Realize that they are just buying data that ANYONE can buy. This is the real danger.

https://www.vice.com/en/article/y3pnkw/us-military-bought-mass-monitoring-augury-team-cymru-browsing-email-data

right? we should give every transaction to the state to stop bad guys.

hi wravoc, good to see you again and i must say your git page is looking sweeet

the bots and down-vote brigades are outta control

It’s really the only choice for a secure and FOSS mobile device. GOS addresses most of the SIGINT associated with phone tracking.

• disabling wifi autoconnect to prevent bssid pings
• auto reboot feature
• auto disable bluetooth feature (prevent bluetooth mac leaks)
• airplane mode is never auto disabled after system upgrades … which is a requirement to prevent cell tower triangulation
• usb-c data transfer disabled if the phone is locked
• secure hardware to prevent physical attacks and evil maid
• and many many more…

https://grapheneos.org/features

you could use shelter to create a work profile with google services framework installed… then freeze the profile when not in use

Pixel GrapheneOS gangggg

Wow this comment section looks like a Raytheon board meeting.

deleted by creator

Depending on your vehicle… It’s possible to remove all the Nanny tracking via some DIY hacks or even a call to “opt out”

If you’d like to be able to search for house addresses in osmand+ you can download these map packs… A total life saver…

https://github.com/pnoll1/osmand_map_creation

If you think Fdroid security is on par with Google security… then I got a bridge to sell you

An upstream compromise that affects downstream hosts. A good example is the NPM supply chain attack -> https://hackaday.com/2021/10/22/supply-chain-attack-npm-library-used-by-facebook-and-others-was-compromised/

The diminished security resulting from the increased likelihood of a (single point of failure) supply chain attack.

Yes its possible for malicious devs to trojan apps, but due to apk signing it is much more difficult for a third party entity to induce a supply chain attack, which is my real concern when it comes to phone security.

If you have a lower threat model, this post isn’t for you…

Sure, atleast you admit there’s a trade off (security) for (FOSS) and maybe some additional privacy.

People should be made aware of the risks and choose according to their threat models, which is why I’ve highlighted some of these issues to begin with.

What’s gonna happen when hackers take over skynet?

Sounds like the perfect opportunity for GrapheneOS

Doesn’t affect the end user… beyond diminished security. Are you implying I should trust Fdroid devs as much as I would trust Google devs?

Sure, I’ll spell it out for you since apparently the point went right over your head. Fdroid devs are a single point of failure by signing every application themselves. This introduces a potential for supply chain attack, not to mention Fdroid running on EOL servers.

When you use an individual dev repo, you can avoid any trojanized apps from Fdroid because the developers maintain their own infrastructure and sign their own apks.

That’s called… D I S T R I B U T E D T R U S T

You can’t use online maps anonymously. Even if you downloaded offline Google Maps, you cant trust Google not to upload your historical data the moment you get internet connection.

Organic Maps and Osmand+ work on Graphene without google play services and 100% offline.