this post was submitted on 21 Jul 2024
45 points (100.0% liked)
GrapheneOS [Unofficial]
1776 readers
4 users here now
Welcome to the GrapheneOS (Unofficial) community
This feed is currently only used for announcements and news.
Official support available on our forum and matrix chat rooms
GrapheneOS is a privacy and security focused mobile OS with Android app compatibility.
Links
More Site links
Social Media
This is a community based around the GrapheneOS projects including the hardened Android Open Source Project fork, Auditor, AttestationServer, the hardened malloc implementation and other projects.
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So what's the main advantage of this over F-Droid? Theoretically more secure?
AFAIK the main difference is that on F-Droid (at least the main repo), all apps are signed by F-Droid. On Accrescent however, each app is signed by its developer. This can be seen as it being more secure.
If you're further interested in the topic, there's at least one discussion thread about the 'insecurity of F-Droid', I believe also directly comparing it to Accrescent, on the GrapheneOS forum.
@[email protected] Article about this issue: https://privsec.dev/posts/android/f-droid-security-issues/
While F-Droid has issues, most of the points in the article are minor inconveniences blown out of proportion. Slow updates because they're mostly community-funded. I kinda like their app approval and low level permission listing. It's a double edge sword because there's an additional level of audit, but also an additional layer for tampering. But that can also happen if devs turn malicious themselves.
Low target SDK lets me use apps that make old devices still usable. It keeps me from throwing them off on the landfill. Most browsers are fucked on old devices (no support for modern TLS) but youtube still works with newpipe forks. So at least I can carry it to watch youtube when travelling. Confusing UX is not a f-droid problem, there are already multiple alternatives.
The only problem they actually have is unstable leadership that has made some of the team leave and there are problems with key signing and they force devs to use old versions.
There's a lot of wannabe "privacy" sites popping up since a couple years and everyone's trying to start a big controversy off of small things. It's easy to complain than rather do the work to make things better and most of these authors can fuck right off.
If I've learned one thing about computers, it's that you can't ever trust the developers to properly package their software. Sooner or later they will abuse this privilege by introducing unsafe defaults, or bundle some useless, stupid, or outright malicious stuff.
Yeah, significantly more secure, while also being way more modern.