I have a Pixel 6 with GrapheneOS but all opinions are welcome.

My choices:

1° Disable screenshot feature 2° Desktop mode

  • Gogo Sempai@programming.dev
    link
    fedilink
    arrow-up
    19
    ·
    1 year ago
    1. Education regarding advertising ID and its deletion presented during setup (consent).

    2. Addition of internet permission on per-app basis. Just like notifications now, every new downloaded app must get your permission to use the internet, else work in offline mode.

    3. Give permission to only selected media to apps rather than everything. This is such a security risk, one bad app and it can steal whatnot.

      • Gogo Sempai@programming.dev
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        I know. I was going to buy a Pixel 7 for it but the G2 processor runs pretty inefficiently thanks to Samsung’s 4nm process, as compared to something like the 8+ Gen 1. It’s pretty weak in comparison as well. So I ended up getting a Nothing Phone 2 and manually degoogled it, swapped everything with their open source counterparts. Not full proof I know, but my threat model is escaping big tech surveillance and living an ad-free life which is more or less getting satisfied xD

  • jet@hackertalks.com
    link
    fedilink
    English
    arrow-up
    16
    ·
    edit-2
    1 year ago

    Multifactor unlock. (Fingerprint+ pin)

    Different cold boot passphrase.

    Hardware token support for unlock or boot (yubikey, etc)

    Each user should be able to have a work profile.

    Work profiles shouldn’t be special, why not unlimited profiles per user.

    Disable / freeze any app (not just pause notifications). If I have a game I like to play on airplane flights, I can have it frozen all the other time.

    Prefer wifi mode, go into airplane mode, turn off cellular radio when attached to good wifi.

    Better customization of the share screen, I don’t fucking need or want apps to put my contacts I to the share bar. Google loves to rotate contacts into my share bar. This needs to be a optional feature, because it leaks who you are communicating with outside of the app

    When using multiple users allow for notifications to be shared to the active user.

    • Otter@lemmy.ca
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      Having more work profiles would make things so much easier. I could sandbox away apps into different profiles. Sometimes I need to install something and I’d like to be able to split them up accordingly

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Just to be pedantic. I don’t believe graphene allows for multiple work profiles. There can be a single work profile on the main owner user account. Graphene allows for more user accounts. But not extra work profiles…

          Just a nit to pick

      • jet@hackertalks.com
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        I’m guessing. I don’t know. But I think under the hood they just implemented a work profile as a separate user. But this users interface gets hacked into the interface of the main user account. So I feel like it’s a kludge. So if they fix that code then I could have unlimited users all displaying in my main user account all separated. And I’d be a happy camper

  • NightOwl
    link
    fedilink
    English
    arrow-up
    10
    ·
    1 year ago

    Enter different profile depending on the finger print or pin you use.

    Have attempts left before device is erased be something you can have be misleading, so show there’s 10 attempts but really there’s only 4.

    Be able to feed false permission data to apps so even without sandboxing it won’t see your contact list and mic access doesn’t actually give access to the real mic.

  • Im28xwa@lemdro.id
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    Allow internet access on a per-app basis and just like what NightOwl said be able to feed false permission data to apps

      • Im28xwa@lemdro.id
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        I love GrapheneOS and just wish that one day non-pixel devices start to meet the requirements to get official support

    • VolunTerry@monero.town
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Per app network permission to enable or disable access by using a toggle would be such a great addition.

  • bbbhltz@beehaw.org
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    Your 2 features are good choices.

    Some developers have added the “disable screenshots” feature (Privacy Browser, for example) activated by default.

    I think desktop mode is all about the hardware. My phone can do it, and my partner’s more powerful phone cannot. I’m probably wrong though.

    I think all phones should have hardware switches to kill camera, WiFi, etc.