I 100% agree, its best to just stick to upstream Fedora imo. Glad you made this comment. The security issues of Nobara always put me off, especially since basically everything it does can just be applied to regular Fedora. I think Nobara would much better serve as a script or toolkit, similar to Brace, or something along those lines instead of an entire separate OS with the security issues it brings.
Yeah, Chromecasts are much better than Fire TV’s, due to the more control you have over them and how easy it is change the launcher vs. Amazon actively preventing it. Basically same price and budget as well. Plus Google running a newer version of Android in general vs. Amazon’s, etc. Chromecasts are probably lesser of the two evils imo.
Pretty much unfortunately. The good thing is its trivially easy to change launchers on the NVIDIA Shield or Google TV devices, plus you can even go a step forward and debloat them entirely with ADB. Amazon’s really the only manufacturer I’d say that forces home screen ads with no choice around it, since they actively prevent changing launchers and such. But Apple is probably the only one out of the box with no advertising.
If you have the money, I’d go for an NVIDIA Shield, or maybe an Apple TV. Well worth the money.
Otherwise, for budget, you could get a Chromecast, which gives you more control over it and has generally less garbage than the Fire TVs do for instance, since you can easily change its launcher and debloat with ADB.
You can easily change launchers on the Shield and remove all of Google’s nonsense through ADB as well though, unlike Amazon who locks down the OS very tight. Plus like another commenter said, you can just flat out install LineageOS and you’re good.
I prefer Calyx on my phone, for the sake of the extra privacy of Micro-G vs sandboxed Google Play Services.
You should give DivestOS a try tbh if you prefer microG to Sandboxed Play Services, since Divest’s implementation of microG is sandboxed/unprivileged unlike Calyx’s, which is a massive privacy and security benefit. Divest in general is a lot more private and secure then stock or Calyx, since it includes a lot of hardening and patches from Graphene, so I’d recommend it as the second best option to Graphene in general, and definitely by far the best option for using microG. Divest also covers most of the same phones Calyx and Graphene do, unfortunately no Pixel Tablet support though.
(I’m not trying to shill Divest or anything btw lol, I just think its a great underrated project that deserves a lot more recognition and support than it has, and seems to fit your use case)
For microG (what I would recommend, since its much more private than regular GAPPS/full Play Services), you can just flash a LineageOS for microG build for your device instead of the official LineageOS. You can get them here. It covers the same devices that Lineage itself does. Same installation process, just using their files instead of Lineage’s.
DivestOS added optional support for unprivileged microG fairly recently, so its definitely usable.
They both should work, you won’t get notifications for Teams though unless you flash microG or GAPPS.
Not all of it is carrier related. I had an S21 unlocked (from US) and it still included Facebook and their garbage services, Netflix, OneDrive, etc. Also all of Samsung’s first party bloatware and nonsense is prevalent regardless. Not to mention Samsung selling data and their tracking, crippling your phone if you root it or install a custom OS (and in the US outright preventing it entirely), etc. Can’t recommend them or their phones at all, but its unfortunate because they have great hardware, just terrible software.
I like Clock You.
deleted by creator
Is the culprit “firebaseinstallations.googleapis.com”?
Sensors and Network access aren’t on Stock Android unfortunately (though they should be!), only on other OSes like GrapheneOS and DivestOS atm. Everything else besides those 2 however is present on Stock.
Yeah, that’s what bothers me. Feels like people romanticize pre-Musk Twitter, when in reality, its always just been complete garbage. Musk’s Twitter is certainly worse in some ways, though that isn’t saying a lot.
Overall, Twitter just sucks. Use other platforms where possible.
I’m not sure if it could be done without at least compromising security to some extent (at least in Android’s current state, but maybe that could be changed or worked around in the future), but yeah, overall I do agree, that’s what I was trying to get at. I definitely support there being an official and easier method to root on Android, as long as it isn’t the default, and as long as the risks are clearly explained. People should certainly be able to do whatever they want with their own devices, it is unfortunate, and definitely an overstep from Google and OEMs.
Not having root is done on Android for some very good security reasons to be fair, it opens up a giant attack surface and risk for all kinds of malware and nasty stuff to take advantage of. I don’t think it’s done completely in malice as you think. Its a very important part of the app sandbox and Android’s security model at large.
With that said, I do think that people should have the option to root if they want to, I’m not a fan of OEMs like Samsung and whoever else purposely preventing people from rooting at all costs. I think people should be able to do whatever they want with their own device, root just certainly shouldn’t be the default, and users should be aware of the risks if they choose to use it. But I do think it should be a possibility for those who really do wish to do so.
With Android, it all just comes down to the OEM and variant of it that you’re stuck with. As a whole, I think its an amazing project and OS, though unfortunately Google, and especially OEMs, tend to make a lot of bad choices. It’s similar to Linux as a whole in that aspect. You’ve got options like ChromeOS which are a nightmare for privacy and user freedom any way you look at them, but then you’ve got your traditional distros like Debian, Arch, Fedora, etc, which are the exact opposite. Its an important distinction.
Why not get the flatpak?
Security concerns. There’s a lot of debate over it, but from the research I’ve done, I believe the Flatpak of Firefox is less secure, since it seems to remove part of Firefox’s internal sandboxing, and relies heavily on Flatpak’s sandboxing.
Basically makes it easier to compromise your data within the browser (like cookies, site data, passwords, etc), but maybe harder to get to the rest of your OS.
I just prefer using the rpm of Firefox with Firejail, as that keeps Firefox’s built-in sandboxing intact, while adding an extra layer similar to Flatpak to restrict it further. Best of both worlds.
Its great and has a lot of potential, I like a lot of what it does. I just wish they had packaging easily available for Fedora/RHEL through a COPR or the like. Also would’ve preferred if they used a stable release vs. the ESR of Firefox as the base, but I can understand why.
with hardening out of the box
Floorp definitely isn’t hardened out of the box in my testing. Only thing it does is seems to disable Firefox’s telemetry, which is nice, but more hardening is certainly needed through other projects like Arkenfox (which work here on Floorp too). Also looks like Floorp makes it easier to toggle some privacy settings that you’d usually have to tweak the about:config for, and comes pre-installed with uBlock Origin, which is great.
I think overall my only concern with Floorp will be how well and quickly the developer can keep up with updates. The track record for now looks good, but only time will tell. Besides that, this is a good and very promising project, will definitely keep an eye on it.
They’re mods of the proprietary Discord client, so yeah they don’t meet the criteria. But the mods themselves are open source which is nice.