I’ve always found it both weird and ironic that GrapheneOS is only available for Pixel phones when the whole principle of the project is basically “we don’t trust Google”.
Most brands allow relocking bootloader. But after that you with be only able to use stock rom. Pixel lets you lock the bootloader with a different signature, so in this example you are basically able to lock it to only boot grapheneos and nothing else.
Security. You’re caught with your pants down if you have any personal data on a phone with an unlocked bootloader. All data is effectively plaintext, all security is nullified with trivial difficulty. This is the actual worst-case scenario for journalists, whistleblowers, or anyone who is or may become under surveillance for any reason.
I’ve always found it both weird and ironic that GrapheneOS is only available for Pixel phones when the whole principle of the project is basically “we don’t trust Google”.
The pixel device is (as far as I’m aware) the only mainstream device that allows you to re-lock the boot loader.
Otherwise, once a phone is cracked, it remains cracked. I’m not entirely sure what that buys, but that’s why they do it
Most brands allow relocking bootloader. But after that you with be only able to use stock rom. Pixel lets you lock the bootloader with a different signature, so in this example you are basically able to lock it to only boot grapheneos and nothing else.
Security. You’re caught with your pants down if you have any personal data on a phone with an unlocked bootloader. All data is effectively plaintext, all security is nullified with trivial difficulty. This is the actual worst-case scenario for journalists, whistleblowers, or anyone who is or may become under surveillance for any reason.