Hi,

A friend wants to degoogle his phone, so I suggested the OS I’m currently using. The one we can’t talk about… He wants a small/compact phone, so I suggested pixel 4a (not buying second hand though), but I’m afraid that planned obsolescence may kill the phone rather soon. What’s your opinion?

Cheers and thank you for your help,

  • zephyr
    link
    fedilink
    arrow-up
    2
    ·
    5 months ago

    If you have GrapheneOS, I’m pretty sure you can randomize the numbers on the pin. You can also set a password instead of a pin and disable biometrics if you use stock Android. All the more difficult to obtain access.

    For banking/crypto, I assume a wallet app would allow you to set an app password/pin.

      • zephyr
        link
        fedilink
        arrow-up
        2
        ·
        5 months ago

        I suppose you are correct there. Maybe try a privacy screen protector or use a password. It would be harder to catch each symbol with either of those.

        • jet@hackertalks.com
          link
          fedilink
          English
          arrow-up
          1
          ·
          edit-2
          5 months ago

          I think this person is just permanently a contrarian.

          Randomizing the numbers does provide good security, because there’s no longer an oil imprint on the most frequently used numbers on the phone, making guessing the pin code much harder before the TPM locks the phone.

          Phones are full fledged computers nowadays, with Android you can have different profiles. For their level of paranoia, they could have a profile they never use in public, and only login with a full password, only when they’re in a secure location.

          For the randomized pin, and biometric two-factor use of a phone, that covers most use cases, and is quite secure compared to most models of data security average civilians use.

          You can have different scopes, if you’re in a crowded place, reading Lemmy isn’t really a big security risk. But logging into your banking would be. All of that is possible on Android, the fact that they’re so staunchly pro computer, is difficult for me to take their analysis seriously

          • delirious_owl@discuss.online
            link
            fedilink
            arrow-up
            2
            ·
            5 months ago

            Things like gapps are closed source, have full permissions, and cannot be installed only on some profiles.

            Qubes is safer and better compartmentalization.

            • jet@hackertalks.com
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              5 months ago

              Things like gapps are closed source, have full permissions, and cannot be installed only on some profiles.

              Except in stock AOSP or grapheneos.

              Agree that qubes is the gold standard. But not to let perfect be the enemy of good, the vast majority of people, the vast majority of people, the VAST majority, are going to be unable to run qubes, either by technical ability, availability of appropriate hardware, or portability reasons.

              Mobile phones for all of their faults, are the most secure piece of general computing hardware most people have in their lives