DivestOS absolutely slaps. Well, all things considered
Edit:
It's absolutely fantastic for what it is, and that is fact. Maintained by a single person, well documented, and doesn't promise more than it can deliver.
I've been using it for almost two years now, and I like it a lot. (small disclaimer, I'm running it on a OnePlus 5T, which is one of their so-called golden devices that it runs best on)
It's pretty much the next best thing after Graphene, if you don't want to buy a Pixel.
The guy who maintains it does an excellent job of documenting issues, what works on what device, what the system itself can and can't do, it's very transparent.
He doesn't overpromise either, and explicitely states that getting a Pixel with Graphene is the better option overall. Greatly appreciate the honesty.
I'll use it for as long as he'll support my device, and then we'll see if I switch to Graphene.
One important thing though:
While you can install microG, DivestOS doesn't officially support it, and while most things work, some don't. SafetyNet, for instance.
DIVESTOS DEVELOPER BANNING ME ON MICAY'S ORDERS OTHERWISE HE WILL INITIATE A SOCIAL MEDIA HARASSMENT CAMPAIGN AGAINST DIVESTOS
Yes, this happened, and this is my favourite part as far as everything GrapheneOS head/mods have done to date. As dramatic as it sounds, Micay in realtime, in DivestOS' XMPP chatroom, was accusing me of the typical "harassment ringleader campaign" BS, and ordered DivestOS/Mull developer (these are his aliases) SubZer0Carnage/Tad/SkewedZeppelin that if I was not banned immediately, DivestOS and him would face social media targeted campaign and DivestOS will have to forcibly pull off any borrowed GrapheneOS code. DivestOS developer dusted his hands off me, since he does not like me apparently for liking some closed source software and he benefits off of the crybully. Also, unlike the crybully, I have never harassed or harmed anyone because I have a moral conscience to not be an abusive asshole on internet, so he will face no issues on my end.
The most recent incident that exists is lead dev accusing the following entities of being complicit in a swatting attempt, for which no evidence has been provided in the last 5 months: r/privacy users and moderators, r/PrivacyGuides moderators, CalyxOS members, Techlore members, individual reddit users and Louis Rossmann. The dev even had the audacity to hide behind an "autism" placard to justify his abusive behaviour and accusations.
This is not personal drama, but proven and documented large scale incidents, and you should oppose toxicity, fake accusations and witch hunting, being a trans leftist. These are societal problems for all of us, and should be fought the same way we fight for social movements. The tech sector is so bad because it is filled with toxic dudebros like this, and many GrapheneOS supporters justify this behaviour as "security/IT people are like this".
Are you seeing the problem with targeted downvotes towards my comments? I got precisely 5-6 downvotes suddenly in the past hour (for every single post and comment I have made for the past week or so) suddenly for a reason - vote manipulation via sockpuppets - this is the kind of crap they precisely do. What does a leftist do? Stop supporting and using that product, and switch to something that works just as fine. Continuing using something made by such horrible entities while saying otherwise is a kind of faux virtue signalling US govt does via news media.
Calyx if you want one of these pre-configured custom ROMs for Pixels only, and Lineage or /e/ if you want more device support.
If you think the part about locked bootloaders is so important, just know that they lie to the extent of going around in tech YouTuber comment sections and claim they have $1M Cellebrite Israeli toolkits to verify grapheneOS is safe against bootloader attacks like Evil Maid. https://i.imgur.com/woNxPhx.jpg
Okay, first of all: Chill, and let me lay out an observation here.
You are very passionate about that topic, maybe a little too much. The way you talk about it is too heated, and gives people the idea that a civil discussion might not be possible.
The fact that you immediately start conspiring about where your downvotes come from doesn't make it any better.
Now, the issues you describe are very much real, and a problem. There are merits and downfalls in each project, each one handles these differently, and it is for us to decide how to react to that.
So, you're saying that as a reaction, I should neither use Graphene nor DivestOS, am I understanding this correctly?
What then? Compromise my privacy by using less optimal systems? Why would I do that?
Doing things out of principle vs doing them out of practical use is something this community is quite aware of, isn't it. Sometimes the decision isn't easy, sometimes it is.
This is not about "passion". I have been monitoring and documenting the "security zealots" in FOSS community for the past 5 years. If you think that's nuts, I recommend you take out an hour or two and go through this stuff. It will be worth it.
There is no conspiracy btw, regarding voting manipulation and sockpuppet trolling (they admittedly do it). GrapheneOS is by far the most vicious entity in FOSS/privacy community for a while now, to the point Techlore community openly calls them "rabid dogs". Lemmy is just seeing this stuff afresh, what has been going on Reddit for over 3 years. They would have imported that culture onto Lemmy long ago, if I was not here for the past 3 years, and not a moderator acting as a defense line.
There are only 3 things they ever did on their own as extras, and even they have basically no value in the grand scheme of things, them being offering:
instead of 16 character, 64 character password limit on lockscreen
PIN scrambling
Morula method of exec spawning instead of Zygote method used in most AOSP projects
Now, I will elaborate on these 3.
Elaborating on first one, it is kind of useless as you can see for obvious reasons.
For second one, you already understand why fingerprint avoids the issue of someone peeping at your PIN/password entered across your shoulder. Fingerprint is infinitely superior. Even more so with Android and iOS both offering biometric Lockdown features.
This one is somewhat half credible, but the goal is to destroy the memory blocks used by an app after it is exited, so that memory blocks do not retain essential text strings of data to exploit. For this, you can just go to Developer Options and enable "Don't keep activities" and it will achieve the same effect as Morula method of exec spawning implemented by GrapheneOS.
So out of the 20-30 features GrapheneOS claims they developed, everything is either a modification of app permissions or firewalling or AOSP feature rebranding.
Also, as you may have famously heard about "Sandboxed Play Services", it is not developed by GrapheneOS, but a project called ProtonAOSP, whose developer is kdrag0n. GrapheneOS copied that off and rebranded it as their own developed thing.
As you can see, GrapheneOS is basically a lot of marketing and in reality, there is negligible or nothing beyond the surface. This is called snake oil, or selling bridges/dreams.
A civil discussion is not possible with people that always lie about things for years (https://old.reddit.com/user/lo________________ol/comments/1314x2x/why_did_i_do_this/), then manufacture lies about how they were swatted to manufacture drama and gain fame, never to give evidence, label everyone neonazi or complicit in this hoax murder attempt, censor any attempts of being questioned and go underground, and use "autism" label to dodge accountability, and to be a witch hunting liar and an asshole to everyone.
These are not the same community. The actual free software community has been a thing for 40 years, and the privacy/security people spend as much time attacking free software as they do big tech. I've come to believe no security or privacy guy is trustworthy in the free software space. Reject Rossman, return to Stallman.
edit: security guys will say "free software isn't always more secure!" and privacy guys will say "freedom, what is this freedom? it has no internet access, that's the only thing that matters!" and meanwhile stuff like WEI is being implemented, that we've been warning about for the last 40 years. The security and privacy guys will say you don't need freedom, just the "best tool for the job" - Chrome was the best browser when it came out, now it's being used to subjugate the free web. WEI is the end result of treating freedom as a second thought behind security.