this post was submitted on 26 Jun 2023
73 points (100.0% liked)

Privacy

31930 readers
704 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Ironically, a large number of privacy minded individuals are using Google Pixels flashed with custom roms (Calyx, Graphene, Lineage, etc)

If not designed specifically for privacy, these Android forks are at the very least not stock Android, and stripped of many anti-privacy features.

This can be accomplished due to the Pixel's (mostly) unique attribute - a bootloader that can be unlocked and relocked.

I don't know why Google have allowed their bootloaders this freedom, but I can't imagine that a company with a reputation for killing anything they touch would allow it to continue for much longer.

If/when the day comes that the Pixel is fully locked down, what options are there for privacy enthusiasts to continue using a smartphone, an inherently unprivate device?

Does anyone know of development going into looking at how to unlock bootloaders on any device, opening the door for custom rom flashing to continue?

Are the pinephones, fairphones, etc going to have to ramp up production?

Anything going on in the iphone department allowing for detachment from the Apple ecosystem?

What happens next, really?

you are viewing a single comment's thread
view the rest of the comments
[–] expand@partizle.com 12 points 1 year ago

There are many phones you can unlock/relock the bootloader on. That's not why pixels are used. https://grapheneos.org/faq#future-devices

"Devices are carefully chosen based on their merits rather than the project aiming to have broad device support. Broad device support is counter to the aims of the project, and the project will eventually be engaging in hardware and firmware level improvements rather than only offering suggestions and bug reports upstream for those areas. Much of the work on the project involves changes that are specific to different devices, and officially supported devices are the ones targeted by most of this ongoing work.

Devices need to be meeting the standards of the project in order to be considered as potential targets. In addition to support for installing other operating systems, standard hardware-based security features like the hardware-backed keystores, verified boot, attestation and various hardware-based exploit mitigations need to be available. Devices also need to have decent integration of IOMMUs for isolating components such as the GPU, radios (NFC, Wi-Fi, Bluetooth, Cellular), media decode / encode, image processor, etc., because if the hardware / firmware support is missing or broken, there's not much that the OS can do to provide an alternative. Devices with support for alternative operating systems as an afterthought will not be considered. Devices need to have proper ongoing support for their firmware and software specific to the hardware like drivers in order to provide proper full security updates too. Devices that are end-of-life and no longer receiving these updates will not be supported.

In order to support a device, the appropriate resources also need to be available and dedicated towards it. Releases for each supported device need to be robust and stable, with all standard functionality working properly and testing for each of the releases.

Hardware, firmware and software specific to devices like drivers play a huge role in the overall security of a device. The goal of the project is not to slightly improve some aspects of insecure devices and supporting a broad set of devices would be directly counter to the values of the project. A lot of the low-level work also ends up being fairly tied to the hardware."

I think basically the higher standard of security on pixel devices allows/makes it easier to setup verified boot so you can relock the bootloader and retain that chain of trust it provides. Rather than an leave it unlocked in something like lineageOS where there is no verified boot and therefore all software isn't coming from a trusted (verified) source.