Skip Navigation

User banner

Andromxda 🇺🇦🇵🇸🇹🇼

@ Andromxda @lemmy.dbzer0.com

Posts
77
Comments
1661
Joined
2 yr. ago

  • Just use cURL

    Jump

  • Outlook.

    Thankfully Thunderbird, although most folks here just use the Roundcube web client.

    With a giant signature that includes an embedded image.

    They are auto-generated and enabled for everyone. Typical corporate bullshit I guess.

    Also the image is a 2400px image that has been resized using width and height attributes.

    It's a portrait (that thankfully has been downsized and compressed so much, that it's barely recognizable (thank goodness, because it's a horrific photo)), as well as a photo of my physical signature. Oh god do I hate emails and email signatures. And fuck my company for wanting emails to look "authentic" and including this stupid ass signature.

  • Just use cURL

    Jump

  • This is beautiful. I'ma send this to my coworkers.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • That rate limiting can easily be bypassed by an attacker. In order to be effective, the rate limit needs to be enforced by tamper-resistant hardware, i.e. a secure element. Here are some of the requirements for a secure element: https://developer.android.com/privacy-and-security/keystore#StrongBoxKeyMint

    An implementation of StrongBox KeyMint must contain the following:

    Its own CPUSecure storageA true random-number generatorAdditional mechanisms to resist package tampering and unauthorized sideloading of appsA secure timerA reboot notification pin (or equivalent), like general-purpose input/output (GPIO)

    For details, I recommend reading:

    Only devices with a proper implementation of a secure element (Titan M2, i.e. Pixel 6 or later, or the Apple SEP, i.e. iPhone 12 or later) are actually resistant to brute-force attacks by forensic data extraction tools, such as Cellebrite or GrayKey. GrapheneOS has obtained some internal documents from multiple forensics companies. They published the Cellebrite docs at https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation

    Specifically, I recommend looking at this chart:

    It clearly shows that data cannot be extracted from iPhones with the SEP, unless the device is in the AFU state, meaning that the encryption keys are kept in memory.

    Those are the charts for Pixels:

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • Certainly not

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • Sandboxed Google Play is one of the key features of GrapheneOS. So far no other OS has allowed users to enjoy the full functionality of Android Auto, the Pixel LPA for managing eSIMs, and the Google Mobile Services suite (not talking about the other Pixel OS stuff) with the only exception being GPay, without full sandboxing, and without granting excessive privileges (SGP is unprivileged, the eUICC LPA obviously requires higher privileges for managing eSIMs, but it's fully sandboxed and can't communicate with Play services, or access the internet)

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • the team refuses to use reverse-engineered hardware interfaces

    Small correction: Current and future GrapheneOS releases for Pixels are produced by reverse-engineering Pixel OS releases. adevtool was developed together with the developer of ProtonAOSP back then, to automate extracing several components from the stock Pixel OS.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • Fairphone is very far from meeting GrapheneOS' requirements: https://grapheneos.org/faq#future-devices

    They also openly supported harassment of GrapheneOS developers in the past.

    A lot of their marketing is very misleading, or completely false. They're not the moral and ethical company they claim to be.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • Snapdragons finally somewhat caught up to Google's Tensors and the Titan M with the Qualcomm SPU and by implementing the ARM MTE

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • It (unfortunately) isn't required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • It (unfortunately) isn't required. Most current Android devices on the market have serious security issues (most notably, full disk encryption can easily be bypassed due to a lack of effective unlock attempt rate limiting) due to their lack of a secure element.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • Pixels will be supported until EoL. You can get a used Pixel 8a or 9a, which will get supported until May 2031 and April 2032 respectively. Both feature modern, important hardware security features, such as the ARM memory tagging extension.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • This is incorrect. The sideloading checks are implemented in Play Protect, which needs elevated privileges to function. On GrapheneOS, Google Play services run with normal privileges, just like any other user-installed app. This means, there are no Play Protect checks in GrapheneOS, and there will never be. It would only be possible on ROMs, such as LineageOS with Gapps, where Play services are installed as system apps, running with higher privileges than all other apps.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • Nothing needs to be disabled, since it isn't present in GrapheneOS in the first place. The sideloading checks are implemented in Play Protect, which needs elevated privileges to function. On GrapheneOS, Google Play services run with normal privileges, just like any other user-installed app.

  • Cheapest VPN in the long term for watching movies and tv shows?

    Jump

  • I bought their lifetime license like 5 or 6 years ago, still works to this day. I wouldn't use it for anything other than piracy though, if you actually need a private and secure VPN, use Mullvad, Proton or IVPN.

  • GrapheneOS could break Pixel exclusivity in 2026 with major OEM deal

    Jump

  • What will you do after Android starts restricting FOSS apps?

    Jump

  • what's a good phone?

    Jump
  • Technology @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Signal Protocol and Post-Quantum Ratchets

    signal.org /blog/spqr/
  • Cybersecurity @sh.itjust.works
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Exploring GrapheneOS secure allocator: Hardened Malloc

    www.synacktiv.com /en/publications/exploring-grapheneos-secure-allocator-hardened-malloc
  • Late Stage Capitalism @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Death rates rose in hospital ERs after private equity firms took over, study finds

    www.nbcnews.com /news/us-news/death-rates-rose-hospital-ers-private-equity-firms-took-study-finds-rcna233211
  • Android @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    The Future of Accrescent

    blog.accrescent.app /posts/the-future-of-accrescent/
  • Android @lemdro.id
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    The Future of Accrescent

    blog.accrescent.app /posts/the-future-of-accrescent/
  • Videos @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    The Hated One: The Ultimate Degoogle Tutorial - The CheapAss Edition

  • Videos @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    PewDiePie: I'm DONE with Google

  • Privacy @lemmy.ml
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Telegram is indistinguishable from an FSB honeypot

    rys.io /en/179.html
  • Privacy @lemmy.dbzer0.com
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Telegram is indistinguishable from an FSB honeypot

    rys.io /en/179.html
  • Political Memes @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    AMERICAN FREEDOM!!! 🇺🇸🇺🇸🦅🦅🦅🦅

  • Lefty Memes @lemmy.dbzer0.com
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Usual capitalist hypocrisy

  • Lemmy Shitpost @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Have you said Thank You once?

  • Technology @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular Spying

    www.eff.org /deeplinks/2025/03/meet-rayhunter-new-open-source-tool-eff-detect-cellular-spying
  • Lemmy Shitpost @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com
    Locked

    I knew it

  • Videos @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Sam Altman Needs To Be Stopped

  • Technology @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Elon Musk’s X blocks links to Signal, the encrypted messaging service

    www.disruptionist.com /p/elon-musks-x-blocks-links-to-signal
  • Enshittification @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Threads is offically getting ads

    www.theverge.com /2025/1/24/24351141/meta-threads-ads-test
  • Lemmy Shitpost @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    The best option

  • Science Memes @mander.xyz
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    Scientists suck at naming and abbreviating stuff

  • Lemmy Shitpost @lemmy.world
    Andromxda 🇺🇦🇵🇸🇹🇼 @lemmy.dbzer0.com

    I got some plans for the weekend...