SamSuka
The Hated One
The Hated One

patreon


Episode 054 - Exclusive Interview With A GrapheneOS Developer

Get GrapheneOS: https://grapheneos.org/

Donate to GrapheneOS: https://grapheneos.org/donate

Follow Gabe: https://twitter.com/flawedworlddev

Timestamps:

00:00:00 Thanking Gabe for coming on again for the first time

00:00:31 What is GrapheneOS?

00:02:11 How GrapheneOS improves privacy and security

00:03:22 Why Pixel devices?

00:05:13 Explaining Titan M security chip

00:06:43 Resistance to brute force attacks

00:07:51 Insider Attack Resistance

00:10:36 GrapheneOS preserves Verified Boot

00:15:21 How GrapheneOS made Android more secure for billions

00:21:41 GrapheneOS ecosystem is growing

00:24:36 Talking about optimistic cahnges coming in the near future

00:35:53 Some of the best privacy and security features of GrapheneOS

00:45:00 Hardened Memory Allocator

00:47:03 How much more secure is GrapheneOS than Android?

00:51:59 GrapheneOS resellers

00:53:40 Removing microphones, cameras, sensors and Faraday bags

01:02:46 Future roadmap

01:09:05 Sandboxed Google Play

01:12:13 GrapheneOS is an anonymous phone - Hardware Identifiers

01:17:21 Need for an up-to-date device

01:32:18 Closing remarks and where to follow GrapheneOS

Episode 054 - Exclusive Interview With A GrapheneOS Developer

Comments

Some privacy countermeasures can lead to easier targeting. However, in the case of a serial number, you wouldn't be able to uniquely identify a target just based on the serial number missing. An attacker would need to tie it together with some other items of interest they would need to obtain through other means. The general concern you have though is spot on. Sometimes blending in with the crowd is more important than raising the strictest privacy bars that make you stick out (ie network checks, VPN/Tor, etc.)

The Hated One

So, I listened to the conversation, and one potential concern came up, like isn't giving the device no serial number somehow making it more identifiable, making it stick out from all other devices, like in a database or whatever. In not sure if the device with no serial number gets even recorded anywhere in this context, this might be unsophisticated question, but still, could it happen that targeting of devices is done based on their lack of serial number?

Martin

GrapheneOS is gonna work for pretty much all apps right now. You can install sandboxed google play which should make most apps work fine. CalyxOS doesn't have a secure way of installing Google Play dependent apps and it's also behind on security updates. If you absolutely need iMessage then I guess you are locked in inside the iPhone.

The Hated One


More Creators