Conversation

This Tweet was deleted by the Tweet author. Learn more

Replying to

Neither of those things requires / involves root access when done properly. Backup services need to be built into the OS for important security reasons. However, it's entirely possible to have a generic encrypted backup service supporting any sync service via SAF, etc.

This Tweet was deleted by the Tweet author. Learn more

Replying to

GrapheneOS still maintains the OS security model including the application security model. It has nothing to do with what you claim. Don't need to be have it explained why you think things are designed the way they are as someone deeply involved in implementing these things.

Replying to

If you don't want that security model, nothing stops you from turning on debug mode for an app, signing it with your key and installing it. You don't need to do that to backup and restore data unless the app excludes it from backups. A debug build of either OS or app bypasses it.

Replying to

Google Android isn't iOS. It doesn't stop you from easily installing whatever software you want including modified proprietary apps. It's trivial to change the debugging flag and sign the app with your own key. OS doesn't help them obfuscate their code, etc. in any way either.

This Tweet was deleted by the Tweet author. Learn more

Replying to

Google doesn't make the hardware or operating system for any Android devices with a permanently locked bootloader. I never said you had to do what I suggested for every app update and you obviously wouldn't be doing it by hand. It's trivial to change debug flag and sign an app.

This Tweet was deleted by the Tweet author. Learn more

Replying to

You don't lose the advantages of app signing. The signature of the app gets verified, then it gets signed with a different key. You lose the advantages of verified boot which you clearly don't want anyway since that's completely incompatible with what you want.

Replying to

There's a large community of users making use of modded variants of proprietary apps. I have no interest in that but the OS certainly doesn't stop you from doing it. The only thing Android provides which hinders that is hardware-based key attestation via the hardware keystore.

11:05 AM · May 17, 2021Twitter Web App

Replying to

Play (not Android itself) also has a terrible primarily software-based attestation API but that's easily bypassed at this point. Anyway, nothing stops app developers depending on attestation for other OSes either. Existed before either Android or Play had an API for doing it.

Replying to

GrapheneOS doesn't have Play services so that API isn't relevant and it's highly unlikely that any app would actually use hardware-based attestation to lock itself down on GrapheneOS. They probably wouldn't be whitelisting the GrapheneOS verified boot key in the first place.

Show replies