this post was submitted on 10 May 2026

1269 points (98.2% liked)

Privacy

48499 readers

490 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Posting a link to a website containing tracking isn't great, if contents of the website are behind a paywall maybe copy them into the post
Don't promote proprietary software
Try to keep things on topic
If you have a question, please try searching for previous discussions, maybe it has already been answered
Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
Be nice :)

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 6 years ago

MODERATORS

1269

I was a week away from buying a Pixel Pro 10 for GrapheneOS (lemmy.ml)

submitted 2 days ago by NGC2346@sh.itjust.works to c/privacy@lemmy.ml

329 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] neo2478@sh.itjust.works 15 points 1 day ago (4 children)

Don't give money to google by buying Pixel phones. Even buying used, creates demand as people are more likely to keep upgrading every year as they know it will be easy to sell their used Pixels for a good price.

[–] eru@mouse.chitanda.moe 11 points 1 day ago (2 children)

the pixel is a very secure phone from a hardware level, the full list of security features missing from other android manufacturers is in the grapheneos faq

there is no comparable alternatives right now, though something might come out of the graphene and motorola deal

[–] neo2478@sh.itjust.works 1 points 1 day ago

The question is, are those missing features actually meaningful enough to support an evil company?

For me they are not.

[–] Bluescluestoothpaste@sh.itjust.works 0 points 1 day ago (1 children)

What's so secure about it versus a basic $100 phone?

[–] mlfh@lm.mlfh.org 4 points 1 day ago

From the grapheneos faq section on device support, which details the kinds of hardware and firmware security features required and present on pixels (but may be missing on other devices):

Hardware, firmware and software specific to devices like drivers play a huge role in the overall security of a device. The goal of the project is not to slightly improve some aspects of insecure devices and supporting a broad set of devices would be directly counter to the values of the project. A lot of the low-level work also ends up being fairly tied to the hardware.
Non-exhaustive list of requirements for future devices, which are standards met or exceeded by current Pixel devices:

Support for using alternate operating systems including full hardware security functionality

Complete monthly Android Security Bulletin patches without any regular delays longer than a week for device support code (firmware, drivers and HALs)

At least 5 years of updates from launch for device support code with phones (Pixels now have 7) and 7 years with tablets

Device support code updated to new monthly, quarterly and yearly releases of AOSP within several months to provide new security improvements (Pixels receive these in the month they're released)

Linux 6.1, 6.6 or 6.12 Generic Kernel Image (GKI) support

Hardware accelerated virtualization usable by GrapheneOS (ideally pKVM to match Pixels but another usable implementation may be acceptable)

Hardware memory tagging (ARM MTE or equivalent)

Hardware-based coarse grained Control Flow Integrity (CFI) for baseline coverage where type-based CFI isn't used or can't be deployed (BTI/PAC, CET IBT or equivalent)

PXN, SMEP or equivalent

PAN, SMAP or equivalent

Isolated radios (cellular, Wi-Fi, Bluetooth, NFC, etc.), GPU, SSD, media encode and decode, image processor and other components

Support for A/B updates of both the firmware and OS images with automatic rollback if the initial boot fails one or more times

Verified boot with rollback protection for firmware

Verified boot with rollback protection for the OS (Android Verified Boot)

Verified boot key fingerprint for yellow boot state displayed with a secure hash (non-truncated SHA-256 or better)

StrongBox keystore provided by secure element

Hardware key attestation support for the StrongBox keystore

Attest key support for hardware key attestation to provide pinning support

Weaver disk encryption key derivation throttling provided by secure element

Insider attack resistance for updates to the secure element (Owner user authentication required before updates are accepted)

Inline disk encryption acceleration with wrapped key support

64-bit-only device support code

Wi-Fi anonymity support including MAC address randomization, probe sequence number randomization and no other leaked identifiers

Support for disabling USB data and also USB as a whole at a hardware level in the USB controller

Reset attack mitigation for firmware-based boot modes such as fastboot mode zeroing memory left over from the OS and delaying opening up attack surface such as USB functionality until that's completed

Debugging features such as JTAG or serial debugging must be inaccessible while the device is locked

[–] TootTootComingThru@lemmy.world 8 points 1 day ago (1 children)

There is and there never will be a perfect solution and you shouldn't let an imperfect solution stop you from using the best one of these just because buying a used pixel MIGHT urge somebody to buy another new one. You may not want to do that, but it is silly and way too idealistic and impractical to demand others not to switch to Graphene because of that.

Buying a used pixel to degoogle and make your phone more secure and less likely to spy on you more than balances out the potential for there being one more new pixel on the future. There will never be a perfect solution and this one is fine enough for most. You may disagree and that's ok.

[–] neo2478@sh.itjust.works 1 points 1 day ago

There are other ROMs with other hardware that provide a similar level of privacy and more than enough security without giving money to google.

Yes they are also not perfect solutions, but they give you flexibility to support better phone manufacturers

[–] poopsmith@lemmy.ml 2 points 1 day ago (1 children)

What's the alternative?

[–] neo2478@sh.itjust.works 1 points 1 day ago (3 children)

e/os, lineageOS, iodeOS

[–] shiftymccool@piefed.ca 6 points 1 day ago (1 children)

Most GOS users would not consider these replacements

[–] neo2478@sh.itjust.works 2 points 1 day ago (1 children)

They are not as secure, but are private and more than secure enough in my opinion.

And some can be used with more ethical phones like the Fairphone.

GOS sometimes feel like a cult to me. GOS is absolutely the only good ROM and everything else is terrible. There is no nuance.

[–] TootTootComingThru@lemmy.world 5 points 1 day ago

Nobody's saying that those other ones are terrible and they are better than stock Android for security and less tracking here. But it is the best one and does things that the other ones don't.

You can use a fairphone with one of those and if you're happy with it, it's absolutely better than what most people do and if it works it works. But people really like GOS for a good reason. The cult comment can be applied to Linux users, so who gives a shit?

[–] Blue_Morpho@lemmy.world 3 points 1 day ago (1 children)

First off, that's software when the user asked for an alternative to the Pixel, which is hardware.

Secondly, I don't see how those are an alternative. It's websites locking you out unless you run Google Play Services. LineageOS etc doesn't run the official PlayServices which is what this requires.

[–] neo2478@sh.itjust.works 3 points 1 day ago

I took the question as an alternative to Grapheme, but perhaps you are correct.

And all those OSes you could install. Google Play Services if you want, even sandbox them like Graphene.

[–] krolden@lemmy.ml 3 points 1 day ago (1 children)

How is that an alternative? You still have to buy Android phones and they're wayyyy less secure

[–] neo2478@sh.itjust.works 3 points 1 day ago (1 children)

There are mch more ethical companies than google to buy phones from, like Fairphone.

And "wayyy" less secure is very debatable. There a some security features missing, but still more than secure enough for the vast majority of users.

[–] krolden@lemmy.ml 1 points 1 day ago* (last edited 1 day ago) (2 children)

There is no ethical consumption under capitalism

Also I don't give a shit about ethics if being ethical means a cop can get into my phone

[–] mcv@lemmy.zip 2 points 1 day ago

There are absolutely things that are more ethical than others. Absolute statements like that are unhelpful. Fairphone is not perfect, but a lot more ethical than the alternatives.

[–] neo2478@sh.itjust.works 0 points 1 day ago

That's such a cop out. Good luck to a cop trying to get into my phone. Grapheme is not the only ROM that prevents this.

And as the other comment said, there are companies that are way more ethical. Not perfect due to the system but way better.

And this mubd set of not giving a shit about ethics as long as things work well for you, is what enables companies to be shit and exploit the world.

[–] FosterMolasses@leminal.space 1 points 1 day ago* (last edited 1 day ago) (1 children)

This 1000 times. I can't understand the logic behind willfully getting a Pixel phone. Isn't it enough that Google spies on you every chance they get, you want actual hardware from them too? lol

[–] monotremata@lemmy.ca 7 points 1 day ago (1 children)

It's because in the US pixel phones are one of the only ways to get a phone with an unlocked bootloader. Or, in other words, to actually own a phone.

[–] TotalSonic@lemmy.world 10 points 1 day ago

LOTS of phones other than Pixels come with an unlockable bootloader, just check the list of supported phones for Lineage, Postmarket, Ubuntu Touch, crDroid, etc.and you'll find a multitude of choices - many (most) of which are readily available in the USA as well. (source: me, who has flashed alternative AOSP ROM's and Ubuntu Touch to around a dozen phones & tablets, none of which were Pixel's)

What isn't possible though is relocking the bootloader after flashing an alternative ROM or OS onto nearly all of these, meaning there is minimal security if the phone is stolen, or tampered with while unsupervised. And for those requiring physical security for their devices, that is a big deal.