• General
  • Help deciding between 2 phones

Aloha,

I think I stumbled on an old thread that got buried, so I'd like to open a new one asking for help. I would appreciate more detailed explanations than "it's privacy theater".

I am considering going with either Graphene OS or the Unpl*gged phone.

Here are my reasons. Please feel free to correct or clarify any. I welcome thoughtful dialogue ☺️

Unpl*g Pros:

1) The owner says he has the Israeli software engineer who helped design Pegsus on his staff. He says this experience allows his team to know how to counter Pegsus type threats more than other alternative OS engineers.

2) He says there is a physical kill switch that works more fully than software enabled switches that disable camera, mic etc. (And that the software switches are prone to hacks: can be turned back on if infected with Peg*sus).

Unpl*g cons: (pro Graphene)

1) Maybe the LibrtOS is weak in critical areas or similar to C@lyyxs level security (who knows?), despite the fact they say they know more about Peg*sus than maybe Graphene engineers do..

2) Maybe Unpl*gged doesn't get security updates as often as Pixel and Graphene do.

Anyway, just thought I'd see if there are any knowledgeable types here that can fully and fairly address the above considerations.

These are the top 2 pros and cons I can think of. If others have better top 2, please share.

Thank u

    K8y Anyway, just thought I'd see if there are any knowledgeable types here that can fully and fairly address the above considerations.

    If no information about LibertOS (or the underlying firmware or hardware) is available other than the manufacturer's claims, then it would be inherently challenging for people here to be knowledgeable about it.

    • [deleted]

    • Edited

    I seldom judge people for what they did in the past. After all, people do change. But there is no way I would use an OS designed by those who made Pegasus.

      [deleted] i suppose it would be like ed sn*wden making a phone?

        https://grapheneos.social/@GrapheneOS/112717890463524863
        https://grapheneos.social/@GrapheneOS/112848805928479924

        Unplugged is an insecure, out-of-date OS (hasn't shipped Android 14 while we're a month away from Android 15, that's how out of date) on insecure MediaTek hardware. The rest is marketing and claims.

        The two threads above thoroughly debunk their talking points, which they're continuing to double down on.

        You're free to use or not use GrapheneOS, but if you decide to not use GrapheneOS, I would strongly urge you to simply get a supported iPhone or something similar, rather than falling for a marketing stunt promising security and privacy that it's unable to deliver.

          matchboxbananasynergy if you decide to not use GrapheneOS, I would strongly urge you to simply get a supported iPhone or something similar,

          Thank you for the links. They are very helpful.

          So I understand correctly, what is a "supported iPhone" exactly? A specially configured version like the K-iPhone (Kryptall)?

            K8y I should have clarified: when I said supported iPhone, I meant one that is still receiving updates, as opposed to an end-of-life iPhone.

              K8y a regular iPhone that still gets security updates .

              K8y He says there is a physical kill switch that works more fully than software enabled switches that disable camera, mic etc. (And that the software switches are prone to hacks: can be turned back on if infected with Peg*sus).

              The thing is, hardware kill switches sound cool at first but the more you think about their appliance the less exciting they become. If they're done properly they are technically safer yes. However if an attacker has compromised the system to a degree where they have unsolicited access to your camera and microphone I think it's not far fetched to assume the whole device is a goner by then. All your data would have been siphoned before you even realized (if you did at all), by this point they haven't achieved much of anything unless they were permanently active.

              So they're not that much of a killer feature. Not entirely useless, more of a very last line of defense. Possibly greater use case if they stay active forever. For sure not worth a penny if the rest of your repertoire is a terrible mess, as was noted down already.

                Mediatek has no secure element afaik. Or if they have, it is way less secure than a pixels. This means the phone will have very little brute force protection and weaker encryption.

                The OS will not be hardened in any way.

                Also, it is proprietary as hell. GrapheneOS is completely, entirely, open source. Even the configs for every server they run is.

                Dont trust random marketing garbage if nobody can look at the code.

                If your code is public and everyone looks at it, it has to be good. Proprietary software can, and often is, very badly written because nobody externally looks at it.

                This also includes some audits. I guess there are good audits, good companies or whoever does these, but many are just "look at the code for a day, run 10 test suites, thats it.

                So please, I hope you never honestly consider buying a proprietary phone, and see it as in any way comparable. It cant be.

                  • [deleted]

                  K8y

                  I trust Edward Snowden far more than the developers of any spyware.

                  • K8y replied to this.
                  • K8y likes this.

                    missing-root Mediatek has no secure element afaik. Or if they have, it is way less secure than a pixels. This means the phone will have very little brute force protection and weaker encryption.

                    SoC being used is separate from secure element. That said, I highly doubt their device has a secure element in the first place, let along a decent one, but for the sake of accuracy, I thought I should mention that.

                    matchboxbananasynergy thank you for clarifying. Since it got brought up, I am curious if you or anyone else here has any takes on the K-iPhone (Kryptall)...do you think it protects against Pegas*s kinds of attacks?

                      This seems as risky as using ANOM chat. I would stick with GrapheneOS.

                      • K8y replied to this.
                      • K8y likes this.

                        spring-onion However if an attacker has compromised the system to a degree where they have unsolicited access to your camera and microphone I think it's not far fetched to assume the whole device is a goner by then.

                        Yes, this is why I wonder if the former Pegas*s engineer would be better at countering that type of attack since he knows their tricks.

                        But I'm just guessing. Maybe Graphene engineers are just as good at knowing and preventing Pegas*s type tricks.

                        I also wonder once infected, which OS can then "heal" the phone by expelling Pegas*s type infections.

                          K8y

                          If you or anyone is familiar with K-iPhone (Kryptall) and can vouch for any effectiveness against Pegas*s type attacks, would love to hear...