My videos aren't sponsored by anyone but you. Monthly sustainers get access to my Discord/Matrix space, and are what keeps the lights on around here. Thank you for your consideration! https://patre...
Its not up to grapheneos devs which devices support bootloader relocking with different keys, literally only pixels allow this and without it you cant properly secure the phone.
My understanding is that a locked bootloader helps protect against evil maid attacks and bootloader-level malware persistence. I find this a security risk that I would absolutely take for Google independence. “Properly secure” is subjective.
GrapheneOS do decide what phones they support. It is exactly their choice to support only Google Pixels, rather than taking a security hit for hardware independence (whether you agree with the decision or not).
Exactly, seems like this should be up to the consumer. The devs can say: pixels have best security, here’s a 2nd and 3rd option, here’s their pros and cons.
Because as much as I approve of privacy measures and security, my phone doesn’t have any lock screen. No pin, no biometrics, nothing.
I work from home, I don’t really travel, I have 4 children. Physical security is annoying. I want grapheneos for data security. I don’t have people trying to steal my phone, I do have people constantly stealing my data.
And without a non-pixel option (fuck google), I’m likely to go for to a competitor because, while their data security might not be as good as graphene, it is better than what I currently have.
I think the bigger issue is that supporting more devices can add a ton of extra work to the dev team, which is small. That could sacrifice the integrity of the whole project.
No other phone supports the relocking bootloader and that is there requirement. There is no other phone they can support. You might not like their requirements but they are pretty clear about it.
which is not true, as fairphones also support relocking. Besides, graphene has dozens of other very useful features that don’t rely on hardware security features or the ability to relock. and I guarantee you, if another android rom adopted their unique features, they would be loudly complaining that they are stealing code (from an open source project…)
Its not up to grapheneos devs which devices support bootloader relocking with different keys, literally only pixels allow this and without it you cant properly secure the phone.
not true, fairphones support that too. calyxos makes use of it, it’s proven to be working
My understanding is that a locked bootloader helps protect against evil maid attacks and bootloader-level malware persistence. I find this a security risk that I would absolutely take for Google independence. “Properly secure” is subjective.
GrapheneOS do decide what phones they support. It is exactly their choice to support only Google Pixels, rather than taking a security hit for hardware independence (whether you agree with the decision or not).
GrapeneOS have a specific goal related to security. You can install one of the others, like LineageOS, if you are happy with the tradeoff.
and the tradeoff includes dozens more permissions related features that don’t rely on hardware security features
Exactly, seems like this should be up to the consumer. The devs can say: pixels have best security, here’s a 2nd and 3rd option, here’s their pros and cons.
Because as much as I approve of privacy measures and security, my phone doesn’t have any lock screen. No pin, no biometrics, nothing.
I work from home, I don’t really travel, I have 4 children. Physical security is annoying. I want grapheneos for data security. I don’t have people trying to steal my phone, I do have people constantly stealing my data.
And without a non-pixel option (fuck google), I’m likely to go for to a competitor because, while their data security might not be as good as graphene, it is better than what I currently have.
I think the bigger issue is that supporting more devices can add a ton of extra work to the dev team, which is small. That could sacrifice the integrity of the whole project.
No other phone supports the relocking bootloader and that is there requirement. There is no other phone they can support. You might not like their requirements but they are pretty clear about it.
which is not true, as fairphones also support relocking. Besides, graphene has dozens of other very useful features that don’t rely on hardware security features or the ability to relock. and I guarantee you, if another android rom adopted their unique features, they would be loudly complaining that they are stealing code (from an open source project…)
Some Qualcomm phones support relocking.
(No OP, but…)
Well, unfortunately, we’re at an impasse, then. :(