Do we know that Calyx protects against zero-click exploits? (Given that these exploits are incredibly sophisticated)
Conversation
I unfortunately don't know the answer but perhaps someone at the Calyx Institute or team would know more about it.
2
1
Note that despite their answer falsely claiming to ship patches quickly, they recently went almost 4 months without shipping the Chromium or Android security updates. CalyxOS has a history of covering up their own vulnerabilities and greatly misleading users about security.
1
1
Multiple Chromium and Android vulnerabilities patched during that time were caught exploited in the wild. The patching continues to be unreliable, and they roll back the standard security model in AOSP. There's far more to security than fixing bugs one by one as they portray it.
1
1
Replying to
Did you seriously just search for any mention of CalyxOS to find this thread? Other than having to wait for the update from 11 to 12 updates have been quick and reliable and I think CalyxOS is the best for MOST users.
1
Replying to
There was almost a 4 month delay for security updates including browser updates. It wasn't only the major upgrade from 11 to 12 which was delayed. There are far more delays than that in practice too, and lots of security features rolled back or compromised in the OS.
1
1
CalyxOS doesn't provide broad app compatibility and also has leadership and developers involved in a long history of abusive / underhanded behavior. I don't think anyone should be recommended to trust an organization led by someone highly abusive involving in bullying/harassment.
2
1
Replying to
I have had regular updates ever since installing it on my Pixel 5. As far as I'm concerned the burden of proof is on you and there's a reason I didn't mention you or your project in the same thread as the other project. Your weird beef with them makes the discourse unbearable.
1
Replying to
Regular updates are not the same thing as receiving the monthly security updates. It's a fact verifiable from their website that they did not ship the Chromium or Android security updates for almost 4 months starting from October. It's verifiable that other patches are missing.
2
1
Replying to
If there is abuse and shoddy work in their project then in needs to be investigated but I've seen no one other than you claim that. Furthermore it's really shitty for a dev to try to tear down another project rather than say, "I think my project could be a better fit becaue X".
1
Replying to
CalyxOS and people promoting it are putting people at risk by recommending that at-risk people use a project unable to provide anything close to the standard level of security as AOSP and the stock Pixel OS. People being misled about this is often dangerous for them.
If you think it's shitty to explain the problems with it, imagine how it feels to be targeted with daily bullying/harassment by their project/community and tons of inaccurate talking points / misinformation about your work. I think you folks can cope with some honest criticism.
1
1
Replying to
YOU searched for my reply to shit on their project. When I asked you if you did search for my old tweet and it hadn't been my experience YOU tweeted out a torrent of stuff slamming them. If this is what you do to a nobody like me, how is any conversation going to be healthy?
1
Show replies