Conversation
Replying to
It's a framework for building AOSP on AWS, which isn't something that I recommend. Builds should be done locally using hardware under your control. Securing the signing keys is even more important since a future compromise of the keys can compromise the security of the device.
2
Replying to
Signing keys shouldn't even be directly exposed to a local workstation used for building releases. They should be kept on an HSM or at least a dedicated machine for signing with an air gap and care taken with what gets exposed to it. Keys are part of the security model of the OS.
1
Replying to
When I recommend AOSP on Pixels as the only decent secure alternative to the stock OS on a Pixel or an iPhone, that's what I mean. Building AOSP on a well secured local workstation with signing keys on an HSM. No one is publishing releases like that, let alone trustworthy ones.
Replying to
I recommend getting an iPhone XR for anyone that isn't a developer interested in contributing to working on making something better. There isn't a better option simply ready to use. Most people are going to hurt their privacy and security trying to use niche ways to improve it.
1