@GrapheneOS Is there any way now or in the future to get graphene os on a pocket sized device (not the pixel tablet) without cellular? Any ways to securely remove those capabilities from a pixel?
[#]grapheneos
=> More informations about this toot | More toots from fredy_pferdi@social.linux.pizza
@fredy_pferdi Cellular is integrated in a similar way as Wi-Fi and Bluetooth via an IOMMU isolated radio which can be reliably turned off. Samsung makes both the main SoC and the cellular radio. Not clear what you're trying to avoid. If you don't want to use cellular, use airplane mode.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@GrapheneOS And what if the risk of airplane mode for example in pocket or by thread actor gets disabled? This is a fundamental thread for some use cases.
=> More informations about this toot | More toots from fredy_pferdi@social.linux.pizza
@fredy_pferdi @GrapheneOS You can't enable/disable airplane mode while the device is locked on GrapheneOS. Give it a shot. You'll see it asks for authentication.
=> More informations about this toot | More toots from matchboxbananasynergy@infosec.exchange
@matchboxbananasynergy @GrapheneOS I understand that but first of all graphene os can only be installed after you boot and enable dev settings for bootloader unlock, the device connects to cellular, after the installation it is still a big risk if you have to keep the device unlocked and hand it over to other people.
I'm honestly critical of the official graphene position that software toggles are enough for all use cases. For some people this can even be a life or dead question and to just recommend air-plain mode seems a bit inconsiderate.
=> More informations about this toot | More toots from fredy_pferdi@social.linux.pizza
@fredy_pferdi @GrapheneOS In order to complete GrapheneOS' installation, you lock the bootloader, in case that wasn't clear.
=> More informations about this toot | More toots from matchboxbananasynergy@infosec.exchange
@matchboxbananasynergy @GrapheneOS yeah that's clear
=> More informations about this toot | More toots from fredy_pferdi@social.linux.pizza
@fredy_pferdi @matchboxbananasynergy You can buy a device with GrapheneOS installed if you don't want to install it yourself. Not clear what you think the risk is with having support for cellular. It's not substantially different from Wi-Fi and Bluetooth. They're each implemented in a way that's isolated and unprivileged. Cellular does not have control over the device as you seem to believe.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social This content has been proxied by September (3851b).Proxy Information
text/gemini