Is Memory Tagging Extension (MTE) and/or Memory Integrity Encforcement (MIE) one of the requisite features for GrapheneOS?
The recent moves from Google that look like Android will become more of a “closed garden”, and it might affect the furure of privacy ROMs.
I’m not sure if thats the same reason for this, but GrapheneOS have stated that they are working on a phone from another Android OEM. I have no idea if apple’s chips allow exclusively ios or linux-like os on the system, but how feasable is it that they might consider Apple (given if the inclusion of MIE & MTE makes iPhones more compatible with gOS) in the future?
No way. iPhones don’t exactly allow bootloader unlocking to begin with, but even if you could, it would be in no better state than Asahi on the M1 Apple computers. Every driver would have to be written from scratch.
Pixels are a good platform for custom ROMs because until the recent drama, you could literally just build AOSP as-is and use it. So the GrapheneOS team only really need to focus on their changes to the OS and their apps and none of the drivers and modem interface and all that. That’s also why GrapheneOS runs so well on it: Google provided everything, it just works.
iPhones would be the absolute worst phone to develop for: zero support from Apple, no drivers no documentation, no nothing. Not even a Linux kernel! At least for Android, the Linux license forces manufacturers to publish the source code, so at minimum you start with something that should boot and contain all the stuff to talk to the hardware already, just need to wire it in with userspace drivers. CPU manufacturers like Qualcomm also provide a fair chunk of the userspace drivers open-source too, so you can just pull that and have audio and video working.
Not impossible, but definitely really hard and impractical.
This is a great summary. Also, see the GrapheneOS teams list of hardware prequisites. They have said themselves before that this is not a very high bar, but that there are just no other manufacturers focusing on security. Apple claim they do, and get recommended as second best option in the forums sometimes, but given the walled garden approach, it must be next to impossible to develop against, even if they unexpectedly completely open up their ecosystem.
They would probably also have to take a lot of criticism for their implementation approaches and their brand integrity would suffer immensely. Maybe there would even be some new undisclosed vulnerabilities to fix, like the goto fail bug breaking SSL encryption ten years ago.
Compare it to the new open source Nvidia drivers for Linux, they have taken quite a while to develop since Nvidia announced the release, and I don’t know if they have yet reached the performance levels of the proprietary ones. Doing this for a whole Phone, given they even fulfil the requirements hardwarewise, will probably take a decade. And in this decade, ten new iPhones will be released…
Why would using Apple’s walled garden be a solution to Android becoming a walled garden? I can’t understand why this sentiment of moving to use Apple comes up so often lately.
I’m not saying I would like it, its not a sentiment, its just questioning possibilities. Which now I see how hard it is thanks to other more informative comments. I would not like it in fact, if it happened, but if it did, a gos iphone would not belong in the enclosed garden since its only the hardware provider. (imo).
GrapheneOS exists for maximal security and privacy, not for freedom.
Security is a medium to get to Privacy, which imo is the means for freedom in the digital aspect.
iPhones have locked bootloaders, and that likely will never change.
Unless forced to do so by law and then Apple would kick and scream and do everything they could to “technically” follow the law without actually doing what the law intended them to do. Then they would drag it out in court for years.
In the US the law is bought and Apple has infinite money.
The EU still has a functioning regulatory body and a large enough market to make Apple listen.
I’d love to see EU regulators force bootloaders to be open, but they are WAY too neoliberal to force that on big tech in my lifetime, especially after allowing closed bootloaders for decades.
Apple would never agree to it, and they have no reason to.
iOS is a stripped down version of macOS, which is certified UNIX, whatever that means. They also claim to safeguard your privacy, though I’m not sure they’ve ever proven it. Quite the opposite, I think they’ve unlocked iPhones, handed over iCloud data for law enforcement, while denying grieving families the same privilege.
I think the best outcome would be for some privacy fanatics with deep pockets to purchase a smaller OEM that already has manufacturing down. The problem they will run into is how to fund it and how to compete, not only with iPhone and the big Android OEMs, but with the smaller Android OEMs that have the same stated goals, to protect privacy. What that might look like is a phone with specs a couple years out that costs maybe a little less than the big names, with the speculation that if enough people buy it, they will support it, but if not enough people buy it… they won’t.
how feasible is it
No.
I mean… if you are love swimming upstream, yes, go for it!
Keep your eyes on Linux phone developments. That’s likely where the future lies for any semblance of privacy on a cell phone.
Lmao what
It would eat away at Apple’s claims of “privacy” on iOS.
