• 1 Post
  • 11 Comments
Joined 9 months ago
cake
Cake day: March 6th, 2024

help-circle
  • My original reply to the OP’s question, thoughts and experiences with GrapheneOS, was along the lines of “I think GrapheneOS is Google-centric” and you disagreed saying that GrapheneOS was a “blank slate”. Honestly I think you’re being a bit defensive and maybe a little gaslighty which is why I downvoted.

    GrapheneOS provides fairly prominent links to a Google Play installer or the relatively obscure Aurora Store. The Aurora Store client app is FOSS but the store is quite literally a proxy for the Google Play Store. The apps in the screenshots on Ausora Store’s homepage are mostly apps that use or require Google Play Services. This is all very Google-centric.

    If Google Play wasn’t an important part of GrapheneOS, it could just not contain a prominent link to the Google Play installer. Or it could contain a link to install a fairly prominent app store that offers an ecosystem outside of Google Play. But it exclusively steers users to the Google Play ecosystem as a part of the default, packaged experience, hence my original reply to the OP.





  • PSA: if your financial institution/government/<other website> is using SMS codes (aka PSTN MFA) for multi-factor authentication they are practically worthless against a determined attacker who can use SIM swap or an SS7 attack to obtain the code. Basically you are secured by a single factor, your password. If your password is compromised it may be sold via black hat marketplaces and purchased by an attacker who would then likely attempt to break that second factor.

    The best way to protect yourself is to use a unique password; a password manager especially helps with this. Sometimes institutions will offer “Authenticator” (TOTP) as a second factor, or PassKey authentication, both secure alternatives to SMS codes.

    Here in Aus I’m working with Electronic Frontiers Australia to try and force some change within government and financial institutions (via the financial regulator). Most banks here use SMS codes and occasionally offer a proprietary app. One of the well-known international banks, ING Bank, even uses a 4 pin code to login to their online banking portal. 😖

    Unfortunately SMS codes are a legacy left from old technology and a lack of understanding or resourcing by organisations that implement it. Authenticator/TOTP tokens have been around for 16 years (and standardised for 13 years), and PassKeys are relatively newer. There is a learning curve but at the very least every organisation should at least provide either TOTP or PassKeys as an option for security-minded users.


  • theroff@aussie.zoneOPtoLinux@lemmy.mlCompanies that use desktop Linux
    link
    fedilink
    arrow-up
    0
    arrow-down
    1
    ·
    edit-2
    3 months ago

    That sucks :( I’m pretty much in the same boat. I get to use a Linux desktop at work on the proviso that I don’t raise support requests. We use Microsoft for nearly everything so naturally it’s an uphill battle. The web UI is quite buggy and “not recommended” by my org. Teams doesn’t support Firefox so I have to run a separate browser especially for it.

    But aside from interfacing with Microsoft everything just works, and really nicely.






  • OpenZFS is under a completely FOSS license but it’s incompatible with the GPL and can’t really ever be merged into the Linux kernel. The workaroundids to provide it as source code which gets compiled as a module every time there’s a new kernel via dkms.

    More controversially, Canonical ship OpenZFS pre-compiled in Ubuntu which some lawyers believe to be infringing on ZFS’ codebase.

    Honestly the OpenZFS situation on Linux is probably the biggest single reason for the growing interest in btrfs and bcachefs, the former slowly becoming default on more Linux distros over time and lots of investment from SUSE and Facebook AFAIK.