DominoUnremovable Spyware on Samsung Devices Comes Pre-installed on Galaxy Series Devices
ArghblargI took the jump and installed GrapheneOS on my Pixel 9 this weekend. Easiest alternate OS load I’ve ever done, didn’t even need to see a command line. (I’ve put LineageOS on many a phone and GrapheneOS’s web-based installer is amazing).
Loving it so far. I have three profiles, the main ‘Owner’ with NO google services/app store at all; and two more ‘Personal’ and ‘Work’ profiles that have Google stuff.
Amazingly GrapheneOS even lets you deny Google App Store itself permissions to install from untrusted sources (in this case, Google App Store itself) – I was suprised to see installing just App Store triggered attempts to then load: My Pixel, Google Photos, Fitbit(!!? WTF), and a few others, without any confirmation first. Was able to shut that shit down immediately.
I hope GrapheneOS spreads to other phone models. And I’m sure Google has a team planning on how to strangle it before it does…
kalpolForgive me but what is intune? I did a quick search and just found some Microsoft endpoint protection thingie – there is mention of a Managed Google Play but I have no idea what that would mean.
Glog78@Arghblarg @kalpol
https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/what-is-intune
https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/what-is-intune
What is Microsoft Intune - Microsoft Intune
Microsoft Intune manages users and devices, simplifies app management and automated policy deployment, and integrates with mobile threat defense. It connects to Managed Google Play, Apple tokens and certificates, and Teamviewer for remote assistance. Can use MDM or MAM to protect data, configure devices, and simplify access to company resources.
I think the user is referring to the fact that MS Intune is famously very cautious about verifying the device it is running on.
Many people need to use Intune on their device, to get access to work apps (eg, Teams and Outlook). If you have a rooted device, or run a non-stock OS, then Intune will fail the validation and prevent you from signing into your work accounts.
This is the reason I don’t currently use a rooted or alternative android on my primary smartphone.
Is it just not in the cards to request a separate device for work, I know I would tell my employer that I cannot guarantee that my personal device will meet their expectations.
Yes. I can request a phone from work to use, but that’s lots of work, business justification, need to submit monthly expense reports for calls, and report data usage. Plus I’d need then to carry around two phones. There are lots of people at my work who do that. I don’t want the hastle.
Will intune work without a sim card? I have an old phone that is in airplane mode, no sim card but does have Google services.
I just realized as long as it gets the notifications wirelessly it could be my intune authenticator device and live for only that purpose.
Does it require a phone number or only a ms login?
I currently have intune in a jail on my other android device but I want to get graphene os.
Former Intune support engineer here - can confirm that using it in airplane mode will work fine. As part of my support case reproduction testing equipment, I purchased a refurbished Galaxy S10e ages ago and never had a sim for it or any cellular service, only WiFi.
Is there a setting that can be enabled at the management end to allow Graphene to pass the device health check?
When my employer rolled out intune I had to get a second device to run their ms apps. This was after them trying to figure out a way to get them to work on Graphene.
Sorry man, not that I know of, but it has been a few years since I worked in that space.