hardened_malloc
Our great sponsors
platform_frameworks_base | hardened_malloc | |
---|---|---|
9 | 652 | |
65 | 1,158 | |
- | 3.4% | |
9.9 | 7.7 | |
6 days ago | 6 days ago | |
Java | C | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
platform_frameworks_base
-
Korean Smartphones Have Mandatory Shutter Sounds, 8 in 10 Want It Muted
As always, GrapheneOS disables this anti-user crap:
https://github.com/GrapheneOS/platform_frameworks_base/commi...
-
CalyxOS 4.13.2
- run the build, wait 2 hours, flash it
Now.. there's no such thing as "CalyxOS compatibility layer" in Calyx. Yet, there's no difference in user experience - none of my daily apps are/were broken on either Graphene+Play services from their store, stock CalyxOS+MicroG or on Calyx+GApps. (Except last time I've used Apps on multiple user profiles, there was a lot of trouble due to different versions being installed iirc)
Taking privacy concerns into account, there might be some difference.. but once more, going through gmscompat code, I see mainly hacks about letting this app pop up this activity this time, faking this permission that time, etc [1].
Yes there's a layer that isolates some calls, but I just cannot see how it's supposed to alter user experience. Now, spinning an isolated "sandbox" (which is likely impossible, as IPC/binder/shared data and services model is fundamentally broken anyway) with just a couple apps on a separate google account - all restricted from having access to sensors, etc, having device ID's spoofed and having separate network isolation - would be a real game changer, but its a niche need, with semi-available solutions (sandvxposed, vmos, waydroid on docker on android), and it would likely violate every line in Play Services' TOS meaning it won't happen on a public OS.
Calyx cares about their users in a kind of a quiet wau, yet there's a ton of activity on their tracker.
GrapheneOS cares about giving privacy to more users I suppose, so that explains their marketing strategy and parts of their code being what they are (hardened libc? definitely cool. Yet I've not seen any public exploit that could bypass e.g. stock AOSP's libc with _FORTIFY_SOURCE since 2015).
End user experience, though? No real difference, thus no superiority. And people in need of "hard" sandboxing would just buy a box of burner phones anyway.
1. https://github.com/GrapheneOS/platform_frameworks_base/commi...
P.S. What about that SafetyNet certification on either OS?
-
Struggling getting "Shelter" app to work
I think this might actually be a fix for it: https://github.com/GrapheneOS/platform_frameworks_base/commit/efc548c178abfb9c32854f026105c3d720f53be1
- Recent upgrade to LOS 19. Little green dot keeps popping up every minute or so in upper right corner of screen. Says location "Being used by Phone Services" despite location toggled off and Phone Services not having permission to access location. What's happening?
-
Google releasing one last Pixel 3a and 3a XL update, arriving ‘by July’
Allowing revoking network access to better prevent data exfiltration: https://github.com/GrapheneOS/platform_frameworks_base/commit/86bb94b8def3b6f97a984f346950df7ab74f8a96
-
Question about Datura firewall. Is this "fixed"?
Fun thing to know https://github.com/GrapheneOS/platform_frameworks_base/pull/132
-
Which android applications allow for push notifications without google play services?
But in the git https://github.com/GrapheneOS/platform_frameworks_base/pull/78 it says it will be able to run the Google play services, including GSF, which is to my knowledge responsible for the notifications, or am I mistaken?
-
Phone for all or most major privacy OSs
Removing sensor access to applications which significantly reduces the availability of privacy-sensitive data: https://github.com/GrapheneOS/platform_frameworks_base/commit/4717a544f817e0a0cf730223a68fef8d06734356
-
[Request] Implementing secondary profile log out.
Link to their commit for logging out of profiles - enable secondary user logout support by default
hardened_malloc
- WhatsApp forces Pegasus spyware maker to share its secret code
- EncroChat
-
Popular XMPP App "Conversations" Removed from PlayStore by Google
Relevant copypasta:
Fellow humans, there are alternatives to Google and Apple! Your neck need not be under anyone's boot! You don't even need to give up any functionality:
Data service:
The simplest thing is to buy a prepaid SIM and top it off with cash. The lovely people over at /r/nocontract maintain a big spreadsheet so you can filter by various properties of the available contracts.
Another way to go is to pay for a postpaid plan with a virtual credit card (VCC) like at privacy.com. It won't be linked to your name at the telco, but of course privacy.com knows who you are. There is also Abine Blur, and some others.
Yet a third way to go, which is nascent, is buy an eSIM with crypto. You can also buy prepaid VCCs with crypto.
An interesting new choice is PGPP https://invisv.com/pgpp/ who rotate your IMSI and do some other cool stuff. It works by e-sims.
All these methods make you /pseudo/nymous, but obviously you're still identifiable by subscriber number and possibly IMEI, to put aside correlational things like your traffic profile. You can help this problem by routing everything through a VPN. Then you're pseudonymous but the cell carrier knows nothing about you other than that you use a VPN. Pay for the VPN with crypto. Of course now the VPN provider knows your traffic, but you're much more anonymous to them than you are to a telco. You make your choices. Defense in depth. Etc.
OS:
GrapheneOS: https://grapheneos.org/ Very much like Calyx, but extra-hardened and with no MicroG. No involvement with Google at all by default. You can make a secondary profile in which you install Google Play Services to set up an environment where you can run unprivileged Play services + whatever crapware you need that requires them. Unprivileged here means it's like any other app: if you don't give it access to your location, it won't know where you are. If you end the profile session when you leave, Play Services stops running and stops talking to Google.
CalyxOS: https://calyxos.org/ Privacy-respecting Android distribution that replaces Google spyware with MicroG, so you can have your cake and eat it too. Most everything will work as you're used to, but it does still talk to Google to make that happen.
LineageOS: https://lineageos.org/ The successor to CyanogenMod, will work with many different phones. More privacy and control than stock Android.
There are also many others: Sailfish, Replicant, e
Hardware:
CalyxOS and GrapheneOS run best on Pixels. The path of least resistance is to get one of these phones and run GrapheneOS with Google Services installed in one profile or other.
You could also buy a Librem 5 https://puri.sm/products/librem-5/ If privacy and security and hacking are really important to you.
Or a pinephone: https://www.pine64.org/pinephone/
Neither work very well by regular standards, but they're cool :-)
-
LineageOS is currently installed on 1.5M Android devices
It might be worth to switch to GrapheneOS if you have Pixel phones: https://grapheneos.org/
It is a more serious project than LineageOS in the sense that they take security very seriously and they take their development more professionally too. There are no disadvantages to using GrapheneOS compared to LineageOS.
You can see a comparison here: https://eylenburg.github.io/android_comparison.htm
- Apple Announces Changes to iOS, Safari, and the App Store in the European Union
- No new iPhone? No secure iOS: Looking at an unfixed iOS vulnerability
-
Recommendations for an Android repair shop?
If it still powers up but just won't boot you could try installing https://grapheneos.org/.
-
Iphone Vs Android
On 4thgen Pixels and up you can install GrapheneOS which is a security and privacy focused Android build. It does not come with any Google services pre-installed but you can put them on. https://grapheneos.org/
- Suche Handy empfehlung bis 250€ max.
-
Are you happy
yes... will also de-google it cuz we can install GrapheneOS and also close the bootloader