I need a Pixel 3 for advancing my mobile security research. I don't have access to a current generation mobile device with a Snapdragon 845, the Linux 4.9 LTS with CFI and a StrongBox keymaster implementation.
Bitcoin address for contributing: 34J5mcUveTUr99ZNB2SnFxCPFjXQCAxyuB.
Conversation
Replying to
A user build of AOSP using github.com/anestisb/andro that's signed with properly secured release keys.
It needs to be a phone with full security updates available and support for using hardware security features with another OS. Can't do much if the hardware has garbage security.
1
2
Replying to
I strongly suggest using either an iPhone or a Pixel with the stock OS. There is no alternative OS with decent security and binary releases available to install. You would need to build AOSP for a device like a Pixel where it can be done securely or find someone to do it for you.
2
3
This Tweet was deleted by the Tweet author. Learn more
No, I'm explicitly stating that it doesn't. The LineageOS security patch level is explicitly dishonest. They set it to the latest value across devices even when shipping only shipping a fraction of the security fixes required by the latest patch level. AOSP patches aren't enough.
1
This Tweet was deleted by the Tweet author. Learn more
Non-Pixel devices also don't have comparable security at a firmware and hardware level. It can't be addressed with another OS. Also, only Pixels (and the Nexus 5X / 6P before them) support all the hardware security features like verified boot with alternate operating systems.
1
Replying to
ROMs need monthly security updates from the vendors for those devices in addition to the AOSP security updates. Many ROMs including LineageOS choose not to bundle all drivers / firmware so they often / usually don't ship full security updates even for devices where it's possible.
1
Replying to
There are problems beyond that. Build servers exposed to the internet with online signing keys is a huge step down from how it's supposed to be done. They disable some standard security features like verified boot and compromise other parts of the security model with changes.
Replying to
Nearly every ROM also lacks thorough testing for each release (like running the CTS / VTS) and have lots of churn with experimental / bleeding edge features. Using barely tested snapshots from a development branch isn't good for robustness / security. It's just not very serious.