I'm considering the switch to GrapheneOS, so I watched this interview with one of the members of the GrapheneOS team, and honestly, I feel it was a great general introduction to it and touched on common features and misconceptions.
For those who don't know, it's one of the most secure and private mobile operating systems out there. Some things that I took away:
-
They touched upon MAC randomization. I researched a bit on my own about what the need for it is. Apparently, it's standard practice to randomize MAC addresses when scanning WiFi connections. However, GrapheneOS (and Pixel firmware) are even better at this, as they make sure they don't leak any other identifiers when doing so. They also allow you to get a new random MAC for every connection that you make (not sure whether this is very useful, as this can cause problems). On a related note, even when WiFi/Bluetooth are "off," stock Android can still scan in the background to improve location accuracy (by matching visible networks/devices against Google's database). So basically, even with WiFi/Bluetooth off, Google still knows where you are. In GrapheneOS, this option is off by default.
-
They have their own reverse proxies that they use to talk to Google on your behalf when needed.
-
Apparently, in the USA you can be compelled to provide a fingerprint or Face ID. Courts have ruled this doesn't violate the 5th Amendment because it's physical, not testimonial. BUT you cannot be compelled to provide a password/PIN. That's considered testimonial evidence, protected by the 5th Amendment. GrapheneOS has a two-factor system where, after using your fingerprint, you still need to enter a PIN, so it helps with this. They also have a BFU state after reboot, which is the safest and requires you to enter your full passphrase.
the only bad thing about graphene is that it needs an expensive pixel. and how they are mostly unobtanium.
I got a pixel 9a for 370 euro in Sweden, which isn't too bad. You can get a good refurbished 7 for less and it will have support for years to come.
i don't live on sweden though.
How much is a refurbished pixel 8a in your country?
i quickly looked it up and found used 9s, and it's about 5k.
could probably find better prices for a working one, but there won't be any miracles.
also found a 7 pro with a broken screen for 2k, kind of a steal for how much these go for tbh
but still, it's a broken phone for 2k and i don't think these screens are cheap either.
The pro versions will be much more expensive than the "a" models (like 9a, 8a, 7a, etc), if you can find an "a"-phone, it will be cheaper. I would get at least an 8a, since they have support until 2030 or something like that, the 7a has support until 2027. The 6a is the oldest one which still has support, but only for a year or so more iirc.
they don't sell here, so i rely on luck somewhat to find specific models in the used market from someone that paid the big price to import it. and usually people want to get their money's worth so they are mostly all chewed up, very old and deprecated, or unaffordable.
i debate investing on an old pixel to get a more private phone every time i need a new one, but so far always decided it's not worth the amount of money or hassle they want for them. i keep hoping for other manufacturers to adopt the more thorough pixel security, or for graphene to relax it's requirements a bit.
Ah! I didn't know they didn't sell there, that changes things.
iirc they only sell in the us canada and europe, but i might be mistaken.