Tell you what: I agree with you on this. If one is truly paranoid and takes physical security into account, a rooted stock OS is a far better option in terms of restricting access to system files (not saying the CIA/MOSSAD can’t do it, but your random reddit-informed script kiddie definitely can’t). Indeed, rooting your stock OS, firewalling everything and deleting telemetry might be a decent idea (there are ways to install security patches on rooted mobiles, not to worry).
Edit: on the matter of CalyxOS, I wouldn’t go as far as to fault them on it. Grapehene has taken a resolution to either block/use their own almanac servers. This requires a fair bit of work. Oh, and what domain do Google chips use for almanacs anyway?
Edit: on the matter of CalyxOS, I wouldn’t go as far as to fault them on it. Grapehene has taken a resolution to either block/use their own almanac servers. This requires a fair bit of work.
Yes, but if you want sell a secure OS to people it should be really secure and not have big blind spots hidden from the users like this one.
Tell you what: I agree with you on this. If one is truly paranoid and takes physical security into account, a rooted stock OS is a far better option in terms of restricting access to system files (not saying the CIA/MOSSAD can’t do it, but your random reddit-informed script kiddie definitely can’t). Indeed, rooting your stock OS, firewalling everything and deleting telemetry might be a decent idea (there are ways to install security patches on rooted mobiles, not to worry).
Edit: on the matter of CalyxOS, I wouldn’t go as far as to fault them on it. Grapehene has taken a resolution to either block/use their own almanac servers. This requires a fair bit of work. Oh, and what domain do Google chips use for almanacs anyway?
Yes, but if you want sell a secure OS to people it should be really secure and not have big blind spots hidden from the users like this one.