diff --git a/collections/_evergreen/android.html b/collections/_evergreen/android.html index 2bd9a204..702dcbc1 100644 --- a/collections/_evergreen/android.html +++ b/collections/_evergreen/android.html @@ -138,7 +138,7 @@ We have these general tips:

GrapheneOS extends the user profile feature allowing a user to press an "End Session" button. This button clears the encryption key from memory. There are plans to add a cross profile notifications system in the future.

INTERNET permission vs packet filtering
-

Packet filter based solutions such Datura Firewall, LineageOS (DivestOS), AFWall+ and NetGuard, are not ideal as they can leak and don't prevent an app from proxying a network request through another app using an intent.

+

Packet filter based solutions such Datura Firewall, LineageOS (DivestOS), AFWall+ and NetGuard, are not ideal as they can leak and don't prevent an app from proxying a network request through another app using an intent.

Android has a built-in INTERNET permission. This is enforced by the operating system. On AOSP and most of its derivatives, it is treated as an install time permission. GrapheneOS changes it to runtime permission, meaning that it can be revoked to deny internet access to a specific app.