this post was submitted on 02 Jul 2024
6 points (75.0% liked)

Privacy

833 readers
1 users here now

Privacy is the ability for an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively.

Rules

  1. Don't do unto others what you don't want done unto you.
  2. No Porn, Gore, or NSFW content. Instant Ban.
  3. No Spamming, Trolling or Unsolicited Ads. Instant Ban.
  4. Stay on topic in a community. Please reach out to an admin to create a new community.

founded 2 years ago
MODERATORS
 

Hi all,

Sorry for the foolish question but I have to make a quick decision here and trust you to point me in the right direction.

I am about to buy a google pixel phone second hand with cash. (for graphene, not gonna use a sim)

1: What things do I need to be on the lookout for? How can I quickly verify it is unlocked/rootable?

2: Any recommendations on where to buy? I've never used stuff like FB market, craigslist, etc. but I think those places would be my best bet. Please tell me if you have a better idea.

Thanks in advance and hope you have a good rest of your day

EDIT: Graphene in hand! Good to be back on custom roms, rocked cyanogenmod for a long time

Thanks guys

top 10 comments
sorted by: hot top controversial new old
[–] QualifiedKitten@lemmy.world 5 points 4 months ago (1 children)

I've bought used Pixels on Swappa. You'll want to make sure you get one that has an unlockable bootloader. Carrier unlocked will be your safest bet, absolutely avoid anything Verizon branded. On Swappa, you can message the seller (publicly) and ask them to confirm the bootloader is unlockable.

Enable the developer options menu by going to Settings > About phone and repeatedly pressing the build number menu entry until developer mode is enabled.

Next, go to Settings > System > Developer options and the ‘OEM unlocking’ setting will hopefully not be greyed out.

Exactly what I needed to know, thank you very much.

Swappa looks like it's just card or paypal, or am I missing something?

I suppose I could use something like privacy.com but for something this sensitive I feel like cash or monero are the only responsible options

Open to being wrong

Thank you for your time

[–] xyx@sh.itjust.works 4 points 4 months ago (2 children)

You dont want/need root for graphene in the first place. that would just open another attack vector and is strongly discouraged.

I think it's not that simple. It depends on your personal preferences and your threat model.

In my case I have my phone rooted because it makes it very easy to debug some things and reverse engineer some IoT devices. It can also helps you increasing performance in some low quality phones.

It doesn't necessarily open up another attack vector if you are careful and verify for yourself what you install and what you give permissions to. It's like your personal linux computer in which normally you have root access and if you are careful enough it's not unwanted that you have root permissions.

Makes sense, thank you.

[–] Cheradenine@sh.itjust.works 3 points 4 months ago

In addition to what others have said this is from the DivestOS site https://divestos.org/pages/faq#pixelWarning

A note on Google Pixels

Seemingly any Verizon, Telus, Rogers, or EE carrier variants cannot be bootloader unlocked. In general always avoid such.

[–] c0mmando@links.hackliberty.org 2 points 4 months ago (1 children)

also consider any prior activity from this used phone will now be associated with you. when people are considering switching to grapheneos, i typically recommend buying a new pixel 7a in store using cash.

Very good point, I actually had thought of this but dismissed it as overly paranoid

Thanks

[–] superweeniehutjrs@lemmy.world 2 points 4 months ago (1 children)

I've sold several pixel phones through swappa. They seem to be a good marketplace

[–] Negligent_Embassy@links.hackliberty.org 1 points 4 months ago* (last edited 4 months ago)

seem to be a good marketplace

Thanks, hadn't ever heard of them.

Looks like they only accept card and paypal (KYC) though, right?