Why do you want to have a slow, legacy and hard to debug implementation of domain-based filtering instead of managing it with an app?
Domain-based filtering is also very limited in what it can since it’s trivially bypassed by apps or web sites using IPs or doing their own DNS resolution, which is fairly widely adopted. For example, WhatsApp will still work with the domains blocked. In practice, you’ll also only be filtering domains not used for useful functionality.
every thread the devs get involved with just seems like they’re sniffing their own farts
Dont get me wrong, I think you guys make a great ROM. However, no advice was requested here, yet you tagged me in multiple consecutive comments chock full of unsolicited advice. Plus, in the first comment, you suggested “RethinkDNS”, which depends on their own DNS servers. How do I know that this service, which I have literally never heard of in my 14 years of fucking with Android devices and ROMs and adblockers until maybe 6 months ago, isn’t just a honeypot? Or will even exist after Trump is done raping the USA? I see they use DNS over HTTPS, but I defer to my previous (rhetorical) question.
I wouldn’t think a security and privacy-focused ROM should be recommending anything but a locally hosted option. But as others have said, this is your guys’ project and you’re free to implement it how you see fit. And it is a solid ROM. But apparently it’s not for me.
@lka1988 We focus our effort on the base OS and areas which are not already covered by high quality open source apps. We don’t need to build our own domain-based filtering and blocklists for it because they already exist.
We have built-in content filtering in Vanadium based on EasyList + EasyPrivacy. That’s more usable (per-site toggle) and much less limited than what domain-based filtering can do but it’s still limited by needing to permit dual use functionality and is still easily bypassed.
GrapheneOS does add call recording to our fork of AOSP Dialer. Unlike most alternate operating systems including LineageOS, we don’t limit the regions where it’s available. The fact that users are choosing to use it for specific calls means users are taking responsibility for the legality of recording that specific call and informing the other person of it. Automatic call recording would need more complexity to make it practical for people to comply with recording laws.
You can see from https://eylenburg.github.io/android_comparison.htm that we have no limitations on call recording while others do. The fact that it’s manual means users are taking responsibility for it each time. It’s little different than recording a call with a tape recorder on speaker phone. If we did it automatically, then users would not be making a conscious decision to enable it case-by-case. That would be a problem, and not an acceptable way to do it without an extra explicit opt-in.
@lka1988 @pineapplelover
Why do you want to have a slow, legacy and hard to debug implementation of domain-based filtering instead of managing it with an app?
Domain-based filtering is also very limited in what it can since it’s trivially bypassed by apps or web sites using IPs or doing their own DNS resolution, which is fairly widely adopted. For example, WhatsApp will still work with the domains blocked. In practice, you’ll also only be filtering domains not used for useful functionality.
Thank you for proving my point:
Dont get me wrong, I think you guys make a great ROM. However, no advice was requested here, yet you tagged me in multiple consecutive comments chock full of unsolicited advice. Plus, in the first comment, you suggested “RethinkDNS”, which depends on their own DNS servers. How do I know that this service, which I have literally never heard of in my 14 years of fucking with Android devices and ROMs and adblockers until maybe 6 months ago, isn’t just a honeypot? Or will even exist after Trump is done raping the USA? I see they use DNS over HTTPS, but I defer to my previous (rhetorical) question.
I wouldn’t think a security and privacy-focused ROM should be recommending anything but a locally hosted option. But as others have said, this is your guys’ project and you’re free to implement it how you see fit. And it is a solid ROM. But apparently it’s not for me.
@lka1988
> Plus, in the first comment, you suggested “RethinkDNS”, which depends on their own DNS servers.
You do not need to use their DNS servers. You can use local filtering and your choice of DNS servers including the network provided ones.
> I wouldn’t think a security and privacy-focused ROM should be recommending anything but a locally hosted option.
We’re recommending using local filtering via RethinkDNS, not the RethinkDNS servers. They allow downloading the blocklists locally.
@lka1988 We focus our effort on the base OS and areas which are not already covered by high quality open source apps. We don’t need to build our own domain-based filtering and blocklists for it because they already exist.
We have built-in content filtering in Vanadium based on EasyList + EasyPrivacy. That’s more usable (per-site toggle) and much less limited than what domain-based filtering can do but it’s still limited by needing to permit dual use functionality and is still easily bypassed.
@lka1988 @pineapplelover
GrapheneOS does add call recording to our fork of AOSP Dialer. Unlike most alternate operating systems including LineageOS, we don’t limit the regions where it’s available. The fact that users are choosing to use it for specific calls means users are taking responsibility for the legality of recording that specific call and informing the other person of it. Automatic call recording would need more complexity to make it practical for people to comply with recording laws.
@lka1988 @pineapplelover
You can see from https://eylenburg.github.io/android_comparison.htm that we have no limitations on call recording while others do. The fact that it’s manual means users are taking responsibility for it each time. It’s little different than recording a call with a tape recorder on speaker phone. If we did it automatically, then users would not be making a conscious decision to enable it case-by-case. That would be a problem, and not an acceptable way to do it without an extra explicit opt-in.