Hi,

A friend wants to degoogle his phone, so I suggested the OS I’m currently using. The one we can’t talk about… He wants a small/compact phone, so I suggested pixel 4a (not buying second hand though), but I’m afraid that planned obsolescence may kill the phone rather soon. What’s your opinion?

Cheers and thank you for your help,

    • StormWalker@lemmy.zip
      link
      fedilink
      arrow-up
      0
      arrow-down
      1
      ·
      6 months ago

      Because GrapheneOS is a debatable triggering subject for some people. Basically the OS itself is amazing and very good. But the project leader is apparently arrogant and offensive. And offended a load of big known online personalities. Apparently he says his OS is the best and better then everyone else etc etc. So the question is: do you use and support a project where the product itself is amazing and just what the world needs, but where the project leader is offensive? Some say yes, some say no. = Controversial subject.

      Personally I use GrapheneOS because I need a good camera and I like having a flagship modern phone. Currently I’m using a Pixel 7 Pro. I also like the privacy and security features that graphene offer. I don’t see another project out there that can offer me the same. The product is good.

        • StormWalker@lemmy.zip
          link
          fedilink
          arrow-up
          0
          arrow-down
          1
          ·
          6 months ago

          Well yes exactly. It’s all just big personalities online that say that these things happened. Who knows really what the guy is like. A few big names online say these things about him, but I personally have never had any Interaction with him. So it could all be true, or partly true, or not at all. I guess no smoke without fire… but there is always 2 sides to every story.

  • AnxiousDuck@feddit.it
    link
    fedilink
    arrow-up
    1
    ·
    6 months ago

    Can someone explain to me under what circumstances would using an old phone be risky (under a common reasonable threat model)?

    • tty5@lemmy.world
      link
      fedilink
      arrow-up
      1
      ·
      6 months ago

      No security fixes once the device reaches end of life. For pixel 4a end of security updates was 10 months ago. That mostly is a problem with malicious apps - there were some privilege escalation bugs in those 10 months - but sometimes you get a banger that can get exploited by simply loading a page or opening an image.

  • ssm@lemmy.sdf.org
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    6 months ago

    Random hardware suggestions, using mobile Linux support as a litmus test

    • Pinephone (Pro): Main downside is that OG Pinephone has extremely anemic hardware, and the charging circuit is not controlled through hardware for some insane reason; hope the kernel devs of whatever OS you put on it knows how to not turn your phone into a bomb. Also Pine64 as a company has gotten flak for their support of Manjaro. Can’t deny how good the price is though.
    • Fairphone 4: Good hardware, but expensive. I don’t own it, but it works good on postmarketOS according to the wiki.
    • Librem 5: Overpriced compared to the earlier members on this list, but you can guarantee the phosh interface will work well considering it was developed by Purism as well.
    • OnePlus 6 and 6T: I don’t know much about these, but they’re very popular with the mobile Linux crowd.

    As for the pixel, there’s work on it but it’s still broken at the moment. As for the hardware being too old, I haven’t used anything Android in a while, so I don’t know how much performance degrades each release, but a mobile Linux distribution should run just as good today as it will 20 years from now, assuming you use the same interface.

  • toastal@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    6 months ago

    Pixel 4a was one of the last in the Google lineup with a headphone jack (5a being last). The OEM lost its way after that. This enough to not recommend their devices as far as I am concerned.

  • Ilandar@aussie.zone
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    6 months ago

    Yes, that is too old for a new phone considering it’s already past its end-of-life for both official support and your OS. I’m not sure why you’d recommend them to buy new either - a phone like that is only going to be good value if you pick up a used one for cheap. A new model will be massively overpriced for what it is (and may not even be new, just refurbished and repackaged).

  • Imprint9816@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    edit-2
    6 months ago

    Pixel 5 is end-of-life and shouldn’t be used anymore due to lack of security patches for firmware and drivers.

    I understand if your friend is on a budget and simply can’t afford a non EOL phone but, they should really consider a 6th gen Pixel or better if they care at all about their data security.

    • Possibly linux@lemmy.zip
      link
      fedilink
      English
      arrow-up
      0
      ·
      6 months ago

      Has there been a successful exploit against a phone with old firmware but modern Android security patches?

      • Imprint9816@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        0
        ·
        edit-2
        6 months ago

        I am not sure if there is an example of that specific situation as it would be pretty odd for a phone to be receiving security patches but not firmware updates.

        Anyway its not super relevant as the Pixel 5 does not receive firmware or security patches anymore.

        OP also seems to be inferring he suggested to his friend to use a very specific security / privacy OS that does not recommend using that model phone anymore for the exact reasons I mentioned. Plus the model is only receiving partial support as a stop gap for users to have time to get a newer model and won’t be supported much longer anyway.

        • Possibly linux@lemmy.zip
          link
          fedilink
          English
          arrow-up
          0
          ·
          edit-2
          6 months ago

          Custom ROMs will receive upstream Android security patches but not patches from proprietary components (firmware). For instance, my Moto g7 power has Android security patches from May but the latest vendor security patch level is 2021. (I’m running Lineage OS) I’m curious to know if the older firmware is a problem. I don’t think it is easily exploitable outside of government backdoors. Not that it matters much as I plan on keeping my phone until it dies.

  • Dark_Dragon@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    6 months ago

    Umm one question by the way , why use Google phone to degoogle? There are plenty of good Android phones out there right?

    • OhYeah@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      ·
      6 months ago

      While it is ironic, the pixels are easy to unlock the bootloader and have good support across lineage, calyx, and graphene. Been using one to degoogle for awhile and would recommend them

    • jet@hackertalks.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      6 months ago

      Google makes the most open and customizable phones. Unlocked bootloaders, the ability to sign your own code. Rapid security updates for baseband drivers.

      Nobody else comes close.

      https://grapheneos.org/faq#future-devices

      Actually pine phone is really open, but it’s not android and nowhere ready to be a daily driver.