LineageOS for microG is a custom build which already includes the patch to enable signature spoofing. This still means that microG is running with root privileges. It btw also includes the F-Droid privileged extension, which is yet another app running with elevated privileges and adding unnecessary attack surface. Installing microG is the quick and easy workaround to get Google Play services, but it’s more like a dirty hack that reduces security. GrapheneOS is currently the only ROM that properly integrates the official Google Play Services using the Android app sandbox. This also increases app compatibility, and it’s the reason why most banking apps work without any issues on GrapheneOS, while they are broken on Lineage, Calyx and other ROMs that use microG.
That’s pretty sad to see, Techlore is one of the main ways how I got into digital privacy and security, but ever since they removed GrapheneOS from the mobile OS recommendations section on their resources page, I don’t feel like it’s a trustworthy source anymore. Removing the most private and secure mobile OS from your OS recommendations, while claiming to give people privacy and security-focused recommendations is pretty hypocritical. Instead they recommend CalyxOS which rolls back default AOSP security features, LineageOS which doesn’t even work with a locked bootloader and microG which requires root access. It just feels like a bad joke.
I recommend building your own firewall. There are awesome, FOSS, FreeBSD-based firewall operating systems like pfSense and OPNSense. You can do a whole bunch of cool stuff with them, like block ads, scan incoming traffic for malware, monitor your network, collect data about your connections and visualize them in a nice dashboard and more.
I run it on my TrueNAS Scale server, very happy with it, works as expected
I use NetBird to access it from anywhere, and to share my Jellyfin server with my friends and family
Is it easy/possible to install the Bazzite tweaks on top of Aurora?
Yes, most of these should be available via ujust
Also, my desktop has an Nvidia card… should I expect problems?
Bazzite (and all UBlue-based distros) specifically ask you what GPU you use before you download the ISO, and they have special images for Nvidia users.
Note the difference between Fedora and Fedora Silverblue. Fedora is a regular Linux distro, like Ubuntu. Silverblue is an immutable distro which uses rpm-ostree and provides atomic updates. Universal Blue is based on Fedora Silverblue whereas Nobara is based on normal Fedora. Bazzite is a more gaming-focused variant of Universal Blue. I prefer Silverblue and Silverblue-based distros, because they are more stable and reliable. Bazzite perfects this experience and adds some more stuff on top, to making everything easier and more pleasant.
Upload to Odysee and use the YouTube Sync feature.
I feel like this is related to https://lemmy.world/post/17022591
No, absolutely nothing wrong with that. Just want to let everyone know that it’s not some random distro, but it actually uses a stable, reliable and well tested base distribution.
It can even be self-hosted https://help.ente.io/self-hosting/
Sorry, but this is really useless. I support the cause, but there is absolutely no need for this software. I think this community is meant for software that actually has a use.
Just so you know: It’s based on Universal Blue, which is based on Fedora Silverblue.
That’s great
Does Google Fi allow for OEM unlocking (to install a custom ROM)?
Calyx is pretty insecure by default, it removes some default AOSP security features and is very slow to push security patches. And it doesn’t include any of the GrapheneOS security features like hardened SELinux, a hardened kernel, secure app spawning, hardened Chromium browser and WebView or hardware-based integrity attestation. It also uses a very flawed Google Play services implementation (microG) which requires root and has worse app compatibility.
Using a device with no vendor-provided firmware security patches doesn’t seem like a good idea to me. Also, the Pixel 8a gets 7 years of updates. That’s plenty of time, and most people get a new phone after a much shorter time.
Can we please all just acknowledge that desktop operating systems absolutely suck (in regards to security)?