But we don't have anything like FF as an alternative to go from Android. Especially considering banks require "certified OS".
I also switched banks so I can use my bank card as the 2FA device, similar to CAP. [0]
[0]: https://en.wikipedia.org/wiki/Chip_Authentication_Program
Just observe that the key factor is to be independent from Google and then the only recommended devices from their side are exactly google devices where nobody here can have an idea of what is modified inside them.
You'd be better off supporting other distributions like Calyx, which have no problems in supporting other devices like the fairphone and so on.
Those links don't really help your case, to be frank. Nothing strcat says reads as incorrect or even particularly controversial, they have personal beef with CalyxOS but their criticisms of the choices of the project are largely on point. They're justifiably upset by the mental health accusations too, it's kind of a joke that one of those people in the thread tried to gaslight strcat about how these accusations are somehow not a recurring issue when I, as a third party observer, have seen it come up all the fucking time.
Meanwhile, you're imagining "attacks" on GNU/Linux phones, when most of what I read from them regarding those was sober and reasonable, if not particularly positive, but they're allowed to do that. Their priorities are clearly security and none of those phones really have any.
Are you calling the above a "character attack"?
I would love to use GrapheneOS on my Librem 5 and Pinephone. No proprietary drivers are required. Yes, some security features are lacking. Yet it would be a win for everybody.
I didn't say anything about CalyxOS: I don't care about this.
GrapheneOS is actively working with a major Android OEM towards a subset of their future devices meeting all of our official requirements and providing official GrapheneOS support. This OEM is providing us with partner access to Android which is already helping the project. The vast majority of mobile devices have poor security including lack of firmware security updates and lack of essential defenses for providing the security GrapheneOS offers. GrapheneOS has to do substantial work on each supported device to integrate the hardening features and fix the issues those uncover. Supporting other devices is not easy and involves a lot of resources.
> Are you calling the above a "character attack"?
Yes, it is a character attack falsely claiming our goal is to "force Google" on people. That's utter nonsense.
Support for the devices we're working on with an OEM will become available and will be much better than their current devices not meeting our requirements. They were already planning to make substantial improvements to security but now more will be done and the end result will be devices we can support. The devices will meet all of the official requirements listed at https://grapheneos.org/faq#future-devices and may not be more secure than Pixels initially but future generations can make further improvements and we can do lower level hardening at a firmware and even hardware level. It starts with the OEM having devices meeting the very reasonable baseline standards.
> I would love to use GrapheneOS on my Librem 5 and Pinephone. No proprietary drivers are required. Yes, some security features are lacking. Yet it would be a win for everybody.
These have absolutely atrocious security and do not come anywhere close to the security requirements listed at https://grapheneos.org/faq#future-devices. Using devices with outdated components not receiving important security patches for known vulnerabilities and not providing basic defenses is not what GrapheneOS requires. It's far more than security features being lacking. The standards we list are very reasonable, which is the position of the OEM we're working with which did not previously meet them. There's nothing Pixel exclusive listed there, only standard security patches and features. We've kept the requirements lower than what Pixels provide to keep room for other devices such as only requiring 5 years of proper support instead of 7, omitting many unimportant security features, etc.
Both devices are still closed source hardware with closed source firmware, not open devices. They have a closed source SoC (CPU, GPU, MMU, etc.), radios, SSD, memory, battery, touchscreen, etc. They're advertised as if they're open despite that being the case. PinePhone has misleading marketing presenting the cellular baseband as having open source firmware available as a replacement when it doesn't based on having an extra general purpose CPU running a super outdated proprietary fork of Android next to the cellular baseband which can be replaced, but not the cellular baseband firmware itself. The radios are also less isolated and much less secure including lacking proper security support. The most important and most privileged component in a device is the SoC, which is not more open.