featured [he/him]

This is accurate. Additionally, the WebKit rendering engine that they have to use is open source, so not too bad imo

Random applications that use the play integrity API won’t work on any third party OSes or ROMs. For example I tried to install some Intuit app on my GOS Pixel a while back (credit karma I think?) and it didn’t work at all

Mostly LibreWolf, but I’ve been enjoying Zen Browser recently. It’s based on Firefox but with lots of cool extra functionality baked in. It is still in alpha though and I’ve experienced some bugs, including it crashing my whole system a couple of times, but it’s very promising

They’re agreeing with you…

On the topic of struggling to connect to self hosted services without a VPS or domain: check out mesh VPNs like ZeroTier or Tailscale. I access all my internal services over Tailscale these days and it’s super simple

By default Apple holds your iCloud encryption keys. So if you message somebody who uses iCloud without advanced data protection turned on then that encryption isn’t worth a whole lot, they can unlock it and have given up that data many times

As somebody who has used graphene for a long time, it certainly comes with sacrifices compared to stock android or iOS just by the nature of being a non-stock OS due to Google’s integrity stuff. The biggest thing I miss from my iPhone is putting my cards into my phone’s wallet and using tap to pay. Graphene can do concert tickets, boarding passes etc but not full GPay functionality. However that’s my biggest gripe. I still use iMessage for group chats that I’ve had for years where people won’t migrate; I host a BlueBubbles server at home and it forwards it all to my pixel. Never had a yubikey so I can’t speak to that issue unfortunately. I wish you the best of luck in finding workarounds or converting back, whatever is best for you. Remember that privacy is about balance; clarify your threat model and your social needs and work to find an appropriate compromise

It’s the same thread, the linked post is down the thread a little bit

Play integrity api is implemented by some app developers to check OS integrity. Google blocks all third party OSes from utilizing this verification method, including GrapheneOS. This isn’t new, what’s new are the apps that utilize this integrity API which is where the story comes from. Most apps still work without it. Graphene has full support for hardware anttestation and they’re pushing for this to be the norm rather than relying on Google as the gatekeeper. I use graphene every day, and while I mostly use FOSS apps from other repos, the stuff I personally use from the play store works perfectly

I was using Nix but ran into some software compatibility issues so I’m back on Arch. It’s obviously not immutable and doesn’t have generations, but using btrfs + snapper + snap-pac + grub-btrfs has given me an automated system of snapshots that let me roll back to my system state before or after each package change (As well as weekly snapshots). It has been rock solid and reliable for me. On my Debian server I just use ZFS and snapshot it weekly, which isn’t as easy to roll back but it does everything I need

You should look into Gadgetbridge for your smart watch needs. I don’t think it’s compatible with that watch but if you get one that does work with it, it allows you to use it pretty much like normal but without any proprietary companion apps

Anybody use NixOS? I’m trying to run a regular Linux executable and I can’t figure out what packages to use in Nix-LD to make it work…

its open source and well audited, so no I don’t think they have it backdoored. they get all the info they want from people using google play services at a privileged level, running chrome, and using their other dozen services that come bundled with stock android