close it fully and open the browser up again. i think that is how i did it.

anyone else having trouble verifying Platform Tools 30.05 in Linux? running echo '5be24ed897c7e061ba800bfa7b9ebb4b0f8958cc062f4b2202701e02f2725891 platform-tools_r30.0.4-linux.zip' | sha256sum -c

but getting: No such file or directory

Assuming this is because the command is for Platform Tools 30.04...

lol

Sorry new here is this not the right place to ask? should I just curl 30.04?

what distro you running?

Hey all, I just got a Pixel 4a, trying to install from PopOS. Getting an error: ./flash-all.sh: 22: [: Illegal number: 1:81

fastboot too old; please download the latest version at developer.android.com/studio/releases/platform-tools.html

I did install the latest version, so I'm unsure what may be causing the issue.

arch

(also very new to linux)

fastboot --version trevqr

and you should be able to install it from arch fine

<makingaliasesisa "fastboot --version trevqr "> fastboot version 1:8.1.0+r23-8

Arch Linux: android-tools provides fastboot and other useful tools not required for installation such as adb. android-udev provides udev rules allowing fastboot and adb to work in local sessions without root.

it may be this as well export PATH="$PWD/platform-tools:$PATH"

I ran into the same issue as trevqr[m], was attempting to update fastboot

because i think it is way too out of date 29.0.6 is atleast what you want

Can any P4XL owners verify this?

When toggle Airplane Mode, apps can still access internet. Whatsapp still able to send messages, Vanadium still can browse the web.

When phone is rebooted with Airplane mode On, mobile data is off and cannot be enabled (can enabled but no internet). Internet cannot be used. Have to reboot with Airplane Mode Off again in order to switch back on Mobile data.

name: for arch you can just install android-tools

and android-udev just in case

if you want to allow fastboot and adb to work in local sessions without root.

looks like a problem in the shell script

are you using bash?

...had the same problem, even after reinstalling android-tools

I would assume so? Using the default terminal for PopOS, but I'm relatively new to Linux

yeah popos uses bash by default

When I originally ran the adb/flashboot commands, it was unable to find them, so I just installed them manually. (sudo apt install flashboot). Dunno if that could be messing things up

And it's trying to use the flashboot I had installed

Which may be out of date

22: [: Illegal number: 1:81 is a script error

i don't think the apt ones are ever up to date

tbh I got it to boot by deleting line 22 in the shell script, but wanted to try to get it booted without messing with the script

as well tho

something about your shell is incompatible with the script

as far as i can tell

<name "tbh I got it to boot by deleting"> Were you also getting an out-of-date error as well? Did deleting the line mess anything up, or did it run okay?

Should I try to uninstall fastboot and just try to get it to run okay from the platform-tools? Unsure what to try

line 22 is this one aye?

> if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g' ) -ge 2802 ]; then

* line 22 is this one?

> if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/.//g' ) -ge 2802 ]; then

no it runs perfectly

in my script line 22 is: if ! [ $($(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g' ) -ge 2802 ]; then echo "fastboot too old; please download the latest version at developer.android.com/studio/releases/platform-tools.html"

which is the exact error I was getting, even though fastboot was up to date

Yeah, it's that for me as well. Haven't tried deleting it yet though because I don't want to mess anything up

It seems like it is just preventing it from running if fastboot is out of date though? So, if I verified it in a previous step, maybe it's okay to delete and run anyway?

do this command in shell $(which fastboot) --version | grep "version" | cut -c18-23 | sed 's/\.//g'

can you unistall the sudo apt'ed one

should give you a number

<louipc "do this command in shell $(which"> grep "version" | cut -c18-23 | sed 's/\.//g'

yeah mine gives 3004 for me

I just get a syntax error

<makingaliasesisa "can you unistall the sudo apt'ed"> Lemme try

yea if you get an error then you have some shell problem

maybe cut, or sed

greps probly ok

@name echo $SHELL

I get /bin/bash

Uninstalled fastboot, now get "fastboot not found; please download the latest version at developer.android.com/studio/releases/platform-tools.html and add it to the shell PATH"

when trying to run flash-all

break that command down into its parts to find out where its messing up

try that $(which fastboot) --version | grep "version"

syntax error near unexpected token `--version'

fastboot version 30.0.4 for me

whattt

name: that is wierd

* name: that is weird

`which fastboot` --version | grep "version"

bash: which: command not foundbash: --version: command not found

i dont think you are actually running bash

Gonna take a break for dinner, but will come back to try to trouble shoot 🙃

bash --version

not having the which program is kindof a problem too

License GPLv3+: GNU GPL version 3 or later <gnu.org/licenses/gpl.html>

bash would understand $(command) syntax

hmm

can you install a program called 'which' at least?

when i do the comand in sh i get

> sh-5.0$ 'which fastboot' --version | grep "version"

> sh: which fastboot: command not found

program or package

via your package manager... really it shoulda been installed by default

for arch install base and base-devel as well

@louipc yeah was able to install 'which'

huh

does not help though

thats good lol. now to figure out whats wrong with your shell

you still might run into problems becaue of your weird distro

arch linux is not weird :P

names is weird

lol

lol

thanks for the help troubleshooting, this seems more managable now

i really cant think of any reason it wouldnt work. unless you are using some bash fork

that removes $(command) substitution

in that case install normal bash and get rid of the fork

also could you give me your output of "cat /etc/bash.bashrc"

also file a bug report with popos that their shell environment is screwed up

## If not running interactively, don't do anything[[ $- != *i* ]] && return[[ $DISPLAY ]] && shopt -s checkwinsizePS1='[\u@\h \W]\$ 'case ${TERM} in xterm*|rxvt*|Eterm|aterm|kterm|gnome*) PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033]0;%s@%s:%s\007" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' ;; screen*)

PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033_%s@%s:%s\033\\" "${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"' ;;esac[ -r /usr/share/bash-completion/bash_completion ] && . /usr/share/bash-completion/bash_completion

yeah definitely will

mine looks similar

hmm

oops markdown is a thing

anyway.. better ask popos for help. because their own scripts have the problematic syntax too

somethine else is wrong

yeah they do have a different shell from the norm as well

Okay, I have returned. Is the conclusion that something is wrong with popos? name , did you have success with simply deleting line 22 without any issue?

I have my bootloader unlocked. Dunno if there would be helpful commands to run in my platform-tools folder to get it to recognize that fastboot is there/up to date

deleting that line will get things going but you better make sure youre up to date. but the other concern is that if popos shell environment is messed up then you run into further problems down the road

if you both had the same problem then definitely a problem with popos

they should have `which` installed by default at very least

@name i just installed a VM and popos doesn't error out when i did the $(which fastboot) --version

Hmm, yeah, I have PopOS on both my PC and laptop. My partner has a Mac which I could give a go. Would the safest way to disconnect from the install simply be to relock the bootloader and restart the phone? Then try it on the Mac?

i get the fastboot version 1:8.1.0+r23-8 output

I installed GrapheneOS previously on Pixel 2 with Windows, but have since made the switch to Liunux

Yeah, my main concern is with my arch distro now - I've had no issues with graphene since installing last night.

on popos VM

<makingaliasesisa "i get the fastboot version 1:8.1"> This is what I was getting when I installed it via sudo apt

Would you all recommend deleting line 22, or to try it on a Mac instead?

yeah i was trying a command which disdn't work with names

i recommend installing from a supported OS

name should be. i believe he is on arch Linux.

you dont need to relock bootloader until finished installing

Okay. So, simply restart to exit fastboot mode and then try again on the Mac?

sure

Yeah I'm on arch linux not popos

which makes it even weirder

oh what. you were on arch this whole time?

trev was Pop OS i beieve

* trev was Pop OS i believe

yes

sorry lol

what terminal are you running name aswelk

I'm running Konsole

atm]

ffs matrix

`which fastboot`

ah ok

terminal wont matter

ST terminal is a thing :P

what

fwiw I've been using arch on a macbook for 2.5 days, I didn't even know there were different terminals lol

lol i'd just reinstall the whole thing then. rather than try to figure out whats wrong

oh.. yea i guess

except that points to bash in archlinux

hmm maybe arch is messed up.. which is part of base-devel rather than base

ah ok true

try install base-devel @name

also have a look at this next install (if you didn't) wiki.archlinux.org/index.php/Mac#Post-installation

* also have a look at this next install (if you didn't) wiki.archlinux.org/index.php/Mac

for pacstrap i also do this command:

> pacstrap /mnt base base-devel linux linux-headers linux-firmware vim nano networkmanager man-db man-pages git openssh

pacman is part of base-devel... what

not base

i give up

* for pacstrap i also do this command (not for mac though it may be a little bit different):

> pacstrap /mnt base base-devel linux linux-headers linux-firmware vim nano networkmanager man-db man-pages git openssh

it is a requirement from another package

oh base is a metapackage now that includes pacman.. its all weird

yeah it is made "simple"

lol

i guess all distros are messedup. ohwell

lol

yeah for mac it was > pacstrap /mnt base linux-mbp linux-mbp-headers linux-firmware...

Hmm, I'm trying to do some more troubleshooting because it seems really odd to not be working. I'm trying on my laptop with PopOS now. If I follow the three step commands to install platform-tools + export PATH="$PWD/platform-tools:$PATH", it seems to recognize fastboot just fine. If I continue to extract the release image and try to flash, this time I get "<waiting for any device>"

aye thats a good start

If I don't do it all consecutively in terminal, that's when I run into the "fastboot not found" error

ie, if I open up a new terminal window, it can't seem to find fastboot anymore unless it's all consecutive from the download and extract of platform-tools

yeah for the export thing it is only for that terminal session

Maybe that was my issue all along then? Is there a reason the "waiting for any device" error might appear? I am in fastboot mode with the bootloader unlocked

it says this on the wbsite:

> This is a temporary change to PATH for the current shell and will need to be done again if you open a new terminal. Make sure that the fastboot command works in the current shell before trying to run the flashing script.

* it says this on the website:

> This is a temporary change to PATH for the current shell and will need to be done again if you open a new terminal. Make sure that the fastboot command works in the current shell before trying to run the flashing script.

so it is say unlocked as well

* so it is saying unlocked as well

i am not not sure about this error i just got it to work luckily for me

on pop?

trevqr: check the phone. you need to confirm

nah arch

Yeah, it has Device state: unlocked

waiting for device is not an error

though if you dont get a prompt on your phone then something is wrong

either drivers, or cable

try fastboot devices on the terminal

Lemme run through it from the top one more time and see what happens. I'll try adding sudo as well for the flash

If I run it as sudo, I get flashboot not found. If I run it without sudo, I get waiting for any device

Nothing happens on the phone

phone is in bootloader?

fastboot devices gives me "no permissions"

Phone is in bootloader

It seems my comp somehow loses fastboot when I "cd" into the factory image folder to run the flash

Up until then, it recognizes fastboot with the correct version number

I am close to surrendering and just borrowing a friends windows computer tho lol

Still got a Pixel 2 with graphene for the time being, was just trying to upgrade for timely updates

could be the cable too

Yeah, it was the original cable I used to install it, but something could've happened to it in the meantime

I'll probably just shoot to borrow a friend's Windows computer. Seems more trouble than it's worth to figure out

ok so super embarassing but I either forgot to install linux-firmware or base-dev because I installed both and rebooted and all is working fine now lol

weird

name: u mean base-devel rite

Any commands to run to check that on my end?

yeah base-devel

trevqr[m]: no idea for popos

trevqr[m]: possible you need android-udev rules

<dazinism "yehnahyeh: I think possibly you "> Can you think of a reason this would happen after a year of flawless function? And, can you please advise how/where I would go for help on troubleshooting a hardware issue like this? I'm at a bit of a loss. Thanks!

I think I'll call it for now and give it another go on Windows. Thanks for all the help yall, it was much appreciated!

Hi, does tinder or bumble work on grapheneos phone?

Would it work in phone browers?

Any way to audit without second android device? (e.g. from ios, or linux?)

<name "Any way to audit without second "> Wdym

<name "Any way to audit without second "> Emulator?

but thats an android device then :D

<louipc "but thats an android device then"> Read the code

Isn't auditing like reading the code? But it is still different when you test it with a functional.android phone

hi all, is there any way to modify the "always on display" larger, color, whats on screen ?

I can't get bromite to finish an install on fdroid, while downloading it always stops and install button appears again like nothing happened. Is this a common error?

anyone in here formerly known as DannyWorkOrderPr?

cecemimi: I found fdroid can be a bit buggy like that. Also Aurora Droid can fail to offer the update after downloading (if you have it set to download to its own private storage - which is safest). Started using foxy droid (from fdroid ) and it works fine.

strangefinder: there are apps that offer customisable AOD functionality, but they have security implications (have ability to draw over other apps), also, I think, likely to be less battery efficient.

yehnahyeh: things just break sometimes. The cameras on pixels do mess up occasionally, maybe search in the reddit for your phone and see if theres folks with the same issue as you have?

In the EU, if bought new, all electrical goods get 2 years guarantee. Could send it back to where you got it and have it replaced (or maybe back to Google?). Guess if you do that would be best to flash stock OS again first.

Where can I Download the satelite app. In aurora isnt it

I have tried racoon but the install fails

cenapatop689: for testing theres GPSTest (An app for testing GPS and GNSS capabilities of a device) - f-droid.org/packages/com.android.gpstest.osmdroid

No I mean this app satellite.me

cenapatop689: apkmirror is pretty safe. Maybe they have it?

cenapatop689: its a VoIP service so guess you could alternatively use a generic voip app.

dazinism: Do you know one?

Hi there, I have a couple of questions about freeboot and fedora 32 in regard to installing grapheneOS. Would someone be willing to help?

Hey why is there a short interruption when NewPipe goes into background play? Is this a NewPipe or system issue?

dxrwzy9y:

* dxrwzy9y: May be switching between different players?

It's just NewPipe running

Has anyone had any problems installing GrapheneOS with Fedora 32?

I mean, NewPipe may have different implementations of video players, where one is meant for background playback - it would then have to stop video in one and start in the other at same position, thus creating that interruption

I'm not the only one experiencing this, right?

Yeah, I see the same behaviour

From technical standpoint, if you wanted to remove the interruption, you would probably have to split player into video and sound part, which would be needless complication and potential source of different bugs (like sound getting out of sync)

Given that Pop_OS! is a fork of Ubuntu, would it be considered officially supported?

Ravenous: you should be able to install in most OS' popOS works fine if you do it in one hit.

Why there is no threads of GrapheneOS on xda-developers?

* Why there is no official topics of GrapheneOS on xda-developers?

vinterneti Because XDA is a mess

<engulf[m] "vinterneti Because XDA is a mess"> But there is official group on reddit. So it is distancing from developers.

Because reddit is even more messy.

How secure is grapheneOS from being hacked if the phone is taken by a third party

and is there a remote wipe functionality to the phones

even if i need to setup a private server to use a remote wipe

<lolly "How secure is grapheneOS from be"> It is as secure as your password is. Although with time they will be able to get into it, of course depending on the amount of effort the third party is willing to put into opening your phone. Also as the phone is in hands of third party it will likely not be updated and so it might become vulnerable to exploits that are found.

My company is currently looking into the recent poll discrepancy and need a phone that cannot have any data on it recovered by goverment or police officials not illegal communications just keeping sources private and names off the record

like if a phone is taken is there a way to get information off the memory inside the phone easily or even read it at all

we currently use a custom version of signal for communications

<lolly "and is there a remote wipe funct"> afaik, wipe functionalities are not needed, see: github.com/Peter-Easton/GrapheneOS-…en-incorrect-guesses-at-the-pincode

But could government and police parties have backdoors into the titan M chip?

where they can bypass all that security by asking google themselves

vinterneti: That is exactly why the subreddit of GrapheneOS is used for announcements. (of course there are occasional post by randoms).

CryptRelay[m] thanks for that link ive been reading down it and looks like grapheneOS plus the pixel phones are perfect for our job, needed to make sure when a device is wiped its actually wiped because we used to have 'secure' iphones and a in house tech showed us that he can recover the data after wipe

'secure' phones where someone forgot to turn on encryption?

we had all the phones access token on hand

he just showed me the fact that even when i press that "erase data" button the encrypted info can be recovered

lolly rest assured once you press wipe data recovery is not possible

leggychun yes

lolly when you press wipe the decryption key is wiped from the titan M

Recovery is not possible even with the password

<lolly "CryptRelay thanks for that link "> Maybe it's an old iPhone?

Pixel 3a - I'm not getting email notifications from Fastmail app or Protonmail app. Also not getting any red dot notifications including on Signal app. I have all notifications on in settings including 'Allow notification dot'. When I open Protonmail it says "Push Notifications do not work without updated Google Play services"

Signal is now working fine. Email apps still not. Didnt realise it isnt a red dot, its blue/grey. Not used Android before.

protonmail only has GCM push notifications

graphene os does not have play services or microg

normal for protonmail

if i install microg will i get notifications?

tutanota seem to care more about open source than proton

microG does not work properly if it's installed as a user app

perhaps you can try using protonmail via vanadium, and enabling notifications

idk if that would work

<fuu[m]1 "perhaps you can try using proton"> I doubt it. You mean access via the browser?

fuu: proton has opensourced their code.

you can run your own proton service?

They did that early this year.

hmm #graphene-offtopic anyways

hmm #grapheneos-offtopic anyways

Tutanota is based in Germany, big red flag there.

ludicrous_speed en.m.wikipedia.org/wiki/Ad_hominem

<projectmoon "microG does not work properly if"> It does

can it register and deliver push notifications?

Yes

anupritaisno1: I'm not attacking anybody through an argument. Try again with your logic noobness.

If you whitelist it from battery optimization

The only thing that won't work is the geocoder projectmoon

Which is why ROMs must implement the geocoder themselves

And not let the microg geocoder really work

projectmoon look at YouTube vanced

They do push notifications without installing microg into system

Btw I need some help

Copperhead is claiming ownership of code I have written

And things I have implemented

Example

```

CopperheadOS Android 11 now uses Scudo for legacy code (32-bit) executions and continues to use the CopperheadOS hardened allocator for 64-bit memory functions thereby covering all native code execution functions.

I wrote the implementation for this. 2 months ago

They are now openly stealing code written by developers and claiming it as their own

all the other things they do aside, wouldn't it mostly be about what licenses are distributed with their software, from a legal perspective?

part of the license is attribution

if they are not doing that, then that is a clear violation

yes

is it MIT license?

Apache2

We have a channel for countering James' attacks

But very few are helping

not sure how the apache license governs attribution. but there can be a difference between keeping the attribution in the license distributed with the software and how it's marketed... certain BSD licenses explicitly prohibit marketing stuff without attribution to the original authors

if it was someting like the MIT license, pretty sure you can do basically whatever you want as long as you keep the notice in the license files

also i'm not a lawyer so all of this is probably wrong 🙃

it's at the very least unethical if not a license violation

Anyway please pm me or madaidan. if you want to help against copperhead

Here's proof the scudo on legacy implementation was done by me GrapheneOS/platform_bionic 7cdda01

anupritaisno1[m]: oh what chan is that

anupritaisno1: the decryption key isn't on the Titan M, it's not stored anywhere

engulf: with a strong passphrase there is no amount of resources that would get an attacker through the encryption

without one, you depend on the hardware-based security features, such as if you have a 6 digit PIN, you're depending on the Titan M throttling

projectmoon: they do not provide the necessary attribution in the OS

anupritaisno1: hardened_malloc was written by me in July / August 2018

Copperhead had fully split from the project by June 2018

<strcat[m] "anupritaisno1: hardened_malloc w"> Yes

I am not claiming that

Smh

they are just thieves (literally, not a figure of speech, they stole > 100k of donations) and fraudsters

Copperhead is claiming my implementation of scudo on 32-bit and hmalloc on 64-bit as their own

people paying them are buying insecure phones from con artists

<anupritaisno1[m] "Copperhead is claiming my implem"> strcat

and are funding their attacks on developers

That makes me so pissed aaaa

of course

That shit was like

anupritaisno1[m]: i guess u could sue them for attribution

2 weeks with little sleep just getting hardened malloc on R

So it really pisses me off

A LOT of effort went into getting it to work on R

And it was not just me

strcat was handling the frameworks/base part while I was getting it to actually work on R

they fraudulently take credit for years of my work

and misrepresent their former relationship with the project

counter sue them

we are

<strcat[m] "projectmoon: they do not provide"> Then it's definitely a license violation

r0tt0r: you may not be aware that we have legal fees of up to ~5k / month

and donations are not covering it all

I don't really get paid for any of my work with that taken into consideration

<strcat[m] "r0tt0r: you may not be aware tha"> ouch

<r0tt0r[m] "ouch"> Btw add 300-500 to that even more

I quit my job to do grapheneos dev

yep, even if you can prove you're right in court, they are probably trying to let you run out of money during the run.

or something like that.

which doesn't suprise me at all, sadly

I really hope you guys win this thing, tho

num8 you can help us

Help counter their misinformation

<anupritaisno1[m] "Help counter their misinformatio"> sure, I'm glad to.

some tech people were duped by him, primarily in the Bitcoin community

and it's a serious problem

they're the ones helping him continue to get funding to throw towards causing harm to us

uhm, I see :/

didn't know that, I'm not that much in that space

I was talking about the privacy/activism community

that's pretty sad tho

Anyone have suggestions on how to change app names/icons?

<oaktilebarnland[ "Anyone have suggestions on how t"> some launcher fe. omega allows to rename and change icons

I've used nova in the past. But thanks. Are there security concerns with launchers?

oaktilebarnland: yeah can use a different launcher, although many appear to have permissions that have security implications

Theres an app on fdroid called activity launcher that allows you to make custom app launchers. Can change the name and icons

Although only select from the different icons of apps that are on your device (which includes some system apps, who's icons you dont normally see)

hi all newb question. i just got a pixel3. it's on android 10....looks like it was last updated in august. do I need to update to stock android 11 before installing graphenos?

radec: No, though it is recommended for the latest firmware

Not a requirement

ok, thanks. so not required but not a bad idea

radec: grapheneos.org/install covers this

and explains why

Tl;dr pixel 2 had to be updated beyond a certain version due to a bug in the bootloader

It's usually to avoid such bugs

Just one thing

> It's best practice to update the stock OS on the device to make sure it's running the latest firmware before proceeding with these instructions. This avoids running into bugs, missing features or other differences in older firmware versions. You can either update the device via over-the-air updates or sideload a full update, which for Pixel phones can be obtained from the full update package page.

it's a simple paragraph

Updating doesn't mean you update and then never boot the slot

Most people create more issues by updating and then jumping straight to the bootloader

don't make it more complicated than it has to be

the install guide has a good explanation

strcat I've seen people who've done that

Basically bootloader sees that the upgrade isn't completed yet

And then refuses to flash grapheneos and throws errors

okay just don't make things more complicated than they need to be

the guide explains things, in the right order

follow the guide

don't skip steps

don't improvise

follow the install guide

it says it's best practice to update BEFORE starting, and has you go into the OS to enable OEM unlocking after starting

@strcat ok thanks. I was reading that. I guess I am just used to things on xda that get written and never updated

so what you're saying is people didn't follow the guide and experienced problems

and yeah, that's why you follow the guide

radec: we don't write blog posts, we publish well maintained docs

radec btw if you need help pm me

the guide was last updated October 20th, it's fully up-to-date

My help = I basically install it for you btw

@strcat that's great thanks

@anupritaisno1 thanks I think I got it. I was just making sure I wasn't going to screw something up by updating, but I guess that's not a concern lol

<radec "@anupritaisno1 thanks I think I "> Basically update and fully boot the update

great

Then enable OEM unlocking on the latest update

BTW what device?

pixel 3. unlocked bootloader

You should be able to continue without upgrading tbh

radec so anyway you have the files for installation?

yep

radec extracted the platform tools?

i'm on linux. I've just been using the adb/fastboot I have installed.

You should be able to directly run ./flash-all.sh

Getting a new phone, no price limit. Should I get a Pixel 5 and assume Graphene will work on it eventually?

ok cool

certi nothing can be said yet

Pixel 5 moves several drivers into techpack and has several more submodules

Should I get a Pixel 4 then? I kind of wanted 5G but could live without until it scales up more

certi it's better if you ask after a while

Remember pixel 5 doesn't even have vendor support yet

Pixel 4, Pixel 4 XL and Pixel 4a are the recommended devices (see the FAQ)

there isn't support for the Pixel 5 or Pixel 4a 5G

there is no maintenance team for either the Pixel 5 or 4a 5G

so you will be waiting an indefinite amount of time where there is currently no progress being made to support them

unless you plan to work on developing support for them I wouldn't buy either of those devices with the intent of using GrapheneOS

hey just out of curiosity ,in fastboot any thoughts on what "Secure Boot: DEVELOPMENT" vs "Secure Boot: PRODUCTION" means? the first pixel3 i bought said DEVELOPMENT. I am returning it because the IMEI is also real strange. I had never seen that before.

Uhhhhhh

How the hell did you get that

ebay

A development device can load stuff like custom bootloaders and radio

It's not really something secure for use on graphene

radec: goes to show the sketchy stuff that goes on with ebay

probably a development device stolen from a developer

that belongs to Google and is stolen property

* that belongs to Google (given to one of their developers) and is stolen property

yeah interesting. it is true, you never know what you are going to get from ebay

Thanks strcat . I know I would be gambling with getting a P5. I am a noob when it comes to coding and programming, wouldn't mind helping tho

@anupritaisno @strcat got grapheneos installed no problem that is for your help and time.

*thanks for your help and time

Donations and help always appreciated

<strcat[m] "engulf: with a strong passphrase"> Unless there is a vulnerability in the encryption algorithm itself

and you should not be claiming there is one without evidence

also a 'break' in a cryptographic algorithm just means it doesn't provide the expected security level, it rarely means that it doesn't work at all

I'm not claiming that there is one, I'm claiming that if one was found that would be a way to break the encryption

is AES256 was broken to only provide 120 bits of security instead of 256 bits (which would be a massive break)

it would not change anything about the actual real world security

engulf: you said that an attacker just needed time / resources to break the encryption which is inaccurate

* I'm not claiming that there is one, I'm claiming that if one was found that would be a way to get into the device

Heh, well, if there's a problem with AES, then bigger people than us would likely be in a lot more trouble - people like the United States Government are relying on it to secure their top secret level diplomatic communications.

engulf: if someone uses a strong passphrase, that holds up against any attacker with any amount of resources due to how things are designed

if someone uses a 6 digit PIN, then they depend on the security of the Titan M

Remember, even though AES was designed in 1997, the NIST was very clear that the cipher might actually need to last until the end of time.

for a profile that is logged out OS security isn't the weak point due to hardware enforcement of the delays

if a profile is logged in and you're talking about data not protected by the keystore, and an attacker that's going to be trying to exploit the OS, it's not about encryption

oops i was just screwing around with communities

So it's no wonder why they gave the entries into the standard competition to academics to scrutinize and go over with a fine-toothed comb.

strcat: I said that depending on the length of the password a motivated attacker (with years of time and a lot of resources) would possibly be able to get into the device.

I'm sorry if you misunderstood, I didn't mean to claim otherwise

what you said was going to mislead people in the channel

the issue is not that I misunderstood anything

I do agree that it could have been phrased in a better way

* I do agree that it could have been phrased better

What is considered a strong passphrase for these phones?

Four randomly selected dictionary words.

* I'm sorry if the post seemed to mislead people, wasn't the intention.

Do you typically use that kind of password for just unlocking your phone? I imagine at some point there's a usability hit and you would need to compensate by making the phone take longer before letting it lock again, right? Presumable that could decrease the security if it's not auto-locking as frequently.

Not to say that you're wrong... this is just something I've been debating myself recently.

Well, I actually find it somewhat easier to type four words in than hunt with shift with numbers and such.

So it's a bit easier for me to type and easier for me to memorize.

use full spectrum of symbols chars numbers. when tested against my own wifi that made it not so easy to crack anymore. though a multi quantum crack server farm with thousands of gpus and stuff its quiet a matter of time

everytime i forget one of my passwords for an account i double it with special char in between

some are meanwhile aroumd 30char/numbers/symbols long and i can still memorize

* some are meanwhile around 30char/numbers/symbols long and i can still memorize

Does changing the lock screen password also change the existing encryption!

?*

there was this xkcd comic with supersecure long passwords and the hammer solution. hit him with hammer till he gives you his password, or was it a wrench...

There should be an addendum to that:

Crypto nerd's imagination: "Oh no they'll hit me with a $5 wrench!" What happens in real life: "Here just use this canned exploit that takes advantage of one of the 30 unpateched vulnerabilities in the kernel."

ye indeed, sad truth

there should be an emergency pin code option when entered it wipes or triggered through xploit tries

that face to see finspy tech in action :)

aaaaaaaand its wiped

projectmoon: profile's are protected with encryption derived from the lock method

* projectmoon: profiles are protected with encryption derived from the lock method

projectmoon: this has been stated here a lot along with detailed information on it

I recommend going back and reading explanations of it

TheJollyRoger: i use a $2 wrench

> use full spectrum of symbols chars numbers. when tested against my own wifi that made it not so easy to crack anymore. though a multi quantum crack server farm with thousands of gpus and stuff its quiet a matter of time

If you want something even better, use ALT codes.

It's essentially like having a pin code for every character.

wow how many quantum crack farms are there

<louipcm "wow how many quantum crack farms"> theres already cloud cracking options, i guess quantum crack farms are only military options