It’s not that it’s closed, it’s more that none of the exiting email protocols support a server which can’t read your email (as it’s all encrypted). They do offer Proton Bridge which you can run locally which will handle all the decryption and local mail clients can talk to that as the would any other mail server.
I don’t know off hand if it supports calendar syncing though.
Proton is not the same as a VM. It has direct access to your filesystem. It could delete your entire home directory if it wanted to.
As I understand it (from my non-legal casual read of the new coverage). Having a monopoly isn’t illegal, abusing it is. For Google they found that google was secretly paying companies to not put their apps on other stores. That was what they got the judgement against them. They didn’t find anything like that for Apple.
Droid-ify can auto update apps in the background with root. I’m running it on GrapheneOS without root and it’s doing it just fine.
FYI for anyone interested. Immich is a open source, self hosted system for photos/videos like Google Photos. It uses machine learning locally for facial and general image recognition.
It certainly can be a bit involved. When I moved from Gmail address to my own personal domain I did it slowly over a few months.
I set my Gmail address to automatically forward to my new email address. Then I setup a quick filter which added a label on everything that had been forwarded. Once a week or so I would look at all the emails that had been forwarded and update them to my new email (or delete them if unwanted).
I’m not sure if their app does it. But the gluten docker container supports their port forwarding. Works really well if you’re looking to route other containers through a VPN.
This is what I do as well and it’s been working great for me.
This is what I’ve done too. I’ve tried a bunch of other keyboards from F-Droid, but haven’t been 100% happy with any of them. So I’m using GBoard still with all network permissions disabled.
I don’t think WebAuthn protects against cookie theft. WebAuthn better protects the login process. But if the result of the login process is still a session/auth cookie, that can be stolen like any other cookie.
It’s mostly a power efficiency thing. Before push notifications were the norm, most apps used a polling method. They had the application send a request every X seconds asking “anything new”. There wasn’t coordination between apps, so even every app checked once every 30s, it likely wouldn’t be on the same 30s. This caused the device to wake up a lot and never let it switch into low power mode.
A push notifications system like FCM or UnifiedPush means only a single application needs to run in the background. It maintains a persistent connection to the push notification service and waits for a message. When it receives one it wakes up the relevant app and passes it the details.
Signal does have a fallback if FCM is unavailable. It supposedly uses slightly more battery, but I can’t say I noticed it. I’ve swapped to using Molly which is a fork of Signal which implements UnifiedPush (among some other features).
I’ve never worked directly with FCM, but that’s my understanding of the issue. I don’t know about WhatsApp. But it may do the same thing as Signal where the notification is just a wake up call and then the app connects directly to the WhatsApp servers to get the actual message.
Anything using FCM will be effected. UnifiedPush which I mentioned I don’t believe has an option to encrypt notification content either. Using it you’d already at least have the option of using a provider with a better privacy policy or self hosting it.
The issue lies with Google’s FCM (Firebase Cloud Messaging) system, so it’s not something GrapheneOS can really fix. As far as I know FCM doesn’t offer a way to encrypt notification content. Some apps like Signal work around this by instead of sending the message content, they send a little “wake up” notification. This tells Signal on your phone to wake up and it goes and retrieves the new message.
If you don’t install Google Play Services, you won’t be impacted. But you’ll also not get notifications for most applications. There is an alternative push notification system called UnifiedPush which allows you to choose any server to handle your notifications (and even self host it). But it does require both the service and the app to support it, so it’s not very wide spread yet.
This was the tool I used. It worked great for me.
Yes it’s possible. From my very basic understanding of it there’s two ways Google can verify devices, using software or dedicated hardware. As long as Google continues to accept the software check you can root and still pass. Google can’t reject the software results without cutting off a large number of older or cheaper phones. There’s no way to get around the hardware check as far as I know.
The GrapheneOS team strongly recommend against rooting devices. Google Wallet doesn’t support them as they won’t pass Google’s Safety Net. Never tried to root a GrapheneOS device so not sure if it’s possible to force a pass.
I did see that one a few weeks ago. I haven’t tried it out yet. I keep forgetting to try installing it when I’m around my computer (to manually extract the glide-typing library).
The page says it captures game audio only by default. But you can switch it to all audio if UPI want to capture something like external voice chat.