pc

and did you follow any guide besides the official one

<larncat[m] "pikey yes, when connected thru a"> Thanks but I don't understand what "sms-over-wifi" means. I don't use WiFi at all. Only LTE.

windows 10 I follow all the steps correctly

What's the output of `fastboot --version` in powershell?

pikey sorry, my sharing wasn't directly related to your query.

fastboot version 30.0.3-6597393

does it state where it's installed too?

If that's the version and in your path I'm not sure why the flash-all script is failing

is there a specific error when you run it

how i see if its in my path?

im not sure

$env:Path = "$pwd\platform-tools;$env:Path" this is not working

`echo $path` I think

$path say that

I don't think it's a good idea to run`$env:Path = "$pwd\platform-tools;$env:Path"` more than once

so platform tools is in your path already, ok

What's the specific error when you run the `flash-all.bat` script?

wait

+ CategoryInfo: ObjectNotFound: (fastboot: String) [], CommandNotFoundException

yeah, running the command to change the path more than once might've broken something

try closing your current powershell and opening a new one

then add the platform tools folder back to the path

or reboot

ok wait please

actually I think to reset the environment it would be better to log off or reboot the pc

thanks I will try and come back now