masterofn001@lemmy.ca to Android@lemmy.worldEnglish · 2 days agoCoincidence?lemmy.caimagemessage-square11linkfedilinkarrow-up1115arrow-down110file-text
arrow-up1105arrow-down1imageCoincidence?lemmy.camasterofn001@lemmy.ca to Android@lemmy.worldEnglish · 2 days agomessage-square11linkfedilinkfile-text
Sandboxed Google services on grapheneOS. The mark of the beast. (Also, when do we do a google antitrust again?)
minus-squarejerbAlinkfedilinkEnglisharrow-up13arrow-down1·1 day agoMicroG requires signature spoofing, which Graphene deliberately does not support. It is more secure to run the real Play services in a sandbox that forces it to be a userland app than to run MicroG as a privileged system app with spoofing.
minus-squareleoboehm@lemmy.worldlinkfedilinkEnglisharrow-up3arrow-down1·1 day agoOh, I didn’t know that, thanks.
minus-squareTurret3857@infosec.publinkfedilinkEnglisharrow-up5·edit-21 day agoSaying signature spoofing for all ROMs is less secure is misinformation, see CalyxOS’s explanation: https://calyxos.org/docs/guide/microg/#is-microg-a-security-risk-in-calyxos-because-it-requires-signature-spoofing
MicroG requires signature spoofing, which Graphene deliberately does not support. It is more secure to run the real Play services in a sandbox that forces it to be a userland app than to run MicroG as a privileged system app with spoofing.
Oh, I didn’t know that, thanks.
Saying signature spoofing for all ROMs is less secure is misinformation, see CalyxOS’s explanation: https://calyxos.org/docs/guide/microg/#is-microg-a-security-risk-in-calyxos-because-it-requires-signature-spoofing