No, Graphene... No, I don't think I will. Google refusing to support this phone for longer than 4 years is not my problem. Especially considering that this is the last Pixel to ship with a 3.5mm port.
=> More informations about this toot | More toots from serebit@floss.social
@serebit
So, what are you going to do now? Shame that DivestOS has ended, otherwise there would be other options similar to Pixels for a Graphene-like setup.
=> More informations about this toot | More toots from w8l@scalie.zone
@w8l @serebit DivestOS was a harm reduction project, not a highly hardened OS protecting people's privacy and security to anywhere near the extent GrapheneOS does. It didn't provide most of the privacy and security features available in GrapheneOS and was still based on Android 13 when it was recently discontinued. It's not possible to provide the same thing on insecure hardware without basic security patches and not supporting the basic building blocks we use such as hardware memory tagging.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@w8l @serebit
DivestOS was based on LineageOS so a big part of what they had to do was making up for how LineageOS reduces security. It was primarily aimed at harm reduction on end-of-life devices missing firmware and most driver patches along with basic hardware-based security features. DivestOS never portrayed itself as a GrapheneOS alternative.
Here's a third party comparison of Android-based OSes:
https://eylenburg.github.io/android_comparison.htm
There's an older version with DivestOS:
https://eylenburg.github.io/old/android_comparison_2024old.htm
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@w8l @serebit All we did is add a notification for 4th and 5th gen Pixels about them being end-of-life and therefore insecure. It's shown once after boot and people can dismiss it. It doesn't stop people using the devices and we intend to still keep them working with occasional updates. Since it's not secure regardless, we don't intend to keep providing the AOSP security backports indefinitely. We provided them for a long time for 4th gen for the legacy Android 13 branch and that's over now.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit@floss.social @GrapheneOS@grapheneos.social
=> More informations about this toot | More toots from levi@evil.social
@levi @GrapheneOS There's a reason I didn't @ them in the post...
=> More informations about this toot | More toots from serebit@floss.social
@serebit@floss.social which is?!
=> More informations about this toot | More toots from levi@evil.social
@levi Sometimes I just want to complain without getting into Internet arguments. I'm an Arch staff member, I follow #archlinux, and I don't pick fights with every person who complains about it. Sometimes we just want to be heard and don't want an open source software maintainer to go on a long diatribe about how You're Wrong, Actually.
=> More informations about this toot | More toots from serebit@floss.social
@serebit @levi Yes, please. There’s no need to hashtag or @ for a complaint. (Perhaps, optionally, if it’s a constructive complaint. But there’s no obligation even then.)
=> More informations about this toot | More toots from benjamineskola@hachyderm.io
@benjamineskola Ended up blocking him. I generally consider blocking people a last resort for my personal social media accounts, but I don't want someone to be actively monitoring my posts just to drag me into arguments with other users.
=> More informations about this toot | More toots from serebit@floss.social
@serebit Pixel 5a was officially supported for 3 years from launch rather than 4. It hasn't had firmware and driver patches for months already. We shipped a warning to protect users who don't know it's an insecure device. If you don't care, that's fine, you can keep using it and you'll receive occasional updates from us keeping it from completely breaking so we don't get inundated with complaints. It can't be reasonably secured anymore and we're not going to pretend that it's safe to use it.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit You should be aware that it's incredibly far from meeting our current security standards even aside from lack of security patches and that it no longer gets very important firmware, driver and other hardware-related security patches. There's increasingly limited value to us porting the partial Android 14/15 security backports to Android 14 QPR3 so it won't continue forever.
All we're doing is informing you that it's insecure. Up to you to decide if what you want to do with that info.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@GrapheneOS You don't believe that there's value in providing some additional security protections for those with out-of-support devices? Some might not be able to afford a new phone, or they may not want to contribute to our e-waste problem. If Lineage is as insecure as you say, I would love to see an alternative that both takes security seriously while also providing a much longer support timeline than stock OS and Graphene. Maybe GraphiteOS?
=> More informations about this toot | More toots from serebit@floss.social
@GrapheneOS Of course it would be much less secure than Graphene, but I don't see a reason for security on Android to be all or nothing.
=> More informations about this toot | More toots from serebit@floss.social
@serebit We wrote about how someone can make a fork of GrapheneOS for supporting insecure devices at https://grapheneos.social/@GrapheneOS/113772409415058393. This would be much different than what DivestOS provided, which was a fork of LineageOS with a few of the GrapheneOS features ported to it and was significantly behind the standard updates.
We don't see much value in doing it and aren't going to put any resources towards it ourselves. We understand people want it and made suggestions on how to do it better than before.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit We don't think it's good for people to be using devices without firmware, driver and other important privacy and security patches. The solution is a combination of devices receiving much longer official support and that official support actually providing all of the Android updates and hardware vendor patches properly.
Only the latest stable Android version Android receives full privacy and security patches. Only High/Critical severity patches are backported. iOS backports less.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit Providing continued updates for legacy devices encourages people to keep using insecure devices and ends up making them think it's fine because they're still getting some form of updates. This is why we added the notification to GraphenejOS about end-of-life devices for 4th and 5th generation Pixels. The next legacy extended support release for them will allow disabling it to avoid complaints but that will also reduce the benefits of us adding the once per boot warning for this.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit LineageOS does not preserve the standard security model (they disable or break assorted security features and add problems) and lags far behind on major releases required for full patches. The major releases are also needed for driver and firmware patches for devices which moved to them. They have many months of delays for High/Critical severity firmware/driver patches for Pixels after yearly releases, not only the lower severity patches which aren't backported to older AOSP releases.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social This content has been proxied by September (3851b).Proxy Information
text/gemini