this post was submitted on 31 Dec 2024

397 points (98.1% liked)

Technology

70528 readers

3744 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related news or articles.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

L3s@lemmy.world

enu@lemmy.world

technopagan@lemmy.world

L4s@lemmy.world

L3s@hackingne.ws

L4s@hackingne.ws

397

LineageOS now officially supports the Pixel 9 series (9to5google.com)

submitted 5 months ago by cm0002@lemmy.world to c/technology@lemmy.world

71 comments fedilink hide all child comments

top 50 comments

sorted by: hot top controversial new old

[–] wise_pancake@lemmy.ca 35 points 5 months ago (7 children)

Anyone using Lineage? How is it?

I’ve got a Pixel 7 and have been wondering

[–] sem@lemmy.ml 60 points 5 months ago (3 children)

To be honest I do not see any reason to use Lineage with Pixel while there is GrapheneOS... But maybe there will be some users of it: it is always better to have more free open OS

[–] sunzu2@thebrainbin.org 24 points 5 months ago (1 children)

The only use case i guess if you prefer microG implementation v sandboxed GPS.

I think GOS model will end up being proven right from security/privacy perspective but the debate is ongoing.

GOS chief should not be in any public facing communication position though... that weaponized autism with heavy dose of paranoia is what is needed to develop GOS but not a good look objectively, and I give people a lot benefit of doubt.

[–] bradboimler@startrek.website 9 points 5 months ago* (last edited 5 months ago) (1 children)

I use GOS and agree with you completely some of the things GOS has done and said in the past should have never happened and hurt GOS more than it helped it. Also on the micro G front You are correct still being debated but as long as Micro G is signature spoofing it is my opinion it is not secure as signature spoofing requires kernel changes that in fact weaken Android's security model.

[–] cmhe@lemmy.world 17 points 5 months ago (1 children)

Maybe an unpopular opinion here, the Android security model is based around trusting the vendor of the device or ROM more than the end-user, which I find wrong in principle. The origin of trust needs to be fully in the hands of the owner of the device. Otherwise you take away the self-determination of the users, and that should never be an option when it comes to security.

Users themselves should be able to give or take away trust however they choose, and if they are unsure on whom to trust for certain things, they should be able to delegate that trust-management to a third-party on their own accord and with the ability to revoke it at any point.

Everyone is different, and trusts entities to different degrees. For instance I would trust MicroG more to only transmit data that is absolutely required to google servers, than the gapps.

Also, modifying the kernel is already done by google, in order to provide hardware support, so patching it additionally doesn't automatically make it more or less secure. That depends on what those patches do, and if those patches are properly maintained.

[–] bradboimler@startrek.website 3 points 5 months ago* (last edited 5 months ago) (2 children)

Correct but GOS reverses alot of Google patches like always on voice requires kernel privalage it is disabled on GOS etc. But kernel level signature spoofing gives way for a malicious app to spoof as micro g and infect your device and you would never know because micro g requires the same thing to function it is making itself look like Google when it is not google. So using microg opens your device up to allot more ways for it to be compromised and also makes it harder to detect or notice once it is compromised. For me the security risk of kernel level spoofing is way to high to use on a production device used everyday. Also I trust neither Google or microg I only use Foss apps I don't have Sandboxed play services installed at all I just don't use Google anymore.

load more comments (2 replies)

load more comments (1 replies)

[–] RelativeArea0@lemmy.world 14 points 5 months ago (1 children)

its alright, it kept my "supposed to be dead" phone to keep on running with latest stuff, i like the built in firewall, but if you're privicy focused then this is not for you.

[+] EngineerGaming@feddit.nl 12 points 5 months ago* (last edited 1 week ago) (1 children)

[deleted]

[–] bradboimler@startrek.website 10 points 5 months ago (3 children)

Once LinageOS is installed your bootloader is always unlocked so anyone who finds your phone if lost owns it. GrapheneOS and a few other ROMs I forget the names of allow the bootloader to be relocked keeping android security model intact allowing the device to still be secure.

[–] patatahooligan@lemmy.world 7 points 5 months ago (3 children)

Is the bootloader really that important for a lost phone? If someone finds your phone can't they just tear it apart and read the storage with external tools? A locked bootloader sounds more like an anti-tampering measure and not for protecting your phone's content after it's lost.

[–] WhyJiffie@sh.itjust.works 8 points 5 months ago

If someone finds your phone can't they just tear it apart and read the storage with external tools?

that's not the problem that BL locking solves. this is solved by storage encryption. BL locking solves 2 other problems:

helps keeping stolen phone from being wiped, though maybe it's not 100%
makes it much harder to plant malware on your phone while it's not with you

[–] CrazyLikeGollum@lemmy.world 5 points 5 months ago (1 children)

It is largely an anti-tampering measure. Without it you could have things injected into the system. For example, a stalker could install a hidden tracking program as a service and then return your phone without you knowing.

Iirc it's also a prerequisite for full-disk encryption on modern android. So, without it your user data is available to be dumped in an unencrypted state. Most phone thieves are interested in reselling the phone, so they're provably not going to go through the effort and risk damage to the phone just to dump encrypted data from the chips directly. However, if it's just available unencrypted from fastboot why not dump it? They could get info that could be used to blackmail or scam you or people you know. Or they could just sell the data.

[–] vividspecter@lemm.ee 2 points 5 months ago* (last edited 5 months ago) (1 children)

Iirc it’s also a prerequisite for full-disk encryption on modern android.

How modern? It's still working on Evolution X with Android 14 (although maybe it needs custom rom support).

It would be a bit less secure since the bootloader itself could be compromised, however (but I wouldn't be concerned about random thieves/snooping in this case).

[–] CrazyLikeGollum@lemmy.world 4 points 5 months ago

https://source.android.com/docs/security/features/encryption/file-based

I did not remember correctly, kind of. From AOSP, Android 7 and later use file-based encryption (FBE) rather then full-disk encryption (FDE). FBE is dependant on verified boot, which itself requires a locked bootloader.

Custom ROMs may have back ported FDE, modified FBE, or implemented their own encryption.

load more comments (1 replies)

[–] communism@lemmy.ml 3 points 5 months ago (3 children)

That would be a security issue, not a privacy issue. Maybe that was what RelativeArea0 meant but if so I think that confused people because "privacy" implies somehow corpos/the state is spying on you through Lineage

[–] WhyJiffie@sh.itjust.works 3 points 5 months ago (2 children)

LOS has privacy issues though, if I remember correctly. like, default DNS server is 8.8.8.8of google, assisted gps contacts a global server of I think qualcomm to speed up getting a GPS fix, and others I don't remember now

load more comments (2 replies)

load more comments (1 replies)

[–] sic_semper_tyrannis@lemmy.today 9 points 5 months ago

It's annoying to upgrade between whole number android versions.

[–] Appoxo@lemmy.dbzer0.com 7 points 5 months ago

I used it extensively ony Samsung Galaxy S4 until Android 9 or 11. Was very good (model jflte(xx))

[–] pirtedad@lemm.ee 4 points 5 months ago (1 children)

I was planning to move to Lineage, and eventually GrapheneOS (non Pixel at the moment) but revolut has broken compatibility by enforcing the use of the Play Integrity API, revolut is my main bank so I'm kinda blocked, for now... 🤬

[–] bradboimler@startrek.website 13 points 5 months ago* (last edited 5 months ago) (2 children)

My last bank did that so I switched banks my new bank app works without any play services installed on GOS.

[–] WhyJiffie@sh.itjust.works 5 points 5 months ago

that's the spirit

load more comments (1 replies)

load more comments (2 replies)

[–] kittenzrulz123@lemmy.blahaj.zone 9 points 5 months ago (4 children)

I dont get why anyone would use LineageOS on a phone that new and that well supported by custom roms (GraphineOS, /e/os, etc)

[–] Mwa@lemm.ee 11 points 5 months ago (4 children)

True But maybe might be helpful if the phone hits EOL?

load more comments (4 replies)

load more comments (3 replies)

[–] BigTrout75@lemmy.world 8 points 5 months ago (3 children)

How safe is Lineage?

[–] gubblebumbum@lemm.ee 5 points 5 months ago (1 children)

Their devs dont really care about security so id say its not safe at all.

[–] dko1905@discuss.tchncs.de 14 points 5 months ago (1 children)

Any source on this?

Lineage allows people to have newer android/security patches on end-of-life phones, that's a pretty good security argument.

[–] gubblebumbum@lemm.ee 3 points 5 months ago* (last edited 5 months ago) (1 children)

https://madaidans-insecurities.github.io/android.html#lineageos

https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation

load more comments (2 replies)

[–] ramenshaman@lemmy.world 4 points 5 months ago (3 children)

I connect my glucometer (Dexcom G6) with my phone and I'm assuming lineage wouldn't work with it.

[–] cm0002@lemmy.world 16 points 5 months ago (10 children)

Lineage is just Android, however, some apps (Usually banking apps are the worst offender) throw a fit running on rooted/custom roms, though it's usually bypass able with varying amounts of effort. I would not expect a glucometer app to have issues, but I've seen apps throw that fit for less in the past.

Being a medical thing, I'd advise you to pickup a cheap used Android phone that's also on the supported list to test out your app first, or at least have an alternative means of monitoring it

I did some Google searching and it came up... inconclusive, though the Dexcom website has this blurb on the compatible phones section

"You can use this app on any OS that meets the minimum requirements, but Dexcom recommends not updating to a new OS before it's listed here."

And the only minimum requirement for Android is that it's v10. I also didn't see mention of root/or "unauthorized OSes" on that page and alot of the times they will put something like that if a companies app will scan for root/custom roms

So, you might be fine

load more comments (10 replies)

[–] bradboimler@startrek.website 8 points 5 months ago (1 children)

Works on GrapheneOS

[–] ramenshaman@lemmy.world 3 points 5 months ago

Oh damn, good to know

[–] compostgoblin@slrpnk.net 3 points 5 months ago (3 children)

Out of curiosity, why do you think it wouldn’t work?

load more comments (3 replies)

load more comments