I need a Pixel 3 for advancing my mobile security research. I don't have access to a current generation mobile device with a Snapdragon 845, the Linux 4.9 LTS with CFI and a StrongBox keymaster implementation.
Bitcoin address for contributing: 34J5mcUveTUr99ZNB2SnFxCPFjXQCAxyuB.
Conversation
Replying to
A user build of AOSP using github.com/anestisb/andro that's signed with properly secured release keys.
It needs to be a phone with full security updates available and support for using hardware security features with another OS. Can't do much if the hardware has garbage security.
1
2
Replying to
I strongly suggest using either an iPhone or a Pixel with the stock OS. There is no alternative OS with decent security and binary releases available to install. You would need to build AOSP for a device like a Pixel where it can be done securely or find someone to do it for you.
2
3
I was the one that created and maintained it, almost entirely on my own. It offered substantially more privacy and security than the stock OS. It couldn't offer a longer support period since it relied on the same security updates. It's no longer the same thing that it was before.
2
2
CopperheadOS is no longer properly maintained since Copperhead pushed me out of the company. They haven't updated to the current release of Android and no longer have full security updates partly due to that requiring keeping up with the release used by the device being targeted.
1
1
2
The company is no longer doing useful privacy and security research. They've made completely counter-productive, ill-considered changes hurting security and lack an understanding of the work they're trying to maintain. It's missing much of what was written for it in the past too.
Separately from the technical issues, the company is also run by someone completely untrustworthy and dishonest. They're completely willing to sell out the safety of users for money and care little for their privacy and security. They even stole donations sent to support my work.
2
1
1
Show replies