Extended support?

evergreen1

https://grapheneos.org/faq#supported-devices

Planning to buy Pixel 7 Refurbished because it's cheap, however, what will happen when the support ends? And why should I buy expensive phone each time? Can't you provide just a software like Linux do?

I can install/upgrade Linux on 15yo PC just fine, which works until the hardware itself get broken

Johnnyloans

evergreen1

It's up to google to update the hardware, not GrapheneOS.

Starting with the Pixel 8, there is 7 years of updates since they first launched. It is a big purchase that hits the pocketbook hard but a person would hopefully get the full 7 years out of it while saving up for the next one about 8 dollars per month.

The pixel 7 is cheaper due to its age and approaching end of update support.

I can install/upgrade Linux on 15yo PC just fine, which works until the hardware itself get broken

The 15 year old Linux PC isn't in the DMZ of your router--exposed to the internet. If it is, then the old drivers will probably be exploited just like an old phone would on cell data.

de0u

evergreen1 So you are comfortable with buying new phone and dump still-usable phone every 8 years? That's no very environmentally friendly, does it?

At present the hardware security of a phone model expires when firmware support stops for that model. That is sad but true.

Many people are running GrapheneOS because they want a phone with good hardware security. At present that goal requires retiring hardware that still runs once it stops being secure.

evergreen1 I can install/upgrade Linux on 15yo PC just fine, which works until the hardware itself get broken

A 15-year-old PC running Linux has zero resistance to BIOS exploits. Even a brand-new PC has basically zero resistance to BIOS exploits. So the 15-year-old PC may be about as good for running Linux as a brand-new PC, but that's because they are both very insecure. If resistance to physical exploits doesn't matter at all, both may be fine.

Here is some recent-ish information: https://arstechnica.com/security/2024/07/secure-boot-is-completely-compromised-on-200-models-from-5-big-device-makers/

evergreen1

Johnnyloans lol what?? The NIC is realtek so it is very supported by firmware-realtek official driver.

Starting with the Pixel 8, there is 7 years of updates since they first launched

So you are comfortable with buying new phone and dump still-usable phone every 8 years? That's no very environmentally friendly, does it?

I recommend getting at least an 8. I bought a 9a recently for $500 CAD

Hmm thanks for suggestion, I'll find refurbished 8 then.

Developer-Dude

Talking about device support lengths, I just want to throw this out there. I recommend getting at least an 8. I bought a 9a recently for $500 CAD. While an expensive investment up front, it gets 7 years of updates, which means I am paying about $1.36 CAD a day for it (just putting that out there). I plan to use this 9a for at least 3 years. I may upgrade to a newer device then, but I'll keep the 9a. Or I may stay on the 9a right to the EOL date. Anyways, full device support lengths can be found here

Developer-Dude

evergreen1 So you are comfortable with buying new phone and dump still-usable phone every 8 years? That's no very environmentally friendly, does it?

I'm not speaking for @Johnnyloans but I think he'd agree with me. If my phone goes end of life but still works, yes I'm buying a new one. But I'm not throwing out the EOL, working one either. I just won't connect it to the internet ever, either with WiFi or data, and all the radios (eg; Bluetooth, GPS, etc.) will remain off. I may use this device as an offline music player or even to take videos/pictures with to transfer to my other devices. One example where this is useful is if you want to take a risky photo that you know will look good, but don't want to risk breaking your good, expensive phone (such as if you were on a rafting adventure. You wouldn't take your expensive phone, in case it falls in the river. Then its gone. But you could get some great pics if only you had a phone with you. Bring the EOL pixel to take pictures. And it it falls overboard, at least its not your good expensive phone!)

DohnJoe

evergreen1 lol what?? The NIC is realtek so it is very supported by firmware-realtek official driver.

I guess that this is one of the perks you would get from realtek/your OS packet manager but what you have been told goes a little bit further than this.

Sometimes you might receive attacks from vectors you would not think can hit you.
Technically speaking, a 0 click web exploit might compromise your entire device.
Translated, you click a link, you are pwnd. Very rare, but they exist nontheless.
This gets harder to achieve if your device is updated.

"Updated" do not include only the OS and the applications running in it, but also all those firmwares and drivers you use daily.
This means BIOS/UEFI, bluetooth, gsm/gps (also computer can have this), wifi, nic, and so on...

Let's say (theoretically) you get a malware and your bluetooth driver is not updated.
They escalate through your bluetooth driver and now they are able to flash your 15 years old BIOS.
They didn't exploit your realtek card that maybe is up to date.

Of course, if we leave the theory realm and hit reality, if you are not a target nobody would pay for a 0 click malware for you, nor would spend time to craft a malware for your specific set of hardware / drivers.
This wanted to be just a naive (and oversimplified) example on how an old driver might get exploited.

But following @Johnnyloans post, if you would put your laptop on the internet, you would receive a set of attacks you are missing right now.
That's why you usually have a better grade router/firewall in front of your equipment and not connect your equipment directly to the internet.
I don't think Fortinet/CheckPoint/YouNameIt are using the same NIC cards you might find in a laptop.

To be fair, the analogy is difficult to make/take because security for laptops and smartphone differs a lot, and there are a set of attack vectors that not overlap.

evergreen1 Actually I'm waiting for Linux phone so I can use latest Linux OS until the hardware dies.

Now imagine everything in this scenario.
You will have a plain Linux OS, with all the linux vulnerabilities (like copyfail) and no updates for your "nic".
You get the worst of both worlds.
Android and iOS are by design more secure than your average computer OS.

evergreen1

Actually I'm waiting for Linux phone so I can use latest Linux OS until the hardware dies. But there is no such thing on Amazon so my choice is GOS now.

Miles

evergreen1 if you dont mind updated firmware and security you could use any old phone with updated CFW for years after EOL.

Johnnyloans

The NIC is realtek so it is very supported by firmware-realtek official driver.

You're right that, luckily, that driver covers about 2 decades of hardware, I was wrong. They have a good business model of placing the same chip into computers for years to come and phone manufacturers have a business model of selling new phones and forcing people to transition.

Actually I'm waiting for Linux phone so I can use latest Linux OS until the hardware dies.

You'll be in the same boat, at the mercy of big tech. A major Android version--which releases each year--could break device firmware <-> OS communication/functionality.
Many of the following could have only closed-source offerings out in the world today: cell modem, phone wifi, GPU, NFC, fingerprint sensor, camera, etc

So you are comfortable with buying new phone and dump still-usable phone every 8 years?

Big Tech doesn't care for my comfort.
It'd be nice to live in a utopia but it seems the only light in the world is if one closes their eyes.