Recent searches
Search options
Revolut is specifically banning GrapheneOS by checking for the build machine hostname and username being set to grapheneos. We've changed these to build-host and build-user. Combined with another change, this allow our users to log in to it again until they roll out Play Integrity API enforcement.
@GrapheneOS
They do the same with e/os/
Your post is unclear: can you now for sure bypass Revolut's new policy?
@Woland /e/OS is a highly insecure OS not keeping the standard security model intact and with years of delays for full privacy/security patches along with months of delays for partial backports. They make many changes rolling back security. It's nearly the complete opposite of what we're doing with GrapheneOS. GrapheneOS is wrongly grouped with those even though it preserves the standard security model, doesn't set a fake security patch level like those do and greatly improves privacy/security.
That's just shocking disinformation that makes you look highly unreliable and not serious.
You can brag about your OS without inventing bad points to others.That'd bring higher trust in you
E/OS/ is quite excellent with its patches and security checks, and the issue comes from Revolut not making it easy to os relying on MicroG.
#disinformation #grapheneOS #badcommunity
#eos #degooglisation #RevolutCompatibility #banking #murena @e_mydata
@Woland @GrapheneOS /e/OS barely even ships security updates in time, often having a 2 months delay. Their MicroG implementation allows for signature spoofing of all packages unlike Calyx or Lineage. It is truly one of the worst from a security POV (aside from literal jokes like Replicant).
Look, I used to use it as well until I switched to Divest (well that one died), but it makes a lot of big claims without much to back it up. You’re much better off using Lineage and Lineage doesn’t even have that good of a security
Source it please. It'd make the conversation so more interesting.
I have updates on eos every two weeks or so, and I find no source backing your security issues claims, so please feed me
You can check the release date of when every security patch for each month release: https://gitlab.e.foundation/e/os/releases/-/releases
DivestOS used to aggregate them before it died: http://web.archive.org/web/20241231003546/https://divestos.org/pages/patch_history Look at the date for each month
Flawed MicroG implementation that allows signature spoofing for every packages:
EDIT: There was already an issue for this but it went stale :/ https: //gitlab.e.foundation/e/backlog/-/issues/3651
Hope this helps! (PS: I’m not the biggest fan of how GrapheneOS communicates either)
Thank you very much!
So much more constructive, informative and helpful than GrapheneOS communication
I'll dig into it :)
@AmyIsCoolz
I draw your attention on the fact that the MicroG issue you're thinking about is three years old. Maybe it's been a few years you've left e
@Woland I left it in September of last year, so not a long time ago
@AmyIsCoolz well, apparently they've improuved since. If you check the security patches on the link you've sent me, I find it quite correct
But I'll look in your recommandations. I don't have a GrapheneOS spirit, I don't idealize any OS, and I can switch for better eventually
@Woland It allows signature spoofing on all packages instead of just microg :( CalyxOS and LineageOS has a better implementation. https://calyxos.org/docs/tech/microg-details/ https://reddit.com/r/LineageOS/comments/1b11zex/los_has_added_internal_microg_support/
I’d honestly recommend GrapheneOS (Pixels) , Calyx (Fairphone, Motorola, SHIFT), or Lineage (Anything else) depending on the hardware you have. These varies in security level, but it should be an improvement over /e/
I’ll go check the code if it still applies once I’m more free, but even if they fixed it, the monthly security updates are still very delayed
Thanks for all the info, and yes, please check and come back to me, I'd be grateful
Because for now it doesn't match what I see: I do get the mounthly security updates. And I'm in dev mode, so the frequency can even be higher than that
@Woland What month of security update is important because /e/OS tends to get the previous month :P Maybe go check in the About Phone and Android version if you’re on January security update or December
Indeed, it's 5th of December
I though it was usual for a Lineage distro
What date is yours currently?
Thanks for all the info. At least with you it's listenable ;)
@Woland On GrapheneOS it is already January. For Lineage, it is January on Android 15 (Lineage 22) but still December on Android 14 )(Lineage 21)
Yes, so eos is not bad or more bad than an other privacy focused OS. It's the same, I'm on Android T (13) and I match Lineage
And e on U (14) matches it as well and gets January
So still a very dubious communication from Graphene
@Woland I think the reason older version of Lineage is delayed is due to them trying to port it to Android 15 instead of remaining on 14. Older version of Lineage tend to still get security update faster than /e/ however (refer to the earlier divestOS link)
But keep in mind that /e/OS does turn on all connection to Google (including the proprietary SafetyNet) by default, so if you don’t use safetynet (as it is now deprecated and replaced by the much more anti consumer play integrity API) you should probably turn it off in the MicroG settings. https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline
@Woland Seems to have fixed the signature spoofing issue in December, so pretty recent but hey progress. https://gitlab.e.foundation/e/os/android_frameworks_base/-/commit/22464e8976e561965b662e1549128edbf1a12e4d
I still wouldn’t be recommending /e/OS, mostly because the lack of verified boot (which Lineage doesn’t have either, but Calyx and Graphene does) and the secruity update is often delayed (oh and their cloud service is really bad imo), but at least the security went from “a total mess” to just “bad”
Thanks for digging!
@AmyIsCoolz Not sure what you mean , But eOS have verified Boot on official devices
@ekimia according to this graph it uses test keys which is worse https://eylenburg.github.io/android_comparison.htm
I haven’t done digging into the source code for that quite yet if it changed. But still it is quite limited to a select few devices and unlike the former DivestOS they still don’t mention that not all devices are equal but I digress
I agree we need all 217 supported devices with verified boot , but this will require way more contributors with devices ...
how many devices supported by graphene ?
@ekimia “I agree we need all 217 supported devices with verified boot”
I didn’t say that. It is technically impossible because devices like OnePlus 7 and up, Samsung, and Xiaomi can never have verified boot supported with a custom Operating System. My problem is that they never make it clear that not all devices are equal. (They even sell old Samsung’s without verified boot at one point)
Devices Graphene support are just Pixels for good reason. Calyx supports Fairphone and Motorola as well
@ekimia I’ll cut this short because I have a genetics quiz today and tech is just a hobby.
But while verified boot was one of my problem, the delayed security update of /e/OS is my main problem, they take a month longer than a lot of operating system.
And no where do I say that you should only use GrapheneOS. I think CalyxOS is a really good option if you have devices they support (they only exclusively support devices with relockable bootloader). or LineageOS (LineageOS has no verified boot, but if you have one of those devices that support relockable bootloader, use GrapheneOS or CalyxOS) which has faster monthly update than /e/OS. The ‘privacy’ changes /e/OS makes are minimal and can be replicated with 2 ADB command
@AmyIsCoolz At least we have the filter on device list for at least a year
@ekimia again, they don’t make it clear on their main website, it’s just marketing stuff on there. I’m not a big fan of marketing stuff. Also they once sold a refurbished Samsung with no verified boot
@Woland @AmyIsCoolz The rate you receive updates has nothing to do with them being months behind on providing Android security backports, setting a fake Android security patch level after providing those without providing all the driver/firmware updates and not providing full privacy/security patches which are only available for the latest Android years without a year or more of delay. All verifiable with basic research. It is you making highly inaccurate claims to promote a highly insecure OS.
I beg you to source
@Woland @AmyIsCoolz Do basic research from reliable sources instead of consuming marketing material for their products. Murena are a for-profit company and are scammers misleading people with false marketing and selling them highly insecure products. If you're going to come to our threads and promote a scam, what do you expect?
@Woland @AmyIsCoolz They're scammers who promote scam products with false marketing. They're the same people. The developers of /e/OS work for Murena. The fact that they have this sketchy setup of a separate non-profit and company doesn't change anything about the fact that it exists for them to turn a profit. They promote it with false marketing.
Not clear what response you expect to promoting it here. It's the direct opposite of what we do with GrapheneOS. It massively reduces security.
@Woland @AmyIsCoolz LineageOS already rolls back security and sets an inaccurate Android security patch level across devices. /e/OS is dramatically worse than LineageOS and lacks the most basic security. It is one of the worst choices you can make if you care at all about security. Their services have similar issues.