!SayHlEYXdrpSerhLMC:matrix.org

GrapheneOS

13387 Members
Official GrapheneOS chat room. Join #dev:grapheneos.org for development discussion, #testing:grapheneos.org for Beta testing/feedback, #releases:grapheneos.org for release announcements, #infra:grapheneos.org for infrastructure discussion / monitoring, #offtopic:grapheneos.org for other topics and #community:grapheneos.org for the space. Formerly known as CopperheadOS. Due to relentless misinformation and harassment from CalyxOS and Techlore supported by their leadership and project members, we apply stricter rules to users from those communities.728 Servers

Load older messages


SenderMessageTime
3 Oct 2022
@strcat:grapheneos.orgstrcathttps://grapheneos.org/install/web#verifying-installation20:58:53
@dimension104:matrix.orgdimension104
In reply to @bashir911:matrix.org
So?
So..
20:59:21
@dimension104:matrix.orgdimension104That's why I'm asking21:00:02
@strcat:grapheneos.orgstrcatopen source does not inherently provide better privacy or security21:00:12
@strcat:grapheneos.orgstrcatopen source does not mean fewer vulnerabilities21:00:24
@strcat:grapheneos.orgstrcatit's not a magical property that gets the vulnerabilities in the code found and fixed21:01:02
@dimension104:matrix.orgdimension104I wasn't talking about security. I talked about the possibility that Windows or Mac will put spyware in the Pixel21:02:56
@keyboardcowboy:arcticfoxes.netKeyboardCowboyWith verified boot that would not be possible. 21:03:22
@bashir911:matrix.orgbashir911Read the link stcat sent to you21:03:47
@dimension104:matrix.orgdimension104
In reply to @keyboardcowboy:arcticfoxes.net
With verified boot that would not be possible.
How come?
21:03:46
@keyboardcowboy:arcticfoxes.netKeyboardCowboyIf the OS image was tampered with the boot would fail.21:03:50
@DzzzzzzR:matrix.orgdazinism
In reply to @dimension104:matrix.org
I wasn't talking about security. I talked about the possibility that Windows or Mac will put spyware in the Pixel
Its would be pretty difficult to do that. Theyd basically have to install a malicious altered GrapheneOS
21:04:07
@mimir:xmppwocky.netMimir
In reply to @keyboardcowboy:arcticfoxes.net
If the OS image was tampered with the boot would fail.
an attacker could substitute their own signing keys; but using Auditor is a strong defense against this
21:04:26
@dimension104:matrix.orgdimension104
In reply to @DzzzzzzR:matrix.org
Its would be pretty difficult to do that. Theyd basically have to install a malicious altered GrapheneOS
And does that mean it's difficult or impossible?
21:05:06
@mimir:xmppwocky.netMimir
In reply to @mimir:xmppwocky.net
an attacker could substitute their own signing keys; but using Auditor is a strong defense against this
(as documented in the previously-linked bit of the install page)
21:05:06
@DzzzzzzR:matrix.orgdazinism
In reply to @DzzzzzzR:matrix.org
Its would be pretty difficult to do that. Theyd basically have to install a malicious altered GrapheneOS
And theres a few robust ways you can check youve got the genuine OS
21:05:17
@keyboardcowboy:arcticfoxes.netKeyboardCowboy
In reply to @mimir:xmppwocky.net
an attacker could substitute their own signing keys; but using Auditor is a strong defense against this
True, it'd have to be a pretty targeted attack and the host system used for installation compromised with this type of attack.
21:05:48
@DzzzzzzR:matrix.orgdazinismAuditor being a good way to check21:06:49
@dimension104:matrix.orgdimension104
In reply to @DzzzzzzR:matrix.org
Its would be pretty difficult to do that. Theyd basically have to install a malicious altered GrapheneOS
* difficult or impossible?
21:06:48
@keyboardcowboy:arcticfoxes.netKeyboardCowboyOr the GrapheneOS infrastructure would have had to be compromised and be serving malicious downloads and keys. At which point it wouldn't matter what system you install from.21:07:18
@syntaxerror369:matrix.orgsyntaxerror369 joined the room.21:07:24
@dimension104:matrix.orgdimension104
In reply to @dimension104:matrix.org
difficult or impossible?
?
21:07:24
@keyboardcowboy:arcticfoxes.netKeyboardCowboy
In reply to @DzzzzzzR:matrix.org
Auditor being a good way to check
Yeah it would help. However, with auditor will it catch if your initial installation is compromised or only if it's been tampered with after the first pairing?
21:09:04
@syntaxerror369:matrix.orgsyntaxerror369Hi, I recently installed graphene is on Pixel 4 XL, I installed Netgaurd firewall from f-droid and noticed when I enabled to show system apps in Netgaurd it showed a process called "root" running as uid 0 , 1321:09:13
@DzzzzzzR:matrix.orgdazinism Nothing is completely impossible. It would be very very very hard to work around auditor. Would need to compromise the auditee also 21:09:18
@strcat:grapheneos.orgstrcat dimension104: read the documentation that was linked before posting more about it here 21:09:28
@DzzzzzzR:matrix.orgdazinism* Nothing is completely impossible. It would be very very very hard to work around auditor. Would need to compromise the auditee also 21:09:34
@strcat:grapheneos.orgstrcatread https://grapheneos.org/install/web#verifying-installation21:09:42
@strcat:grapheneos.orgstrcat syntaxerror369: you were already told why this is wrong on Reddit 21:09:50
@DzzzzzzR:matrix.orgdazinism
In reply to @keyboardcowboy:arcticfoxes.net
Yeah it would help. However, with auditor will it catch if your initial installation is compromised or only if it's been tampered with after the first pairing?
Initial
21:09:57

There are no newer messages yet.


Back to Room List