I need a Pixel 3 for advancing my mobile security research. I don't have access to a current generation mobile device with a Snapdragon 845, the Linux 4.9 LTS with CFI and a StrongBox keymaster implementation.
Bitcoin address for contributing: 34J5mcUveTUr99ZNB2SnFxCPFjXQCAxyuB.
Conversation
Replying to
A user build of AOSP using github.com/anestisb/andro that's signed with properly secured release keys.
It needs to be a phone with full security updates available and support for using hardware security features with another OS. Can't do much if the hardware has garbage security.
1
2
Replying to
I strongly suggest using either an iPhone or a Pixel with the stock OS. There is no alternative OS with decent security and binary releases available to install. You would need to build AOSP for a device like a Pixel where it can be done securely or find someone to do it for you.
Replying to
Thank you for the explanation.
So what I understand in simple terms, it is difficult to make a secure OS for a particular device when there are vulnerabilities in the hardware of that device.
1
I've been researching Roms for the iconic Nexus 5 and I liked the Rom Nitrogen 7 which is a rom based on the Nougat 7 Rom, dev solved a security flaw in wifi that allowed the device to be compromised ....
1
Show replies
I was the one that created and maintained it, almost entirely on my own. It offered substantially more privacy and security than the stock OS. It couldn't offer a longer support period since it relied on the same security updates. It's no longer the same thing that it was before.
2
2
Show replies
This Tweet was deleted by the Tweet author. Learn more
No, I'm explicitly stating that it doesn't. The LineageOS security patch level is explicitly dishonest. They set it to the latest value across devices even when shipping only shipping a fraction of the security fixes required by the latest patch level. AOSP patches aren't enough.
1
Show replies