Security researcher working on mobile privacy/security. Memory allocators, compilers, language design, attestation, sandboxing, permission models, etc.

Toronto, Ontario, Canada
Joined June 2018
Filter
Exclude
Time range
-
Near
nitter.net/DanielMicay/stat… microG is an alternate implementation of Google services, not a replacement or alternative to them. I wanted to post this as a response to the post from @kravietz_, but they blocked me after I dismissed the nasty personal attacks they sent me via DM.
Also, worth noting that despite a lot of apparent confusion about it, microG is primarily an implementation of Google services. Aside from the supplementary network location options, it's an alternative implementation of a small subset of the client-side APIs for Google services.
1
0
0
0
Also, worth noting that despite a lot of apparent confusion about it, microG is primarily an implementation of Google services. Aside from the supplementary network location options, it's an alternative implementation of a small subset of the client-side APIs for Google services.
1
0
1
1
CalyxOS is not a derivative of GrapheneOS. It's not based on it. It doesn't contain the privacy / security hardening from GrapheneOS. It is AOSP with microG, SeedVault, various other bundled apps and user-facing features to encourage using encrypted messaging apps, etc.
1
0
0
1
CalyxOS is a far different thing than GrapheneOS. You seem to think it's GrapheneOS with microG and other bundled apps which is not the case. The whole point of GrapheneOS are the substantial OS privacy and security enhancements, which aren't in CalyxOS. Totally different thing.
1
0
0
1
Show this thread
don't do much of that right now, other than including SeedVault, which was initially implemented based on the concept we laid out for it. We aren't interested in a reimplementation of clients for Google services like microG, so only implementing providers for AOSP APIs is wanted.
1
0
0
0
Firebase (Google) Cloud Messaging. It's a push notification service provided by Google with a client implemented as part of Play services. It's partially implemented by microG and still has to use Google's servers since that's where app servers send their push notifications.
1
0
0
1
What we provide isn't simply a branded build of AOSP with updates, standard Android privacy / security and without Play Services. CalyxOS is not GrapheneOS with microG and bundled apps. It doesn't have our privacy and security improvements which is the whole point of GrapheneOS.
1
0
0
2
Since microG is present, apps treat it as a device with Play services and this can mean that their non-FCM-based push implementation and other alternative implementations of features won't be available. Disabling it or disabling FCM support isn't the same as not including it.
0
0
0
0
CalyxOS and GrapheneOS are collaborating together. Calyx has provided substantial help with GrapheneOS. GrapheneOS userbase is rapidly growing and there's more than enough room for the different approach in CalyxOS of including microG and focusing on apps rather than hardening.
0
0
0
1
GrapheneOS doesn't have Google Camera. It can currently be used via github.com/lukaspieper/Gcam-… but that's very unlikely to continue working. GrapheneOS doesn't have Play Services and there is no way to have a functioning Play Services (or microG) without making a fork of it anyway.
1
0
0
0
Replying to @tommykellyinla
microG won't work without being built into the OS. The most it would do is make apps think that Play Services is available but it's not going to work. GrapheneOS doesn't and won't support microG. Google Camera may work right now but it isn't supported and it can't be expected.
0
0
0
1
Depending on Google Play Services or hacked together, incomplete reimplementations of it like microG is the real issue. SafetyNet is just one aspect of that. We were talking about and adopting hardware-based attestation years before SafetyNet used it. It was added in Android 7.
1
0
0
0
GrapheneOS is not just AOSP with the existing security features intact. CalyxOS is a well implemented derivative of AOSP with optional microG support. They've worked on support for non-Pixel devices too, but within the constraint of supporting ones that are reasonable secure.
1
0
0
1
The difference between GrapheneOS and CalyxOS is that GrapheneOS provides substantial privacy/security hardening beyond AOSP and CalyxOS integrates microG support, the F-Droid privileged extension and bundles other apps. CalyxOS is the only other AOSP derivative preserving the...
1
0
0
2
Show this thread
It's an OS based on LineageOS + microG, not a phone.
1
0
0
0
That's an attribution page in microG, not a list of libraries that it provides to other apps. Read reddit.com/r/GrapheneOS/comm…. GrapheneOS is not going to include microG or the signature spoofing patch it uses.
1
0
0
0
I'm well aware of what microG provides and how it's implemented. You're free to contribute to the project described in that post, but trying to push microG is a waste of time. It is not going to be included or supported. It isn't the approach that's desired for GrapheneOS, sorry.
0
0
0
0
Show this thread
That's not true, GPS works fine without microG.
0
0
0
0
Replying to @johnbrenneke
Yes, the apps just need to implement it. Signal, WhatsApp, and many other apps providing an alternate implementation without using Firebase Cloud Messaging via Google servers like Play Services and microG.
0
0
0
0
I have a lot of lower hanging fruit to address before considering that kind of micro-optimization. It's these 2 fields in the per-size-class slab allocator: github.com/GrapheneOS/harden…. It could be another one of these tables if I generated it when building: github.com/GrapheneOS/harden….
1
0
0
0