So i am installing GrapheneOS rn and i need help:

  1. i want app tracking protection to every app something like duckduckgo’s app tracking protection if there is something better?!

  2. someone explain me (with simple words) what is auditor cause i can’t understand even if i read about it on GrapheneOS’ website (i am like 50% noob with these things)

  3. is my wifi masked automatically with GrapheneOS or should i 100% use a vpn? is there a setting in the OS somewherere? i need a lot of privacy and security to my phone!!!

also tell me additional tips for privacy/security for GrapheneOS if u have any!

thanks a lot!

  • sloppy_diffuser
    link
    fedilink
    English
    arrow-up
    9
    ·
    edit-2
    3 days ago
    1. Not sure on this one.

    2. The auditor is to make sure you are installing an authentic version of graphene. That it is not a modified version that has been tampered with (e.g., backdoors).

    3. Automatically enables MAC randomization. This can help with being tracked on public networks. Fingerprinting techniques have gotten better though with deep packet inspection and even measuring radio characteristics. I’ve seen demos of two brand new and identical models of iPhones being distinctly picked out due to variances in the radios during manufacturing.

    Doesn’t help with advertisers tracking behavior based on IP. VPNs help with “blending-in” by putting multiple users behind the same IP. Provider matters here. Needs to be a VPN provider that won’t just sell your data or cave to law enforcement. Mullvad is my preference. Paid with crypto. RAM only logs. That said, use Tor or I2P for anything you don’t want subpoenaed.

    For additional tips:

    • Can’t remember if its on by default, but auto-reboot to put data at rest (encrypted and not in RAM). This is for a state-actor threat level, and less about advertisers.
    • I prefer pin codes to unlock my device and don’t use biometrics. Graphene has a feature to randomize the pin pad every time to protect against a recording of the pin be entered. Specifically where the numbers aren’t picked up on the video but the pattern your hand makes can be seen. Again, more of a state-actor threat level.
    • ballskicker
      link
      fedilink
      arrow-up
      2
      ·
      3 days ago

      I’ve been eyeing Graphene for a while now but I’m not really a tech person. I fumbled my way through installing and doing basic tweaks on Linux Mint but I don’t know the first thing about coding or programming. Is that kind of knowledge a must for this OS or is it more dummy friendly? And what’s a good cheap phone to grab to start messing with it and getting familiar, do you have any recommendations on that front?

      • catloaf@lemm.ee
        link
        fedilink
        English
        arrow-up
        5
        ·
        3 days ago

        It’s almost the same as plain Android, only with the Google services removed or locked down, and additional security restrictions and permissions control. Most apps work without any additional configuration, unless they’re doing something unusual.

        The only supported devices are Pixels, so take your pick from the list: https://grapheneos.org/faq#supported-devices

      • sloppy_diffuser
        link
        fedilink
        English
        arrow-up
        5
        ·
        3 days ago

        No programming knowledge required.

        Graphene only supports Pixels due to the titan chip. The versions with “a” are cheaper. Check when they go end of life to find the cheapest if you care about updates. So probably the 6a or 7a if you want at least 2 years of updates.

      • Facebones@reddthat.com
        link
        fedilink
        arrow-up
        4
        ·
        3 days ago

        It’s pretty dummy friendly. Accept that some things may not work or will work differently (Most notably tap to pay is a no go AFAIK,) and be willing to learn if something comes up would probably be how I describe it. The only problem that might turn up that an app that you need doesn’t pass gOS’ security checks, but there’s an app level setting to lessen security restrictions if it’s something you NEED.

        Otherwise, meh? Flashing back to stock is super easy via a google web tool if you don’t like it. (I had to for a trip, Ticketmaster was being wonky and all my shows were ticketmaster haha. I’ve never had a problem before with the Ticketmaster app so IDK if it’s an ongoing thing or not)