Pixel 9 security really better than P8?

K8y

With all the talk about privacy and security theater, I would like to get people's take here who have BS detectors, on this article claiming Pixel 9 did some extremely substantial security upgrades. Is it true or just marketing?

Also are all these supposedly huge upgrades more significant than MTE? (which the Pixel 8 already has too)...

https://www.tomsguide.com/phones/google-pixel-phones/the-pixel-9-is-now-virtually-impenetrable-to-hackers-heres-why

de0u

K8y That article appears to discuss software tweaks that could be applied to devices other than the Pixel 9 (and, I suspect, have been).

zzz

K8y

From the official GOS account:

Pixel 9 has some security improvements but not a large improvement over the Pixel 8.

https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation/80

Also:

Pixel 9 uses an ultrasonic [fingerprint] reader which should work better with screen protectors that are properly compatible with it [...]

https://discuss.grapheneos.org/d/18585-2-factor-fingerprint-unlock-feature-is-now-fully-implemented/47

I recall seeing one or two more snippets but struggling to find them right now.

K8y

de0u And since it's software tweaks, would it be reasonable to assume these would be also applied to the 8 models?

So the 8 is just as secure as the 9?

K8y

de0u That article appears to discuss software tweaks that could be applied to devices other than the Pixel 9 (and, I suspect, have been).

Would these software improvements be integrated into graphene too?

K8y

zzz thanks, so do we think all the pix9 software security improvements will be put into the 8 too?

de0u

K8y Would these software improvements be integrated into graphene too?

What I see in the article is that the 9-series baseband firmware was improved with:

improvements to bound sanitizer and integer-overflow sanitizer
stack canaries
improved auto-initialization of stack variables

GrapheneOS ships the same firmware as Google's stock OS. So I would assume that 9-series devices running GrapheneOS would benefit from these fixes.

And honestly I think it's likely that over time Google will apply these techniques to the baseband firmware of earlier Pixels. A fair amount of testing would be advisable, and bugs might be found, so it might take a while.