FairEmail VS platform_frameworks_base

I'm using FairEmail [0] as a client on Android which supports PGP and i am quite happy with it.

[0] https://email.faircode.eu/

FairEmail (version 1.2134): Fully featured email client. Neat, intuitive user interface. Privacy friendly

FairEmail (version 2134): FairEmail - Fully featured, open source, privacy oriented email app for Android

Email Client → FairEmail

Checkout FairEmail https://email.faircode.eu/

FairEmail (version 1.2074): Fully featured email client. Neat, intuitive user interface. Privacy friendly

FairEmail (version 2074): FairEmail - Fully featured, open source, privacy oriented email app for Android

As always, GrapheneOS disables this anti-user crap:

https://github.com/GrapheneOS/platform_frameworks_base/commi...

- run the build, wait 2 hours, flash it

Now.. there's no such thing as "CalyxOS compatibility layer" in Calyx. Yet, there's no difference in user experience - none of my daily apps are/were broken on either Graphene+Play services from their store, stock CalyxOS+MicroG or on Calyx+GApps. (Except last time I've used Apps on multiple user profiles, there was a lot of trouble due to different versions being installed iirc)

Taking privacy concerns into account, there might be some difference.. but once more, going through gmscompat code, I see mainly hacks about letting this app pop up this activity this time, faking this permission that time, etc [1].

Yes there's a layer that isolates some calls, but I just cannot see how it's supposed to alter user experience. Now, spinning an isolated "sandbox" (which is likely impossible, as IPC/binder/shared data and services model is fundamentally broken anyway) with just a couple apps on a separate google account - all restricted from having access to sensors, etc, having device ID's spoofed and having separate network isolation - would be a real game changer, but its a niche need, with semi-available solutions (sandvxposed, vmos, waydroid on docker on android), and it would likely violate every line in Play Services' TOS meaning it won't happen on a public OS.

Calyx cares about their users in a kind of a quiet wau, yet there's a ton of activity on their tracker.

GrapheneOS cares about giving privacy to more users I suppose, so that explains their marketing strategy and parts of their code being what they are (hardened libc? definitely cool. Yet I've not seen any public exploit that could bypass e.g. stock AOSP's libc with _FORTIFY_SOURCE since 2015).

End user experience, though? No real difference, thus no superiority. And people in need of "hard" sandboxing would just buy a box of burner phones anyway.

1. https://github.com/GrapheneOS/platform_frameworks_base/commi...

P.S. What about that SafetyNet certification on either OS?

I think this might actually be a fix for it: https://github.com/GrapheneOS/platform_frameworks_base/commit/efc548c178abfb9c32854f026105c3d720f53be1

Allowing revoking network access to better prevent data exfiltration: https://github.com/GrapheneOS/platform_frameworks_base/commit/86bb94b8def3b6f97a984f346950df7ab74f8a96

Fun thing to know https://github.com/GrapheneOS/platform_frameworks_base/pull/132

But in the git https://github.com/GrapheneOS/platform_frameworks_base/pull/78 it says it will be able to run the Google play services, including GSF, which is to my knowledge responsible for the notifications, or am I mistaken?

Removing sensor access to applications which significantly reduces the availability of privacy-sensitive data: https://github.com/GrapheneOS/platform_frameworks_base/commit/4717a544f817e0a0cf730223a68fef8d06734356

Link to their commit for logging out of profiles - enable secondary user logout support by default