Category: Uncategorized

I use the Conversations XMPP messenger a lot on my Android phone, not only for text, image and video chat messages, but also for voice and video calling. It’s a joy to use! While in the early days, voice calls dropped when moving between the cellular network and Wi-Fi, the process has become pretty much seamless in the meantime. When I recently jumped between Wi-Fi and cellular a number of times on purpose, I was surprised that I couldn’t hear the switch between the networks in the audio channel at all. So perhaps the call didn’t switch and staid on cellular? I decided to have a closer look.

Continue reading WebRTC Handover between Wi-Fi and Cellular

A quick note today about something that probably everyone but me knows already: When I last installed the F-Droid and Aurora App Store front-ends, the one thing both of them could not do were auto-updating installed apps. Not a big problem for me because I don’t mind being in control when a device updates apps. But for those in the family that would rather like things to be automated, this was not so nice. Looks like since Android 12, alternative app stores can now also automatically update apps. When I installed F-Droid and Aurora, the option did not exist, but an update down the road introduced the feature, disabled by default. Good default, I commend them for it. But actually, I have to admit that auto-update is something I would like as well, so I’ve switched it on for my device as well now. Many thanks, cool stuff!

In part 3 of this series, I’ve taken a look at how the Google Play Services (app) and closed source commercial apps from the Google Play store can be separated into Android’s private space to deny them access to any data on the device. I really like this separation, and having used it for some weeks now, I have noticed a number of additional nifty features: App termination and network separation.

Continue reading GrapheneOS – Part 5 – App Separation and Termination in the Private Space

Today, I’d like to share a few notes about GrapheneOS and Wi-Fi privacy. When connecting to a new Wi-Fi network for the first time, ‘normal’ Android devices I use generate a per-Wi-Fi network randomized MAC layer 2 address and then keep using this MAC address for this network. While this prevents tracking a device between different networks, an individual network can still track a device forever. Not ideal.

GrapheneOS fortunately goes a different way! Instead of using a per-network MAC address, the default is to use per-connection randomized MAC address. This removes traceability over time even in a single network.

Continue reading GrapheneOS – Part 4 – Wi-Fi Privacy

My main reason for turning to an alternative Android flavor is privacy. GrapheneOS takes this to the next level and by default doesn’t talk to any Google servers at all. Even things like the connectivity check web request when connecting to a new network or requesting ephemeris information for fast GPS startup go to GrapheneOS servers rather than to Google. Like on LineageOS, which I have used so far, the downside of not having any Google software on the device is that particularly banking apps do not run. A small price to pay for privacy, but GrapheneOS offers a way out of this without compromising privacy: Running Google Services, particularly Google Play in a sandbox.

Continue reading GrapheneOS – Part 3 – Separation Options for Google Play Stuff

Good, so there’s GrapheneOS on my Pixel 8 now. Like on my previous Pixel 6 with LineageOS, I don’t need the privacy challenging Google Play Services for my core apps, as they are all open source and from the F-Droid store. That being said, there is one type of proprietary apps, however, which I would really like to have on my main phone and which require these services: Banking apps.

There are various ways to get Google Play Services on custom Android Open Source ROMs, and GrapheneOS uses a particularly nifty version: The original Google Play Services and the original Google Play app store can be put into sandboxes, and GrapheneOS then puts an insulation layer around the play services to shield the operating system from it. Sounds nice!

I have to admit that I only had a very vague idea so far what the Google Play Services actually are and how they are embedded in Android. At this point, I felt that I needed to understand this a bit better before allowing it on my main phone. So after reading the GrapheneOS details on the topic and the Wikipedia entry on Google Play Services, I think I understand this much better now. So here’s my take on it:

Continue reading GrapheneOS – Part 2 – Google Play Services

12 years ago I moved from Symbian (does anyone remember?) to Android with a sad heart and great unhappiness about the amount of private data that would be siphoned out of the device. Fortunately there was CyanogenMod, an Android Open Source Platform (AOSP) fork that removed pretty much all privacy invading extras from Android. Happiness restored! Over the years, Cyanogen morphed into LineageOS, and I’ve been using this flavor of privacy friendly Android until today. While the future for free Android forks has looked a bit dire in some years, things are much healthier these days and there are several interesting options now apart from LineageOS which do not require living on the bleeding edge. So when it came to changing smartphones once again, I decided to try out something different: GrapheneOS.

Continue reading GrapheneOS – Part 1 – Making the Jump

A quick post today on a cool service for OpenStreetMap I’ve recently discovered: For many years, I’ve been using Osmand and other tools on my smartphone not only for maps, local search and navigation, but also to contribute changes, i.e. new shops, opening hours, etc. etc. Recently, I wondered if I could see who else has recently updated the map in my region. After a bit of searching, I found WHODIDIT, that shows recent changes of Openstreemap on a map. Even better: One can get updates via RSS for a region by drawing a rectangle on the map, which generates an RSS feed. Works great and gives me a much better understanding, how many people and how often changes are made where I live.

I’m a great fan of the idea of Eduroam Wi-Fi and I’ve been using it and helping others to use it for many years. The idea is simple: You have an Eduroam account at your home university which allows you to not only use the Eduroam Wi-Fi locally for ‘Internet’ access, but also in other places that offer Eduroam. Authentication is then provided by the authentication server of your home institution. Distributed authentication, world wide use, very nice! In Europe, pretty much every university offers Eduroam and in the Nordic countries you even get connectivity in train stations, airports, hospitals and other public places. This is all very nice if it weren’t for two little problems: Port blocking and ‘low signals spilling into the streets’.

Continue reading Growing Pains With Eduroam – Going Manual

So here we are, only one thing is missing for me to complete my switch from a self maintained Nextcloud instance to Nextcloud AIO: Differential restore of data to a standby system. A quick recap: The default restore doesn’t work for me, as it performs a full restore of all data which takes too long. What I need is a differential restore process that only transfers files that have changed from the remote backup server to my standby Nextcloud instance and deletes the files that no longer exist. While there is no official process to do this, it’s easier than I first thought.

Continue reading Nextcloud Refresh – Part 5 – Differential Restore