__extern_inline

@PapsDuke @techdroider /cache partition has been mostly unused in Android for the last maybe 12+ years and wiping it wasn't useful.

@techdroider Buh still no "wipe cache partition " for the minimization of planned obsolescence ?

Samsung hasn't removed Download Mode. It's just hidden now and mainly intended for service centers. It's still possible to flash firmware using Odin and enter Download Mode, but now you'll need to enable Maintenance Mode first for the option to appear. So no, Download Mode isn't gone. Samsung has just hidden it instead of removing it.

@peach2k2 cucktech Miku USB cable

nice exploit but MIKU CHARGER 😭😭😭😭

@TheVancedGamer @GrapheneOS I guess they could publish `repo manifest -r` output somewhere for those that want to reproduce exact kernel build, but I don't really see the point of "hashed artifacts" when they are already in the git repo and force push is required it to alter them.

@__extern_inline @GrapheneOS CI logs might not, but SHA256/512 hashes will. How are you gonna disprove hashed source trees and hashed artifacts?

It's kind of funny how @GrapheneOS wants to let everybody know about the "dangers" of "closed source operating systems" yet they themselves ship precompiled, presigned applications that are included in their OS and are NOT reproducible, the most you can do is compile them out of tree and include them manually. And even then, this is still a MAJOR security risk as their precompiled apps have permissions that you really don't want apps to be granted implicitly. I've attached a photo of all the permissions available to the Messaging app, which is included in GrapheneOS at build-time as a prebuilt application. I should mention this, the aforementioned Messaging application has no form of reproducible builds, meaning the only way to update these apps is for some developer to manually build this application on their build PC, sign it and then push it to a git repo. Imagine the security implications of that. (You can unzip the app yourself to check the manifest too.) github.com/GrapheneOS/pla… This is the module included into GrapheneOS. Meanwhile the actual messaging app is at github.com/GrapheneOS/Mes…. For reasons beyond me, GrapheneOS devs thought it fit to remove the Android blueprints from it, therefore making this app unbuildable inside the Android source itself. #L378" target="_blank" rel="nofollow noopener">github.com/GrapheneOS/pla… The inclusion of said prebuilt Messaging app. It's not just this app either. The included App Store, the Camera app, hell, even the Auditor. All of these apps are presigned and precompiled, and granted implicit permissions to do whatever. Why not compile them in-tree? WHY go out of your way to make them unbuildable by removing the blueprints? It's not about adding one yourself and doing it yourself, that's completely besides the point. The point is, why is some OS claiming to be security focused, yet has the ability to infect devices with a theoretical malware spread with these prebuilt apps? Why are these apps not built in-tree in the first place!? There is literally no excuse, every other app is compiled in-tree except these GrapheneOS inclusions. How does it feel to trust a random person with an app that can theoretically upload all your data to a remote server without your knowledge? Further more, besides doing such things, GrapheneOS devs have the _nerve_ to go forth and cement their beliefs on others? When they themselves don't commit to their standards? If this isn't an absolute form of hypocrisy, I really don't know what is. Maybe this post will instill some form of awareness in die-hard GOS fans. Maybe I'll get to deal with insane backlash. Who knows. At least I'm putting it out there. Maybe one day we'll get to know that this entire project was a honeypot.

@TheVancedGamer @GrapheneOS sure, but CI logs don't prove shit, they could be lying there for all you know.

@__extern_inline @GrapheneOS So was I, there isn't any Android "standard" that mandates pushing prebuilts into a git repo without any traceable source. In fact it's quite the opposite when even Google has a fully end-to-end CI with artifacts being delivered.

@TheVancedGamer @GrapheneOS yes, I know Google has CI/CD for everything, but I was talking about GrapheneOS.

you know the last point makes me really laugh. because unlike Graphene, Google has a completely public CI with verifiable artifacts at ci.android.com, and for the kernel, they also have ci.android.com/builds/branche…. Maybe you should try opening it and see that Google does in fact have CI for everything, including kernels. :D

@TheVancedGamer @GrapheneOS btw don't be surprised if they do the same to other apps at some point too, as long as they don't need any private system apis to compile.

@TheVancedGamer @GrapheneOS it's actually pretty simple - they just decided to put more effort into messaging app so they ported it to build system that just works with android studio and simultaneously decided that keeping blueprints in sync is too much of a hassle.

@TheVancedGamer @GrapheneOS tho "doesn't build for me" is probably just a skill issue.

@TheVancedGamer @GrapheneOS "sorry for not spending more time on setting up keys so that i can build release flavor for a twitter reply".

@TheVancedGamer @GrapheneOS it built fine with `git clone --recursive github.com/GrapheneOS/Mes… && cd Messaging && ./gradlew assembleDebug` btw if you want to complain more about in tree vs out of tree, their kernels are also compiled out of tree and included as prebuilts ^^

@__extern_inline @GrapheneOS the app doesn't even compile right now, it depends on in-tree modules while being out-of-tree

@nsg650 calculator wasn't necessary for CTS/VTS so it was removed.

Tfym stock aosp doesn't include a fucking calculator but the Google search app that hasn't been updated since Android gingerbread

@pokke_inhaler come watch official subs with vid notes™ instead

hey girl come over to my place so we can watch kotobuki with the autistic fansub that has TL notes that occupy half the screen

@vaxryy @FloatngUpstream you shouldn't strive to be like Gnome.

@FloatngUpstream Gnome breaks addons every release as well, lol. I dont think we need an abi

I don't understand why some people dislike the idea of plugins. You gotta rebuild them once after an update, it takes like 1 minute. That's it.

@iAnonymous3000 @GooglePixel_US what "other devices" are you talking about that match the following: 1. supports avb_custom_keys 2. has secure element and it's inaccessible to custom OS 3. ignores avb rollback index even when relocked

The distinction is implementation quality and hardware integration. GrapheneOS requires Pixels because they implement verified boot correctly and expose the Titan M2 security element to third party operating systems. That enables hardware backed features like Weaver for PIN attempt throttling. Other devices have broken rollback protection, inconsistent attestation, or don’t let custom OSs access the secure element at all. Pixel is currently the only platform where relocking with custom keys maintains the full verified boot security model, including hardware security integration, to the standard GrapheneOS requires.

The @GooglePixel_US is an engineering marvel in mobile security. Titan M2 is physically separate silicon with its own processor, RAM, and flash. Your encryption keys live there and the main CPU has no electrical pathway to extract them. Keys are generated on die during manufacturing and never exposed to factory systems. (That’s defense against nation state interdiction) Pixel 8 deployed Memory Tagging Extension at consumer scale using the Tensor G3. Hardware enforced memory tagging catches buffer overflows and use after free bugs instantly. These vulnerability classes account for 70% of critical mobile exploits. MTE doesn’t mitigate them - it eliminates them. Protected KVM isolates sensitive computation in VMs the Android kernel cannot access even with root. Kernel compromise no longer equals game over. The Pixel is the only Android device supporting bootloader relocking with custom keys. This enables @GrapheneOS to run with full verified boot integrity. Hardware that empowers third party hardening rather than preventing it. Seven years of security updates. Published security bulletins. Open vulnerability research program. This is what defense in depth looks like when you control the silicon.

@CEOofFuggy very likely it'll be.

Insane people think this is real

@ognuliscic @janvalek @vaxryy yeah, real tray would include tray icons from other apps like discord/steam/etc. on Gnome you're forced to install an extension for that - extensions.gnome.org/extension/615/…

@__extern_inline @janvalek @vaxryy no this is just a standard fedora silverblue install unless you mean something else by system tray

KDE is an acceptable face of the linux desktop as its the second best choice after hyprland 😎👍

@ognuliscic @janvalek @vaxryy >Gnome has a system tray in the top-right isn't that just an extension you use? >And you can minimise all your apps by moving to a different virtual desktop and bringing along the apps you're using lmao.

@janvalek @vaxryy Gnome has a system tray in the top-right And you can minimise all your apps by moving to a different virtual desktop and bringing along the apps you're using Or just click on the apps you want to look at and they'll come to the top

@PaniczFrancuz @_dusieq95 @KostkaToja były zaszyfrowane tylko klucz każdy znał

@_dusieq95 @KostkaToja Nic ciekawego tam nigdy nie było. Kiedyś minecraft przechowywał niezaszyfrowane dane logowania w pliku lastlogin, z którego minecash wyciągał te dane i wysylal zapytaniem GET na jakiś serwer. I to tyle 🤷‍♂️

Po 13 latach udało się komuś odnaleźć zaginiony plik modu MineCash Dla niewtajemniczonych MineCash to modyfikacja, która była promowana przez dwóch polskich YouTuberów i okazała się być keyloggerem, wykradającym dane kont minecraft ich widzów Link do całej historii poniżej.