hngopher.com

       [HN Gopher] Ask HN: Options for Android phone no longer getting ...
       ___________________________________________________________________
        
       Ask HN: Options for Android phone no longer getting security
       updates?
        
       What can / should I do with an (otherwise perfectly good) Android
       phone that no longer receives security updates?  Yesterday's epic
       thread about blue and green bubbles, which of course branched off
       into a comparison of iPhones and Androids, made me think about my
       own phone more than usual. It's a Moto G Power (2020) running
       Android 11 that received its last security update in April.  I'm
       embarrassed to say that I didn't realize this, or realize that this
       is Motorola's policy (one version upgrade and two years of security
       updates) until yesterday. I admit that this has given me a new
       perspective on paying $500 for an iPhone SE that might receive
       updates for 5+ years vs. $200 for a budget Android phone that might
       get less than 2 years of support from my date of purchase.  Anyway,
       I'm otherwise perfectly content with the phone. I bought a budget
       phone in the first place because I'm not a heavy phone user, which
       makes the thought of buying a new phone that much more painful. My
       options seem to be:  1. Stick my head in the sand and don't worry
       about the lack of security updates for another couple of years. I'm
       obviously in good company with millions (billions?) of other
       Android phone owners, but how foolish would this be?  2. Replace it
       now with a new phone.  3. Maybe go down the rabbit hole of
       LineageOS or other custom ROMs? Is this viable for a daily driver
       that I don't use much but needs to work when I need it? How mature
       are these compared to, say, the major desktop Linux distros?
        
       Author : warner25
       Score  : 4 points
       Date   : 2022-10-13 22:27 UTC (34 minutes ago)
        
       | AnimalMuppet wrote:
       | Keep it, but _don 't do anything important on it_. Don't read
       | your email. Don't read your social media, if you care about your
       | account being taken over. Don't access your bank on it. Use it
       | for phone calls and texting _only_ , and that if you don't care
       | about somebody else reading your texts.
       | 
       | And for me, that's good enough. I don't actually care about
       | someone reading my texts. I simply don't access the internet on
       | my phone. (Cataracts made it hard to focus close enough to read a
       | screen that small. Yes, you can enlarge the text, but then I'd be
       | scrolling my fingers off.) My personal life isn't tabloid
       | material. I don't have any stalkers. (So far as I know - if I do,
       | hi!) So someone could read my contacts, read my texts, and see
       | pictures of my granddaughter and my cat. _Under these conditions_
       | , I see no reason why I should care very much about the security
       | of my phone.
       | 
       | Am I missing something in my threat model?
        
         | warner25 wrote:
         | On this line of thinking, one of my concerns is that SMS (to my
         | Google Voice number, which is the app I exclusively use for
         | phone calls and SMS) is the method that many services use for
         | two-step verification, even though my other texts aren't
         | sensitive.
        
       | armajid wrote:
       | From my experience (which isn't worth much but I have had similar
       | thoughts about this) I went with a used iPhone 8 last year for
       | around $180 because I thought it was going to get iOS 16, which
       | it did. It's good until September next year (when the next iOS
       | probably comes out) and at that point I will probably get a newer
       | iPhone albeit probably a used one to save money.
       | 
       | On custom ROMS, a security researcher named 'madaidan' states
       | that ROMs such as Lineage are insecure (https://madaidans-
       | insecurities.github.io/security-privacy-ad...) with GrapheneOS
       | being an exception.
       | 
       | On the GrapheneOS website, it recommends getting a Pixel 6 and
       | above which has 5 years of guaranteed full security updates
       | (https://grapheneos.org/faq#recommended-devices).
       | 
       | Louis Rossmann recently released a video talking about GrapheneOS
       | as his daily driver and breaks down some usability
       | misconceptions. (https://www.youtube.com/watch?v=yIZmUINSvQ4)
        
       | runjake wrote:
       | Unfortunately, I don't believe your device is supported by
       | GrapheneOS: https://grapheneos.org/faq#supported-devices
       | 
       | Install LineageOS on it, if it's supported?
       | 
       | https://wiki.lineageos.org/devices/#motorola
       | 
       | But read this about LineageOS, et al to understand the risks:
       | https://madaidans-insecurities.github.io/android.html
        
       | too_bad_123 wrote:
       | > 2. Replace it now with a new phone.
       | 
       | Buy an iPhone. You do not need this fuss in your life.
        
       ___________________________________________________________________
       (page generated 2022-10-13 23:01 UTC)