zlacker

[parent] [thread] 13 comments
1. nunobr+(OP)[view] [source] 2025-09-02 07:21:42
It is sus as heck and just about everyone in cybersec was complaining about that weird decision.

Go for Calyx or any other android distro, they have zero difficulties in supporting more devices.

replies(4): >>ghgr+D3 >>hans_c+X9 >>rollca+3c >>helloj+dB1
2. ghgr+D3[view] [source] 2025-09-02 08:00:22
>>nunobr+(OP)
Serious question: can you point out some serious complaints? They seem to have an exhaustive justification for their reasons to only support Pixels, see https://grapheneos.org/faq#future-devices
replies(2): >>ruszki+vi >>strcat+IEx
3. hans_c+X9[view] [source] 2025-09-02 09:07:38
>>nunobr+(OP)
Calyx development has stopped.
replies(1): >>strcat+kEx
4. rollca+3c[view] [source] 2025-09-02 09:30:27
>>nunobr+(OP)
GrapheneOS developers are free to set their bar wherever they like it. It's an independent, non-profit foundation, driven by community contributions. They provide a web-based, hands-free installer. They offer their work for free, and owe nothing to anyone.

Personally, I wish there was an open/libre device on the market that GrapheneOS could target.

replies(1): >>fsflov+P01
◧◩
5. ruszki+vi[view] [source] [discussion] 2025-09-02 10:32:10
>>ghgr+D3
This list always bugged me. If Pixel - for example - starts to introduce security patches slower, they will change this list... or even ignore it. If something more secure comes into the picture, they will change this list, and they will ditch supporting Pixel. If they don't, then it will be quite obvious, that they formed this list only to meet only Pixel's feature list. Also Google can obviously satisfy this list more easily, than any other company, so basically they created a moot for them.
replies(1): >>strcat+aEx
◧◩
6. fsflov+P01[view] [source] [discussion] 2025-09-02 14:57:13
>>rollca+3c
> Personally, I wish there was an open/libre device on the market that GrapheneOS could target.

You mean, Pinephone and Librem 5?

replies(2): >>rollca+1l2 >>strcat+TDx
7. helloj+dB1[view] [source] 2025-09-02 17:25:50
>>nunobr+(OP)
Suspicion constantly comes up in this regard, but their site (as linked by another commenter) provides their rationale.

The last cellbrite leaks show it as more secure against attacks from le than the current iphones, and that's more important to me than abandoning google hardware.

◧◩◪
8. rollca+1l2[view] [source] [discussion] 2025-09-02 21:05:39
>>fsflov+P01
Let's start with HW secure element and boot chain verification (IMHO the minimum bar that's met by e.g. a 2013 Thinkpad), then work thru the rest of GrapheneOS' checklist.

Also: Android. If I didn't need Android/iOS apps, I'd be using a Nokia 3210.

replies(1): >>fsflov+Ep3
◧◩◪◨
9. fsflov+Ep3[view] [source] [discussion] 2025-09-03 07:30:19
>>rollca+1l2
>>45101400

> Also: Android

Waydroid can run Android apps.

replies(1): >>strcat+XDx
◧◩◪
10. strcat+TDx[view] [source] [discussion] 2025-09-13 04:47:23
>>fsflov+P01
Both of these are closed source hardware with closed source firmware. Neither is an open hardware device. They're extremely far from meeting the official requirements for GrapheneOS. It would not be GrapheneOS with massive portions of the core feature set not provided on top of outdated hardware components and firmware without important updates available. The requirements for GrapheneOS support are listed at https://grapheneos.org/faq#future-devices.
◧◩◪◨⬒
11. strcat+XDx[view] [source] [discussion] 2025-09-13 04:48:17
>>fsflov+Ep3
> Waydroid can run Android apps.

Waydroid has a very outdated fork of Android with the privacy/security model largely disabled. It has poor Android app compatibility. The apps are no longer isolated from each other and the kernel is far less protected from them.

◧◩◪
12. strcat+aEx[view] [source] [discussion] 2025-09-13 04:51:49
>>ruszki+vi
We haven't removed any requirements from our list. Many things Pixels provide are omitted from the list in order to enable another device to meet our requirements. There are other devices meeting the security feature requirements, but they don't allow us to support them. We're actively working with a major Android OEM towards a subset of their devices meeting these requirements and providing official GrapheneOS support. Providing the requirements on our list is not easier for Google and any OEM should be able to make a Snapdragon device meeting these requirements in 2026. It's already possible to meet all the listed requirements via multiple non-Snapdragon SoC platforms, but we'd prefer the upcoming Snapdragon generation with MTE support. The list has been deliberately kept limited to what is provided elsewhere than Pixels so that other devices can meet the requirements, which is in the process of happening.
◧◩
13. strcat+kEx[view] [source] [discussion] 2025-09-13 04:53:33
>>hans_c+X9
It was never a hardened OS in the same space as GrapheneOS. https://eylenburg.github.io/android_comparison.htm provides a good overview. It was much more similar to LineageOS and various LineageOS-based operating systems.
◧◩
14. strcat+IEx[view] [source] [discussion] 2025-09-13 04:58:55
>>ghgr+D3
We would happily support other devices meeting these requirements and have limited what we include in the requirements to enable that. We're actively working with a major OEM towards a subset of their devices meeting these standards and providing official GrapheneOS support.

It's not our fault that the only other devices providing the security features we need don't allow GrapheneOS to be installed or to use those features. Massively lowering our standards and using low security hardware missing the basics we depend on and have built major protections around wouldn't make sense. It's not what GrapheneOS exists to provide. People can use LineageOS if they don't have the same priorities we do.

[go to top]