so for boring reasons I have to replace my phone and got a Pixel 3, and what this phone really is is a powerful advertisement for the Pixel 1, which it isn't noticeably better than, in any way that matters to me
Conversation
Replying to
I am not looking forward to October when security updates stop for the P1. Debating whether ill attempt to backport fixes or just get something new. Hard to justify $800 for a phone that I use solely for Gmaps and random internet browsing.
2
1
3
do you have anything supporting Pixel1 still?
2
It's intended for GrapheneOS to add support for it. Haven't had time yet because it has an older approach to verified boot and also needs some additional workarounds for issues like not having reliable entropy generation before hwrandom so getrandom will block nearly forever.
Focus was also on adding the current generation devices with current generation hardware security features (such as android-developers.googleblog.com/2018/10/buildi) and the newer Linux 4.9 LTS branch with Clang CFI. Verified boot and entropy issues require custom kernel from the start which delayed it.
1
1
On the Pixel 1, there are keys for signing system / vendor verity hash trees and they're built into the kernel. Also need to make sure getrandom doesn't block for years, especially in recovery. github.com/GrapheneOS/har and other features calls it before init mixes in hwrandom.
1
Show replies