this post was submitted on 20 Aug 2024
43 points (80.3% liked)
Open Source
31679 readers
974 users here now
All about open source! Feel free to ask questions, and share news, and interesting stuff!
Useful Links
- Open Source Initiative
- Free Software Foundation
- Electronic Frontier Foundation
- Software Freedom Conservancy
- It's FOSS
- Android FOSS Apps Megathread
Rules
- Posts must be relevant to the open source ideology
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon from opensource.org, but we are not affiliated with them.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
So you really trust Google to release code that doesn't do something it shouldn't behind your back do you? How cute...
I am an embedded developer so please don't patronize me. And I know enough about security to know that Google's security model on the Pixel phones is the best yet. That's not the issue. The issues are:
Google's code is untrustworthy unless reviewed, and proprietary binary blobs can't be reviewed. If Google codes anything, they have an ulterior motive and it's rarely in your best interest. If that's not a security shortcoming, I don't know what is. Or said another way, there's something deeply ironic in claiming to have the most secured deGoogled OS and the lynchpin of that security is Google itself.
Yes, using a phone other than a Pixel phone with a deGoogled OS other than GrapheneOS as I do (I use a FP4 with CalyxOS) is less secure than GrapheneOS on a Pixel phone - assuming you trust Google's drivers aren't doing other things unrelated to their driver function.
But as I said, my most important goal in anything technical I use is to not use Google. That's my ideal. Some people have ideals and aren't willing to compromise.
With that in mind, and considering that I'm a low-value target, I deem the security provided by CalyxOS on my FP4 more than adequate for my use case. Or said another way, GrapheneOS' - short-sighted, in my opinion - obsession with security gets in the way of my main goal, which is to avoid Google.
You already bought the phone with Google code in it, that ship has sailed when you purchased the device