- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
You must log in or register to comment.
Anyone using Lineage? How is it?
I’ve got a Pixel 7 and have been wondering
To be honest I do not see any reason to use Lineage with Pixel while there is GrapheneOS… But maybe there will be some users of it: it is always better to have more free open OS
My understanding is that Google wallet won’t work with grapheneos. It does with lineage ( with play integrity fix ). This is the only reason I use lineage. I’d love to not have any Google services but Google wallet is just such a huge value add. I don’t carry a physical wallet at all and it’s great. I wish there was a libre alternative to Google wallet for tap to pay, but sadly it does not look like that’s happening any time soon.
Graphene has a relatively short support, especially given that the phones for it are completwly unaffordable new so it’s effectively shorter than advertised. I am now spoiled by using a device that is not EOL so I think I will be switching when GOS’ support ends.
GOS Supports the pixel devices for the same amount of time as Google hard to keep a device secure once drivers are no longer being updated. But with Google extending support for pixel 6 and 7 series and the new 7 year guarantee on pixel 8 devices and newer this isn’t really a concern anymore. So pixel 7a and fold will be supported until 2028 and Pixel 6 and 6 pro until 2026 pixel 7, 7 pro, and 6a until 2027. Seems like plenty of time for support and that means as long as Google supports it so does GOS.
Yes, I know about them extending it. For me, for example, that means four years of official support, which is much less than a usual lifespan of my phone.
Then buy a newer one with longer support this will always be a issue since the support window is the same as Google. Once a manufacturer stops updating drivers and device firmware the said device can no longer effectively be secure because any exploit in the drivers or firmware will forever go unfixed compromisimg the devices security. Doesn’t matter what devices you buy this will always be the case it just depends on what your personal threat model is.
That support is about as long as it goes on mobile. An average poor person can’t afford to just buy new phones as soon as the support ends. Some updates is still better than no updates in this case.
Understandable I keep my phones for 2 years only, 1 year now with my 7a just had to replace a cracked screen and installed a new battery so good for another year.
A Pixel 8 on contract was free for me if I commit three years with my provider. I think I will get seven years support from GOS which is a worthy enough lifespan for an everyday smartphone
Is it an expensive contract? I doubt my $3/mo plan would ever have perks like this lol. Especially given that Pixels here are only sold unofficially.
About $60 CAD per month for talk/text with 50GB data which is average for here
I dont get why anyone would use LineageOS on a phone that new and that well supported by custom roms (GraphineOS, /e/os, etc)
True But maybe might be helpful if the phone hits EOL?
At that point using it will be less secure, the reason why GraphineOS stops supporting devices is because they focus on security. In addition the Pixel 9 will be EOL in what eight years from now? Maybe even more
Eight years, minus the few years you’d have to wait until the phone is close to affordable. And updates via LineageOS is still way better than just using a phone with no updates when it hits EOL like you normally would.
Calling the pixel 9 unaffordable when it’s literally the cheapest flagship in the market.
I like lineageOS more, because GrapheneOS includes google play, even while sandboxed i don’t like that
By default no, you install it later (as a sandboxed app)
yeah but i like microG and i read it isnt supported
Does it support flashing from web browser?
that’s not a feature of the ROM. that’s a tool provided by ROM maintainers. that being said, it almost certainly supports it, as in in someone makes a website that does that, it will be possible.
now, don’t get me started on how bad of an idea it is to use webusb
don’t get me started on how bad of an idea it is to use webusb
I will get you started. Please explain.
there is no way to verify the downloaded package before installation.
also I generally deem both webusb, and chrome’s broader filesystem access apis dangerous, partly because a vulnerability in the website permission checking code with this permission is much worse than with e.g. the camera.
but the more realirealistic problem is that its just too easy to grant a random website so deep permissions to your device, either by accident, by habit or because the user does not understand what is happening. just a click or two and you have just granted a ransom website full access to your drive. with webusb, they can even write a bootable anything to your pendrive.my concern here is not that you cannot make sure that the graphene website will only do what it needs to, but that the feature exists at all, because of all the other websites. I sincerely bless mozilla for not implementing these.
How safe is Lineage?
how safe is google?
Their devs dont really care about security so id say its not safe at all.
Any source on this?
Lineage allows people to have newer android/security patches on end-of-life phones, that’s a pretty good security argument.
That first link talks about how it requires an unlocked bootloader, therefore verified boot is disabled and the device is less secure.
While that is true, I think that’s a bit of an unfair thing to hold against it considering on most Android phones, you need to unlock the bootloader to run anything the OEM doesn’t approve, and most vendors do not support installing your own keys.
That should be a criticism against the OEM for forcing you to weaken the security of the device to have full control over it, not Lineage. That is not really their fault.
I think it would be nice of them to mention that the signing keys being held by the OEM and the OEM only is a massive security (and freedom!) weakness on it’s own, and that without being able to sign everything yourself, you can’t really be certain of the security of your device, as you cannot control everything on it.
