If you care about security, you need to use a device that isn't end-of-life. Shipping the AOSP security updates is not shipping full security updates. Those ROMs explicitly lie to you about the security patch level. The security bulletins include far more issues than they fix...
Conversation
Replying to
Even on a device where full security updates are available *and* the ROM ships all the security updates (i.e. they actually bundle all the updated firmware and drivers, which is rare), they usually lack a security update model and roll back / damage security features in AOSP.
1
Replying to
If you want a secure device, use an iPhone or a Pixel with the stock OS. If you can't afford the current generation, use an iPhone from the previous generation. There are only a couple non-Pixel Android devices with decent security and none are truly competitive with a Pixel.
2
Replying to
Nitrogen 7.1 is based on AOSP
I think devs do not want to let certain devices die. forum.xda-developers.com/google-nexus-5
2
Replying to
Everything involving Android is based on AOSP. It's a silly statement. As I explained, there is no secure ROM available for the Nexus 5. Any claiming to have the latest security patch is being dishonest (quite concerning!), because they don't have the driver and firmware updates.
1
Replying to
There's no option available for the Nexus 5 that isn't incredibly insecure. You should understand that choosing to use a Nexus 5 is a choice to use a device with serious unpatched vulnerabilities. The monthly security patches include far more than just AOSP security patches.
1
Replying to
There are options even for Nexus 4 they are not perfect roms, just like the stock roms are also not perfect. In security nothing is impossible I think you agree.
I do not like Iphone and I'm not going to buy another phone.
2
Replying to
Those ROMs are all incredibly insecure. They're vulnerable to hundreds of serious disclosed vulnerabilities in the drivers, firmware and kernel. They lack current generation exploit mitigations throughout the stack and attackers have years to get reliable exploits working...
2
Replying to
It's not simply that nothing is perfect. The lack of security on a device with years of missing security updates is insanely bad. If you want to use an obscenely insecure device, that's your choice. It's silly to deny reality though. Why even ask me if you don't want the answer?
1
Replying to
Daniel, with the passage of time pixel will be vulnerable hackers discover new ways to get inside sometimes win the good guys I sometimes win the bad guys,
It will always be like this forever and nothing will change
1
Replying to
Pixels receive full security updates, so the vulnerabilities being disclosed are having fixes shipped. Each month, vulnerabilities are disclosed that are NOT being fixed for a Nexus 5. The Nexus 5 has unfixed vulnerabilities disclosed in 2016, even when using a maintained ROM.
Replying to
Pixel receive full security updates until google gives up pixel just like it gave up on Nexus 5.
Nexus 5 hardware has requirements to work with Pixel OS but the hardware is vulnerable but it is difficult to solve ,but it is not impossible.