dket
I was at Best Buy discussing getting a new phone, and they said that both Apple and Android phones are made so that they'll be sending data, even when powered off.
No, that's simply not true. Pixels have an optional hardware feature for acting as a form of Bluetooth beacon while otherwise powered off for the opt-in device location service. This is not something that's activated by GrapheneOS and is not used with GrapheneOS. They don't send data anywhere when powered off even with the stock OS and the Bluetooth beacon location feature is optional.
Also, he mentioned that with it being a Google phone, there's going to be a lot of proprietary firmware in individual chips that GOS can't just replace. Does GOS do anything to mitigate risks posed by these?
Every computer including smartphones has a bunch of proprietary hardware and firmware. Every x86_64 and ARM CPU and the overall SoC they're inside is proprietary. That doesn't make it less private or secure. It would be nice if we designed all the hardware and firmware with the ability to make changes to all of it, but even companies like Apple can't do that since they're using a bunch of components from other companies. Most Android devices are made by companies not making their own SoC so they have very little input to the hardware and firmware.
We're using the devices which are the most secure Android smartphones by far and have by far the most external privacy and security research directed towards them of any Android devices. They're the only devices meeting our security requirements. Other devices do not provide what we need to protect users from attacks.
We regularly work on firmware and hardware level research and submit proposals for improvements or vulnerability reports. We helped get several important improvements to Pixel firmware implemented in 2024 to defend against physical data extraction exploits.
Many of the GrapheneOS features provide protection against an attacker who has successfully exploited a component like the Wi-Fi radio by hardening the drivers in the kernel and userspace against exploitation. GrapheneOS also provides features for reducing hardware/firmware attack surface including our USB-C port and pogo pins control, 4G only mode and several others.