I'm a fan of Kevin Cox's blog post "decentralization vs federated" is the best breakdown of the differences between the two terms IMO.
https://kevincox.ca/2023/07/20/decentralized-vs-federated/
I've been very slowly drafting a blog post comparing Activity Pub, Nostr, and AT. Pros and cons to all three, but me being here you can probably guess what I've concluded is my favorite.
This is a good post. I think I have seen this blog before but it wasn't in my feed reader so I never saw this article yet. I enjoy reading blog works like this.
And yes, he meant Organic Maps, not OsmAnd+
If there will be a next generation Pixel Tablet it will make the current one cheaper, while the new one will likely have memory tagging and all the best security enhancements added by Pixel 8 and later. All of those additions and also no cellular network would be huge.
One of many examples of #GrapheneOS security enhancements helping expose memory corruption and other bugs in applications.
I am replying to this Nostr note on with Orbot mode on even when I don't have the Orbot app installed. Just tried it.
I use Amethyst but not looked into the source that much, but it's definitely not a GrapheneOS thing. Hope I could try and help sort this issue out for you regardless.
Note: GrapheneOS never made any changes to VPNs recently, you can see the OS change logs. We've been using Tor with Amethyst with no problems for a long time, and turning it off also stops on Amethyst. There's a difference between the Orbot Tor VPN mode and Tor proxy modes and many users mix them up. This has nothing to do with GrapheneOS.
I've been asked before about how Nostr differs from ActivityPub based social media like Mastodon a few times. My answer is both are decentralized but each is decentralized with a different topology.
Both Mastodon and Nostr are decentralized social media or communication platforms, however Mastodon is federated while Nostr is distributed. Mastodon is decentralized by means of having no central server by making each participant of the federated network their own centre, while Nostr is decentralized by means of none of them being a centre. Nostr relays cannot control or enforce their own rules in the same level as a Mastodon instance can.
You could say the same about an instant messenger, some are decentralized by means of having no central server, just multiple centers that can communicate with one another (like XMPP) or by letting you pick the relay servers anyone can host (like SimpleX) or by not having any servers at all and communicating between each other peer to peer (like Briar).
Not all decentralized messengers are the same, they are decentralized in different manners.
Or controlling voicemails. Not using the SIM*
This is what I get for replying when tired.
Sadly the overwhelming majority of users depend on the cellular network by using data. The Dialer and Messages app are mandatory as they are system apps, and their removal would break things. Some people may have to call their carrier number to manage their data plans or othe Not using a SIM and using Airplane Mode together is the fix for now.
Using a Pixel Tablet avoids all this stress as it has no cellular data, so we recommend that for people desiring to avoid the network as a whole. If they make a new generation Pixel Tablet this year then there should likely be memory tagging support too and seven years of updates.
I do agree Google has a habit of making a product and then killing it, but I have no concerns over Pixels. Worst case scenario is they make a different device lineup with a new name (like how we had Nexus before Pixel) but that's completely out of the question I think.
There's absolutely nothing to suggest that. Pixels have been a successful phone lineup and Google extending the minimum support period for Pixel 8 and later and expanding form factors by making tablets and foldables should suggest the opposite - guaranteeing they'll support those phones for 7 years is a big statement to make.
We have always said we'd like to see other OEMs meet our security requirements or work with us to make a device for GrapheneOS, but, we have no concerns on Pixels.
#m=image%2Fjpeg&dim=330x330&alt=QR+Code+with+logo+of+GrapheneOS+embedded+in+background%2C+linking+to+grapheneos.org&blurhash=U98rU%40-j%7ETxr-lE7%24%7BNL%7ET%24%7D%5EwxXxWNIxXR-&x=97dc77e398046a3a84cb6c5baff533389329c246df98c50b011699c0e8d3a14f
Replying to this as an update: the new addition was unfortunately a new color for the Pixel 8 - no new phone!
Wait til May for the 8a like the years before.
GM!
The sats pending from Stacker News have arrived to me (in 5 days) finally. As seen on my feeds I have sent equivalent payments to the #GrapheneOS Foundation already in fiat incase I didn't get them. I will add on £10 to that original donation to count for the extra. I had a reasonable amount of sats stacked from SN before I moved closer to the GrapheneOS project too, so they will be used to support my own personal endeavours. You can check my post history there to confirm that if you have doubts.
What do you think I should do with my sats? Since I sent £25 equivalent in fiat in case I have far more sats for myself. Would love to help a Bitcoin only business or I can send more to the foundation. Whatever you guys prefer.
When withdrawals are pending on SN, you lose access to the funds, and so I had to wait until the invoice removed in 5 days to have the sats again. Still unsure what happened as I have a huge amount of inbound liquidity and enough to pay fees with. Oh well, everything is good now.
Thank you all again!
#GrapheneOS does not bundle other apps. On install all you will get is the required apps for critical OS functionality, AOSP derived apps, and GrapheneOS services like Auditor.
This is intentional, you can set up GrapheneOS the way you want. From an suite of FOSS apps down to using it like a day to day smartphone, any setup works providing the apps are free from Play Integrity.
#m=image%2Fjpeg&dim=1000x1000&alt=Image+of+Google+Pixel+smartphone+with+GrapheneOS+home+screen+in+center+of+image+with+black+background+with+texture+comprised+of+GrapheneOS+logos.&blurhash=U01yLPof00RjD%25ay-%3BofIUfQxuj%5B%3Fbof9FRj&x=36b24662cb83c3f8fcf998d202d892065a3eae7c8934aec3077757d9933a83c3
Pixel 8 has the best security with hardware Memory Tagging support. A Pixel 7a is the best for value and lifespan. A pixel 6a is the cheapest of all supported devices with more than a year of support left.
Worth noting Google is making an announcement for Pixels in a few days... Pixel 8a?
How long can GrapheneOS support my device for?
Whenever it is ready. 🧐 The feature is critical for some users and so it's being thoroughly worked on to ensure it's reliable.
You can find the commits made here:
Duress feature: https://github.com/GrapheneOS/platform_frameworks_base/pull/391
Duress feature settings UI: https://github.com/GrapheneOS/platform_packages_apps_Settings/pull/103
We come around a lot of people running Duress / device erasure killswitch apps like Wasted or an MDM solution to try and protect their device from seizure. They don't work.
A duress app can have the erasure process cancelled by holding down the volume button to move to Fastboot mode. This cancels the erasure, and worse, the reboot performed is a warm reboot meaning that sensitive data like device credentials remain in memory.
When we reported vulnerabilities used in forensic companies targeting Pixels, the evidence acquired was a video they used marketing their bypass of erasure apps. This company in particular advertises cold boot attacks, dumping RAM to brute force the credentials. This meant for people relying on those apps outside of GrapheneOS, they weren't just bypassed - their credentials would have been brute forced if not good enough.
Many scammers selling 'secure' mobile devices which are just phones running other operating systems with an MDM app on it for 'remote erasure' or duress features mislead customers. Their methods are not foolproof. They are the same level as EncroChat or ANOM.
GrapheneOS have been developing a duress PIN feature that works without an unsafe reboot, the reason it's took time because it had to be done with a new, unique method and not relying on insecure implementations like other apps or operating systems. It is in testing. We also have been suggesting fixes to these other problems by anti-reset attack mechanisms like zeroing sensitive memory or making MDM reboots safe.