Post AygqBRnkGWbFfXeZ6G by Xtreix@infosec.exchange
(DIR) More posts by Xtreix@infosec.exchange
(DIR) Post #AygqBNtylPD3ZiXUGG by nazokiyoubinbou@urusai.social
2025-09-28T16:12:28Z
0 likes, 0 repeats
@dianea Yeah, GrapheneOS has some great security features. It's too bad they keep it so tightly limited on hardware though. That makes it a lot harder to recommend. And some of us can't afford to necessarily upgrade that often either. I have a Pixel, but it's "Bramble" (4A 5G) which just went into the long term support meaning basically no updates unless it's something ultra-serious breaking, so I'm having to make serious considerations of if it's better to just keep using the old builds that will surely get badly out of date or switch to something else that does less of stuff like this but stay more up to date.
(DIR) Post #AygqBPQd5UvAJGp4nA by Xtreix@infosec.exchange
2025-09-28T20:48:24Z
0 likes, 0 repeats
@nazokiyoubinbou @dianea Devices that meet these standard security requirements can officially support GrapheneOS: https://grapheneos.org/faq#future-devices@GrapheneOS is collaborating with a major OEM to build a subset of devices that meet security requirements to natively support GrapheneOS. We would have an alternative to the Google Pixel, on a device whose hardware is controlled by GrapheneOS.Collaboration with this OEM enables GrapheneOS to provide early access to security patches. Currently, Google Pixels are the only Android devices that meet standard security requirements. GrapheneOS is a privacy project that enhances security to protect that privacy, so it will not lower its standards by officially supporting a bunch of insecure devices. These devices will require maintenance rather than allowing the project to focus on its core mission, and the project will not be able to offer good privacy/security to users. This is a problem on the part of the manufacturers, not GrapheneOS.A used Pixel 9a or Google 8a at a good price would be an excellent choice if you are on a limited budget.
(DIR) Post #AygqBQaEnGCVtMKGPI by nazokiyoubinbou@urusai.social
2025-09-28T20:51:46Z
0 likes, 0 repeats
@Xtreix @dianea @GrapheneOS Unfortunately, whichever is the reason, the result is the same: anyone without a Pixel device can't use it at all and anyone without a very recent Pixel device will find themselves much more limited. I'm not blaming Graphene, I'm just saying I can't recommend it to people who... don't have a Pixel... Which, unfortunately, means a huge number of Android users.And no, we don't all have hundreds for new devices. (Don't forget also, we have to work with the sellers and etc — especially when buying used — to ensure Verizon hasn't gotten their dirty claws on it and locked it. Yes, Google lets Verizon lock them. Not sure if any others do.) Buying used comes with its own caveats and still isn't exactly cheap.
(DIR) Post #AygqBRnkGWbFfXeZ6G by Xtreix@infosec.exchange
2025-09-28T21:12:35Z
0 likes, 0 repeats
@nazokiyoubinbou @dianea @GrapheneOS I too am disappointed by the lack of security on most Android devices, which is one of the reasons why GrapheneOS is collaborating with a major OEM, and recent changes made by Google have accelerated this need.But the situation is what it is, and there is no point in not recommending GrapheneOS because of this, or even complaining about it without taking a step back. Google Pixel devices from the 8 series onwards get seven years of security updates from launch, and this period is expected to increase. For example, $499 for a Google Pixel 9a with 7 years of full security updates and all hardware security measures is a very attractive choice and good value for money. you have to look at the price you pay over time rather than the price at the time of purchase, it will also have a higher resale value, paying $200-$300 for a low-end device with hardware that is easily vulnerable to physical and remote attacks, with a broken operating system, tons of bloatware, software bugs, and no software or hardware security updates in less than 7 years is actually very expensive.
(DIR) Post #AygqBSbjGgaAAZ2U0e by nazokiyoubinbou@urusai.social
2025-09-28T21:15:00Z
0 likes, 0 repeats
@Xtreix @dianea @GrapheneOS there is no point in not recommending GrapheneOS because of thisThere is. The point is: if a person can't run it, I can't recommend that they try to run it since they can't run it.I'm glad you have money. I do not. I've been having to work out a lot of stuff lately looking forward and the phone, unfortunately had to be delegated to a lower priority. I am not the only one in this situation. Unless you're planning to hand out money (or the phones themselves,) don't decide for people that they should go buy something.I don't really understand why you're even arguing so hard about this, but let's move on. Graphene is good — for those who can use it — and I recommend it — for those who can use it. But like it or not, its availability is limited.
(DIR) Post #AygqBTYDlDN15yPCBE by GrapheneOS@grapheneos.social
2025-09-28T22:01:57Z
0 likes, 0 repeats
@nazokiyoubinbou @Xtreix @dianea The vast majority of smartphones either do not allow installing another OS or cripple functionality including security if you do. Nearly all of the available alternate OSes do not provide proper ongoing privacy/security patches and mislead users about what's provided including setting a fake patch level and downplaying that the driver, firmware, kernel and other patches are missing.iPhones have solid security and privacy from third party apps/services to start.
(DIR) Post #AygqBUh7Vc5CdrZogq by GrapheneOS@grapheneos.social
2025-09-28T22:03:41Z
0 likes, 1 repeats
@nazokiyoubinbou @Xtreix @dianea Pixels have 7 years of support from launch since the Pixel 8 which is a long time. That means used 8th gen Pixels still have a long support time remaining. There's no other Android phone even getting proper updates for 3 years let alone 7 years. The available options for reasonably secure smartphones are iPhones and Pixels. Used devices are the way to go for people who need a cheaper device. The price for each year of support should be taken into account.
(DIR) Post #AygqBaIseeG62QHXk0 by GrapheneOS@grapheneos.social
2025-09-28T22:07:58Z
0 likes, 0 repeats
@nazokiyoubinbou @Xtreix @dianea Most alternate operating systems do not keep the basic Android security model intact and significantly lag behind on privacy/security patches themselves. Alternate operating systems still depend on the OEM for firmware and most driver updates in practice. An end-of-life device is end-of-life and not getting many important updates with any alternate OS too. Most alternate OSes are also hobby projects and barely tested with a lot of broken functionality.
(DIR) Post #AygqBg7l0uvU5f7kEi by GrapheneOS@grapheneos.social
2025-09-28T22:10:11Z
0 likes, 0 repeats
@nazokiyoubinbou @Xtreix @dianea It would be possible to put enormous resources into production Android 16+ support on the Pixel 4a (5G). It would also take an enormous effort to port all of the kernel drivers to a current Linux kernel that's not end-of-life. It still wouldn't receive firmware or userspace driver updates. It would be another enormous effort to take over maintenance of the userspace drivers. Qualcomm's sources for most of the userspace drivers also aren't publicly available.
(DIR) Post #AygqBlylFHIMFUxe2y by GrapheneOS@grapheneos.social
2025-09-28T22:12:14Z
0 likes, 0 repeats
@nazokiyoubinbou @Xtreix @dianea The end result would be an insecure device which shouldn't be used due to severe unpatched firmware vulnerabilities. The work of rewriting most of the userspace drivers, porting ahead the kernel drivers and everything else involved would be enormous. Turning that into a production quality OS would be a very large project. The resources to do that are far larger than the tiny subset of remaining GrapheneOS users on 5th gen Pixels buying a supported device.