Nostr Web Client

I ran calyx, and after some research I determined it's worse than running stock android, since it doesn't update security vulnerabilities fast enough.

JSTR 2y ago

What is annoying about graphene?

My phone is just generally pretty crashy, if I want stuff to work I have to run sandbox google play service (defeats the purpose?), no gPay so I can't get sats back on my purchasing, I have three app stores, just all around bleehh for my daily driver phone

JSTR 2y ago

Thanks for letting me know… it is an interesting topic… a new operating system for a daily phone, seems it’s not without issues

Derek Ross 2y ago

This is eventually the path I went down. I ran custom ROMs for nearly a decade. Eventually, I just want me tech to work. I don't want to go and use NFC to buy groceries and get a rooted device error. I want to be able to cast media to all of my devices in my home. I want to take pics of my kids and not have the camera crash and have me end up missing the moment entirely. That said, I haven't used Graphene or any custom ROM in a couple years.

Yes, camera a big one, my Nokia had better camera software 🤌

tonktonk 2y ago

I never had any problems of this kind with Calyx. Yes I know it's inferior to GOS in terms of security, but I'm good with it. 4 years on pixel 4a !

OceanSlim 2y ago

This is where I'm at too Derek. After I went to a OnePlus, I no longer had a need to root even though ironically OnePlus is one of the easier Brands because they make bootloader unlock flawless. .

123vier 2y ago

Running Graphene

No isues, no fiddling around, just a smartphone working like charm sine 19 months. Happy!

I have practically *zero* issues on GrapheneOS - what are your core issues? Mine just works pretty much as well as stock Android.

Have you tried the Google Play compatibility layer? I've been testing that and highly recommend it if you want a more seamless experience.

finch ☦️ 2y ago

Sauce: https://grapheneos.org/usage#sandboxed-google-play

I am running this thing... Is this it?

Major annoyances are:

- Chromecast doesn't work

- Camera sucks

- can't use gPay (very good sats back app needs it)

- phone feels kinda bricked and crashy

- notifications seem to only work 70% of the time

I think something with your setup is borked, that is not at all my experience (though I don't care about gpay support and know that's currently missing (but WIP!)).

We need to get sideofburritos on nostr. He’s on Twitter, makes great grapheneOS/privacy and btc/xmr content and guides on YouTube. His Twitter says he’s mostly on mastodon :(.

Simplify your setup:

- Always on VPN

- Google Play compat

- Use the Google Play store as much as possible (more secure, but of course FOSS tradeoffs)

- Use Google Camera w/ network disabled

- Use Google Keyboard w/ network disabled

Whittle down from there if you don't need all that functionality. That still provides excellent privacy and security if you limit apps.

Google play store versus Aurora? Isn’t Aurora the same basically but they’re using different throwaway Google accounts for you?

Google Play.

I'd only use Aurora if I couldn't use Google Play properly, like with CalyxOS.

Care to explain? This goes counter to privacy guided and advice I’ve seen up to this point

Also #[2] DM’d you a few questions a bit ago about your last podcast appearance, did you see those?

If you trust google with security of apps (I do, it's something they're very good at) it's a much more secure way of getting apps than anything else.

The only draw back (and it is a drawback!) is that you have to be signed in to use it, but can just do a burner account.

Aurora could easily be compromised and serve malicious apps, and there are potential concerns with the fake "anon" account being compromised as well.

F-Droid is solid and I use it for a few things, but obviously tons of things aren't on F-Droid because the actual publishing policies and setup is a nightmare.

finch ☦️ 2y ago

Sometimes the community tends to focus so heavily on privacy they forget the importance of security

Exactly, there is a good balance that has to be hit IMO as vulnerabilities and open doors to malicious app installation could be more harmful than anything else in many scenarios, especially if you have any reason at all to be targeted.

So it basically comes down to the initial downloading of an app right? If that’s signed correctly with the developer’s keys, then it can’t be replaced with a malicious version later no matter the “app store” you use right? (Excluding f-droid b/c of wonky signing policies)

So for most users Google Play is the right answer, but there are tradeoffs to consider.

Obtainium seems to be a powerful option here if you’re comfortable finding the source location yourself (only risk remaining is that the dev keys themselves are compromised which also would risk the other app stores?). This seems most like a desktop, download software from source, but with a nice consolidated updater.

Idk for me it feels like getting most software through Obtainium would be ideal and fallback to Google Play for apps that aren’t listed anywhere else. I’d only do this with a fully anonymous Google account tho (is this even possible anymore?)

Would be cool to have nostr used for software, publishing hashes of each release.

So for #[5] somehow you’d post hashes of each Envoy release to nostr (one note+replies?) and Obtainium could have a “nostr hash verified” section when you add an app so it will additionally check a specific nostr note/thread for the most recently posted hash signed by #[6] npub, must match hash of APK update before installing.

So both dev keys and nostr keys would have to compromised to trick Obtainium then. Any obvious pitfalls here? #[4]

Other than complication. But ppl who want simplicity get iPhones so

BHN 🍁 2y ago

I install in the play store and see which one in Droidify/Aurora-droid/f-droid says its installed to know which is the official. Many use the exact same versions as the play store. I can then update with droidify going forwards.

Thanks I'll give that a shot, zapped ⚡⚡

Please message with questions or concerns! Happy to help, have been a happy user for over a year now, and going on 3y w/ Calyx/Graphene

finch ☦️ 2y ago

Doesn’t Graphene have a pretty good privacy preserving camera app? It’s even on the Play Store.