I just don't comment I saw this on Lemmy and it was quite bad still is in some communities and instances.
bradboimler
joined 1 year ago
No because the data is encrypted especially on Graphene OS and even on stock pixel phones data at rest is fully encrypted and pixel phones also have a onboard security chip as well. So unless you can unlock the user data it would be useless. That is why a locked bootloader is so important it is needed to ensure at rest encryption its a requirement for it.
So contactless is still broken and that is because it is signed by a certificate granted by Google GOS does not have this cert so contactless is. Broken Unless your bank has thier own implementation then it may work. Also if the app your using comes from the play store you must have sandboxdd play services installed or. Yes you are correct notifications will be broken as it relies on play services for them to work but if you use play services sandboxed everything should work minus any app that enforces play services integrity check..
My last bank did that so I switched banks my new bank app works without any play services installed on GOS.
Once LinageOS is installed your bootloader is always unlocked so anyone who finds your phone if lost owns it. GrapheneOS and a few other ROMs I forget the names of allow the bootloader to be relocked keeping android security model intact allowing the device to still be secure.
Works on GrapheneOS
Usenet for me as well and my 32.7 TB NAS.
So I have Aurora in my main profile that allows apps from play store with no play services installed it just uses the open source aurora store and my bank apps all work without playservices. And I don't use streaming services in anyway I buy everything on bluray and then rip it to my server. But with private space on android 15 you can install sandboxed play services in private space and it is 100% seperate sandboxed from your main profile and can use apps like Netflix etc that do require sandboxed play services and then when not using it you can pause private space essentially shutting it all down and preventing any of the apps from running in the background at all. Plus with sandboxed play services on GOS you can control all permissions for play services all way down to network so you can only allow network or more just depends on your personal threat level or how comfortable you are sharing the data. But even with sandboxed play services in a main profile would still be more secure as it only installs the play store and play services apps no AI.
As soon as Apple announced AI for iOS I sold my iPhone 15 and got a pixel and installed GrapheneOS on it and have no Apple or Google services installed all open source. And more importantly no AI.
To my knowledge reddit has always worked like this when a mod removes a post no new users that have zero interaction with the post will see the comments it removes the post from all. But if you have commented in the past or are a original OP or have the direct link to the post the comments will always be there.
This just seperates it into a secondary profile but all apps in your main profile are already sandboxed as well the only apps that are not sandboxed are system apps such as Play services. But you could use the app in a work profile(shelter) under a seperate Google account that would add a bit more anonymity. But android default app sandbox could be more secure there are other custom ROMs that do just that making the regular app sandbox even more secure.
Here is more information on how each android app is sandboxed(except Play Services)
view more: next ›
I would have gotten a 3rd party device but had to opt for the steam deck because of tracpads if it has no tracpads I am not buying it because allot of my games require tracpads.