That work was not available when GrapheneOS was developed

What do you mean ? This has nothing to do with GrapheneOS in the first place (which by the way has been created in 2014. The article i linked refers to 2021).

I still consider it a black box.

Reverse engineering is a thing. It always has been. If every piece of closed source was a blackbox how can you explain exploitation ? How can bad actors exploit Windows, MacOS, CPU firmware and so on ? Your argument here is not practical. Also, why should Google put a backdoor inside a chip ? They already get every information they what directly from the people agreeing to use their software. So, why bother ? Moreover, every phone on the market has closed source firmware.

The Titan security chip is not a black box. The Titan M1 gas been scrutinazed by blackhat: https://dl.acm.org/doi/fullHtml/10.1145/3503921.3503922

Just because something is not open source does not mean you can't verify it (no, i'm not shilling closed slurce; no i don't think closed > open; no i don't think closed source is more secure)

I use Florisboard. Noce keyboard!

https://florisboard.org/

Those sites aren't really useful. If your threat model requires "hiding your fingerprint" you can use Tor Browser.

Why ? Just why ?

I completely agree with you. I think people downvoting me because "fuck Google" when in fact, hardware wise, is the best available to achieve privacy and security.

Yeah, it's a shame. Only Google seems to take updates seriously.

Nore information at: https://grapheneos.org/features#duress

Nice to see it!

Luckily GrapheneOS has a duress passowrd feature. Very useful for these situatuons!

Disabling updates is not a good choice. If you use Windows, update Windows. Having an insecure and not up to date version of windows makes you more vulnerable

Braxman's content is pure scam

Thank you for sharing!

I personally blocked him and it was one of the best decision of my digital life. He's basically wasting his life spreading misinformation about GrapheneOS. He's simply too much to handled for my mind. Without seeing him, i feel this place is much more relaxing and useful to see it.

I think this question has some sort of relativity. What is your threat model ? Are you trying to protect your data from the service itself, fromyour mom, from the police ? You want anonimity ? And so on.

There is no an ultimate answer to this question. For example, i'm using WhatsApp because it fits my threat model (messages are encrypted, metadata is not but for me is fine). Then, i use Signal with people that use Signal (where i live, 99% of people use WhatsApp).

I would never use Telegram since is not encrypted by default.

If i was you, i would buy a Google Pixel 8 (8a is cheaper than 8 and 8 pro). They all provide support for GrapheneOS, have 7 years of updates, MTE, and so on

For context: https://grapheneos.org/faq#device-support

GrapheneOS!

Hi! One thing you could consider is using GrapheneOS which supports Android Auto without special priviliges!

https://9to5google.com/2024/01/03/graphene-os-android-auto/

https://grapheneos.org/usage#android-auto

Hi! I know this option doesn't respect the second point of your list. That beijg said, if i was you i would buy a Google Pixel 7 or 8 and then i would put GrapheneOS on it!

Hi! While your idea is understandable, i think we have to think about one thing: what about other vendors ? It's not like Samsung, Xiaomi, Fairphone etc. run on open source hardware. If you use any smarthpone, you have to accept you'll use closed source hardware. That being said, if we speak about hardware quality Google Pixels are the best ones, that's because you can install an alternative operating system without compromise the device's security. It does not make sense to go "fuck Google" and then buy another smartphone which came from a company that does the extact same thing - spy on you - but without the possibilty to install an alternative OS.

As a second thought, i think the theory "Google puts backdoors on Pixels to spy on users" has a big fallacy: Google already do that, but with a clear and legal privacy policy (photos, documents, backups, contacts, messages, emails, search history, location history and so on -- they can literally see everything about you). So, why they should do something illegal ? And for what purpose ? People put all their life on a service which does not encrypt anything, and if police needs data they can ask google and Google will give data to them. No backdoor needed.

Now, i'm not defending Google, of course. I'm just saying, hardware wise (and if you think about using an alternative privacy oriented OS) Google Pixels are the best choice.

A lot more has to put regarding this topic, but i don't have time to give you more information, i'm sorry :(

I will link the GrapheneOS's FAQ: https://grapheneos.org/faq#supported-devices