Music. Photography. Thoughts.
… because they don’t have a Pixel phone. GrapheneOS is by far the best mobile OS, and its built-in Vanadium is the best browser engine for Android-based phones. But Vanadium only runs on GrapheneOS, so what should users of other systems choose?
That question was recently asked on the GrapheneOS discussion channel, and the answer was Cromite. And indeed, just look at the long list of features needed to make Chrome a bit more private and secure…
You’re welcome.
Liam Proven writes about Ubuntu Linux – and that’s all very nice to know. As the leading European “corporate” Linux vendor, I wish them luck – and suggest the usage of Ubuntu to our European parliament, the governments in European countries, and of course the business users as well.
Still happily running Debian here, as well as Arch for peeking into the newest stuff. But others in my family are happy with Ubuntu since years. And it’s indeed a nice one, including Ubuntu Studio for artists.
Like always, thanks for reading.
… but only if you run GrapheneOS on them. Here‘s a nice conclusion.
Oh, and for those who still think that they have nothing to hide – a user called “final” has a nice comment about that on the GrapheneOS forum. He wrote:
“GrapheneOS, Google, Samsung, Apple and the greater mobile security community is neither a “potential criminal” or a “malicious actor”. These authoritarian talking points are stale and come from the same playbook as “Think of the children” and other fallacy phrases meant to attack you as being a danger for something as simple as wanting to protect yourself. GrapheneOS protects users against criminals, from hackers, abusers, stalkers and corrupt up to the most capable and wealthy in business and government.
These companies do not engage in ethical practices and virtues that make you a trustworthy member of the security community, like responsible disclosure. A software developer is entitled to know that their software is being or is attempted to be exploited by a wealthy, influential threat actor. What we do against these groups is an act of self-defence. Not trying to do anything about it is complicity against the use of these tools to violate people’s basic human rights. Despite the amount of controls they claim to make on their products, they still cant combat illicit use of it, as seen in Serbia. At the bare minimum, single illicit use of these tools anywhere in the world immediately makes their exploit a cyberweapon that must be neutralised. Them being an exploit alone is the only justification we need to seek disrupting these threat actors’ work.”
More here…
I have written about Google becoming evil before, and that it’s getting even worse. And even if these aren’t really news for me because I’m following the GrapheneOS discussion forum, here is a nice conclusion on what will be their reaction.
The GrapheneOS team prefers to wait with the announcement until that “major OEM” does it. And whoever that is, I wish them both luck, and that this sole secure phone OS will become much more popular over time, and will sell like the proverbial hotcakes. There really is no need to be logged into any big provider all of the time, and that they can spy on your every move, in fact that should be forbidden – it’s NOYB guys!
So in case you want that only secure phone OS right now, get a Pixel 9a which is currently the newest supported device which can run it. Or if you can wait a year or two (like me), then this new and yet unnamed OEM might be the one to get a phone from.
Like always, thanks for reading.
This morning I read that the RaspberryPi OS has a new version, and is now based upon Debian Trixie. And although it is strongly recommended to not doing so, I’ve looked up their short howto on upgrading, and decided to do it. I did *not* de-install pihole, nor pivpn, or the radicale calendar/contact server, so I took quite a risk – but since I’m the only user of the latter two packages, I was okay with potentially losing that.
In the end, it all worked as expected, and I now have a debian_version of 13.1 running on our little DNS sinkhole and VPN and calendar server. Which is cool – but what should I say, it’s Debian after all, isn’t it? My last step was to ‘sudo apt modernize-sources’ after the needed reboot, and that was it – our anti-spam and anti-tracker filter just looks like before:
As always, thanks for reading.
As regular readers of this blog might know, I’m using GrapheneOS on my phone. And no, I’m not using the sandboxed Google services, because I don’t want and need to. In fact, I’m totally off the Google network, not even using their Firebase push service for the Signal chat application, but an alternative one with a fork of Signal called Molly – which works perfect.
My wife recently got a new phone, and copying all of her stuff from the old to the new one was a piece of cake – other than me, she *is* using Google extensively, and so everything is backed up into their cloud anyway, just like others do it with Apple and within that ecosystem. But what do you do if you don’t want any of that, and want a not-logged-into-anything life?
Simple: GrapheneOS comes with an app called seedvault, originally funded by CalyxOS. That, too, could back up into a cloud, but why should you pay for an own cloud service when you can get alternative methods for a one-time payment? A 128GB USB stick at the local drugstore is about 10€ by now, and that’s exactly the size of my phone’s storage (and I don’t really use all of that), so once configured, backups are the proverbial “plug & play” solution. Yep, just like this:
And my October backup just finished faster than I could write this article…
Again, thanks for reading.
… conky is displayed in Arch again, just after login as expected:
I don’t actually know what happened, and what’s the cause that by now I don’t have to restart conky to be displayed (I used Brenden Matthews’ recommended one-liner ‘killall -SIGUSR1 conky’ to do just that until now). And I have to admit that even after all those years in Linux, I still don’t exactly understand Gnome’s initialisation process, with its ‘mutter’ (Gnome’s implementation of the Wayland display server) and so on. What I noticed was that I’ve got extension updates in Gnome, both in Debian as well as in Arch, but that was for the GSConnect extension, which shouldn’t have much to do with how the screen is rendered in my opinion – but as I said, what do I know?
Okay, time to re-edit my (closed by others) bug in Arch which I mentioned in my August post, and to also tell Brenden via Element/Matrix. I’m glad that it works now, even if I still don’t understand why.
And like always, thanks for reading.
P.S.: Update, from less than half an hour later: after a few reboots and re-logins into Gnome on Arch, the behaviour is back to what it was before – meaning that conky is running (I see it with ‘ps waux | grep conky’, but I have to restart it with ‘killall -SIGUSR1 conky’ to have it displayed. Weird (as in fishes)…
And another update, from 2 days later: it worked again for the last two days, and I have no idea why (yet). But whenever I log into Arch, conky is there – displayed as it’s ought to be, like in the picture above. So this will be my last addendum on this case, except if I find out what caused all of this. So, like two days ago:
Thanks for reading.
Arch Linux lately reported about DDOS attacks to their sites (read about it on their homepage in case you can reach it), and it seems that of now, their user repository (known as the AUR) is affected:
That means no yay -Syu (or other AUR helper) updates at the moment. I wonder which weirdos gain anything from attacking sites like Arch? The world is definitely a strange place by now…
Anyway, and as always, thanks for reading.
Calvin Wankhede wrote an article about the duress PIN of GrapheneOS in AndroidAuthority, and I even logged in with a one-time generated code to comment and to congratulate him on it. We need more quality journalism like this instead of the many many articles about new features, colours, or whatever is not really relevant. Bravo!
Here is another good article about GrapheneOS by the same author. And another one.