It is a more serious project than LineageOS in the sense that they take security very seriously and they take their development more professionally too. There are no disadvantages to using GrapheneOS compared to LineageOS.
Note that this comparison is not entirely correct. For instance, LineageOS supports network-based location with UnifiedNlp. Android Auto works fine if you install GApps.
Second this. The focus on security from GrapheneOS is a breath of fresh air compared to the (historically) questionable conventions in most of the third-party Android distribution ecosystem.
As an example, Graphene even recommends not using Firefox [0]. I actually still do, but I understand their rationale and it's very well presented. The way they explain such things in clear English is very helpful and hopefully indicative of a similar amount of consideration being made elsewhere in the project.
I had actually considered donating to Signal, but the addition of Moxie's crypto scheme to the app scared me completely away.
Signal kind of hits a sweet spot of usability and security, but it's incredibly tenuous and I don't trust the company to hold my interests at heart. It seems like we should be able to do better.
If you use a social network long enough it really becomes extremely hard to do.
I honestly find it harder to quit all social networks than quit some drugs.
I uninstall/reinstalled the same social networks sometime multiples times a day, I often closed a social network webpage only to instinctively retype the url seconds later.
The only thing that kinda works for me is software that block all social medias.
I suggest you read "Hooked: How to Build Habit-Forming Products.".
I've found long term success in getting off of Facebook (never used Twitter) using the following steps (I still visit Insta most days on the native app however):
* Got rid of the native apps (except for Messenger Lite) years ago
* Switched to mbasic.facebook.com in the browser
* Recently I logged out of said mobile site
Now every time my muscle memory goes to facebook.com it asks me to login and I close the tab. I don't miss it at all and have no urge to login once I see the login form. I think I may have finally quashed my FB addiction!
Personally I dislike – even resent – having to own a device I don't like, that I don't control (not without extensive hackery, which I don't have the interest or time for), and where I have to create accounts and accept various EULAs I don't like to use basic functionality.
Of course, you can go the Replicant/PostmarketOS/etc. or Purism/PinePhone or whatnot route, but then you're missing out on so many things and/or have to spend so much time on things (not worth it for me) that you might as well not get a smartphone. A smartphone is greatly reduces in value if your banking app and $popular_messenger_app doesn't work. And besides, it only solves part of the problem: I still have a device too large to comfortably use, in spite of being quite tall with big hands.
It's hard to resist. It's like being on a diet/fasting but having your cabinets stocked with all unhealthy food or a drug abuser with free drugs they can't have.
Self-control and discipline also take a lot of mental energy out of some people.
If you set yourself up not to need to exert this discipline, like in your example of keeping junk food out of the house, that's a burden off your mind.
That's mental energy you can use for other things.
(This simple analogy of requiring exhaustible mental resources for discipline doesn't necessarily apply to everyone. But there are some people it does apply to.)
I don't know why people just keep comparing the core protocol to the client. They can both be developed independently, in fact, you don't even need to use the official client, there are many open source alternatives.
If you think something is broken, you are free to contribute to a patch, the project is open source.
It's change-your-distro/DE all over again. Each one of them has their unique pluses and oddities.
> you are free to contribute to a patch
Hi, average joe! You know, you should be using Matrix so your chat logs are not sliced and diced by corpos for profiling, right?...ahh what's that? You can't jump to your last mention? Just file a bug report in GitHub issue tracker bro. PR welcome.
The competition is fierce. It's really sad so many FOSS projects have moved to Discord. I hope Matrix win.
A 16 month course of 6 to 7 hours per day with a lot of exercise and you didn't learn the language at all?
I don't think Duolingo is a good solution but in your case you had all the opportunity to become fully fluent with that kind of regime, it starts to be your fault.
Obviously I knew my language well enough to perform a job which required some amount of proficiency in it. I'd imagine that some people might describe my level of proficiency as fluent. If you were to compare it against university, it'd be around the level of a four year degree, but undoubtedly worse than someone with a master's degree in the language.
I think this is more a case of your definition of being "fully fluent" is vastly different from mine.
At this point, we are talking about a really high education of a certain language on a thread about a tool to help people going from zero to say basic sentences on another language.
They are two different things. I mean, I am sure that there are academics with superior knowledge than me on my own native language.
I think this is more of a Dunning-Kruger situation. The more you know a language, the more nuance you recognize and the more you see there is to learn. I only speak English, and I still feel my command of the language could grow.
Absolutely, there has been a dramatic shift in the type of people who visit HN in the past years.
I used to think that Reddit was bad in this regard but to be honest it mostly affects the big subreddits, the niche and small ones still have a high quality community. HN became pretty much like the biggest subs on Reddit.
This comment thread is in its own category of low quality discussion.
Negativity bias prevents you from seeing that 95% of the homepage right now is technical/nerdy with a lot of high quality corresponding discussion.
When political/social issues hit the homepage, they often slide off quickly if the corresponding discussion is of low quality (has many downvoted comments).
HN is certainly not perfect but just focusing on the parts you don't like prevents you from seeing the bigger picture.
I know this is completely unrelated to the discussion but why is this not a blog post on their actual blog (https://en.cdprojektred.com/news/) instead of a print screen of a bunch of text?
Screenshot of some text because Twitter has a word limit, but you can easily attach as big an image as you want. In this case a picture is worth a thousand words.
Not hosting on their blog because they just need to disclose this breach so it is public information for stock exchange and legal purposes.
"(...) every time an install of Raspberry Pi OS is updated it will ping a Microsoft server. Microsoft will know you're using Raspberry Pi OS/likely Raspberry Pi owner and your IP address."
How is this is an issue? It doesn't require any login and this is exactly what happens with every APT mirror.
I imagine that Raspberry Pi OS is an distro meant for people who simply want things to work out of the box, I can see why the Raspberry foundation would want to add repos for easy installation of the VSCode.
If you want tight control of what happens in your system, you are free to install any other distro you want.
> How is this is an issue? It doesn't require any login and this is exactly what happens with every APT mirror.
Yes, but it's you who usually manage those mirrors, not some guy deciding which mirrors your apt must query now and pushing it in a regular update without notice.
I don't care if it's Microsoft or some obscure Chinese repo, but I think nobody should mess with your mirrors list or trust their keys in this way.
No, it doesn't work like that. You pay for something and you complain. Even if you don't. And if the guy doesn't like criticism, he can quit at any time.
It's not just educational desktop environments: this issue affects Raspberry Pi OS Lite which is the primary operating system for Raspberry Pi's used in embedded and IoT applications. Some of which have automatic updates (called "unattended upgrades" in Debian parlance).
Technically it does grant another avenue of supply chain attack... but if Microsoft run mirrors are being compromised then we probably have much bigger issues than some raspberry pis.
I get that level 3 means that the device is able to detect physical tampering. But why would I need this if anyone can just plug the USB stick into any PC?
It's hardware encrypted so the only 2 solutions to get the data are to either brute force it (impossible) or to get the crypto key from the chip inside.
If I understand correctly this drive is supposed to detect tampering and erase the key if you attempt to open the encasing.
It is a more serious project than LineageOS in the sense that they take security very seriously and they take their development more professionally too. There are no disadvantages to using GrapheneOS compared to LineageOS.
You can see a comparison here: https://eylenburg.github.io/android_comparison.htm