#calyx — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #calyx, aggregated by home.social.
-
#08 Bastion - Let´s play "Calyx"
-
#08 Bastion - Let´s play "Calyx"
-
#07 Isotope - Let´s play "Calyx"
-
#07 Isotope - Let´s play "Calyx"
-
#06 Exkursion - Let´s play "Calyx"
-
#06 Exkursion - Let´s play "Calyx"
-
#05 Aufholjagd - Let´s play "Calyx"
-
#05 Aufholjagd - Let´s play "Calyx"
-
RE: https://fosstodon.org/@calyxos/116331385301964545
The old release server has been offline and due to the ongoing travel risks across the United States, the dev team hasn’t been able to travel to the physical data center yet. While we are working on manual disk recovery, data on this server remains unreachable. If you have copies of past CalyxOS builds and would like to help us rebuild our release archive, please visit our dedicated GitLab issue: Release files recovery. You can check which factory images and files are still missing and upload the missing files. We are grateful for your contribution.
-
RE: https://fosstodon.org/@calyxos/116331385301964545
The old release server has been offline and due to the ongoing travel risks across the United States, the dev team hasn’t been able to travel to the physical data center yet. While we are working on manual disk recovery, data on this server remains unreachable. If you have copies of past CalyxOS builds and would like to help us rebuild our release archive, please visit our dedicated GitLab issue: Release files recovery. You can check which factory images and files are still missing and upload the missing files. We are grateful for your contribution.
-
Calyx – Ghostty-Based macOS Terminal with Liquid Glass UI
https://github.com/yuuichieguchi/Calyx
#HackerNews #Calyx #Ghostty #macOS #Terminal #Liquid #Glass #UI
-
Calyx – Ghostty-Based macOS Terminal with Liquid Glass UI
https://github.com/yuuichieguchi/Calyx
#HackerNews #Calyx #Ghostty #macOS #Terminal #Liquid #Glass #UI
-
Nutzer von entgoogelten Android-Betriebssystemen sollten angesichts der von Google angekündigten Änderungen beim App-Sideloading ab September nicht selbstzufrieden sein. Wenn F-Droid und andere Alternativen den überwiegenden Teil ihrer Nutzerbasis verlieren, verlieren wir alle. Wir müssen uns mobilisieren, um das zu verhindern:
https://keepandroidopen.org/de/
#keepandroidopen #murena #calyx #aosp #lineageOS -
Nutzer von entgoogelten Android-Betriebssystemen sollten angesichts der von Google angekündigten Änderungen beim App-Sideloading ab September nicht selbstzufrieden sein. Wenn F-Droid und andere Alternativen den überwiegenden Teil ihrer Nutzerbasis verlieren, verlieren wir alle. Wir müssen uns mobilisieren, um das zu verhindern:
https://keepandroidopen.org/de/
#keepandroidopen #murena #calyx #aosp #lineageOS -
@GrapheneOS @attilax @LearnToLivePrivate @RustRaven @jmoupah @Yrrussaj @sebsauvage @jolla Hey Graphene OS folks.
First, it's really great that you guys have created a security focused deGoogled Android operating system.
Given the problems of American big tech, I applaud you for creating an alternative.
So full credit where credit is due.
That being said, constantly badmouthing every other non-Apple and non-Google smartphone maker and operating system is not a good look.
And jumping into any thread on Mastodon where there's a mention of another alternative smartphone maker or OS to badmouth them is not a good look.
You say Jolla is no good. SailfishOS is no good. Fairphone is no good. Murena is no good. CalyxOS is no good. Dumbphones are no good.
I'd imagine you'd probably win more people over if you talked more about why people should choose Graphene instead why they shouldn't choose one of the others.
Because right now, there are tradeoffs with every mobile OS.
That includes Graphene.
For example, there are people for whom limiting their exposure to Google and Apple is more important than choosing the most locked down option available.
For such people, needing to buy a Google Pixel phone to run Graphene is a massive negative.
That's even if the Google Pixel is the best hardware from a security perspective.
And in that case, yeah there are other options that may be a better fit for those people.
There's another issue.
There seems to be many Reddit threads and YouTube videos and blogs out there from people who were enthusiastic about Graphene, but have soured on it.
And the funny thing is there's a pattern to it. "Cult-like" and "toxic" seems to be phrases that tend to be used a lot.
I've also noticed a recurring pattern you put for why the other alternatives are bad is because people connected with those businesses or companies badmouth Graphene.
It seems to me like Graphene constantly bags those other projects. When anyone connected with those projects responds, that response is presented by you guys as evidence of bullying and harassment, without that context.
And the recurring line about how people should just stick with iOS or Google Android if they don't choose Graphene? Just shameful. And completely misses the point of why some people are looking for alternative platforms in the first place.
And the more people who choose an alternative OS, the more normal it becomes to do it, which ultimately leads to more people looking at alternatives like Graphene.
#Android #Jolla #SailfishOS #AOSP #Graphene #GrapheneOS #Murena #Calyx #CalyxOS #Linux #infosec #opensource -
@GrapheneOS @attilax @LearnToLivePrivate @RustRaven @jmoupah @Yrrussaj @sebsauvage @jolla Hey Graphene OS folks.
First, it's really great that you guys have created a security focused deGoogled Android operating system.
Given the problems of American big tech, I applaud you for creating an alternative.
So full credit where credit is due.
That being said, constantly badmouthing every other non-Apple and non-Google smartphone maker and operating system is not a good look.
And jumping into any thread on Mastodon where there's a mention of another alternative smartphone maker or OS to badmouth them is not a good look.
You say Jolla is no good. SailfishOS is no good. Fairphone is no good. Murena is no good. CalyxOS is no good. Dumbphones are no good.
I'd imagine you'd probably win more people over if you talked more about why people should choose Graphene instead why they shouldn't choose one of the others.
Because right now, there are tradeoffs with every mobile OS.
That includes Graphene.
For example, there are people for whom limiting their exposure to Google and Apple is more important than choosing the most locked down option available.
For such people, needing to buy a Google Pixel phone to run Graphene is a massive negative.
That's even if the Google Pixel is the best hardware from a security perspective.
And in that case, yeah there are other options that may be a better fit for those people.
There's another issue.
There seems to be many Reddit threads and YouTube videos and blogs out there from people who were enthusiastic about Graphene, but have soured on it.
And the funny thing is there's a pattern to it. "Cult-like" and "toxic" seems to be phrases that tend to be used a lot.
I've also noticed a recurring pattern you put for why the other alternatives are bad is because people connected with those businesses or companies badmouth Graphene.
It seems to me like Graphene constantly bags those other projects. When anyone connected with those projects responds, that response is presented by you guys as evidence of bullying and harassment, without that context.
And the recurring line about how people should just stick with iOS or Google Android if they don't choose Graphene? Just shameful. And completely misses the point of why some people are looking for alternative platforms in the first place.
And the more people who choose an alternative OS, the more normal it becomes to do it, which ultimately leads to more people looking at alternatives like Graphene.
#Android #Jolla #SailfishOS #AOSP #Graphene #GrapheneOS #Murena #Calyx #CalyxOS #Linux #infosec #opensource -
When it comes to getting at least close to all my basic needs & wants met in a degoogled smartphone setup, I've got basically the blackberry #Key1 or Key 2, or #Unhertz titan with at least #PostMarketOS with those options having a $200-600 price range, most being $400-500.
Or #Motorola phones and a separate mini keyboard, with #Calyx or #PostmarketOS, with a $70- $700 price range, most being under $250.
On #smartphones heavier for me is always better, so if as I suspect the cheaper option is also heavier, that's another selling point for it.
When an $800-900 item & setup is inferior to a $70- $250 one, this isn't anywhere near a matter of my being too picky, but rather a matter of the ridiculousness of insisting that everyone has the same exact needs!
-
When it comes to getting at least close to all my basic needs & wants met in a degoogled smartphone setup, I've got basically the blackberry #Key1 or Key 2, or #Unhertz titan with at least #PostMarketOS with those options having a $200-600 price range, most being $400-500.
Or #Motorola phones and a separate mini keyboard, with #Calyx or #PostmarketOS, with a $70- $700 price range, most being under $250.
On #smartphones heavier for me is always better, so if as I suspect the cheaper option is also heavier, that's another selling point for it.
When an $800-900 item & setup is inferior to a $70- $250 one, this isn't anywhere near a matter of my being too picky, but rather a matter of the ridiculousness of insisting that everyone has the same exact needs!
-
@rraggl @e_mydata @GrapheneOS @calyxos @LineageOS @shiftphones @jolla @postmarketOS
The statement I made that you responded to stated "ONE of my hesitancies" in a preset smartphone, not "all".I am not just looking for a degoogled smartphone, I am looking for one without an AI, without any biometric ID scanners/sensors (like the fingerprint one's that are so common) with a physical keyboard, with the ability to get connected to service in my country (USA) and that meet military rugged standards for durability. *None of the preset OS options have a physical keyboard.
#Volla states it pretty directly on their website that they use a digital assistant of an AI, but beyond that they're not connectable to service in my country. But they are the only option that comes with a preset OS, is degoogled & is durable enough for my needs.
#Murena aka #fairphones/shiftphones (as they're sold in my country) are vaguer about it & yet it's pretty cleat they've got the same unwanted & unwelcome element on their devices. Beyond which at $800-$900, a fairphone/shiftphone is definitely too expensive for me, as I'm on disability benefits, those conditions barring me from paid work being the very same that make me need physical keyboards & durable devices!
#Graphene only works with pixel, aka breakaway glass phones, so even if they didn't, it'd be a moot point for me.
#Calyx & #postmarket don't have any phone sold with their OS on it, so beyond sandbagging me in your push for this, they are irrelevant to my argument that you are responding to.
Jolla phones aren't sold in my country at all, so they're another element of said sandbagging.
Now on realistic options & my considerations:
#PostmarketOS I might also get with one of the 2 or 3 similar to blackberry phones that are out now, after that desktop is setup. (Price wise at around $400-$500 they're at the higher end for me but within a year or so I can likely save& budget in for this option.)
If #pinephone brings back their devices with keyboards, as they used to have them, that'd be a 3rd and best option, as they have the kill switch on microphones & cameras.
#Calyx in the Motorola phone acceptance might have at least similar durability to a Volla, have service connection in my country & I don't think they have an AI integrated into their OS but still don't have physical keyboards. This is why I'm considering getting a separate keyboard & Motorola phone, after I setup a desktop computer to use them, as even with paying for the added keyboard that's likely my most affordable option.($70-250)
*I've not had an active smartphone for most of the past decade, especially as wherenever I leave my property it's rarely for under a 50 mile round trip drive of an outing, which has at times been problematic but it's also why unless I actually see something that I really can use & will improve things, I won't buy or even seriously consider things I can't.
-
@rraggl @e_mydata @GrapheneOS @calyxos @LineageOS @shiftphones @jolla @postmarketOS
The statement I made that you responded to stated "ONE of my hesitancies" in a preset smartphone, not "all".I am not just looking for a degoogled smartphone, I am looking for one without an AI, without any biometric ID scanners/sensors (like the fingerprint one's that are so common) with a physical keyboard, with the ability to get connected to service in my country (USA) and that meet military rugged standards for durability. *None of the preset OS options have a physical keyboard.
#Volla states it pretty directly on their website that they use a digital assistant of an AI, but beyond that they're not connectable to service in my country. But they are the only option that comes with a preset OS, is degoogled & is durable enough for my needs.
#Murena aka #fairphones/shiftphones (as they're sold in my country) are vaguer about it & yet it's pretty cleat they've got the same unwanted & unwelcome element on their devices. Beyond which at $800-$900, a fairphone/shiftphone is definitely too expensive for me, as I'm on disability benefits, those conditions barring me from paid work being the very same that make me need physical keyboards & durable devices!
#Graphene only works with pixel, aka breakaway glass phones, so even if they didn't, it'd be a moot point for me.
#Calyx & #postmarket don't have any phone sold with their OS on it, so beyond sandbagging me in your push for this, they are irrelevant to my argument that you are responding to.
Jolla phones aren't sold in my country at all, so they're another element of said sandbagging.
Now on realistic options & my considerations:
#PostmarketOS I might also get with one of the 2 or 3 similar to blackberry phones that are out now, after that desktop is setup. (Price wise at around $400-$500 they're at the higher end for me but within a year or so I can likely save& budget in for this option.)
If #pinephone brings back their devices with keyboards, as they used to have them, that'd be a 3rd and best option, as they have the kill switch on microphones & cameras.
#Calyx in the Motorola phone acceptance might have at least similar durability to a Volla, have service connection in my country & I don't think they have an AI integrated into their OS but still don't have physical keyboards. This is why I'm considering getting a separate keyboard & Motorola phone, after I setup a desktop computer to use them, as even with paying for the added keyboard that's likely my most affordable option.($70-250)
*I've not had an active smartphone for most of the past decade, especially as wherenever I leave my property it's rarely for under a 50 mile round trip drive of an outing, which has at times been problematic but it's also why unless I actually see something that I really can use & will improve things, I won't buy or even seriously consider things I can't.
-
#Molly app has a socks5 option but only #Orbot "VPN" mode will work. What if #Arti from @torproject could bind with Molly on socks5 via #Termux?
would be nice to have #systemd like @postmarketOS
*Termux @termux
pkg update (possible to plug in keyboard and display to #android #mobile app)
then proot-distro login --isolated debian
su - user because Arti will complain eventhough phone is not really rooted, change etc/resolv.conf to cloudflare, add dependencies needed for #rust rustup and cargo on #debian #trixie, chmod g-w ~/.config* #Oniux --> E0560
* Arti --> works great. Have not noticed any "anti-effects." Also works on #Alpine / #PostmarketOS in Termux tests.
* apkeep #EFF https://www.eff.org/pages/apkeep --> shared storage path, package manager chokepoint won't install
* network monitoring like Nyx with #tokio-console
In a way, like passwordless root in QubesOS. Some good customizations can be made in Dom0, though, unlike GrapheneOS.
#UbuntuTouch #Brax #Mobian #deGoogle #Tor #Linux #AOSP #GuardianProject #Calyx #Phone #Development -
#Molly app has a socks5 option but only #Orbot "VPN" mode will work. What if #Arti from @torproject could bind with Molly on socks5 via #Termux?
would be nice to have #systemd like @postmarketOS
*Termux @termux
pkg update (possible to plug in keyboard and display to #android #mobile app)
then proot-distro login --isolated debian
su - user because Arti will complain eventhough phone is not really rooted, change etc/resolv.conf to cloudflare, add dependencies needed for #rust rustup and cargo on #debian #trixie, chmod g-w ~/.config* #Oniux --> E0560
* Arti --> Linux Scaffolding Log_Connections
* apkeep #EFF https://www.eff.org/pages/apkeep --> shared storage path, package manager chokepoint won't install
* network monitoring like Nyx with #tokio-console
In a way, like passwordless root in QubesOS. Some good customizations can be made in Dom0, though, unlike GrapheneOS.
#UbuntuTouch #Brax #Mobian #deGoogle #Tor #Linux #AOSP #GuardianProject #Calyx #Phone #Development -
CW: longpost about grapheneos, and then i'll shut up about it
look, i don't want to bully #grapheneos. everyone be nice! but i'm tired of staying silent while their accounts spew unchecked lies for years, so i'll just say this and then go back to ignoring it again.
in my time working for #calyx / on #calyxos (a time which has now ended), despite graphene's claims to the contrary, i *never* saw anyone from calyx spread or encourage malice toward their project or community or harass them *at all*. if anything, due to a history of negative attention coming from their direction, calyx has long had a rule *not* to discuss their project in calyx's online spaces, but has still demonstrated respect for their OS in public, e.g. at conferences, acknowledging it's a good choice for some.
meanwhile, there has been a steady stream of smears, accusations, and now schadenfreude from their side about calyxos. you need look no further than their official social media accounts for evidence of this; you don't need the "receipts" from me to see the malice. it's all on full display, no background knowledge or rewriting of history required to understand.
contrary to their claims, during my time, by policy, calyx didn't even *look* at their code, let alone incorporate it (apart from some early remnants that are properly attributed, like signing scripts). in fact, with the exception of a weird, random proposal from the founder, as far as i know, calyx never even tried to interact with them whatsoever.
anyway... 4-5 years ago, before i had even finished deciding what OS to use, i was banned from grapheneos's chat channels before even getting around to send any messages - apparently just for existing in the calyx channels - and that made my OS decision easy: i wouldn't use an OS run by folks who'd do something like that. funnily enough, if not for that ban, and subsequently learning more about their behavior, who knows? i may have used grapheneos, just ignored the community stuff, and never ended up working for calyx in the first place.
-
CW: longpost about grapheneos, and then i'll shut up about it
look, i don't want to bully #grapheneos. everyone be nice! but i'm tired of staying silent while their accounts spew unchecked lies for years, so i'll just say this and then go back to ignoring it again.
in my time working for #calyx / on #calyxos (a time which has now ended), despite graphene's claims to the contrary, i *never* saw anyone from calyx spread or encourage malice toward their project or community or harass them *at all*. if anything, due to a history of negative attention coming from their direction, calyx has long had a rule *not* to discuss their project in calyx's online spaces, but has still demonstrated respect for their OS in public, e.g. at conferences, acknowledging it's a good choice for some.
meanwhile, there has been a steady stream of smears, accusations, and now schadenfreude from their side about calyxos. you need look no further than their official social media accounts for evidence of this; you don't need the "receipts" from me to see the malice. it's all on full display, no background knowledge or rewriting of history required to understand.
contrary to their claims, during my time, by policy, calyx didn't even *look* at their code, let alone incorporate it (apart from some early remnants that are properly attributed, like signing scripts). in fact, with the exception of a weird, random proposal from the founder, as far as i know, calyx never even tried to interact with them whatsoever.
anyway... 4-5 years ago, before i had even finished deciding what OS to use, i was banned from grapheneos's chat channels before even getting around to send any messages - apparently just for existing in the calyx channels - and that made my OS decision easy: i wouldn't use an OS run by folks who'd do something like that. funnily enough, if not for that ban, and subsequently learning more about their behavior, who knows? i may have used grapheneos, just ignored the community stuff, and never ended up working for calyx in the first place.
-
so, while there were other things that influenced my decision to resign from #calyx, in the end, the biggest were the on-going outrageous behavior coming out of the engineering department, and a failure of leadership to do anything meaningful about it. although i deeply respect the #calyxos team and the many great folks at the institute, unfortunately, until/unless something is done, i cannot support calyx, and i cannot recommend donating to them right now. (9/9)
-
none of this even delves into the #calyx engineering director's endless gaslighting, predictable derailing of discussions and decision-making, hoarding of access and information, attempts to delay / sabotage the revival of #calyxos, and apparent eagerness to direct $10,000's of member donations toward goods and services from the warmongering likes of AWS and thales. those would warrant threads of their own. (8/9)
-
some may think, "i don't mind if #calyx moves my name, email, address, etc to vultr. it's not like it's AWS" - or "this is why i never share any personal info that i can't afford to be leaked anyway". but in my mind, given that calyx has hosted its own services for years - VPN, tor exit nodes, #calyxos release server, etc - i think people have come to expect this and to hold them to a higher standard for data handling and transparency. it's your data. shouldn't you know who has it? (7/9)
-
when i became aware that the #calyx membership site's dns was changed to point to a cloud provider, i had questions, so i did something controversial: i asked. i wanted to know why, and who was involved, and what considerations were made. i emailed the board and anyone else i thought might know more. and i got a response from someone in leadership saying, among other things, "My reading of the privacy policy is different from yours." (i hadn't even mentioned the privacy policy.) (6/9)
-
when i became aware that the #calyx membership site's dns was changed to point to a cloud provider, i had questions, so i did something controversial: i asked. i wanted to know why, and who was involved, and what considerations were made. i emailed the board and anyone else i thought might know more. and i got a response from someone in leadership saying, among other things, "My reading of the privacy policy is different from yours." (i hadn't even mentioned the privacy policy.) (6/9)
-
if #calyx were going to have a functional, actually-online datacenter managed by its existing engineering department, it would have happened by now. instead, the infrastructure conversations shift seamlessly from excuse to excuse, with minimal tangible accomplishments in *years*, and the powers that be *just don't care*, despite virtually all calyx workers complaining that the lack of progress - and the technical excuses for it - make no sense. (5/9)
-
if #calyx were going to have a functional, actually-online datacenter managed by its existing engineering department, it would have happened by now. instead, the infrastructure conversations shift seamlessly from excuse to excuse, with minimal tangible accomplishments in *years*, and the powers that be *just don't care*, despite virtually all calyx workers complaining that the lack of progress - and the technical excuses for it - make no sense. (5/9)
-
one day in july, after years (or nearly so) of the engineering dept failing to address known problems with the membership server - which is the same story as almost every other #calyx server - finally it "crashed", and they seized on the opportunity to migrate it to ~the cloud~, "temporarily", until calyx has its own new metal to put it on. but without a leadership change, that's never going to happen... (4/9)
-
one day in july, after years (or nearly so) of the engineering dept failing to address known problems with the membership server - which is the same story as almost every other #calyx server - finally it "crashed", and they seized on the opportunity to migrate it to ~the cloud~, "temporarily", until calyx has its own new metal to put it on. but without a leadership change, that's never going to happen... (4/9)
-
the idea of #calyx moving its infrastructure to ~the cloud~ was a recurring proposal from the engineering director for years, but it had been opposed by the founder, the board, and most staff, particularly for cases involving personally identifiable information. if such a data transfer were required, most of us would have insisted on either getting explicit member consent or - at minimum - notifying in advance. the eng director apparently found such positions unreasonable. (3/9)
-
the idea of #calyx moving its infrastructure to ~the cloud~ was a recurring proposal from the engineering director for years, but it had been opposed by the founder, the board, and most staff, particularly for cases involving personally identifiable information. if such a data transfer were required, most of us would have insisted on either getting explicit member consent or - at minimum - notifying in advance. the eng director apparently found such positions unreasonable. (3/9)
-
in july, the #calyx institute membership server - members.calyxinstitute.org - was quietly moved from a server owned and operated by calyx, to a cloud hosting provider, along with all associated member data (personal information). from what i was told, this decision was made by the engineering director, the executive director, and the board. (2/9)
-
in july, the #calyx institute membership server - members.calyxinstitute.org - was quietly moved from a server owned and operated by calyx, to a cloud hosting provider, along with all associated member data (personal information). from what i was told, this decision was made by the engineering director, the executive director, and the board. (2/9)
-
"My reading of the privacy policy is different from yours."
i want to elaborate on why i left #calyx / #calyxos. (everything in this thread is my opinion or interpretation.)
while there were many factors, the breaking points for me were a non-consensual transfer of members' personal information to a third-party server, a total lack of notification, and a ridiculous defense. the following messy posts will continue my perspective and recollection of this particular event. (1/9)
-
"My reading of the privacy policy is different from yours."
i want to elaborate on why i left #calyx / #calyxos. (everything in this thread is my opinion or interpretation.)
while there were many factors, the breaking points for me were a non-consensual transfer of members' personal information to a third-party server, a total lack of notification, and a ridiculous defense. the following messy posts will continue my perspective and recollection of this particular event. (1/9)
-
allegedly, and from my perspective as a former calyxos employee (i do not represent them)...
the founder was the keeper of the signing keys, and has stated this publicly. when he separated from the institute (which is a whole other story), he didn't give the signing keys to the institute in a timely manner, if at all. although there was no evidence that the keys had been compromised or accessed from outside the organization, there *was* reason to believe that they had not always been handled in a secure manner (which is yet another whole other story). also, because these were key *files*, and probably not even protected by passphrases (but i don't know), copies were always *possible*.
the OS team decided to only release updates signed with *fully* trusted keys going forward, that were not subject to unauthorized copies. the OS team has been working on a hardware security module-based solution for signing. the exception to this was one last update to inform users about this situation, to the extent permitted by comms folks. this was facilitated by eventual cooperation from the founder.
that being said, i do not myself believe that there is any actual risk today associated with using a build signed with these older keys, apart from it not having the latest updates. but i also support switching to new keys that are better safeguarded, and i can't guarantee there wouldn't be a risk associated with these older keys in the future.
there is more to know as well, but too much to write here. still, it is false to say that the calyxos team doesn't want you to know this.
source: i worked on #calyxos while all this was happening. i no longer work for #calyx. and this is all just alleged, based on what i experienced and was told. i never signed an NDA 🙃
-
allegedly, and from my perspective as a former calyxos employee (i do not represent them)...
the founder was the keeper of the signing keys, and has stated this publicly. when he separated from the institute (which is a whole other story), he didn't give the signing keys to the institute in a timely manner, if at all. although there was no evidence that the keys had been compromised or accessed from outside the organization, there *was* reason to believe that they had not always been handled in a secure manner (which is yet another whole other story). also, because these were key *files*, and probably not even protected by passphrases (but i don't know), copies were always *possible*.
the OS team decided to only release updates signed with *fully* trusted keys going forward, that were not subject to unauthorized copies. the OS team has been working on a hardware security module-based solution for signing. the exception to this was one last update to inform users about this situation, to the extent permitted by comms folks. this was facilitated by eventual cooperation from the founder.
that being said, i do not myself believe that there is any actual risk today associated with using a build signed with these older keys, apart from it not having the latest updates. but i also support switching to new keys that are better safeguarded, and i can't guarantee there wouldn't be a risk associated with these older keys in the future.
there is more to know as well, but too much to write here. still, it is false to say that the calyxos team doesn't want you to know this.
source: i worked on #calyxos while all this was happening. i no longer work for #calyx. and this is all just alleged, based on what i experienced and was told. i never signed an NDA 🙃
-
on september 30, i stepped down as a developer for the #calyx institute.
i am proud of everyone on the OS team, who all pulled together and showed so much dedication to #calyxos and its users, despite the last few months' challenges.
still, in my opinion, calyx has a lot of work to do to rebuild trust, both inside and outside the org. i have a few starter ideas: listen to your workers. act swiftly on bad behavior. and don't shield the men who engage in it from consequences. ...repeatedly.
i'm so tired of it. people deserve better.
-
on september 30, i stepped down as a developer for the #calyx institute.
i am proud of everyone on the OS team, who all pulled together and showed so much dedication to #calyxos and its users, despite the last few months' challenges.
still, in my opinion, calyx has a lot of work to do to rebuild trust, both inside and outside the org. i have a few starter ideas: listen to your workers. act swiftly on bad behavior. and don't shield the men who engage in it from consequences. ...repeatedly.
i'm so tired of it. people deserve better.
-
¡Atención usuarios de CalyxOS!
La plataforma no va a recibir actualizaciones de seguridad por hasta 6 meses. En el enlace está el comunicado oficial.
https://calyxos.org/news/2025/08/01/a-letter-to-our-community/
-
¡Atención usuarios de CalyxOS!
La plataforma no va a recibir actualizaciones de seguridad por hasta 6 meses. En el enlace está el comunicado oficial.
https://calyxos.org/news/2025/08/01/a-letter-to-our-community/
-
got my new hotspot from calyx in the mail! yaaaay! i think they maybe turned off the spigot to my old hotspot a few days ago, because i have not gotten any internet from it for days. so i'm very happy to have proper internet again and looking forward to years with my new lil buddy hotspot 🥂
if you're not familiar with calyx, you pay a yearly fee and get unlimited wifi via mobile hotspot: https://calyxinstitute.org/
-
This week in #FDroid (TWIF) is live but late to toot:
* Slow updates? There's a reason, or 2️⃣
* Don't be surveilled, engage in our research 🔭
* Using #Calyx #CalyxOS? Read now! 💔
* #DeltaChat hits v2, #ArcaneChat soon™
* #NeoStore finally upgrades to Index-V2
* #NewPipe in your 🚗 ? Maybe...
* #Wesnoth is back 🐴 ⚔️
& 164 more updates
- 4 apps archivedSaturday reading break: https://f-droid.org/2025/08/07/twif.html
-
Just catalogued the approximately 60 core #Android apps I use, and made manual backups of all of the ones that have that feature.
That was exhausting. Now I'm ready to migrate. :P
I think I'm going to go with #IodéOS. That seems to be the closest to #CalyxOS (feature-wise), which is what I've used since September 2021.