No, Graphene... No, I don't think I will. Google refusing to support this phone for longer than 4 years is not my problem. Especially considering that this is the last Pixel to ship with a 3.5mm port.
=> More informations about this toot | More toots from serebit@floss.social
@serebit Pixel 5a was officially supported for 3 years from launch rather than 4. It hasn't had firmware and driver patches for months already. We shipped a warning to protect users who don't know it's an insecure device. If you don't care, that's fine, you can keep using it and you'll receive occasional updates from us keeping it from completely breaking so we don't get inundated with complaints. It can't be reasonably secured anymore and we're not going to pretend that it's safe to use it.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit You should be aware that it's incredibly far from meeting our current security standards even aside from lack of security patches and that it no longer gets very important firmware, driver and other hardware-related security patches. There's increasingly limited value to us porting the partial Android 14/15 security backports to Android 14 QPR3 so it won't continue forever.
All we're doing is informing you that it's insecure. Up to you to decide if what you want to do with that info.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@GrapheneOS You don't believe that there's value in providing some additional security protections for those with out-of-support devices? Some might not be able to afford a new phone, or they may not want to contribute to our e-waste problem. If Lineage is as insecure as you say, I would love to see an alternative that both takes security seriously while also providing a much longer support timeline than stock OS and Graphene. Maybe GraphiteOS?
=> More informations about this toot | More toots from serebit@floss.social
@serebit We wrote about how someone can make a fork of GrapheneOS for supporting insecure devices at https://grapheneos.social/@GrapheneOS/113772409415058393. This would be much different than what DivestOS provided, which was a fork of LineageOS with a few of the GrapheneOS features ported to it and was significantly behind the standard updates.
We don't see much value in doing it and aren't going to put any resources towards it ourselves. We understand people want it and made suggestions on how to do it better than before.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit We don't think it's good for people to be using devices without firmware, driver and other important privacy and security patches. The solution is a combination of devices receiving much longer official support and that official support actually providing all of the Android updates and hardware vendor patches properly.
Only the latest stable Android version Android receives full privacy and security patches. Only High/Critical severity patches are backported. iOS backports less.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit Providing continued updates for legacy devices encourages people to keep using insecure devices and ends up making them think it's fine because they're still getting some form of updates. This is why we added the notification to GraphenejOS about end-of-life devices for 4th and 5th generation Pixels. The next legacy extended support release for them will allow disabling it to avoid complaints but that will also reduce the benefits of us adding the once per boot warning for this.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
@serebit LineageOS does not preserve the standard security model (they disable or break assorted security features and add problems) and lags far behind on major releases required for full patches. The major releases are also needed for driver and firmware patches for devices which moved to them. They have many months of delays for High/Critical severity firmware/driver patches for Pixels after yearly releases, not only the lower severity patches which aren't backported to older AOSP releases.
=> More informations about this toot | More toots from GrapheneOS@grapheneos.social
text/geminiThis content has been proxied by September (3851b).