-
strcat[m]
also going to be trying out DeskClock from master in the development branch - not sure if it even builds, we'll have to see
-
strcat[m]
but the app is being very actively developed in master and was rewritten in Kotlin
-
Bramble
The audio on my pixel 3 with GrapheneOS on it only plays through the phones speakers even when I plug in my wired earbuds
-
Bramble
didn't mean to do that
-
Bramble
can anyone help me
-
strcat
btw doing a substantial change to AttestationServer will be down for a bit
-
strcat
and worse case scenario I made a backup of the current state (right now) and can roll back to that
-
strcat[m]
alright updating clock app seems to work
-
strcat[m]
might have new bugs
-
ricky19
Hey I'm guessing this happens a lot
-
ricky19
Wondering if the pixel 4a will be supported Soon?
-
ricky19
P.s not gone on irc in years
-
ricky19
Discord these days it's like slack but better
-
strcat[m]
updating Clock app doesn't seem like it will turn out well so not doing that
-
strcat[m]
causes more problems
-
Sourcream61[m]
Does anyone here recommend making a second profile for downloading apps with trackers like from Aurora store?
-
Resynth[m]
<strcat[m] "btw next release will re-enable "> Oh my fucking god I love you
-
Sheru[m]
Lol, maybe it just happens to belong to the same code with Logout
-
strcat[m]
you can already just take them with power + vol down right now, or use screenshot button in recent apps
-
strcat[m]
Sheru: not really but they are both global action dialog things
-
strcat[m]
logout also shows up on lockscreen
-
strcat[m]
AOSP still supports the screenshot option in the global actions dialog
-
strcat[m]
was just disabled by default because they expect people to use gesture navigation
-
strcat[m]
where you swipe up and there's a button
-
strcat[m]
to screenshot
-
strcat[m]
(full gesture navigation, not 2 button navigation)
-
Sheru[m]
<strcat[m] "updating Clock app doesn't seem "> That's unfortunate, was weirded out on SDK min greater than target SDK (on DeskClock)
-
strcat[m]
they're separate things
-
Sheru[m]
<strcat[m] "logout also shows up on lockscre"> Wondering how will that appear on holding power button now there are more than three buttons there by default
-
strcat[m]
the reason for one issue with deskclock
-
strcat[m]
is that a bot sabotaged it
-
strcat[m]
the guy who worked on it wanted to land a fix for Android 11
-
strcat[m]
but the bot kept reverting it wrongly
-
strcat[m]
-
strcat[m]
look
-
strcat[m]
stupid fucking bot
-
strcat[m]
anyway I applied that fix
-
strcat[m]
it builds fine
-
strcat[m]
'Automerger Merge Worker <android-build-automerger-merge-worker⊙sgc> '
-
strcat[m]
-
strcat[m]
easier to see here
-
Sheru[m]
That was some weird series of commit and revert
-
strcat[m]
Sheru: the bot was reverting it
-
strcat[m]
so it didn't ship as intended
-
strcat[m]
bot was broken
-
strcat
ideally we could just drop in a compatible, up-to-date gallery app
-
strcat
but I don't see any option available
-
strcat
could get desperate and use the CAF one
-
gofigga[m]
Is there a way to disable the screen from turning on when i plug in the phone to charge?
-
renlord
gofigga[m]: yes, you turn it off
-
gofigga[m]
<renlord "gofigga: yes, you turn it off"> Ah forgot about that extra step. Thanks
-
» renlord chuckles
-
broda721[m]
Is there a way to block a certain domain system-wide? Like how on iOs you can block certain domains from opening on any app
-
broda721[m]
Or would I have to install an app such as Netguard
-
renlord
broda721[m]: not really, netguard doesnt work properly
-
renlord
best to delegate to your DNS provider via private DNS mode
-
sphinxcat[m]
<broda721[m] "Is there a way to block a certai"> seems like a planned feature:
GrapheneOS/os_issue_tracker #184
-
Sheru[m]
<sphinxcat[m] "seems like a planned feature: ht"> Low-priority tbh
-
Sheru[m]
Well, nextDNS as DNS over TLS is the closest one can achieve it anyways
-
Sheru[m]
Some improvements/control/convenience in multiple users is more useful and feasible
-
bbqcore[m]
Hi I see hardened_malloc is available for Linux
-
bbqcore[m]
What would be the benefits of installing it on my main computer for daily browsing etc?
-
renlord
bbqcore[m]: using libhardened_malloc is part of security hardening
-
renlord
say the program buffer overflows but does not error out, libhardened_malloc catches it and causes it to error out instead
-
renlord
*does not error out using a std allocator
-
renlord
not erroring out can have unintended side effects which may (not) have security implications down the track
-
bbqcore[m]
renlord: hardened_malloc is available in AUR on Manjaro
-
bbqcore[m]
I can install it to enhance security on a normal computer?
-
renlord[m]
Sure.
-
renlord[m]
I think it's in the community repo in arch now.
-
bbqcore[m]
ERROR: One or more PGP signatures could not be verified!
-
bbqcore[m]
Failed to build hardened_malloc
-
renlord[m]
Report to the aur package maintainer.
-
renlord[m]
Neither of us maintain it.
-
bbqcore[m]
Ok how will this affect performance?
-
renlord
bbqcore[m]: i dont think you will notice until you ran perf benchmarks
-
renlord
and those % differences dont necessarily translate to degradation in perceived UX.
-
renlord
all in all "how will this affect performance" is a bad question to ask
-
renlord
unless you have a very specific usecase
-
bbqcore[m]
just wondering if there's any use in running it on daily rig
-
renlord
the degradation in perceived UX will probably stem from insecure software breaking down more than usual
-
renlord
but thats not hardened_malloc's fault, rather its the software vendor's
-
renlord
lol
-
bbqcore[m]
sounds like a good thing
-
renlord
bbqcore[m]: if it sounds good to you then run it!
-
renlord
hehe
-
bbqcore[m]
will do once PGP is fixed :)
-
madaidan[m]
IME of using hardened_malloc on Arch systemwide, it has a hefty performance loss unless you disable some of the more expensive security features.
-
anupritaisno1[m4
-
pikey[m]
Since last update PIA VPN keeps disconnecting. Not a big deal as I just reconnect but just wondered if anyone else has VPN disconnect issues
-
renlord
anupritaisno1[m4:
-
renlord
when you say titan m is broken, what sort of symptoms are we looking at?
-
renlord
does not being able to write to the filesystem count?
-
renlord
system_server not being able to write to the fs btw.
-
redu321[m]
Is there a good privacy friendly way to hide pictures or other files on your phone? Maybe a open source app or something?
-
renlord
redu321[m]: scoped storage and put it behind a passphrase
-
renlord
i.e. nextcloud
-
redu321[m]
<renlord "redu321: scoped storage and put "> on F-droid?
-
renlord
i think so
-
renlord
i dont use fdroid
-
redu321[m]
<renlord "i think so"> Tnx i will have a look.
-
redu321[m]
Alls stored on your phone no cloud right?
-
renlord
maybe a separate user profile
-
dontdisturbme[m]
Can anyone confirm gcam is workable up to v7.4 with gcam service provider?
-
jacktheclipper[m
<redu321[m] "Is there a good privacy friendly"> If you want to _hide_ it: Simple Gallery > Hide Folder. If you want to _encrypt_ it: EDS Lite
-
jacktheclipper[m
Both apps can be found on F-droid.
-
redu321[m]
<jacktheclipper[m "Both apps can be found on F-droi"> tnxx
-
Lckdyspl7[m]
<dontdisturbme[m] "Can anyone confirm gcam is worka"> Yup
-
dontdisturbme[m]
<Lckdyspl7[m] "Yup"> appreciate it as I couldn't get it to work before on 7.5. Wasn't aware of it. Thank you for confirmation. Appreciate it
-
dontdisturbme[m]
> <@lickidysplit-ptio:privacytools.io> Yup
-
dontdisturbme[m]
* appreciate it as I couldn't get it to work before on 7.5. Wasn't aware of it. Thank you for confirmation
-
captain_nem0[m]
Hi guys I need some help with flashing the rom on my Pixel 3a
-
captain_nem0[m]
I posted on reddit but automod told me to come here
-
captain_nem0[m]
-
captain_nem0[m]
Any help would be nice
-
mrxx_0[m]
<captain_nem0[m] "
reddit.com/r/Graphen"> I don't see the picture on reddit, you posted something else with the title ?
-
maddo
Hello, I wanted to buy a pixel device, I can technically wait a few months so I wanted to ask: should I buy the 4 now or should I wait for 4a/5 support coming?
-
maddo
I understand graphene is supported by volunteers and so on, I'm no android expert unfortunately, so just from a consumer perspective is it worth the wait? (5G isn't coming here for at least 4-5 years and I don't see any hardware advancements except screen on the 5)
-
maddo
also another info (again I'm no android expert): I've read that grapheneOS doesn't bundle play services or its "foss implementation" microG, how does it handle notifications?
-
kopolee11[m]
<maddo "also another info (again I'm no "> To answer this question, apps can use their own notification system not reliant on Google Play Services. If an app is in F-Droid or it's marked as "GSF Independent" in the Aurora Store then it will generally work. (I'm not qualified to say how it works exactly)
-
kopolee11[m]
* To answer this question, apps can use their own notification system not reliant on Google Play Services. If an app is in F-Droid or it's marked as "GSF Independent" in the Aurora Store then it will generally work. (I'm not qualified to say how it works exactly)
-
kopolee11[m]
Even some apps that rely on GSF notifications will work without it, due to using a fallback if GSF is not detected. Signal and WhatsApp are notable examples of that. You may have to have "not optimized" battery options enabled however.
-
kopolee11[m]
And of course other apps will work in general, but not have notifications working. Slack is an example of that.
-
bbqcore[m]
anupritaisno1: is the AUR maintainer in here?
-
maddo
kopolee11[m]: whatsapp notifications don't really work on my smartphone and I have microG right now, how can they work without anything?
-
maddo
(unfortunately, my family refuses to switch over to anything else)
-
telum[m]
Some apps just need to run in the background, and will give notifications. I.e. Signal, Tutanota, etc.
-
telum[m]
Takes a bit more battery, but consumption is good overall on GOS anyways.
-
kopolee11[m]
<maddo "kopolee11: whatsapp notification"> I don't use WhatsApp, but I believe it's supposed to work without GSF. However if you have microG running it won't use the failback method, instead it will try to use the GSF method.
-
maddo
thank you, any suggestion on my other question?
-
anupritaisno1[m4
<bbqcore[m] "anupritaisno1: is the AUR mainta"> For?
-
bbqcore[m]
<anupritaisno1[m4 "For?"> hardened_malloc
-
anupritaisno1[m4
Why
-
bbqcore[m]
PGP key error when trying to install
-
anupritaisno1[m4
Normal
-
anupritaisno1[m4
The keyserver used by default is broken
-
-
mpelley[m]
Is it appropriate to copy my large post from Reddit here? The bot sent me here.
-
nscnt
maddo: What's your goal? If you want to use GrapheneOS now, the Pixel 4 is your best bet. There's no guarantee that GrapheneOS will be supported on the Pixel 4a or 5 as long as no one is working for it. However, I think anupritaisno1[m4 is working on test builds for the 4a.
-
anupritaisno1[m4
[mpelley](
matrix.to/#/@mpelley:matrix.org) share upon this chat a fragment pointing to this information you wish for us to seek
-
anupritaisno1[m4
Translation: link to it
-
-
anupritaisno1[m4
-
BalooRJ
yeah I'm not seeing anything either
-
nscnt
c:
-
mpelley[m]
._.
-
nscnt
Maybe the post is too large to load /s
-
-
mpelley[m]
No one see's this?
-
nscnt
No. I can't even find the post in the sub, just with your link to it (without any content)
-
anupritaisno1[m4
mpelley: yes it doesn't cover one thing
-
anupritaisno1[m4
User stupidity
-
mpelley[m]
Thank you for the quick answer :)
-
anupritaisno1[m4
I'm serious
-
anupritaisno1[m4
Nothing stops the user from installing spyware themselves
-
maddo
nscnt: my goal is actually simply replacing my current phone. I have a s7e, which is starting to feel old and sluggish (and could use a new battery), I wanted something that would last quite a while. I'm no phone gamer, I only use a phone for basic needs (browsing the web, chatting and some banking apps that require 2FA)
-
maddo
nothing more
-
captain_nem0[m]
<mrxx_0[m] "I don't see the picture on reddi">
imgur.com/a/ZPnL6fc
-
anupritaisno1[m4
And nothing stops them from flashing something else that isn't graphene
-
maddo
tho I have a bank app that I'd like to see if it works at all without microG (a notification is send for accessing the web page on pc)
-
anupritaisno1[m4
Most mistakes happen because users don't read the usage guide on the website
-
mpelley[m]
<anupritaisno1[m4 "Nothing stops the user from inst"> I believe you, and I hope the user base for GrapheneOS is a little more intelligent than that 😅
-
nscnt
mpelley[m]: A home server is practically opening a door in your home network. I wouldn't like to deal with it, but if you feel competent enough for it go for it
-
nscnt
uh oh offtopic sorry
-
nscnt
mpelley[m]: We have a #graphene-offtopic channel for such stuff if you care about it
-
mpelley[m]
<nscnt "mpelley: A home server is practi"> I appreciate the concern! I will definitely be doing mountains of research beforehand. In a previous life, I used to be familiar with pFSense, which I hope will be a skill I can use to make it work!
-
captain_nem0[m]
<mrxx_0[m] "I don't see the picture on reddi"> is the imgur link not showing up?
-
mpelley[m]
<nscnt "mpelley: We have a #graphene-off"> Oops, I will go there!
-
Sheru[m]
<mpelley[m] "post.png"> These questions can be mostly answered in either grapheneos.org/faq or grapheneos.org/usage
-
mpelley[m]
Thank you Sheru, I'm familiar with the FAQ - however I wanted to ask the question to be sure I had the proper answer, since I couldn't find it on the FAQ (I probably missed it)
-
nscnt
maddo: Same for you, @ the offtopic channel. We could figure out e.g. whether your banking app works under GrapheneOS.
-
captain_nem0[m]
<mrxx_0[m] "I don't see the picture on reddi">
imgur.com/a/dXvkf5M
-
maddo
nscnt: thank you
-
maddo
nscnt: is it on irc?
-
nscnt
maddo: Yes, it's on irc
-
maddo
#graphene-offtopic?
-
zachmartin[m]
New user here. Surprised you aren't hosting your own home server.
-
zachmartin[m]
Just got Pixel 3a running Graphene and like it so far.
-
zachmartin[m]
Can FB and Instagram still get your location data when only on cell service?
-
jpds
zachmartin[m]: You can block an app's access to location services, but they'd probably just infer it from your IP
-
zachmartin[m]
jpds okay, I have denied location for all apps, as well as background data, and am running always on VPN. Have also changed DNS to Cloudflare although I think that's default now.
-
zachmartin[m]
What is the difference in "Sensors" and "Location" in permissions? They both have the same location symbol.
-
jpds
I believe sensors covers things like the compass, gyroscope, etc
-
fomijafi[m]
zachmartin: DNS default is network-provided with a fallback to cloudflare. So, if you're on a VPN, DNS would be provided by the VPN provider by default. I believe leaving that is recommended to reduce hands in the pot.
-
zachmartin[m]
<fomijafi[m] "zachmartin: DNS default is netwo"> Okay, thanks, wasn't sure ProtonVPN used their own DNS server by default.
-
zachmartin[m]
<jpds "I believe sensors covers things "> Okay, def denying that
-
norwegian-keys
hello folks! i'm typing on a norwegian keyboard using the included grapheneos keyboard, but i am getting red lines below almost every single word and when i click them, english suggestions appear
-
norwegian-keys
relly annoying stuff. i've tried turning off correction and suggestion but to no avail
-
norwegian-keys
any suggestions as to what i should do?
-
tipsyturtle[m]
In the Language and Input settings, under advanced, there is an option for AOSP spell checking - maybe turning that off will work?
-
norwegian-keys
thanks, that did the job!
-
norwegian-keys
btw, on my old 1st gen pixel (using the stock google os), dark mode turned the backgrounds on most of my apps to complete black (#000) which i think looks quite nice on the amoled display. however on my pixel 3a on grapheneos, the dark mode only turns my display a dark gray. is there any way to make it completely black like on my old pixel?
-
arept
hey, just got my pixel 4a.
-
arept
went into the settings, toggled developer etc but oem unlocking was greyed out
-
arept
i know graphene isnt supported yet but if oem unlocking is greyed out im not able to ever install right?
-
arept
is google locking by default now?
-
strcat[m]
arept: make sure it's not a Verizon model
-
strcat[m]
no, they aren't
-
strcat[m]
unless you bought a Verizon model you can unlock it
-
strcat[m]
read what we say in the install guide
-
arept
pretty sure it isnt verizon
-
strcat[m]
so you can unlock it
-
ruski[m]
is it locked to a provider at all?
-
textmate
Whats the status on Pixel 4aÞ
-
textmate
?
-
arept
strcat[m]: oem is greyed out
-
strcat[m]
only a Verizon Pixel is bootloader locked
-
strcat[m]
arept: connect to the internet
-
arept
ooh
-
arept
do you have to be connected?
-
strcat[m]
arept: also look at the model of the phone
-
arept
i was offline if that is a problem
-
strcat[m]
arept: depends
-
strcat[m]
is this used
-
arept
no brand new pixel 4a
-
strcat[m]
just try connecting to the internet per
grapheneos.org/install
-
strcat[m]
not necessarily required
-
arept
oufff thank you man it works just had to connect to the internet was kinda worried thanks a lot dude
-
arept
now i just have to wait for the release
-
norwegian-keys
arept: sorry to say, it might be a while
-
Sheru[m]
Testers were wanted on 4a iirc
-
Sheru[m]
(Not sure about now)
-
zachmartin[m]
Going to get a 3a XL next
-
norwegian-keys
zachmartin[m]: is it expensive?
-
BalooRJ
Just a question for those more familiar with the project. What can you say to someone who is skeptical that there is Google firmware in the Pixel phone chips that can be accessed even with GrapheneOS loaded
-
engulf[m]
If you cannot trust the firmware provided (also by Qualcom etc.) and signed by Google you are kind of f**** as then you cannot trust the root certs either.
-
engulf[m]
Titan M is open source but its near to impossible to verify that its running the code
-
zachmartin[m]
<norwegian-keys "zachmartin: is it expensive?"> Found one on Craisglist for 200
-
JTL
> 11:54 <engulf[m]> Titan M is open source but its near to impossible to verify that its running the code
-
JTL
OTOH the "same" problem applies to older open source Yubikey's
-
» JTL sigh
-
engulf[m]
There are always at least few companies that you have to trust to some degree when it comes to computing
-
strcat[m]
BalooRJ: there are no open hardware phones, so your alternative is not using a phone
-
strcat[m]
or a computer in all likelihood - what are you going to use that's not 99% closed source hardware and firmware?
-
strcat[m]
there are some options but not x86 or arm
-
strcat[m]
and not a phone
-
anupritaisno1[m4
Are they secure though
-
anupritaisno1[m4
I'd assume those open architectures get audited a lot less
-
strcat[m]
BalooRJ: also just because something is closed source doesn't mean it's a black box - an ARM SoC is essentially a black box, but firmware for various peripherals, etc. can be inspected (although the hardware cannot really)
-
strcat[m]
anyway that applies to open source hardware too, you still trust the manufacturer as much as before
-
strcat[m]
you can't prove it really matches what it was supposed to be
-
strcat[m]
and as I said before, there are no open hardware phones
-
BalooRJ
Thanks very much, that's very helpful information.
-
strcat[m]
there are no open hardware ARM SoCs of course since it's a proprietary architecture
-
BalooRJ
NVidia owns the architecture at the moment I believe right?
-
strcat[m]
BalooRJ: and I don't know what firmware you're talking about anyway, it's a Qualcomm SoC device, the trusted party is primarily Qualcomm and the manufacturer of the phone (Foxconn)
-
strcat[m]
BalooRJ: I don't know if NVIDIA has actually acquired it yet, I doubt it
-
strcat[m]
that would all have to be approved by governments and go through that process
-
anupritaisno1[m4
Might be good if they do
-
engulf[m]
RISC-V is probably one to keep an eye on
-
anupritaisno1[m4
Nvidia had some good source releases for their phones AFAIK
-
strcat[m]
BalooRJ: peripheral components are not trusted by the SoC / OS in general, at least to the extent possible (i.e. a touchscreen is trusted to display the provided frames and provide input)
-
strcat[m]
BalooRJ: so for example the Titan M just provides specific features, it doesn't have any control beyond implementing the APIs it is supposed to implement
-
strcat[m]
and the way that's integrated into encryption uses it for additional security, it does not trust it or move responsibility to it
-
BalooRJ
that's also very good to know.
-
strcat[m]
it is used to add an extra feature (exponentially increasing delays for decryption attempts throttled by hardware with minimal attack surface and insider attack protection)
-
strcat[m]
suggest reading about it
-
strcat[m]
and the other APIs it implements (a more secure alternative to the traditional TEE-based keystore still used by most apps that use the keystore, etc.)
-
strcat[m]
BalooRJ: so you can be skeptical all you want but the end result of that is you can't use computers, or you accept that you trust the manufacturers of the devices to have not put in backdoors or whatever
-
BalooRJ
I am not skeptical myself, I was just touting the project and trying to defend it from critiques of "Well it runs on a Google Pixel anyway"
-
strcat[m]
GrapheneOS doesn't just run on Pixels
-
anupritaisno1[m4
Pixels are the only phones to actually satisfy many of the requirements
-
strcat[m]
it officially supports those because they offer the best privacy/security available from firmware/hardware other than an iPhone which does not support running another OS (without exploits, which doesn't count, since you won't be running it securely with the same hardware-based security features)
-
anupritaisno1[m4
Along with timely security patches
-
strcat[m]
BalooRJ: if people want to run it on another phone they are free to support that
-
strcat[m]
on the vast majority of phones it's not going to meet our standards and so there is no path to official support
-
BalooRJ
makes sense.
-
anupritaisno1[m4
BTW it doesn't work, spoilers
-
strcat[m]
we aren't going to support a device that chooses not to support alternative OSes securely, which is most of the devices that support installing another OS
-
anupritaisno1[m4
I've tried running graphene on many non pixels
-
anupritaisno1[m4
Most will barely boot
-
strcat[m]
they cut corners by not supporting hardware-based security with other OSes
-
strcat[m]
anupritaisno1: it will run fine on modern devices but that's not the problem
-
anupritaisno1[m4
Hardened malloc often kills almost every HAL on several xiaomis
-
strcat[m]
the problem is they aren't secure: they mostly don't provide proper security updates, and those that do have much weaker firmware/hardware privacy/security and force you to use the stock OS to get all the hardware-based security features
-
strcat[m]
anupritaisno1: bugs uncovered by hardened malloc and other mitigations are not really the main issue, that can be worked around
-
anupritaisno1[m4
<strcat[m] "anupritaisno1: bugs uncovered by"> How many will you work around?
-
strcat[m]
it's not really about # of bugs
-
strcat[m]
we're capable of temporarily using jemalloc for a process while fixing / reporting bugs in a process
-
strcat[m]
used to do that in several cases
-
strcat[m]
used to do that in several cases
-
zachmartin[m]
Does Graphene support the 90hz refresh rate on the Pixe 4 XL? Just want to double check.
-
anupritaisno1[m4
-
TheLynx
hello everyone
-
broda721[m]
Hey
-
TheLynx
Just a short question tried (just for science) to run the Google Maps App from my GrapheneOS phone, since this app is just using the website under maps.google.com to get the routing information at the first start you just have to name the app a browser app and tahts it
-
TheLynx
nevertheless I cant cat it to get my current location when I give the app all permissions and activate the GPS function in the pull down menu
-
TheLynx
Than I realized that I cant use location services in any browser I'm using Not in Vandadium, Brmoite or Brave
-
TheLynx
does anybody has the same problem or a soulution for this?
-
strcat[m]
did you grant location permission to the browser and then to the site in the browser?
-
TheLynx
Both yes, but I will recheck it again
-
TheLynx
I use Vanadium only for google maps currently
-
xabi[m]
<TheLynx "does anybody has the same proble"> Have you tried native alpha? It now supports location for web apps
-
TheLynx
Native Alpha you mean the software branche`
-
TheLynx
Im just running the stable version of grapheneos
-
zachmartin[m]1
<zachmartin[m]1 "Vanadium > DDG ?"> Why funny xabi ?
-
zachmartin[m]1
Trying to learn more about it
-
TheLynx
Hmm, checked everything again sould work other apps have access to the my current location as well
-
xabi[m]
Vanadium is good enough, i dont see anything i need on ddg browser, that is my particular case
-
TheLynx
Hmm, checked everything again sould work other apps have access to the my current location as well. But I cant get the bowoser to get my location from the gps
-
TheLynx
The ring does not start swirling on maps.google.com
-
xabi[m]
<TheLynx "Native Alpha you mean the softwa">
github.com/cylonid/NativeAlphaForAndroid. This app works like creating a web app in desktop from chromium based browsers but it includes granular permisions for different sites/webapps. They added location setting recently
-
zachmartin[m]1
<xabi[m] "Vanadium is good enough, i dont "> Okay, thanks. *uninstalling ddg* lol
-
zachmartin[m]1
I only used of previously bc I wanted incognito keyboard
-
xabi[m]
<zachmartin[m]1 "Okay, thanks. *uninstalling ddg*"> Its my personal opinion, less layers is better if you can live without them. You can use ddg from vanadium anyway.
-
zachmartin[m]1
Okay, I'll keep ddg as the default search engine.
-
TheLynx
xabi[m]: Thanks for the tip sounds nice. But still, why is it not possible to get your location in vanadium or other browers
-
TheLynx
?
-
Solaslux[m]
Hi everyone. I looked at the os-issue tracker and didn't see my problem there. Is this an okay place to ask a question about a problem?
-
TheLynx
The funny thing this only affects browes in other apps it is absolute no problem to get the location. I also checked the site settings and the search settings and unblocked google in vanadium
-
TheLynx
*browsers
-
strcat[m]
xabi: Chromium already includes granular permissions - not sure why you'd need another app for that
-
xabi[m]
<strcat[m] "xabi: Chromium already includes "> Do settings inside chromium stick when you create a shortcut "webapp"?
-
-
strcat
xabi[m]: it works the same as it always does
-
strcat
xabi[m]: you do not need some third party webview-based app to control permissions for web sites
-
strcat
that doesn't make sense
-
xabi[m]
Good to know! Tried google maps and location doesn't work anyway
-
strcat
you seem to have a misunderstanding about what 'add to home screen' does in Chromium-based browsers
-
strcat
it doesn't magically grant them permissions
-
strcat
they aren't really an app the browser just presents them as one
-
strcat
it's still within the browser and all the usual things apply
-
strcat
if you clear browser cookies your cookies in that pinned web app will be gone
-
strcat
it doesn't change how things work
-
strcat
it just changes how it is presented
-
xabi[m]
Doesn't using the webview separate the cookies from normal browser?
-
strcat
the webview is a different thing than the browser
-
strcat
webview is a per-app library/widget
-
strcat
it is an implementation detail if it uses the same browser engine
-
strcat
and btw in GrapheneOS for Android 11 we are not yet providing a Vanadium-based WebView until Chromium 86
-
strcat
and the WebView is not quite as secure as the browser, the sandbox it uses isn't quite as strong
-
xabi[m]
I don't need to wipe cookies and logins from amazon, Facebook, strava and Garmin connect but I don't like them with my browsing history
-
strcat
xabi[m]: web sites don't have access to your browsing history
-
strcat
anyway not really sure what you mean
-
xabi[m]
Ok, so leaving that app aside moving back to vanadium
-
strcat
you can use that if you want you just don't need it to control permissions per site, etc.
-
strcat
dunno why you'd think that
-
xabi[m]
I thought that vanadium webview was just as secure as browser
-
strcat
-
strcat
and also as I said we aren't currently using the Vanadium WebView until Chromium 86 which has official Android 11 support upstream
-
strcat
xabi[m]: WebView is also a widget/library for apps to use
-
strcat
xabi[m]: Vanadium has a per-site sandbox with isolation boundaries between sites
-
strcat
xabi[m]: WebView uses 1 sandboxed renderer per app, there's semantic-level separation between different WebViews if that is how they use them but there is still 1 sandboxed renderer process
-
strcat
in theory the WebView could have finer-grained sandboxing but the WebView works differently than the browser and it would have to be done in a way that doesn't break the way the WebView API works
-
xabi[m]
Read that sections before installing graphene, it s well explained and as a I see webview doesn't offer site isolation
-
strcat
xabi[m]: WebView is totally separate between 2 different apps using it
-
xabi[m]
I think that I need to read it every now and then not to get back to the old habits xD
-
strcat
but within the same app using it, it doesn't provide OS sandbox level separation between each WebView widget / each form of content rendered in it
-
strcat
and the WebView is not strictly for rendering web sites
-
strcat
it's up to the app how to use it and the rules that are in place
-
strcat
and they can expose their own APIs to the web content within it
-
sjekk-igjen
which could be a vulnerability?
-
strcat
so some apps use the WebView to implement a web browser, some use it to display a specific site
-
xabi[m]
I see, good to get things clear first hand
-
strcat
but others use it to render beyond just standard web content
-
xabi[m]
Thanks for the support
-
strcat
sjekk-igjen: sure an app is responsible for security of their code as always
-
strcat
they can expose whatever APIs they want to the WebView
-
strcat
there are various lints and decorators designed to prevent making mistakes but there is a limit to what that can do
-
strcat
ultimately up to developers to preserve a security boundary if there is supposed to be one
-
sjekk-igjen
strcat: can grapheneos attempt to enforce these boundaries in any way?
-
strcat
an app might choose to be implemented in HTML/CSS/JavaScript using the WebView and expose all the APIs it needs to that WebView instance
-
strcat
sjekk-igjen: I don't know what you mean
-
strcat
we don't know how apps are meant to be designed
-
sjekk-igjen
strcat: right
-
strcat
I don't see how we could improve this
-
sjekk-igjen
strcat: you'll have to forgive my ignorance, i'm not very experienced with mobile operating systems and app design i'm afraid
-
strcat
and even if we knew that the app was intending to treat the WebView as a security boundary, we can't automatically verify / change their code
-
strcat
sjekk-igjen: the WebView is a widget / library for apps to use for web content - not necessarily web sites, but web content in general
-
strcat
it's not really something specific to mobile
-
strcat
this is widely done on desktops, apps just provide their own copy of CEF or Electron which is not automatically updated as part of the OS, the difference here is that the OS provides a standard library for apps to use
-
strcat
and the standard library always uses the OS sandbox (unlike CEF / Electron where many applications disable it)
-
sjekk-igjen
ah, i understand. as long as developers has access to and can use this library, there is always the possibilty that something could go wrong
-
strcat
but it's still up to the app if they *want* the WebView to be a security boundary and it's up to them to choose what it can access
-
strcat
sjekk-igjen: well it's their code...
-
strcat
sjekk-igjen: we didn't write their app for them
-
sjekk-igjen
strcat: indeed
-
strcat
the OS doesn't know how they intend to use the library and doesn't have an understanding of what they are doing with it
-
strcat
if they really wanted they could bundle their own web rendering widget such as Mozilla's GeckoView
-
strcat
and then it's the app's responsibility to keep applying browser security updates every few weeks
-
anupritaisno1[m4
Hmmmmm sentient OSes
-
strcat
because they are the ones shipping it
-
strcat
and it's their responsibility not to disable security features (I don't think GeckoView has an OS sandbox anyway)
-
strcat
sjekk-igjen: the WebView is for web content in general - not just untrusted remote web sites
-
strcat
sjekk-igjen: it's common to use it only to load web assets from inside your apk and you can give the code running in it access to the app's files and content URIs it can access
-
sjekk-igjen
which could be as simple as an svg, right?
-
strcat
sjekk-igjen: it's just a portion of the app implemented via web standards
-
xabi[m]
Do you see scoped storage as a big improvement for android 11?
-
strcat
scoped storage was added with android 10
-
xabi[m]
Or is it more of a gimmick?
-
strcat
android 11 just adds some enhancements and makes it mandatory for API 30+
-
strcat
it's not a gimmick
-
xabi[m]
Good!
-
strcat
sjekk-igjen: an app can choose to use the WebView with a browser-like model, by default it doesn't have things like cookies, they have to set that up
-
xabi[m]
* Good! Android 11 makes it short of mandatory, right?
-
strcat
xabi[m]: it's mandatory for API 30+ as I said
-
strcat
Play Store currently requires new apps and app updates to use API 28+, but that becomes 29+ in a month
-
strcat
GrapheneOS shows a warning when launching an app targeting below API 28 for the first time (the stock OS shows the warning for apps below API 23)
-
strcat
it's up to you if you want to run apps targeting older API levels with weaker privacy/security restrictions
-
strcat
we don't disable support for it, that's your choice
-
strcat
F-Droid has a lot of legacy / poorly maintained apps targeting old API levels, they don't enforce a standard like the Play Store
-
strcat
an app developer cannot upload a new app or an update to an existing app to the Play Store targeting an API level below 28 (soon 29)
-
sjekk-igjen
I have gotten that warning for applications included with grapheneos
-
strcat
takes ~1.4 years for a newly launched API level (like 30) to become mandatory for the Play Store
-
anupritaisno1[m4
-
xabi[m]
When an app says that it was designed for an older version of android means that it
-
xabi[m]
Uses an older api?
-
anupritaisno1[m4
There's an selinux domain for 29 now
-
strcat
sjekk-igjen: because not all of the bundled apps are actively developed
-
strcat
some of them are just sample apps
-
strcat
so you might have a misunderstanding about the purpose and status of those bundled apps
-
strcat
if that surprises you
-
strcat
Gallery and Calendar are sample apps - you are not really supposed to use those
-
sjekk-igjen
i'm guessing the sample apps have been thoroughly checked for vulnerabilities then
-
strcat
they still receive security updates
-
sjekk-igjen
oh i see
-
strcat
they're sample apps, their purpose is primarily to be samples and to allow standard functionality to be tested
-
strcat
the expectation of AOSP is that we replace them
-
sjekk-igjen
but if i'm not mistaken you are in fact planning to replace them at some point, no?
-
strcat
look at the issue tracker
-
xabi[m]
I use stock gallery on some profiles, what do you recommend?
-
strcat
whatever your preferred gallery app is
-
strcat
I'm not going to make app recommendations on request
-
anupritaisno1[m4
No
-
anupritaisno1[m4
<sjekk-igjen "but if i'm not mistaken you are "> No
-
anupritaisno1[m4
With what could we replace them exactly?
-
strcat
if there was a decent Gallery app that was minimal, well maintained and had a suitable license for us to include we would have replaced it
-
xabi[m]
OK, something that doesn't come from tencent will be good enough xD
-
strcat
same goes for the Calendar app
-
strcat
not aware of anything we could use in either case right now
-
anupritaisno1[m4
There aren't enough people to do that
-
strcat
Etar is GPLv3, simple gallery is GPLv3, so neither is an option
-
anupritaisno1[m4
We can't use lineage's stuff either as they inject their sdk everywhere
-
xabi[m]
Is snapdragon gallery closed source?
-
strcat
and we can't just remove Calendar and Gallery because they provide standard functionality that is tested by the test suite
-
anupritaisno1[m4
And we don't want it
-
strcat
xabi[m]: no
-
strcat
xabi[m]: it's from far being minimal / security-focused, it does really crazy things
-
strcat
it isn't an unprivileged, normal app
-
strcat
it's a tech demo, really
-
strcat
like a lot of those CAF apps
-
strcat
it exists to demonstrate fancy hardware capabilities
-
strcat
it is not a good idea to actually use them
-
xabi[m]
Ah
-
xabi[m]
Got it from omnirom store
-
anupritaisno1[m4
>omnirom
-
xabi[m]
* Got it from omnirom store, moving back to camera roll. Idk if it s still updated
-
strcat
Snapdragon Gallery won't fully work without being built into the OS as a privileged app
-
strcat
and it's kinda insane
-
strcat
I looked at it a few days ago as a possible alternative to Gallery
-
strcat
and it's not
-
strcat
-
strcat
first of all, still targets API 23, that's horrible, you couldn't even upload that to the Play Store (requires 28+)
-
strcat
and the permissions it requires are insane
-
strcat
it has to be a privileged app built into the OS with whitelisted privileged permissions to get all that
-
anupritaisno1[m4
Gallery needs to write APN settings
-
strcat
it can't get it as a third party app
-
anupritaisno1[m4
Legit
-
strcat
yeah as I said
-
strcat
it's insane
-
strcat
it's a tech demo
-
boogaloo
anyone upfor helpingme flashmy google pixel 3? having a bunchof problems trying to actually flash graphene.
-
strcat
anupritaisno1[m4: LineageOS Gallery2 is this merged into the AOSP Gallery2 or something
-
strcat
anupritaisno1[m4: with their own changes on top
-
anupritaisno1[m4
-
strcat
I looked at that too
-
strcat
lol
-
sjekk-igjen
when looking for a gallery app, which properties should i consider?
-
strcat
they merged them together
-
strcat
I don't even know how they maintain that and merge upstream changes
-
boogaloo
anupritaisno1[m4: what do I do with that link?
-
strcat
anupritaisno1[m4: this gallery app supports stuff like streaming audio / video
-
boogaloo
anupritaisno1[m4: bit of a newb
-
strcat
the CAF one
-
anupritaisno1[m4
<strcat "I looked at that too"> Someone needs to just remove lineage sdk
-
anupritaisno1[m4
-
strcat
-
strcat
maybe it can do video calls or something? lol
-
anupritaisno1[m4
-
boogaloo
anupritaisno1[m4: thematrix.org one
-
strcat
it has integration into APNs
-
strcat
it's really weird
-
strcat
anyway I'd definitely avoid that insane Snapdragon Gallery app
-
strcat
Qualcomm likes making these apps as tech demos
-
strcat
they have bad usability, lots of outdated / legacy code, legacy API levels
-
strcat
just meant to demonstrate cool hardware capabilities etc
-
strcat
they are essentially another form of sample app meant to show off hardware capabilities and show how to use them
-
strcat
for other app devs
-
strcat
I think the idea is that a vendor would use this as a reference to make a Gallery app supporting some of those features as desired
-
anupritaisno1[m4
-
anupritaisno1[m4
Instead of all this bs
-
strcat
-
boogaloo
anupritaisno1[m4: I'min the bootloader on the phone, and trying to flash graphene on windows 10 (virtualbox), the script hangs and is just waiting for device (<waiting for devices>)
-
anupritaisno1[m4
Users should just go to their favorite place
-
strcat
-
strcat
covers this
-
anupritaisno1[m4
And get a gallery app they like
-
strcat
I don't see it as our responsibility to find the best in class app and bundle it
-
strcat
and then deal with problems it has
-
anupritaisno1[m4
End of story
-
anupritaisno1[m4
This is too irritating
-
anupritaisno1[m4
<boogaloo "anupritaisno1: I'min the bootloa"> Don't use virtualbox
-
boogaloo
my host is linux mint
-
boogaloo
anupritaisno1[m4: I tried the shell script but it doesn't work either
-
boogaloo
anupritaisno1[m4: both on linux and on thevm
-
anupritaisno1[m4
-
systemctl[m]
why are gplv3 not viable options?
-
anupritaisno1[m4
Just
-
anupritaisno1[m4
I can't do a remote session rn
-
systemctl[m]
* strcat: why are gplv3 not viable options?
-
anupritaisno1[m4
In the middle of testing and I have sensitive stuff in my clipboard. Passwords and so on
-
hitchhooker[m]
systemctl: it is not permissive license. If you use gpl3 in project everything has to be gpl3.
reddit.com/r/GrapheneOS/comments/bjixvu/comment/em8sjus
-
strcat
systemctl[m]: because GPLv3 has restrictions which forbid using GrapheneOS in ways we want to allow it to be used
-
strcat
systemctl[m]: GPLv3 would forbid taking GrapheneOS and making a locked down device with it
-
strcat
we don't want to forbid that, we want it to be permissively licensed
-
strcat
GPLv2 is fine, GPLv3 is not, we won't include any GPLv3 code in the OS
-
strcat
a GPLv3 tool that doesn't taint the OS with GPLv3 is fine but we would prefer permissively licensed tooling too
-
strcat
systemctl[m]: note that most of those apps are using GPLv3 because they want as restrictive of a license as possible while still being considered FOSS
-
strcat
systemctl[m]: lots like Etar were originally based on Apache 2 code and then made the license more restrictive in a way that it can no longer be used by the permissively licensed projects they started from
-
strcat
and BTW projects like OpenBSD consider even GPLv2 to be a non-free license, the definition varies based on who you ask
-
strcat
OpenBSD doesn't like Apache 2 either though
-
anupritaisno1[m4
-
strcat
that's fine
-
strcat
for us, GPLv2 is fine, but concerning, especially if they use "GPLv2 or later" since they might move to GPLv3 only
-
strcat
so if a project is GPLv2 or later, we would prefer to avoid that too, unless upstream is committed to not moving to GPLv3 only
-
strcat
because I don't want to bundle something and be cut off from updates
-
strcat
which BTW would have happened with simple gallery and etar
-
strcat
they switched their licenses to GPLv3
-
strcat
they were originally Apache 2
-
strcat
and since those 2 licenses are compatible they were able to just switch over for new releases without asking everyone for permission
-
boogaloo
Im trying to flash graphene on linux mint - I got the latest platform tools from android,but the script just says - that flashboot is too old????
-
strcat
make sure that's the fastboot you are using
-
strcat
follow the instructions in a single shell exactly as written there
-
wdnsdy[m]
verify your fastboot --version
-
strcat
run `which fastboot` and `fastboot --version` as it recommends
-
boogaloo
strcat: ah ok - it seems Im running fastboot version 1:8.1.0+r23-5ubuntu2
-
TheLynx
Question is a bit offtopic but for the whole channel what do you think about the brave browser? I guess it has less secuity becuase of the missing site isolation, but what do you think about the privacy features?
-
strcat
ask in #grapheneos-offtopic
-
TheLynx
ahh, didn't knew this # existed
-
strcat
boogaloo: there is no fastboot 8.1.0, that's a made up Ubuntu version and is super outdated
-
strcat
they took the AOSP android-8.1.0_r23 tag and built it from there - that's incredibly old, and AOSP OS releases are not the tags for platform-tools
-
strcat
i.e. they built that from out-of-date Android 8.1 code - Android is on Android 11...
-
wdnsdy[m]
unless you are on arch Linux, don't use android-tools from repos
-
TheLynx
Ok, but again to my issue with location services in browsers/Maps Go is this a known issue tha location services does not work in Vanadium?
-
boogaloo
strcat: ahh - bit rusty in linux. Its at ust/lib/android-sdk - I suppose I have to get the sh to usethe included version Idownloaded?
-
strcat
boogaloo: just follow the instructions from the top
-
strcat
exactly as they are provided there
-
strcat
it covers doing this
-
strcat
it covers getting up-to-date fastboot and setting PATH for the current shell
-
wdnsdy[m]
quite tiring to see always same problem, wouldnt happen if people actually knew how to read
-
TheLynx
wdnsdy[m]: I see, the installation manual is very well written and the installation quite easy...
-
strcat
we eventually want to have a web-based installer for people not familiar with CLI
-
strcat
but the CLI instructions do cover everything - if you run exactly the commands that are there it will work
-
strcat
on Linux distributions without proper udev rules for fastboot you can do those parts with root
-
louipc
:O
-
strcat
development branch is now based on the October update other than the kernels
-
strcat
still waiting for those tags to be available
-
louipc
i wonder how the heck web installer would work. sounds freaky
-
strcat
louipc: web usb
-
wdnsdy[m]
something like etcher then ?
-
strcat
-
strcat
-
strcat
it's supported by the Pixel 2 and later
-
strcat
WebUSB
-
louipc
omg why fffs
-
strcat
so we could have a grapheneos page like this that asks for WebUSB permission and then flashes GrapheneOS to a phone
-
strcat
for people that aren't verifying the signify signature it's no less secure
-
strcat
WebUSB asks you to grant permission to access a specific device to the site
-
louipc
oh what a tangled web we weave
-
boogaloo
strcat: Thanks - got it. :)
-
louipc
yea if it already exists why not i guess
-
strcat
this monthly update has a decent amount of non-security bug fixes
-
strcat
looking through them atm
-
anonymous821[m]
Hi all, I recently upgraded to RP1A.200720.009.2020.10.01.23. I am now noticing that I am always getting an sms like reminder for my alarm 30 mins prior to the actual scheduled time. Is there a way to turn this off? Also, at times the alarm does not trigger when it is supposed to. Most recently the alarm triggered 30 mins after the scheduled time (or anytime I unlock my phone after the scheduled time). Is anyone
-
anonymous821[m]
else having the same issue?
-
strcat
the Clock app got substantial updates in Android 11, it has some rough edges
-
renlord
anonymous821[m]: what does sms-like mean? a notification?
-
anonymous821[m]
Also, despite the upgrade, I am still not receiving sms alerts unless my phone is unlocked. Though sometimes I receive an sms alert,but delayed alert at a random time, sometimes a few mins, sometimes 10mins or even an hr.
-
strcat
will need to put in some work to address the issues
-
anonymous821[m]
<renlord "anonymous821: what does sms-like"> instead of the actual alarm beep, it is like an sms alert
-
renlord
anonymous821[m]: wew, i havent had that with my alarms.
-
renlord
can you set a soon-ish alarm and then collect some logs?
-
renlord
then create an issue?
-
anonymous821[m]
renlord: how do i generate the log?
-
anonymous821[m]
> <@freenode_renlord:matrix.org> anonymous821: what does sms-like mean? a notification?
-
anonymous821[m]
* instead of the actual alarm beep, it is like an sms alert tone
-
renlord
generate a bug report -- toggle in dev options
-
renlord
anonymous821[m]: can you check if that sms alert tone is your default notification jingle?
-
strcat
there are a few fixes for the Clock app in the upcoming release
-
strcat
more fixes are needed
-
strcat
we tried updating to the overhauled Clock app in master but that didn't work well
-
strcat
so we'll need to backport fixes or do them ourselves
-
strcat[m]
a lot of fixes are needed for the sample Gallery app, it's quite broken ATM
-
strcat[m]
DeskClock mostly works but has some rough edges atm
-
anonymous821[m]
renlord: sorry, can you pls guide me to navigate to the dev options section, and also the default notification jingle
-
renlord
strcat[m]: do you think it'd be a good idea to just expose 'capturing a bug report' in settings without toggling dev options?
-
strcat[m]
renlord: yes, and I think there's a way to add support for submitting them more easily
-
strcat[m]
something we have to look into at some point
-
renlord
anonymous821[m]: tap 10 times on phone info, until it says 'you're a developer'
-
renlord
pls turn off dev options when you're done
-
renlord
otherwise if you dont know what you're doing at all, just dont do it
-
lev[m]
<anonymous821[m] "Hi all, I recently upgraded to R"> oh dang, that happened to me too actually; I woke up before my alarm once and it sounded, but I later thought I'd just dreamed that
-
lev[m]
let me see if I can reproduce
-
strcat[m]
don't need to reproduce that the notifications make sound
-
strcat[m]
we know
-
strcat[m]
you can disable it manually, ideally it would be set up more sanely by default
-
lev[m]
notifications of an impending alarm?
-
strcat[m]
as I said, the Clock app had major changes in Android 11
-
strcat[m]
it has rough edges
-
strcat[m]
help wanted to fix those
-
lev[m]
maybe I've just never observed that behavior before, but that seemed strange
-
strcat[m]
lev: it makes notifications of impending alarms and since Android 11 it has sound by default
-
strcat[m]
we know
-
anonymous821[m]
<renlord "anonymous821: tap 10 times on ph"> i tapped "build number" and now a developer, how do i retrieve the logs for the alarm?
-
strcat[m]
you can figure out which channel is which and disable the sound
-
lev[m]
huh, interesting
-
strcat[m]
long press the notification and you can configure them
-
strcat[m]
if you press on the channels you can configure them
-
lev[m]
it's rare enough that it doesn't impact my life, but good to know it can be avoided
-
strcat[m]
as with other notifications
-
renlord
anonymous821[m]: 2nd option down -- bug report
-
strcat[m]
the way the notification channels are set up by default is annoying
-
renlord
anonymous821[m]: next time when it happens, push that
-
renlord
and generate an interactive report
-
strcat[m]
it was already annoying in Android 10 though, it's just more annoying now that more notifications make sound by default now
-
strcat[m]
only way that's going to change is if people submit clean patches to improve DeskClock
-
strcat[m]
the changes in the master branch can be used as a guide / reference
-
strcat[m]
when other downstream projects are finally using Android 11 we could share work on this kind of thing with them
-
strcat[m]
for now we're pretty much on our own
-
anonymous821[m]
<renlord "anonymous821: 2nd option down --"> how do i navigate this? is it in settings, or in the clock app itself?
-
renlord
anonymous821[m]: Settings > System > Developer Options > Bug Report
-
anonymous821[m]
renlord: i just dloaded it, where it it normally saved?
-
strcat[m]
we really don't need captured bug reports for the clock app
-
strcat[m]
we're aware of the issues already
-
strcat[m]
need development help
-
anonymous821[m]
ok
-
anonymous821[m]
i am also having issues with sms alerts as well, i do not receive them unless my phone is unlocked, though sometimes i receive delayed sms, can be a few mins to an hr
-
anonymous821[m]
it has been an issue since i started using grapheneos
-
strcat[m]
did you start using it when it was still based on Android 10? or more recently
-
anonymous821[m]
when it was still android 10 i think
-
anonymous821[m]
i have used it for a few months