*In terms of privacy, customisation, camera quality, and battery time.
For the longest time I have only used either iPhone or Samsung. I plan on switching to Android for the next phone I get, but I find that Samsung phones are often too big for me and put too much energy on camera quality (I don’t take many photos). I have started to look into brands such as Nokia and Motorola, and I would like to know what you guys think of them. Additionally, do you suggest any other phone brands aside from them? My biggest priorities are privacy and long battery time. Bonus if the phone can run LineageOS (I have excluded Graphene as they are only compatible with Pixel phones).
Thank you for any answers. Cheers!
Pinging @sugar_in_your_tea@sh.itjust.works to club responses.
All I can see now is a one sided discussion and assume someone’s feelings got hurt. Silencing opposition by stomping ideas out doesn’t convince anyone of anything. If you believe in Lemmy, let the comments and voting do the work. We don’t need the thought police enforcing their views.
Instead of removing comments like that, perhaps correct them by providing more accurate information. I read the original comments, and they really weren’t toxic in any way (in my opinion), they were just strongly worded opinions.
This “let the voters decide” vibes based experiment has happened on 4chan and Reddit for years, leading to this. https://i.imgur.com/G6P1c9n.jpg and https://i.imgur.com/Q1wIIfS.jpg
Lemmy is not a trash platform like Reddit or 4chan, where loud and repeated nonsense is allowed to make the platform garbage. This is not “censorship”, but arguably the only effective way against these parrots and trolls to shut down baseless propaganda like Graphene being the singular method to get mobile privacy and security, because apparently nothing else works at all, and Micay has some secret sauce code in there that magically defeats NSA and CIA. This is the same person who hates Firefox because Tor Project devs trashed his drivel in a mailing list in August 2019, so he seeks revenge by telling people to use Google’s Chromium based browsers, and the same person who thinks it is a great idea to teach people to put faith in all things Google and Google’s proprietary Titan security chip, even though security chips keep becoming permanent backdoors.
Can anyone exactly tell me what works there, that does not work with a combination of AOSP killswitch lockdown firewalls, setting app permissions, HOSTS ruleset modifications, DNS changing, debloating/uninstalling via ADB and making lots of changes via Shizuku, all being open source and transparent methods for Android? This is an oversimplification, but these fancy custom Android builds do pretty much nothing better than all you need to live a private life, without even needing to root or seek a specific Google made phone somebody told you on internet.
As for the original claim, the Pixel is the only phone listed on privateguides.org (GrapheneOS and DivestOS are the only listed ROMs), which I think is a pretty well-respected and well-run privacy recommendation website.
You mean the same thieves who stole PrivacyTools website, GitHub and to this day squat on PTIO subreddit, and money laundered $17,500 of public donations into private accounts? The ones who run lemmy.one instance today, and banned me the very first day lemmy.one instance was opened, just to ensure no critics exist?
I have singlehandedly covered these security charlatans in FOSS and privacy communities for about 5 years, and GrapheneOS emanates from the same sewer that “security” clowns like Brad Spengler and madaidan do in Linux community. All they do is either push their bullshit solutions or push corporate Big Tech propaganda and hate any FOSS project they think will not worship them. It might be a good idea to read instead of decide the fate of Lemmy based on “freedom murica heckin yeah” vibes.
https://old.reddit.com/r/privatelife/comments/ug9qnc/writeup_criticism_of_rprivacyguides_grapheneos/
Perhaps there should be a no-dogma rule or something, my point is just that removing stuff without apparent rule violations is not great from a user’s perspective.
Correct, those rules will be formed and established as of today. I have been on this for months looking what to do about this nonsense making its way on from Reddit/4chan onto Lemmy.
Micay
This sounds like some kind of personal beef with Micay. That’s understandable, and here’s a Louis Rossmann video showing how toxic that individual can be (you go over some of that in your links as well). So I absolutely get it.
That said, the project itself is fantastic. Here’s the Privacy Guides page on why GrapheneOS is preferred. It also goes into why it’s preferred over CalyxOS and other alternatives, and offers DivestOS as a good alternative (here’s the supported device list if you’re interested).
You mean the same thieves who stole PrivacyTools website
I’ll provide the two sides I have:
To me, the Privacy Guides version of the story seems more believable, at least in terms of where the contributors went. I think both sides absolutely have a point, but this archived page has some pretty serious allegations about Privacy Tools being biased by their affiliate partners (to be fair, the way Jonah handled this is distasteful, he should have just started his own project).
That said, I think the content at Privacy Guides is currently better than at Privacy Tools, and I like that discussion happens in the open.
I hope you’re sensing a trend here: we should restrict discussions to technical merits, not discussions about individuals. I dislike both Daniel Micay and Jonah Aragon as people, at least from the limited information I have, but I think both run solid projects. The same is true for other FOSS projects, like GNU/FSF and Richard Stallman, OpenBSD and Theo de Raadt, etc. However, I think each heads a solid project, so I’ll continue recommending them based on their technical merits. I hope each survives their founders once they inevitably leave the project.
I have been on this for months looking what to do about this nonsense making its way on from Reddit/4chan onto Lemmy.
May I suggest a pinned post so decisions like this can be made in the open? Clearly state the problem (ideally more concise than what you’ve linked from Reddit), and why you think the solutions are valuable.
My recommendation is some kind of “no-dogmatism” rule, which makes it clear that privacy is a process, not an end goal. Likewise, we should be careful to elucidate the process for choosing products, not the products themselves (i.e. see Louis Rossmann walk back his support for Lenovo here over warranty BS when you install an alternative ROM). I think it’s reasonable that for every product recommendation here, users are expected to give reasons (or a link to reasons) why that product is worth looking into, with a strong nudge to compare to other projects (e.g. why GrapheneOS over Calyx or DivestOS).
Ideally, there would be some kind of wiki the community could keep that links to sites along with notes about caveats and whatnot (e.g. Privacy Tools’ conflict of interest allegations, GrapheneOS’ toxic leader, etc), with the intent of being a resource of where to get more information instead of a definitive guide.
That’s my take at least. I also don’t want this community to fall into group thing, but that also includes group thing against projects just because their leaders aren’t ideal.
This sounds like some kind of personal beef with Micay. That’s understandable, and here’s a Louis Rossmann video showing how toxic that individual can be (you go over some of that in your links as well). So I absolutely get it.
That said, the project itself is fantastic. [Here’s the Privacy Guides page on why GrapheneOS is preferred]
The moment I hear this “personal beef” bullshit, I see dishonesty. Does everybody have a personal beef with this disgusting person? Dozens of YouTubers, hundreds of internet users, privacy guide writers like me, Techlore, Rossmann and others? What the fuck is this “personal beef” thing I always get told, when I have publicly documented 5 years worth of stuff on security charlatans in FOSS, privacy and tech communities?
The project is not fantastic, but closer to snake oil, and almost identical to CalyxOS or other AOSP fork builds. It is mostly a rebranding of AOSP features with app permission controlling and firewalling. I dissected it when a spy was sent by that community to siphon the chatroom discussions of privatelife Matrix room. I did this breakdown last year or so by referring to the GrapheneOS features page.
https://i.imgur.com/pQHoq84.jpg
There are only 3 things they ever did on their own as extras, and even they have basically no value in the grand scheme of things, them being offering:
instead of 16 character, 64 character password limit on lockscreen PIN scrambling Morula method of exec spawning instead of Zygote method used in most AOSP projectsNow, I will elaborate on these 3.
Elaborating on first one, it is kind of useless as you can see for obvious reasons. For second one, you already understand why fingerprint avoids the issue of someone peeping at your PIN/password entered across your shoulder. Fingerprint is infinitely superior. Even more so with Android and iOS both offering biometric Lockdown features. This one is somewhat half credible, but the goal is to destroy the memory blocks used by an app after it is exited, so that memory blocks do not retain essential text strings of data to exploit. For this, you can just go to Developer Options and enable “Don’t keep activities” and it will achieve the same effect as Morula method of exec spawning implemented by GrapheneOS.So out of the 20-30 features GrapheneOS claims they developed, everything is either a modification of app permissions or firewalling or AOSP feature rebranding.
Also, as you may have famously heard about “Sandboxed Play Services”, it is not developed by GrapheneOS, but a project called ProtonAOSP, whose developer is kdrag0n. GrapheneOS copied that off and rebranded it as their own developed thing.
As you can see, GrapheneOS is basically a lot of marketing and in reality, there is negligible or nothing beyond the surface. This is called snake oil, or selling bridges/dreams.
To me, the Privacy Guides version of the story seems more believable, at least in terms of where the contributors went.
PrivacyGuides are disgusting people that shelter trolls and laundered $17,500 public donation money of PTIO privacy community. The receipts are public and it is a crime. If you excuse that, I do not think you give a shit about genuine privacy endeavours. I still remember them making one person a moderator because he posted a faux libel hitpiece on me, and them (Jonah) stickying a comment by Micay calling me an agent sent by Chinese government to destroy privacy communities. This person is who you seem to like. https://web.archive.org/web/20220502064114/https://old.reddit.com/r/PrivacyGuides/comments/uged1y/is_grapheneos_actually_good_or_just_hype/
I hope you’re sensing a trend here: we should restrict discussions to technical merits, not discussions about individuals.
I wonder if you have read this. Read the paper by Ken Thompson, co-creator of Unix and C, on why we should be able to trust the developer and NOT the code. https://www.cs.cmu.edu/~rdriley/487/papers/Thompson_1984_ReflectionsonTrustingTrust.pdf
The projects of people ARE attached to the people who create them. They cannot be separated. And yes, the projects MUST be judged based on person’s conduct. Not doing this allows GrapheneOS dev to go around falsely slapping epithets like “neonazis” on Bromite and FlorisBoards devs upon mere disagreements.
https://github.com/bromite/bromite/pull/2102#issuecomment-1155760155
https://github.com/bromite/bromite/issues/2141
http://web.archive.org/web/20220803142758/https://github.com/florisboard/florisboard/issues/1921
Ideally, there would be some kind of wiki the community could keep that links to sites along with notes about caveats and whatnot (e.g. Privacy Tools’ conflict of interest allegations, GrapheneOS’ toxic leader, etc), with the intent of being a resource of where to get more information instead of a definitive guide.
I already did it in the form of 2 article length posts chock full of evidence spanning 5 years across internet. Not many people have ever put up this much of a fight to keep privacy community clean and good selflessly. And I do not think I carry the onus of creating such a wiki by myself, when I do not get as much community support as I should, and people choosing to call it “personal beef” and wash hands away selfishly.
I am proudly arrogant for standing for the correct thing – ethics – as I keep doing whatever guide work I do. Yes I recognise I sometimes tend to sound rude and blunt, but I will not lie or sugarcoat things. And I think it is okay and a rare quality.
Ethics? You’re not ethical, you just got a mod position, let it get to your head à la Stanford experiment, and now no matter what others say if you dislike it you can silence them at no consequences to yourself.
You’re the furthest thing from ethical. You’re delusional, and still on that power trip high.
I actually didn’t give a damn about GrapheneOS, until you banned all mentions of it. Look up the Streisand effect, it’ll do you good. Instead of perpetuating a fascist censor of someone else’s free speech.
removed by mod
That eylenburg blog that seems to get cited sometimes I suspect is not a very qualified person, but instead seems to get pressured by Daniel Micay (thestinger) himself and his minion/mod mbananasynergy in GitHub issues all the time (https://github.com/eylenburg/eylenburg.github.io/issues?q=is%3Aissue+is%3Aclosed) along with DivestOS developer. And a lot of people fear Micay’s witch hunting and social media army harassment, so they either shut their mouths (hence barely any critics) or cave in to his influence/threats. Even DivestOS developer is a victim of it, since at the behest of Micay’s threat, he banned me off XMPP chatroom. I mentioned that as a section with chat screenshots in my long post. (https://old.reddit.com/r/privatelife/comments/13teoo9 /)
There is a weird pattern there, where everything is green for Graphene, half of it is green for Divest, but all others have NO or red markings, making it look like a very obvious advertisement, even though this is not how privacy and security works. This is in line with what Micay told Mr. Eylenburg how to structure the table (put this at “high”, put that at “medium” et al).
Micay and GrapheneOS propaganda has a very obvious pattern. Check this out. https://imgur.com/a/fpcsIL2 This will open your eyes. Also, those massive paragraphs wherever he explains or his fans/minions parrot features and stuff upon reading keep looking like GPT generated fluff but instead done by a human (himself).
I don’t really care if these changes were made by GrapheneOS themselves or pulled in from other projects, the end result is a more interesting product that has a fast response to security updates.
That is because GrapheneOS is an embargo Google security partner for patches. It is either impossible for one person to keep building so many of these patches alone, or the work does not amount to the propaganda invented. This is partly why the claim I make about mostly rebranding, which seems apparent upon one close look. https://web.archive.org/web/20220829223401/https://twitter.com/GrapheneOS/status/1564322206414524420#m
Ken Thompson, co-creator of Unix and C, on why we should be able to trust the developer and NOT the code.
That’s not my takeaway, in fact it’s the opposite.
I don’t believe in trusting developers, I believe in a mix of security audits, reproducible builds, eyeballs, code signing, and cryptographic hashes. Developers can be bought, accounts can be hacked, etc, but code can’t.
Code can be bought. Developers can be bought. What cannot be bought is a developer’s moral integrity and professional behaviour towards people, hence Thompson’s paper is correct, and not what you took away from it. All the terms you said are code that comes from the developer(s), and do not get created out of thin air. This is not a “he said she said” behaviour, but fearmongering cultist propaganda full of dogmas.
Do you not see the coincidence that Micay wants to steer everyone away from Firefox towards Chrome, towards everything Google, believing in Micay’s vision, believing in closed source security and so on? He also used to shit on Android and believed and propagated the claim that Fuchsia is the future, where Google’s microkernel would rule the mobile world. I think he is a Google fanboy more than anything else, and we have many such Big Tech fanboy specimens in this world.
One reddit comment on my post explained this cult well.
My issue here is that I think you’re letting your distaste for individuals (however well founded) supercede technical discussions.
If this whole project is basically feature rebranding plus firewalls, app permission modifications and stuff you can do without rooting, I see absolutely no reason how it claims to be better than anything else, and the ONLY solution to mobile privacy and security. As I shared the GrapheneOS official instructions for propaganda posters in that screenshot above, it should be evident.
Also, I have a whole bullet list for why Google Pixels are not trustworthy in my non root smartphone guide. I do not think we need to elaborate on why Google hardware is backdoored by NSA. Snowden lives in Russia to stay alive, and Assange is being drugged and tortured in West “free democracies” today for it.
Apple’s security chips have all been pwned, and their latest one also got pwned recently. Qualcomm Snapdragons have the same history, and Google will be no different. Closed source Big Tech security is a fool’s dream. Better to have transparency and known consequences, than “security by obscurity” circus, something security charlatans like these advocate for in FOSS/privacy circles.
removed by mod
As for why GrapheneOS is mostly green, I guess there are three explanations: GrapheneOS is really that good
No, it clearly is not. If it provides nothing over AOSP forks, there is no reason why it is better. Maybe you did not read the propaganda dissemination they do, which I sent as a screenshot of their Telegram chats.
Here, I provide it again. https://imgur.com/a/fpcsIL2
If you know of categories where GrapheneOS doesn’t do well,
If feature rebranding does anything other than cosmetic or placebo changes, do tell me. Anyone can do it. It improves nothing functionally. Modifying app permissions and using a strong firewall can be done without root and is far more risk free and incomparably easier than flashing a custom Android fork. There is nothing “out of the box” about flashing a custom ROM on any phone for most people in the world, including tech users.
Well yeah, Linus Torvalds does almost no actual development, but he’s involved in merging patches. That job has value, and the end result is that people trust his branch.
He also happened to create the Linux kernel by himself and developed it himself for a very long time, until it started getting more contributors. He did all the development needed to be done.
yeah, if GrapheneOS is an embargo partner, that’s has a lot of value, and I hope other ROMs are able to get that as well. Faster access to patches is a good thing.
That is very shady. A Google partnership is avoided by other custom build makers like LineageOS for a reason. That is enough reason to stay away from Graphene.
But Chrome is superior to Firefox on mobile in terms of security because Mozilla hasn’t ported many of the security features from the desktop browser. That’s a fact.
Who decided this fact? Micay’s propaganda? Because Tor Project avoids Chromium base for both desktop and mobile browsers for multiple reasons, one of them being security. Chromium is incredibly leaky, insecure and anti-anonymity.
https://trac.torproject.org/projects/tor/wiki/doc/ImportantGoogleChromeBugs
You think Micay and his GPT tier filler has even 1% credibility compared to TailsOS professionals who maintain supremacy over state actors?
Sane defaults has a ton of value. Most people don’t know how to configure an OS to be secure. It’s not the only option obviously, that’s just stupid dogmatism, but it is a good option, and perhaps the best option out of the box
There is nothing OOTB about flashing a custom Android build on a specific phone brand/model people buy with a lot of money. It risks bricking, alongside the obvious thing about Graphene community being insanely vitriolic as far as tech support questions go. Non root hardening is risk free, easy, achieves same goals and is a transparent process.
I’m guessing most phones are, or at least compromised by the NSA. The NSA’s job is to maintain backdoors to go after national security threats, so there’s no reason to expect any default configuration to protect you.
Huawei was sanctioned by USA partly because they refused to put NSA backdoors in it, and western agencies failed to find any Chinese backdooring in it, since they were provided source code to analyse. The ban eventually happened due to market protectionist reasons similar to what is happening to Tiktok now, or Alstom, Toshiba, IPTN and others.
Yet [Snowing allegedly recommends GrapheneOS]
That said, I don’t put a ton of stock into what Snowdon has to say. He’s not a security expert, he’s just a contractor who got away with government documents. He’s careful, but fairly average.
Snowden is not a security expert, but an OPSEC expert. Wildly different things. He was a spy. He was able to practice his OPSEC without fail and modify it on the go. His advice is not meaningful, and this tweet is irrelevant because too many things happened since 2019. He acts more like the “Symbol of Peace” like All Might in Boku no Hero Academia anime show, like some sort of symbolic “hero” figure.
Few years ago, in 2021, without any community consensus, Micay added a shutter sound for camera which could not be muted, putting the target audience of this tool/product at risk of jail or even death – privacy users, journalists and activists. https://old.reddit.com/r/privacytoolsIO/comments/pjl4bh/what_is_your_opinion_of_grapheneos_conforming_to/ So, how is Snowden’s 2019 tweet relevant? How can anyone seriously trust Graphene one bit?
That said, it’s unlikely to impact regular users because those attacks are quite sophisticated and often caught by security researchers pretty quickly. The Android market is more sketchy because there’s so much more diversity to the point where security researchers are going to miss a lot.
It was established by Zerodium few years ago that Android’s zero days cost more than iOS’ zero days, and that Android’s open source security model has surpassed whatever obscure security Apple has. That gap has continued to widen.
If there is a permanent hardware vulnerability, it will impact security just like Spectre, Meltdown and others affect Intel chips. Apple’s phones and devices with “security enclave” chips are all permanently vulnerable. Androids as a whole are far more secure, and it is Apple that is sketchy, not Android.
Regardless, staying up to date on security patches is the best line of defense, and sandboxing everything is the next line. GrapheneOS provides both.
…on Google hardware with proprietary “security” chips that it refuses to open up. And Graphene’s embargo patch Google partnership is shady. Why is it the only custom Android build to get this? Any unrevealed links to Google hidden from all of us? Because Micay loves creating toxic social media army, using sockpuppet trolling tactics evidently and obscuring or hiding conflict of interest.
“security by obscurity”
Ok, you lost me here. What they’re providing is security by layers (sandboxing, reducing attack surface by having less stuff running, etc) and rapid security updates from upstream.
Google has one extra proprietary “security” hardware layer than every other Android phone in existence. This makes Google much more proprietary and unpredictable, which makes it logically unfit for adopting for privacy, security and anonymity purposes.
removed by mod
I am not liking this level of engagement you are doing. It feels suspicious and agenda based.
Attack the message rather than the messenger
You seem to do the opposite. I agree those people suck, but I don’t agree that implies their work sucks.
I think you are the one favouring Graphene propaganda here, and attacking me on their behalf. This debatebro pervert behaviour of yours is not looking very good to me.
Out of the box means what you get right after installing the ROM. It’s the set of defaults.
Getting those defaults aka flashing a custom ROM is too risky, can brick hundreds of dollars for people, and is not easy to do compared to basic ADB instructions.
Modifying app permissions and using a strong firewall can be done without root
It’s still not going to get you everything GrapheneOS, DivestOS, or CalyxOS provide. A firewall isn’t going to protect you from an app accessing files it shouldn’t, memory exploits from an attacker, or fingerprinting with your MAC and IP address.
Custom ROMs provide a level of protection that users messing with permissions and firewall settings won’t get. Here’s how I see it, using the Pareto principle:
Those points you said here are incorrect. Performing those actions without root provide everything these fancy custom ROMs provide, except without bricking and other unverifiable risks. Not everyone can read source code. Moreover, you claiming Pareto’s principle here is so far from reality, it almost feels dishonest and a dig at how I tend to utilise this principle. Non root hardening methods objectively net a user 99-100% benefits of a custom ROM, and that 1% differs for builds like LineageOS that allow rooting and further control, not locked user hostile builds like Graphene.
Either you ate up propaganda about privacy and security, or you have some fishy intentions here. Let’s assume benefit of doubt. All your arguments are inclined in a particular direction, and first 3 of 4 points have zero logic in them.
He did all the development needed to be done.
I don’t see how that’s relevant at all. Linux was incredibly insecure, had very liked hardware support, etc until others joined.
Torvalds knows enough about security, among other elements, to create Linux kernel. Nobody will take you seriously with such arguments. Torvalds already has called “security” zealots “masturbating monkeys” aptly, which included Brad Spengler, madaidan and others. Micay and his minions love to shill grsecurity crap, and it sounds like the infatuation of a fresher CS university student. You sound infatuated towards Graphene.
Google partnership is avoided by other custom build makers like LineageOS for a reason
Yeah, cost. I don’t know the requirements, but I know there’s a trust system there. If you break the embargo and release early
There is zero cost paid by Micay, firstly, as far as money goes. Secondly, the requirements of getting embargo beta patches are not as simple as you think. You need some kind of affiliation with Google, or soul selling, to have that.
Perhaps those other projects just don’t have the manpower, organization, or funds to get a partnership.
Are you claiming LineageOS team has less brain and power than Graphene, which is relatively barely any work of Micay? Or did LineageOS and other projects refuse to sell soul to Google?
Tor cares more about privacy and anonymity than security, and Firefox likely provides a stronger base for that. But security is another issue entirely.
Tor Project cares enough about security to make stuff like Graphene look like a meaningless joke. The Snowden guy you talked about himself used TailsOS during his work and while fleeing from US friendly extrajudicial countries.
I think I cannot take you seriously due to this point, and want to end this pervert debating. But let me see… I will tolerate this a bit more.
DivestOS
DivestOS developer banned me on behest of Micay’s threat, that if I was not banned, Tad would have to remove Graphene patches and code from DivestOS, and Tad would be the target of Graphene social media army harassment. I think that level of soul selling does not allow me to take Tad’s work seriously. It also proves Graphene is not openly licensed, but rather licensed based on Micay’s personal whims, but that is another point.
There is legitimacy in his stuff like browser table, but the conclusion is outright wrong that Chromium is better. Firefox is much better than Chromium in that it has no leaks and works as intended, both on desktop and mobile. And his research concerns exclusively Android.
It risks bricking
That’s not a security or privacy issue, and is essentially the same across custom ROM vendors.
It is, when a bricked phone does not even allow user to do anything, waste money and have privacy and security crippled anyway. When there is no phone, enjoy all that loads of privacy with no communication device. It sounds like a joke to me.
My guess is that this shutter sound issue is from upstream, and likely [only takes effect in Japan
This is not upstream but a Graphene only risk. It was inserted without community consensus. And this weird thing works everywhere. It was probably made to make Pixel+Graphene users have a target on their back and out themselves, but I refrain from claiming that since it feels too far fetched to me.
Android gives users and apps a lot more system features, so the attack surface is much larger. I’d have to look at the report
https://www.wired.com/story/android-zero-day-more-than-ios-zerodium/
Zerodium is a big security firm. And Android’s zero days should cost lesser since there should be many of them, but it is the opposite. Android open model surpassed iOS obscurity model long ago.
Apple is sketchy because it’s closed, Android is sketchy because it’s run by an ad firm and tons of data is run through Google’s servers (notifications, Play services, etc).
Disable GMS related packages. GSF seems to push messages locally, and only ping servers when there is some push notification. Probably this allows metadata leaking, so it is a concern for those paranoid about metadata. Android allows everything with or without root.
Every phone has proprietary hardware they won’t open up, the most important of which is the modem. Even Linux phones have this issue. So I have to ask myself what Google gets out of screwing me with their security chip.
Google/Apple have one extra “security” proprietary chip, which processes your data. Also, Google is not an enemy in your threat model, it seems, if that is your question. Questions like this is the process called threat modelling, which I nudge people to work on first.
That said, if you know of a provably more secure device, I’m so ears.
This was from 2020. Huawei’s hardware according to BlackHat Pwn2Own 2017-2020, has been largely safe on par with “secure” Pixels. See page 5 of PDF for phonemaker brands. https://github.com/secmob/TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices/raw/master/us-20-Gong-TiYunZong-An-Exploit-Chain-to-Remotely-Root-Modern-Android-Devices.pdf
You may ask what is Pwn2Own? This is an annual event in Black Hat annual hacker event. I am unsure if there is a newer one that happened since COVID. Pixel fares better than most Androids, admittedly, but is not bulletproof, and has NSA backdooring risk. I prefer Huawei phones without preloaded Google services, since Western intelligence agencies are in my threat model as hostile actors.
Nevermind, I looked 2023 Toronto Pwn2Own. Since Huawei does not have Google services, it probably was not tried by hackers as many western people would not use it over Pixel, Samsung, Xiaomi or iPhone. Pixel and iPhone fared decently, while Samsung fared the worst. Xiaomi was a bit better than Samsung at security, but behind the former two. https://www.androidauthority.com/galaxy-s23-hacked-pwn2own-3379226/
I do not yet assume you have bad intentions, but the debating is getting too rubberbandy for me, considering this is way too usual stuff for me that I keep tabs on.
