Lemongrab @ Lemongrab @lemmy.one

Posts

18

Comments

890

Joined

2 yr. ago

tat for tit 🥴

/e/OS is often a month or more behind on Android updates (including security). Unacceptable I think.

Some info about patch history here: https://www.divestos.org/pages/patch_history

General comparison table of Android ROM features: https://eylenburg.github.io/android_comparison.htm

It is developed by the DivestOS Dev. It is safe.

True, though I also want people to check out Chimera Linux because it seems cool as shit.

I like Rust BTW. (FeO for the WIN!!)

To make it taste better.

I may have been incorrect, but I was pretty sure the deblobbing is why DivestOS doesn't support some of Android's features (along side the greater reason of security/privacy). Lineage, like any ROM, depends on binary blobs. DivestOS (and GOS) more thoroughly deblob than Lineage, which I think is a quite important metric when considering a ROM.

Blobs removed by DivestOS: https://codeberg.org/divested-mobile/divestos-build/src/branch/master/Scripts/Common/Deblob.sh

Semi-relevant xkcd.

Yes, I understand. I am pretty sure that is incorrect. With an Arkenfox profile, I have modified my prefs in about:config and retained those changes persistently.

My point was that regardless of what apps you use, much of googles proprietary code is retained which increases attack surface and could be spyware. The website was just a neat overview comparison between ROMs. DivestOS has details on what it removes (and prob why it removes it). I am not saying that lineage is a bad ROM, just that there is more degoogling possible. DivestOS is a soft-fork of lineage that goes much further than it in an effort to deblob and harden Android. Security often can come at the cost of some usability.

Edit:
An example of a real disadvantage of lineage regardless of what apps you use is what webview it uses. Its webview is (likely) unhardened for Security and therefore poses some risk to the user if used in an attack. Webview provider cannot be changed without root.

I have independently tested you can change settings before. I will test again tomorrow if I remember to.

That is not how Arkenfox works. You apply the patch using the script, and then re-run this patch everytime Arkenfox receives an update. In between running, you can change settings in about:config and settings, but it will be overwritten if a different value is included in the user.js. A more permanent solution is using the user-overrides.js file required by the script before patching to create a persistent config.

Something like: user_prefs("privacy.resistFingerprinting.letterboxing" , "false");

More details about user overrides can be found here.

It also removes much less google proprietary code blobs when compared to DivestOS or GrapheneOS. See a basic comparison table here: https://eylenburg.github.io/android_comparison.htm

It is not patching Firefox. I already explained this bit I will say it again. No source code is changed, no promo icons, and no recompile is done, therefore it is not a fork. Tor browser does a lot of stuff behind the scenes. Arkenfox is not a fork. Tor browser comes prebundled with "No Script" extension, arkenfox cannot bundle extensions because it literally only copies text from one config file to another. Tor browser patches out the phone home to the Mozilla Add-on Store, Arkenfox literally cannot because it doesn't modify the code and without recompiling it causes a crash. There are many many more differences between forks of Firefox and Arkenfox, I'll leave that research for you because I think I have said enough. Arkenfox is not a fork of Firefox by definition, it does not modify any code. It would be like saying "I forked Minecraft" because I create a text file with my fav config of keybinds and settings and then share that config. Arkenfox is just a text file config and a script that modifies the default config of an existing Firefox profile. When you create a new Firefox profile, it is generated as default without Arkenfox settings. Librewolf, which uses much of Arkenfox's user.js config, must follow the forking guidelines outlined by Mozilla, patches out phone homes, bundles extensions, changes ui, and (crucially) if you create a new profile, it is preconfigured with security and privacy settings.

Here is some reading for you (if you want):
https://privacytests.org/vivaldi.html
https://avoidthehack.com/review-vivaldi-browser

I can say the same thing about Librewolf, as they haven't done anything to screw over their users either.

Vivaldi just does not have strong ad-blocking, fingerprinting protections, or privacy a preserving measures in general. Here is a comparison between some browsers: https://privacytests.org/

Arkenfox quite literally is not a fork. It is just changing settings. That is like saying I am making a Firefox fork by changing it to dark theme and changing the default search engine to Bing.

Arkenfox isn't a fork, even with a script it is manual for much of it. A fork requires redistributing the code, which for Firefox requires the Dev to change the name and replace icons of the application (to comply with Firefox's license), which requires modifying the source code and compiling.

It is a script that automatically changes the internal flags of Firefox (accessed manually through "about:config") but isn't a recompile. A fork that uses most of the Arkenfox config is Librewolf.

Blowhigh

Rebuplica Dominicana numero uno!!!