The graphene phone has the SIM card.
Now how does that phone share a VPN connection with the laptop? Or another phone that’s not graphene?
And my requirement for my scenario is, the upstream carrier cannot tell that the traffic is not coming from the graphene phone
I’m not sure I understand your architecture.
Let’s say I’m traveling. I have two phones and one laptop
One of the phones has a SIM, unlimited data for the phone, and no data available for tethering. The Sim phone has a VPN
In your use case, how do I get other phone, and the laptop to use the VPN?
How do you like the cross profile notifications? What’s your workflow? Do you have multiple profiles active at the same time?
Sure, that’s a nice to have. However, I don’t install any apps on my phone that don’t need the network. So for my use case it’s a bit moot
My three banking apps work fine. Ymmv
https://www.privacyguides.org/en/android/distributions/#aosp-derivatives
https://eylenburg.github.io/android_comparison.htm
I am a GOS user, it just works, so I don’t really think about it. It’s very nice to have storage and contact scopes.
My only complaint is I can’t share a VPN over hotspot or tethering, which is very useful for a travel router device (to make all traffic look like it’s coming from the phone). (Lineage and calyxos have this)
This is the moral hazard of tying revenue to something bad.
Windows is enterprise, nothing else comes close if you want to manage many hundreds or thousands of computers.
Enterprise Windows has full control, everything can be automated, everything can be removed. All the annoyances you have in retail windows disappear. It’s just a group policy rule, which is managed centrally, away.
Prevent users from installing apps? Lockdown what devices can be plugged in? Windows makes it possible
HyperV on windows is a super power for enterprise. Want a locked down environment, run it in A VM. Want a qubes experience, do it in hyper-V.
Yes. Almost exclusively using crypto.
I don’t want reminders to donate again, I don’t want to be targeted in future marketing campaigns, I don’t want to receive political call to action emails as a ally.
I want to support and be done with it.
Typically the attacks don’t take 10 hours… they take seconds, what takes time is getting the captured device a laboratory and the laboratory having time to look at it. So what will happen usually is the phone is put into a faraday bag, hooked up to a usb charger, and put on a shelf until the laboratory can get around to it.
Once the lab starts attacking the phone, it could take seconds as I said above, but some attacks are more involved requiring the phone to be disassembled and leads soldered onto the board. The restarting is about reducing the time the lab has before they can start and finish their attack
The same process applies to computers and laptops as well, there are lots of mouse jigglers for sale to prevent a screen saver from going on.
Firefox lets you set default site settings, make the default site setting disable autoplay audio and video.
For sites where you know you trust the video, you can do a per site permission in the URL bar saying autoplay is allowed for like YouTube
Fdroid is introducing another trusted party to your supply chain, which should be a factor in anyone’s threat molding.
https://f-droid.org/docs/Reproducible_Builds/ However, with reproducible builds now a package is built and signed by both fdroid and the original developer, so you get a net security benefit of having a third party attesting they can independently reproduce the binary from source. Problem solved right? Well, yes but mostly no. Most projects and packages don’t have reproducible builds, so if your using fdroid for most packages your still trusting droid.
I think a lot of the online hate comes from people making assumptions that their use case and threat model applies to everyone. That’s why I prefer discourse where we just talk about the attributes and not “you should”
Tap to pay is not supported on GOS due to a google certification issue, i.e. GOS can’t in good faith spoof the google signing keys like some other ROMs do (because google could break it at any time)
We have a !monero@monero.town Lemmy community. Come join us we are happy to talk
If your objective is to punish Google, or to have nothing to do with Google. I completely agree with you using a pixel phone just doesn’t make any sense. You shouldn’t do it
If your objective is to have the most security possible… Then you should install graphene on a Pixel phone.