I need a Pixel 3 for advancing my mobile security research. I don't have access to a current generation mobile device with a Snapdragon 845, the Linux 4.9 LTS with CFI and a StrongBox keymaster implementation.
Bitcoin address for contributing: 34J5mcUveTUr99ZNB2SnFxCPFjXQCAxyuB.
Conversation
Replying to
A user build of AOSP using github.com/anestisb/andro that's signed with properly secured release keys.
It needs to be a phone with full security updates available and support for using hardware security features with another OS. Can't do much if the hardware has garbage security.
1
2
Replying to
I strongly suggest using either an iPhone or a Pixel with the stock OS. There is no alternative OS with decent security and binary releases available to install. You would need to build AOSP for a device like a Pixel where it can be done securely or find someone to do it for you.
2
3
I was the one that created and maintained it, almost entirely on my own. It offered substantially more privacy and security than the stock OS. It couldn't offer a longer support period since it relied on the same security updates. It's no longer the same thing that it was before.
2
2
Finally you admitted that there are ROMs better than stock ROMs :)
Do not be upset with me for thinking differently and wanting to do differently.
2
I just want to say a few more things.
It's possible relock the Bootloader after flash a new rom.
1
Only Nexus and Pixel phones support locking the bootloader with an alternate OS. I'm obviously aware of that since I worked on an alternate OS preserving the security model used by the stock OS and AOSP. There's no point in locking it if the OS being used breaks that security.
2
Yes I know that, thats why I do not want to use the Nexus 5 stock Rom because it has too many vulnerabilities and it's not optimized to use the maximum power of the Nexus 5 and also the battery drains very fast ......
2
It has a huge number of vulnerabilities with whatever ROM you are using. The issue is using a Nexus 5 at all when it isn't receiving security support for the kernel, drivers and firmware. Your choice of ROM doesn't solve these issues. It's still incredibly insecure regardless.
It doesn't matter if your ROM pulls in all the latest AOSP security fixes and then lies about the security patch level by pretending that those are the only fixes in the Android security updates. It's missing half of the fixes for vulnerabilities. Sorry but it's totally insecure.
1
Even if they rewrote all of the closed source drivers that aren't receiving security updates and maintained them, moved to a kernel branch receiving security updates and maintained the other device-specific code, it wouldn't fully solve the problem. They're not doing that anyway.
1
Show replies