• henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    12 days ago

    I understand the decision. It’s kind of unreasonable to expect a developer to maintain a release without access to reasonably-maintained source to work on.

    • BearOfaTime@lemm.ee
      link
      fedilink
      English
      arrow-up
      5
      ·
      edit-2
      12 days ago

      Yep.

      But in the Real World, what’s the pragmatic difference between Graphene and a well-managed Lineage or DivestOS device, since security and privacy are both managed via layers?

      I’m genuinely not being snarky. I tried running Graphene and had issues, and their support was atrociously condescending and critical, so now I’m running DivestOS instead. I’ve run Lineage on other devices without Google.

      • henfredemars@infosec.pub
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        12 days ago

        I think there’s definitely security concerns which is their highest priority. If the kernel isn’t maintained, security issues aren’t getting patched. You might be able to cobble something together, but there’s going to be holes.

        I think they’re paranoid and that’s not a judgment. Rightly so if security is your first priority.

        • Kernal64@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          4
          ·
          12 days ago

          According to the Graphene OS website, the main issue isn’t even that. It’s that you can’t relock the boot loader on almost any device other than a Pixel. That leaves a huge security hole on the phone, and it’s one that almost all rooted users of other phones have open, whether they realize it or not.