[ home / rules / faq / search ] [ overboard / sfw / alt ] [ leftypol / edu / labor / siberia / lgbt / latam / hobby / tech / games / anime / music / draw / AKM / ufo / 420 ] [ meta ] [ wiki / shop / tv / tiktok / twitter / patreon ] [ GET / ref / marx / booru ]

/tech/ - Technology

"Technology reveals the active relation of man to nature" - Karl Marx
Name
Options
Subject
Comment
Flag
File
Embed
Password(For file deletion.)

Check out our new store at shop.leftypol.org!


 

Graphene OS is not degoogled. Recent revelation of security researcher mike kuketz reveals the thruth:

https://www.kuketz-blog.de/grapheneos-warum-android-eine-verbindung-zu-gstatic-com-aufbaut/

The "privacy" ROM connects to Google's gstatic.com for Certificate Transparency logs. While no app data is leaked, Google captures the user’s public IP address and exact request timestamps during these background HTTPS connections.

This enables tracking via cross-correlation: If you open sandboxed apps like X or Instagram, they log your IP. Since Big Tech cooperates and shares telemetry data, Google can match the gstatic connection timestamp with your app activity IP, instantly identifying your GrapheneOS device.

YOU HAVE BEEN LIED TO.

Wasn't there a thread dealing exactly with what situation you are talking about? Using shit like twitter and instagram on graphene and how retarded that is??
Also, any VPN and Tor can easily fix this.
Another point I would like to make is the sheer signal to noise ratio. There are like a billion active connections to these services at any given instant, baisically guaranteeing that atleast 2 connections will have the same time stamp.
You are just grabbing at straws, and fundamentally do not understand graphene's threat model.
Security /= Privacy

>>33572
>Also, any VPN and Tor can easily fix this.

You can't use the modern internet with VPN/Tor and you know it.

>>33572
>You are just grabbing at straws, and fundamentally do not understand graphene's threat model.
Security /= Privacy

graphene devs say all the time their rom ist the most secure AND private rom ever. the graphene os propaganda always goes like this: "you want to fully degoogle? use graphene!"

this is a lie. graphene os is not 100% degoogled. its just a empty marketing slogan. a lie.

>>33573
i use a vpn all the time wtf r u on about

>>33571
Even if no content or account data is transmitted, Google sees the user's IP address and the exact timestamp with every request. For example, if the smartphone always fetches these lists when the charging cable is plugged in (as described in the article), Google could theoretically learn via the IP address when the user is at home and charging their device.

>>33582
leftypol, 4chan and all other big tech platforms block vpns. you know that.

Simply take an Olinuxino (like a OLinuXino A64-OLinuXino) w/ USB-to-PCIe adaptor running an ath9k PCIe network card (use an AR9271 USB adapter). Attach a MIPI DSI LCD capacitive touchscreen that's Linux compatible. Wipe any Google services and patch them up with open source replacements (like using GNU Icecat instead of Google Chrome or Samsung Internet). Plug the Olinuxino into your default ISP router so the device can serve as a mobile computer + open 802.11 IP over DHCP router. That's the only safe way you can use Android. Just add a 3D printed plastic display case and you're done.

Maybe your fucking nordvpn lmao L retard

>>33588
posting this on a vpn

>>33587
If you really had read the article, it also says that this was a thing that has only recently surfaced and an alternative is being worked on.
its kind of a cat and mouse game, what else is there to say about it?
>>33573
nvm it is a retard
/tech/ has got to be the worst board on this site in terms of actually being useful

File: 1782564864462-2.png (241.2 KB, 1053x1187, 1782564050134580.png)

I love how they heavily criticize competing projects making inaccurate claims in their marketing about being degoogled and private, while their own FAQ flat out lies about the connections the OS makes by default.

https://grapheneos.org/faq#default-connections

>>33592
the issue is known sine MONTHS but graphene devs tried to sweep it under the rug. they only started to care about it, when this security researcher made a post on mastodon.

>>33590
t. glowvad user

>>33571
>Since Big Tech cooperates and shares telemetry data,
fucking source? they hate when competitors get their data lmao

>>33595
FUDhog

>>33593
Let's place a bet: will GrapheneOS correct its misleading FAQ?

>Your ISP/VPN provider sees your entire browsing history.

>As soon as you use an account-based service (Amazon, YouTube, X, TikTok, etc.), you are tracked 100% of the time, regardless of whether the app is sandboxed or not.


>Installed apps can easily detect GrapheneOS, making your device's fingerprint highly unique within their networks due to the small user base.


OMG THIS IS THE MOST PRIVATE PHONE EVERRR!! I HAVE OUTSMARTED DA SYSTEM!!!

>>33624
get better material glowie, nobody is falling for this shit

>>33625
OOHHH NOOOO

Bug. Already fixed. Check OP's original link for the update.

there is no way to use the internet privately except to not use it at all. but society pressures you to use it. so the real trick is to use it in a way society approves of. but society is always changing, and what society approves of one day becomes condemned the next. so maybe there is no magic bullet. maybe everything is crazy and bad all the time and the only important question is whether it is finally time to end it, before "they" (whoever) finally get you and torture you.

>>33628
>there is no way to use the internet privately except to not use it at all
Privacy isn't binary. You can do things to improve your privacy even if you can't reach 100%.

File: 1783011922250-0.png (35.56 KB, 332x433, ClipboardImage.png)

>>33626
Suck my dick, MI6

>>33626
Hahaha okay finally you prompted out a good one.
Have seen all of your trashy shares but this one actually is funny. Congrats.

I LOOK LIKE THIS AND I DO THIS (SANS XITTER) ON REGULAR INTERVALS
you still are required to have certain apps for certain institutional functions in certain bourgeois states today!
Drawer is a good trick if your phone is so bad that it can't have its battery removed!

What if the GrapheneOS infrastructure is the real problem?

>>33637
Now apply the same scrutiny to literally anything else. Start with the "standards" of the technology most workers use.
Take your time.

>>33637
what if the real problem is you trusting gemini to not be biased towards projects that hurt google? If you really distrust the infrastructure so much, why even rely on gemini to help you draw conclusions?

>>33637
Even if the GrapheneOS devs are legit, their infrastructure is hosted entirely by third parties in "14 Eyes" countries.

>>33638
>Now apply the same scrutiny to literally anything else.

I do.

>>33639
Qwen, z.ai and dola say the same.

>>33642
Aren't these also made by big tech? Just say it already man that you hate organically grown foss projects and love lapping up to big tech

>>33643
>organically grown

you mean astroturfed.

>>33644
gr8 b8 m8 i r8 8/8


by asking chatgpt to make these "funny" strips you probably already are on like 10 watchlists lol

>>33647
its ok. someone has to do it.


There is no reason to trust the Graphene devs. Whenever you ask them a simple question, they always respond with a wall of text. Anyone who answers with walls of text instead of speaking plainly is always hiding the truth.

>>33658
just say that you are a retard who needs constant ai slop and memes to validate his cynical beliefs of being above some of the most brilliant minds the android security research milieu has

Could the Graphene developers deliberately send malicious updates to a specific user and thus specifically monitor certain devices?

File: 1783163541855-9.jpg (102.57 KB, 1280x720, maxresdefault.jpg)


File: 1783185290472-6.jpg (175.98 KB, 926x500, avv8g5.jpg)


>>33658
>>33669
baseless FUD.
>>33661
Arguably any OS could.
>>33666
Already patched, keep up.
https://www.kuketz-blog.de/grapheneos-warum-android-eine-verbindung-zu-gstatic-com-aufbaut/ (OP's link, now includes this update:)
>Update 30.06.2026
>GrapheneOS has now implemented the announced change (version 2026062800). By default, the Certificate Transparency loglists are no longer loaded directly from Google's gstatic.com, but are provided via GrapheneOS servers. The setting can be found at: Einstellungen -> Netzwerk & Internet -> Certificate Transparency downloadsDefault is there GrapheneOS server.
>Alternatively, the default (Google) server can also be selected or the downloads can be deactivated completely. However, you should not disable the function without reason. GrapheneOS points out that Certificate Transparency is an additional TLS security check for WebPKI certificates. If you shut down the downloads, you can weaken this exam for apps that force Certificate Transparency.

File: 1783348889035-7-0.jpg (1 MB, 1995x3934, image.jpg)

Why isn't the Chinese state interested in GrapheneOS? Why is it allowed to openly discuss it on the Chinese internet?

Because GrapheneOS is a tool used by Western intelligence agencies to monitor Western dissidents. That is why China doesn't care about it.



GrapheneOS is a for-profit enterprise.

Why?

They rely 100% on donations. No donations mean no project development.

That is why GrapheneOS puts so much energy into PR. They have to convince people that their product is trustworthy, because that is the only way to bring in donations. Without donations, GrapheneOS is finished.

Therefore, Micay’s obsessive posting is not the result of personal quirks, but actually the result of economic pressures.

>>33626
>>33646
>>33650
>>33686
>>33687
I'm convinced nobody actually uses graphene because it's all slop on both sides. I've only met one graphene user and he was a kinda chuddy /g/tard.


Is it theoretically possible that the GrapheneOS code was analyzed using Mythos and a large number of vulnerabilities were discovered that are not publicly known? And who might be in possession of these vulnerabilities?

>>33689
I used Graphene on an old phone. I damaged a screen and could not get a working replacement because the store in town does not touch rooted android devices for unknown reasons related to certifications. Now I use Google Android. ☹️

Blindly trusting an operating system just because it claims to be private is the ultimate security flaw, isn't it? 🤔

>>33693
graphene is android.

🍕🍕🍕

hmm graphene defenders have become quiet here… i guess i have won?!!!

>>33698
we are just waiting for the mods to ban your ass for the most retarded ragebait ever made but they are severely incompetent


Unique IPs: 29

[Return][Go to top] [Catalog] | [Home][Post a Reply]
Delete Post [ ]
[ home / rules / faq / search ] [ overboard / sfw / alt ] [ leftypol / edu / labor / siberia / lgbt / latam / hobby / tech / games / anime / music / draw / AKM / ufo / 420 ] [ meta ] [ wiki / shop / tv / tiktok / twitter / patreon ] [ GET / ref / marx / booru ]