I’ve always found it both weird and ironic that GrapheneOS is only available for Pixel phones when the whole principle of the project is basically “we don’t trust Google”.
This isn’t true at all. Daniel Micay has stated multiple times the goal isn’t to degoogle, it’s to provide a secure and private OS that’s actually usable. They worked tirelessly to integrate GMS compatibility layer and give users the choice to install sandboxed Google play for app compatability.
GrapheneOS has said countless times that by using Linux and other open source softwares that Google contributes massive amounts of code, you ARE inherently trusting them to not be malicious https://nitter.1d4.us/GrapheneOS/status/1672998518573740033#m
Google play does what it says and they are very open about what data they collect, which is obviously a lot. GrapheneOS stops much of this collection through sandboxing, where you can deny any permissions you desire.
Most brands allow relocking bootloader. But after that you with be only able to use stock rom. Pixel lets you lock the bootloader with a different signature, so in this example you are basically able to lock it to only boot grapheneos and nothing else.
Security. You’re caught with your pants down if you have any personal data on a phone with an unlocked bootloader. All data is effectively plaintext, all security is nullified with trivial difficulty. This is the actual worst-case scenario for journalists, whistleblowers, or anyone who is or may become under surveillance for any reason.
I’ve always found it both weird and ironic that GrapheneOS is only available for Pixel phones when the whole principle of the project is basically “we don’t trust Google”.
This isn’t true at all. Daniel Micay has stated multiple times the goal isn’t to degoogle, it’s to provide a secure and private OS that’s actually usable. They worked tirelessly to integrate GMS compatibility layer and give users the choice to install sandboxed Google play for app compatability.
GrapheneOS has said countless times that by using Linux and other open source softwares that Google contributes massive amounts of code, you ARE inherently trusting them to not be malicious https://nitter.1d4.us/GrapheneOS/status/1672998518573740033#m
Google play does what it says and they are very open about what data they collect, which is obviously a lot. GrapheneOS stops much of this collection through sandboxing, where you can deny any permissions you desire.
The pixel device is (as far as I’m aware) the only mainstream device that allows you to re-lock the boot loader.
Otherwise, once a phone is cracked, it remains cracked. I’m not entirely sure what that buys, but that’s why they do it
Most brands allow relocking bootloader. But after that you with be only able to use stock rom. Pixel lets you lock the bootloader with a different signature, so in this example you are basically able to lock it to only boot grapheneos and nothing else.
Security. You’re caught with your pants down if you have any personal data on a phone with an unlocked bootloader. All data is effectively plaintext, all security is nullified with trivial difficulty. This is the actual worst-case scenario for journalists, whistleblowers, or anyone who is or may become under surveillance for any reason.