GrapheneOS5d ago

The claims made about GrapheneOS in this interview are extremely inaccurate. It heavily misrepresents the purpose of GrapheneOS and what we've worked on for years. The claim GrapheneOS is a security project rather than a privacy project is misinformation. Contacts are specifically brought up and yet our Contact Scopes feature is ignored. @fla knows GrapheneOS is a privacy project. He replied to a thread with our response to this misinformation only 4 days ago...

https://piaille.fr/@projetslibres_podcast/116379561169492214

Show threadGrapheneOS5d ago
/e/ doesn't keep up with providing standard Android privacy patches and protections. It doesn't provide features comparable to the added privacy protections in GrapheneOS including but not at all limited to Storage Scopes, Contact Scopes, Sensors toggle, per-connection Wi-Fi MAC/DHCP privacy and far more. /e/ has a bunch of default connections to Google services and gives highly privileged access to those. It also bundles other invasive services in the OS.
Show threadGrapheneOS5d ago

GrapheneOS heavily improves privacy compared to the Android Open Source Project in contrast with /e/ heavily reducing it.

GrapheneOS is far ahead of the standard pace for privacy patches instead of behind and we fix many privacy weaknesses ourselves. We've fixed a bunch of Android VPN leaks and many forms of data leaks to apps.

Since GrapheneOS is a serious privacy project, we have to put substantial work into security too because privacy depends on it.

Show threadGrapheneOS5d ago
/e/ tries to provide privacy by bundling a small blocklist of domain names solely used for ads and analytics. This doesn't do anything to address the most privacy invasive behavior by apps which happens via their own services. It doesn't stop apps sending data to arbitrary third parties from their servers or even client side. It can't block anything without the app using a dedicated domain for the unwanted behavior which usually isn't how things are done.
Show threadGrapheneOS5d ago

The domains they block are a tiny subset of domains used for those purposes and do not stop the most privacy invasive behavior by apps.

Apps and SDKs have also increasingly bypassed DNS blocklists via DNS-over-HTTPS resolvers, hard-wired IP addresses and most of all moving connecting to third party APIs to their servers where they don't need to leak their API keys.

DNS filtering works fine on GrapheneOS but isn't a viable approach to protecting privacy.

Show threadGrapheneOS5d ago

Exodus Privacy uses a very similar approach to label apps as having trackers based on whether they include a library from a small list they've decided as trackers. Many of those decisions are dubious and it misses that the most privacy invasive behavior by apps isn't done that way. It also has extremely inaccurate labelling of permissions misleading users about how that works. Here's a great example of both with Facebook Lite:

https://reports.exodus-privacy.eu.org/en/reports/com.facebook.lite/latest/

Report for com.facebook.lite 505.0.0.8.102

Known trackers, permissions and informations about this specific version of this application

εxodus
anonymous12d ago
Show threadanonymous1

@GrapheneOS
@exodus

Hello. I am a GrapheneOS user. I think Exodus Privacy manager hold some value scanning the libraries apps use.

But I also know there are other ways that apps use.

So my question is, is there any better app currently out or a list of a few other handy apps to help users know which ones are leaking data?

There should be tools we could use to help ourselves.

Please respond by giving any suggestions or even processes to check with links. Help spread the knowledge.

Apr 13 at 4:36amWeb