• KK8y

    • Post #1

    With all the talk about privacy and security theater, I would like to get people's take here who have BS detectors, on this article claiming Pixel 9 did some extremely substantial security upgrades. Is it true or just marketing?

    Also are all these supposedly huge upgrades more significant than MTE? (which the Pixel 8 already has too)...

    https://www.tomsguide.com/phones/google-pixel-phones/the-pixel-9-is-now-virtually-impenetrable-to-hackers-heres-why

      • Dde0u

        • Post #2

        K8y That article appears to discuss software tweaks that could be applied to devices other than the Pixel 9 (and, I suspect, have been).

            • KK8y

              • Post #3

              de0u And since it's software tweaks, would it be reasonable to assume these would be also applied to the 8 models?

              So the 8 is just as secure as the 9?

                • Zzzz

                  • Post #4
                  • Edited

                  K8y

                  From the official GOS account:

                  Pixel 9 has some security improvements but not a large improvement over the Pixel 8.

                  https://discuss.grapheneos.org/d/14344-cellebrite-premium-july-2024-documentation/80

                  Also:

                  Pixel 9 uses an ultrasonic [fingerprint] reader which should work better with screen protectors that are properly compatible with it [...]

                  https://discuss.grapheneos.org/d/18585-2-factor-fingerprint-unlock-feature-is-now-fully-implemented/47

                  I recall seeing one or two more snippets but struggling to find them right now.

                  • K8y replied to this.

                      • KK8y

                        • Post #5

                        zzz thanks, so do we think all the pix9 software security improvements will be put into the 8 too?

                          • KK8y

                            • Post #6

                            de0u That article appears to discuss software tweaks that could be applied to devices other than the Pixel 9 (and, I suspect, have been).

                            Would these software improvements be integrated into graphene too?

                            • de0u replied to this.

                                • Dde0u

                                  • Post #7

                                  K8y Would these software improvements be integrated into graphene too?

                                  What I see in the article is that the 9-series baseband firmware was improved with:

                                  • improvements to bound sanitizer and integer-overflow sanitizer
                                  • stack canaries
                                  • improved auto-initialization of stack variables

                                  GrapheneOS ships the same firmware as Google's stock OS. So I would assume that 9-series devices running GrapheneOS would benefit from these fixes.

                                  And honestly I think it's likely that over time Google will apply these techniques to the baseband firmware of earlier Pixels. A fair amount of testing would be advisable, and bugs might be found, so it might take a while.