Install on old unsupported pixel just to test?

chmed

I'm waiting for a new device to arrive but would love to install graphene on my original pixel device (or nexus 6) to see how things are setup and test some configurations. I don't see these devices in any of the lists on the releases page. Will the web installer allow me to install on either of these devices?

Thanks.

matchboxbananasynergy

chmed Releases for those devices wouldn't exist, I'm afraid.

Even if they did, as you can imagine, GrapheneOS has changed to an unbelievable extent in the years since those devices were dropped, so you wouldn't be getting an accurate idea of what current day GrapheneOS is like.

I'd recommend taking a look at videos from Side of Burritos on YouTube to get a sense of how GrapheneOS is nowadays.

raccoondad

Yes you could technically install the OS by finding an old copy of the operating system files but I wouldn't recommend it since a lot of changes have been made from the original pixel version to todays GrapheneOS setup. I would just wait for your new device, flash the OS, see how you like it, and go from there.

I don't think the web installer would support the old device however

chmed

Gotcha. I can understand that.

On another angle, and sorry to bring up an old idea I've read on the forums in the past, would it be fair to say that the last version of Graphene that was supported on the Pixel [1] is more secure than the last version of normal Google Android that was available for it? In other words, if I want to keep using the device (probably without a sim card) would it be 'safer' to use Graphene than what is on it stock?

matchboxbananasynergy

chmed If we want to be really specific about it, then yes, it is maybe more secure. That said, it's not secure at all, in reality. An EOL device that hasn't received updates in years is not going to be secure no matter what.

Your best bet in such cases would be a harm reduction project like DivestOS, but even then, of course, they're only providing what they can, and they openly admit that the device cannot be secure past EOL.

de0u

chmed On another angle, and sorry to bring up an old idea I've read on the forums in the past, would it be fair to say that the last version of Graphene that was supported on the Pixel [1] is more secure than the last version of normal Google Android that was available for it?

Let's say, hypothetically, the last release GrapheneOS for the Pixel 1 is twice as secure as the last release of the stock OS. What might "twice as secure" even mean? One thing it might mean is that it would take a motivated attacker twice as long to break in and steal your data (or break in and transmit audio from your home, or break in and compromise other things on your home network). So far "twice as secure" sounds pretty good.

But let's hypothetically assume that in 2023 it takes a motivated attacker two days to break into a 2016 Pixel 1 running the stock OS (after all, firmware support ended four years ago, so attackers have had a lot of time to disassemble and analyze it). Multiply that by two for extra GrapheneOS security and it would take four days to break into a Pixel 1 running GrapheneOS. But breaking into a Pixel 6 might take four months, or four years. So the GrapheneOS Pixel 1 might genuinely be "twice as secure" according to a plausible metric, but at the same time it might be really really really not secure.

I think the Pixel 1 at this point counts as really really really not secure. It might be more secure than the "smart" light bulb on your neighbor's network, but that's a low bar.

I rampantly made up the 2X security ratio, and made up the two days/four days break-in figures, etc. But once a device's security falls solidly below "current reasonable practice", it's not clear how productive it is to make detailed comparisons versus other devices that are also fully below the bar.

Please note that I do not speak for the GrapheneOS project.

chmed

Oh sure. I'm not trying to put a metric on something that is unmetricable. The "security" of a device in a given situation will likely come down to one specific feature or bug fix. For instance, if I want to use this pixel only on wifi, then perhaps some element of wifi randomization would be the meaningful difference between Graphene and stock. Or perhaps no feature will make a difference. Even the latest Graphene on a Pixel 7 is not "secure".
What I'm having a hard time coming to terms with is the idea that any handset past 3 or 4 years, regardless of whether it works or not, is only fit for the trash. It seems to me that if I can install something that keeps it from "calling out" of my local network and keeps apps sandboxed, then I can keep almost any phone useful doing something, although it may have to never leave the house.

My question, ultimately, is whether Graphene for Pixel [1] actually has more security features than stock. Or to flip it, are there any security/privacy features that Graphene is missing compared to stock?

de0u

chmed What I'm having a hard time coming to terms with is the idea that any handset past 3 or 4 years, regardless of whether it works or not, is only fit for the trash.

Me, too! For example, in theory I might be typing this message on a 12-year-old laptop. But since I carry my phone (meaning "tracking device") around all day, and they're easy to steal (or be lost), I really would like my phone to be pretty secure. And I also want a phone that doesn't share everything about me with Google/Apple by design. At present that sort of works out to be GrapheneOS, and GrapheneOS can't at present provide good security guarantees once devices age out of Google firmware support.

chmed It seems to me that if I can install something that keeps it from "calling out" of my local network and keeps apps sandboxed, then I can keep almost any phone useful doing something, although it may have to never leave the house.

In the limit, if you have an old Android phone and use it as an alarm clock, with Wi-Fi off and no SIM card and in airplane mode, that's probably not a big threat. Or if you set up a separate Wi-Fi (and wired) network for the "IoT" devices in your house, and none of them can do anything with real-world effects (such as controlling your furnace), that might be ok too.

chmed My question, ultimately, is whether Graphene for Pixel [1] actually has more security features than stock. Or to flip it, are there any security/privacy features that Graphene is missing compared to stock?

You might want to look into other options, e.g., DivestOS. I think both the final GrapheneOS for the Pixel 1 and the final Google OS for the Pixel 1 might be pretty stale by now. For some threat models, DivestOS or LineageOS, etc., might be safer.

Overall, once a device falls out of GrapheneOS support it is probably prudent to stop using it for the GrapheneOS target model, i.e., things you want to be secure and private. If you're not going to use it for genuinely sensitive purposes, it's not clear that an expired GrapheneOS is the best software platform.

The good news is that the industry appears to be moving toward longer device support. So there is room to hope that the current mass of three-year devices (e.g., the Pixel 3a I sadly retired) is a one-time "glitch" rather than an ongoing syndrome. If a device is supported for seven years, by that time a lot of them will have some sort of hardware problem -- battery worn out, screen wearing out, digitizer wearing out, radio range shrinking, etc. We'll see, I guess!

Please note that I don't speak for the GrapheneOS project.